The Centre for Internet and Society
http://editors.cis-india.org
These are the search results for the query, showing results 51 to 65.
Seminar on Open Access in Research Area: A Strategic Approach
http://editors.cis-india.org/openness/teri-seminar-on-open-access-in-research
<b>The Energy and Resources Institute (TERI), Delhi, is organising a seminar on open access in research on Tuesday, December 22, 2015. The seminar will focus on: 1) wider access to scientific publications and research data, 2) access to scientific information, and 3) challenges and opportunities of research data. The Centre for Internet and Society is supporting the event as a Knowledge Partner.</b>
<p> </p>
<h2>Background</h2>
<p>Open Access has become central importance to advancing the interests of researchers, scholars, students, business, and the public as well as librarians. Increasingly, research institutions require researchers to publish articles that report research findings openly accessible in open domain.</p>
<p>Open Access pursues to yield scholarly publishing to spread knowledge and allow that knowledge to be built upon. Price barriers should not stop researchers from getting access to research data. Open Access, and the open availability and search ability of scholarly research that it entails, will have a significant positive impact on everything from education to the research practice in various fields.</p>
<p>To explore why Open Access is so important to a number of groups, TERI Library along with The Centre for Internet & Society (CIS) as Knowledge Partner is organizing a half day seminar on <em>Open Access in Research Areas: a Strategic Approach</em> on December 22, 2015 at TERI Seminar Hall, IHC, Lodhi Road, New Delhi.</p>
<p>The Seminar will focus on:</p>
<ul>
<li>
<p>wider access to scientific publications and research data</p>
</li>
<li>
<p>access to scientific information, and</p>
</li>
<li>
<p>challenges and opportunities of research data.</p>
</li></ul>
<p> </p>
<h2>Schedule</h2>
<p>No registration is required to attend the seminar. Seats are limited, and will be provided on first-come-first-served basis.</p>
<p> </p>
<table>
<tbody>
<tr>
<td>13:45 - 14:00</td>
<td><br /></td>
<td><strong>Registration and Networking</strong></td>
</tr>
<tr>
<td>14:00 - 14:10</td>
<td><br /></td>
<td>Welcome Address - <strong>Mr. Prabir Sengupta</strong>, Distinguished Fellow and Director, Knowledge Management Division, TERI</td>
</tr>
<tr>
<td>14:10 - 14:20</td>
<td><br /></td>
<td>Special Address - <strong>Sumandro Chattapadhyay</strong>, Research Director, The Centre for Internet and Society</td>
</tr>
<tr>
<td>14:20 - 14:35</td>
<td><br /></td>
<td>Keynote Address - <strong>Dr. K.R. Murali Mohan</strong>, Advisor, Big Data Initiatives Division, Department of Science and Technology</td>
</tr>
<tr>
<td>14:35 - 14:50</td>
<td><br /></td>
<td>Inaugural Address - <strong>Dr. Chandrima Shaha</strong>, Director, National Institute of Immunology, New Delhi</td>
</tr>
<tr>
<td>14:50 - 15:00</td>
<td><br /></td>
<td>Setting the Theme and Vote of Thanks - <strong>Dr. P.K. Bhattacharya</strong>, Fellow and Area Convenor, Knowledge Management Division, TERI</td>
</tr>
<tr>
<td>15:00 - 15:30</td>
<td><br /></td>
<td><strong>Tea and Refreshments</strong></td>
</tr>
<tr>
<td>15:30 - 17:15</td>
<td><br /></td>
<td><strong>Plenary Session</strong><br />
Chair: <strong>Dr. Ramesh Sharma</strong>, Director, CEMCA<br />
<ul>
<li><strong>Puneet Kishor</strong>, Researcher and Independent Consultant - "Science, Data, and Creative Commons"</li>
<li><strong>Dr. Beth Sandore Namachchivaya</strong>, Associate Dean of Libraries and Professor University of Illinois - "Developing Services, Infrastructure, and Best Practices to Conserve and Provide Access to Research Data: Challenges and Opportunities"</li>
<li><strong>Dr. Usha Mujoo Munshi</strong>, Librarian, Indian institute of Public Administration</li></ul>
</td>
</tr>
</tbody>
</table>
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/openness/teri-seminar-on-open-access-in-research'>http://editors.cis-india.org/openness/teri-seminar-on-open-access-in-research</a>
</p>
No publishersumandroOpen DataFeaturedOpen ResearchOpen AccessOpennessEvent2015-12-22T05:37:44ZEventSecurity: Privacy, Transparency and Technology
http://editors.cis-india.org/internet-governance/blog/security-privacy-transparency-and-technology
<b>The Centre for Internet and Society (CIS) has been involved in privacy and data protection research for the last five years. It has participated as a member of the Justice A.P. Shah Committee, which has influenced the draft Privacy Bill being authored by the Department of Personnel and Training. It has organised 11 multistakeholder roundtables across India over the last two years to discuss a shadow Privacy Bill drafted by CIS with the participation of privacy commissioners and data protection authorities from Europe and Canada.</b>
<p> </p>
<p>The article was co-authored by Sunil Abraham, Elonnai Hickok and Tarun Krishnakumar. It was published by Observer Research Foundation, <a href="http://editors.cis-india.org/internet-governance/blog/security-privacy-transparency-technology.pdf" class="internal-link">Digital Debates 2015: CyFy Journal Volume 2</a>.</p>
<hr />
<p style="text-align: justify;">Our centre’s work on privacy was considered incomplete by some stakeholders because of a lack of focus in the area of cyber security and therefore we have initiated research on it from this year onwards. In this article, we have undertaken a preliminary examination of the theoretical relationships between the national security imperative and privacy, transparency and technology.</p>
<h3 style="text-align: justify;">Security and Privacy</h3>
<p style="text-align: justify;">Daniel J. Solove has identified the tension between security and privacy as a false dichotomy: "Security and privacy often clash, but there need not be a zero-sum tradeoff." <a name="fr1" href="#fn1">[1]</a> Further unpacking this false dichotomy, Bruce Schneier says, "There is no security without privacy. And liberty requires both security and privacy." <a name="fr2" href="#fn2">[2]</a> Effectively, it could be said that privacy is a precondition for security, just as security is a precondition for privacy. A secure information system cannot be designed without guaranteeing the privacy of its authentication factors, and it is not possible to guarantee privacy of authentication factors without having confidence in the security of the system. Often policymakers talk about a balance between the privacy and security imperatives—in other words a zero-sum game. Balancing these imperatives is a foolhardy approach, as it simultaneously undermines both imperatives. Balancing privacy and security should instead be framed as an optimisation problem. Indeed, during a time when oversight mechanisms have failed even in so-called democratic states, the regulatory power of technology <a name="fr3" href="#fn3">[3]</a> should be seen as an increasingly key ingredient to the solution of that optimisation problem.</p>
<p style="text-align: justify;">Data retention is required in most jurisdictions for law enforcement, intelligence and military purposes. Here are three examples of how security and privacy can be optimised when it comes to Internet Service Provider (ISP) or telecom operator logs:</p>
<ol>
<li style="text-align: justify;"><strong>Data Retention</strong>: We propose that the office of the Privacy Commissioner generate a cryptographic key pair for each internet user and give one key to the ISP / telecom operator. This key would be used to encrypt logs, thereby preventing unauthorised access. Once there is executive or judicial authorisation, the Privacy Commissioner could hand over the second key to the authorised agency. There could even be an emergency procedure and the keys could be automatically collected by concerned agencies from the Privacy Commissioner. This will need to be accompanied by a policy that criminalises the possession of unencrypted logs by ISP and telecom operators.<br /><br /></li>
<li style="text-align: justify;"><strong>Privacy-Protective Surveillance</strong>: Ann Cavoukian and Khaled El Emam <a name="fr4" href="#fn4">[4]</a> have proposed combining intelligent agents, homomorphic encryption and probabilistic graphical models to provide “a positive-sum, ‘win–win’ alternative to current counter-terrorism surveillance systems.” They propose limiting collection of data to “significant” transactions or events that could be associated with terrorist-related activities, limiting analysis to wholly encrypted data, which then does not just result in “discovering more patterns and relationships without an understanding of their context” but rather “intelligent information—information selectively gathered and placed into an appropriate context to produce actual knowledge.” Since fully homomorphic encryption may be unfeasible in real-world systems, they have proposed use of partially homomorphic encryption. But experts such as Prof. John Mallery from MIT are also working on solutions based on fully homomorphic encryption.<br /><br /></li>
<li style="text-align: justify;"><strong>Fishing Expedition Design</strong>: Madan Oberoi, Pramod Jagtap, Anupam Joshi, Tim Finin and Lalana Kagal have proposed a standard <a name="fr5" href="#fn5">[5]</a> that could be adopted by authorised agencies, telecom operators and ISPs. Instead of giving authorised agencies complete access to logs, they propose a format for database queries, which could be sent to the telecom operator or ISP by authorised agencies. The telecom operator or ISP would then process the query, and anonymise/obfuscate the result-set in an automated fashion based on applicable privacypolicies/regulation. Authorised agencies would then hone in on a subset of the result-set that they would like with personal identifiers intact; this smaller result set would then be shared with the authorised agencies.</li></ol>
<p style="text-align: justify;">An optimisation approach to resolving the false dichotomy between privacy and security will not allow for a total surveillance regime as pursued by the US administration. Total surveillance brings with it the ‘honey pot’ problem: If all the meta-data and payload data of citizens is being harvested and stored, then the data store will become a single point of failure and will become another target for attack. The next Snowden may not have honourable intentions and might decamp with this ‘honey pot’ itself, which would have disastrous consequences.</p>
<p style="text-align: justify;">If total surveillance will completely undermine the national security imperative, what then should be the optimal level of surveillance in a population? The answer depends upon the existing security situation. If this is represented on a graph with security on the y-axis and the proportion of the population under surveillance on the x-axis, the benefits of surveillance could be represented by an inverted hockey-stick curve. To begin with, there would already be some degree of security. As a small subset of the population is brought under surveillance, security would increase till an optimum level is reached, after which, enhancing the number of people under surveillance would not result in any security pay-off. Instead, unnecessary surveillance would diminish security as it would introduce all sorts of new vulnerabilities. Depending on the existing security situation, the head of the hockey-stick curve might be bigger or smaller. To use a gastronomic analogy, optimal surveillance is like salt in cooking—necessary in small quantities but counter-productive even if slightly in excess.</p>
<p style="text-align: justify;">In India the designers of surveillance projects have fortunately rejected the total surveillance paradigm. For example, the objective of the National Intelligence Grid (NATGRID) is to streamline and automate targeted surveillance; it is introducing technological safeguards that will allow express combinations of result-sets from 22 databases to be made available to 12 authorised agencies. This is not to say that the design of the NATGRID cannot be improved.</p>
<h3>Security and Transparency</h3>
<p style="text-align: justify;">There are two views on security and transparency: One, security via obscurity as advocated by vendors of proprietary software, and two, security via transparency as advocated by free/open source software (FOSS) advocates and entrepreneurs. Over the last two decades, public and industry opinion has swung towards security via transparency. This is based on the Linus rule that “given enough eyeballs, all bugs are shallow.” But does this mean that transparency is a necessary and sufficient condition? Unfortunately not, and therefore it is not necessarily true that FOSS and open standards will be more secure than proprietary software and proprietary standards.</p>
<blockquote style="text-align: justify;" class="pullquote">Optimal surveillance is like salt in cooking—necessary in small quantities but counter-productive even if slightly in excess.</blockquote>
<p style="text-align: justify;">The recent detection of the Heartbleed <a name="fr6" href="#fn6">[6]</a> security bug in Open SSL, <a name="fr7" href="#fn7">[7]</a> causing situations where more data can be read than should be allowed, and Snowden’s revelations about the compromise of some open cryptographic standards (which depend on elliptic curves), developed by the US National Institute of Standards and Technology, are stark examples. <a name="fr8" href="#fn8">[8]</a></p>
<p style="text-align: justify;">At the same time, however, open standards and FOSS are crucial to maintaining the balance of power in information societies, as civil society and the general public are able to resist the powers of authoritarian governments and rogue corporations using cryptographic technology. These technologies allow for anonymous speech, pseudonymous speech, private communication, online anonymity and circumvention of surveillance and censorship. For the media, these technologies enable anonymity of sources and the protection of whistle-blowers—all phenomena that are critical to the functioning of a robust and open democratic society. But these very same technologies are also required by states and by the private sector for a variety of purposes—national security, e-commerce, e-banking, protection of all forms of intellectual property, and services that depend on confidentiality, such as legal or medical services.</p>
<p style="text-align: justify;">In order words, all governments, with the exception of the US government, have common cause with civil society, media and the general public when it comes to increasing the security of open standards and FOSS. Unfortunately, this can be quite an expensive task because the re-securing of open cryptographic standards depends on mathematicians. Of late, mathematical research outputs that can be militarised are no longer available in the public domain because the biggest employers of mathematicians worldwide today are the US military and intelligence agencies. If other governments invest a few billion dollars through mechanisms like Knowledge Ecology International’s proposed World Trade Organization agreement on the supply of knowledge as a public good, we would be able to internationalise participation in standard-setting organisations and provide market incentives for greater scrutiny of cryptographic standards and patching of vulnerabilities of FOSS. This would go a long way in addressing the trust deficit that exists on the internet today.</p>
<h3 style="text-align: justify;">Security and Technology</h3>
<p style="text-align: justify;">A techno-utopian understanding of security assumes that more technology, more recent technology and more complex technology will necessarily lead to better security outcomes.</p>
<p style="text-align: justify;">This is because the security discourse is dominated by vendors with sales targets who do not present a balanced or accurate picture of the technologies that they are selling. This has resulted in state agencies and the general public having an exaggerated understanding of the capabilities of surveillance technologies that is more aligned with Hollywood movies than everyday reality.</p>
<h3 style="text-align: justify;">More Technology</h3>
<p style="text-align: justify;">Increasing the number of x-ray machines or full-body scanners at airports by a factor of ten or hundred will make the airport less secure unless human oversight is similarly increased. Even with increased human oversight, all that has been accomplished is an increase in the potential locations that can be compromised. The process of hardening a server usually involves stopping non-essential services and removing non-essential software. This reduces the software that should be subject to audit, continuously monitored for vulnerabilities and patched as soon as possible. Audits, ongoing monitoring and patching all cost time and money and therefore, for governments with limited budgets, any additional unnecessary technology should be seen as a drain on the security budget. Like with the airport example, even when it comes to a single server on the internet, it is clear that, from a security perspective, more technology without a proper functionality and security justification is counter-productive. To reiterate, throwing increasingly more technology at a problem does not make things more secure; rather, it results in a proliferation of vulnerabilities.</p>
<h3 style="text-align: justify;">Latest Technology</h3>
<p style="text-align: justify;">Reports that a number of state security agencies are contemplating returning to typewriters for sensitive communications in the wake of Snowden’s revelations makes it clear that some older technologies are harder to compromise in comparison to modern technology. <a name="fr9" href="#fn9">[9]</a> Between iris- and fingerprint-based biometric authentication, logically, it would be easier for a criminal to harvest images of irises or authentication factors in bulk fashion using a high resolution camera fitted with a zoom lens in a public location, in comparison to mass lifting of fingerprints.</p>
<h3 style="text-align: justify;">Complex Technology</h3>
<p style="text-align: justify;">Fifteen years ago, Bruce Schneier said, "The worst enemy of security is complexity. This has been true since the beginning of computers, and it’s likely to be true for the foreseeable future." <a name="fr10" href="#fn10">[10]</a> This is because complexity increases fragility; every feature is also a potential source of vulnerabilities and failures. The simpler Indian electronic machines used until the 2014 elections are far more secure than the Diebold voting machines used in the 2004 US presidential elections. Similarly when it comes to authentication, a pin number is harder to beat without user-conscious cooperation in comparison to iris- or fingerprint-based biometric authentication.</p>
<p style="text-align: justify;">In the following section of the paper we have identified five threat scenarios <a name="fr11" href="#fn11">[11]</a> relevant to India and identified solutions based on our theoretical framing above.</p>
<h3 style="text-align: justify;">Threat Scenarios and Possible Solutions</h3>
<p style="text-align: justify;"><strong>Hacking the NIC Certifying Authority</strong><br />One of the critical functions served by the National Informatics Centre (NIC) is as a Certifying Authority (CA). <a name="fr12" href="#fn12">[12]</a> In this capacity, the NIC issues digital certificates that authenticate web services and allow for the secure exchange of information online. <a name="fr13" href="#fn13">[13]</a> Operating systems and browsers maintain lists of trusted CA root certificates as a means of easily verifying authentic certificates. India’s Controller of Certifying Authority’s certificates issued are included in the Microsoft Root list and recognised by the majority of programmes running on Windows, including Internet Explorer and Chrome. <a name="fr14" href="#fn14">[14]</a> In 2014, the NIC CA’s infrastructure was compromised, and digital certificates were issued in NIC’s name without its knowledge. <a name="fr15" href="#fn15">[15]</a> Reports indicate that NIC did not "have an appropriate monitoring and tracking system in place to detect such intrusions immediately." <a name="fr16" href="#fn16">[16]</a> The implication is that websites could masquerade as another domain using the fake certificates. Personal data of users can be intercepted or accessed by third parties by the masquerading website. The breach also rendered web servers and websites of government bodies vulnerable to attack, and end users were no longer sure that data on these websites was accurate and had not been tampered with. <a name="fr17" href="#fn17">[17]</a> The NIC CA was forced to revoke all 250,000 SSL Server Certificates issued until that date <a name="fr18" href="#fn18">[18]</a> and is no longer issuing digital certificates for the time being. <a name="fr19" href="#fn19">[19]</a>Public key pinning is a means through which websites can specify which certifying authorities have issued certificates for that site. Public key pinning can prevent man-in-the-middle attacks due to fake digital certificates. <a name="fr20" href="#fn20">[20]</a> Certificate Transparency allows anyone to check whether a certificate has been properly issued, seeing as certifying authorities must publicly publish information about the digital certificates that they have issued. Though this approach does not prevent fake digital certificates from being issued, it can allow for quick detection of misuse. <a name="fr21" href="#fn21">[21]</a></p>
<p style="text-align: justify;"><strong>‘Logic Bomb’ against Airports</strong><br />Passenger operations in New Delhi’s Indira Gandhi International Airport depend on a centralised operating system known as the Common User Passenger Processing System (CUPPS). The system integrates numerous critical functions such as the arrival and departure times of flights, and manages the reservation system and check-in schedules. <a name="fr22" href="#fn22">[22]</a> In 2011, a logic bomb attack was remotely launched against the system to introduce malicious code into the CUPPS software. The attack disabled the CUPPS operating system, forcing a number of check-in counters to shut down completely, while others reverted to manual check-in, resulting in over 50 delayed flights. Investigations revealed that the attack was launched by three disgruntled employees who had assisted in the installation of the CUPPS system at the New Delhi Airport. <a name="fr23" href="#fn23">[23]</a> Although in this case the impact of the attack was limited to flight delay, experts speculate that the attack was meant to take down the entire system. The disruption and damage resulting from the shutdown of an entire airport would be extensive.</p>
<p style="text-align: justify;">Adoption of open hardware and FOSS is one strategy to avoid and mitigate the risk of such vulnerabilities. The use of devices that embrace the concept of open hardware and software specifications must be encouraged, as this helps the FOSS community to be vigilant in detecting and reporting design deviations and investigate into probable vulnerabilities.</p>
<p style="text-align: justify;"><strong>Attack on Critical Infrastructure</strong><br />The Nuclear Power Corporation of India encounters and prevents numerous cyber attacks every day. <a name="fr24" href="#fn24">[24]</a> The best known example of a successful nuclear plant hack is the Stuxnet worm that thwarted the operation of an Iranian nuclear enrichment complex and set back the country’s nuclear programme. <a name="fr25" href="#fn25">[25] </a></p>
<p style="text-align: justify;">The worm had the ability to spread over the network and would activate when a specific configuration of systems was encountered <a name="fr26" href="#fn26">[26]</a> and connected to one or more Siemens programmable logic controllers. <a name="fr27" href="#fn27">[27]</a> The worm was suspected to have been initially introduced through an infected USB drive into one of the controller computers by an insider, thus crossing the air gap. <a name="fr28" href="#fn28">[28]</a> The worm used information that it gathered to take control of normal industrial processes (to discreetly speed up centrifuges, in the present case), leaving the operators of the plant unaware that they were being attacked. This incident demonstrates how an attack vector introduced into the general internet can be used to target specific system configurations. When the target of a successful attack is a sector as critical and secured as a nuclear complex, the implications for a country’s security and infrastructure are potentially grave.</p>
<p style="text-align: justify;">Security audits and other transparency measures to identify vulnerabilities are critical in sensitive sectors. Incentive schemes such as prizes, contracts and grants may be evolved for the private sector and academia to identify vulnerabilities in the infrastructure of critical resources to enable/promote security auditing of infrastructure.</p>
<p style="text-align: justify;"><strong>Micro Level: Chip Attacks</strong><br />Semiconductor devices are ubiquitous in electronic devices. The US, Japan, Taiwan, Singapore, Korea and China are the primary countries hosting manufacturing hubs of these devices. India currently does not produce semiconductors, and depends on imported chips. This dependence on foreign semiconductor technology can result in the import and use of compromised or fraudulent chips by critical sectors in India. For example, hardware Trojans, which may be used to access personal information and content on a device, may be inserted into the chip. Such breaches/transgressions can render equipment in critical sectors vulnerable to attack and threaten national security. <a name="fr29" href="#fn29">[29]</a></p>
<p style="text-align: justify;">Indigenous production of critical technologies and the development of manpower and infrastructure to support these activities are needed. The Government of India has taken a number of steps towards this. For example, in 2013, the Government of India approved the building of two Semiconductor Wafer Fabrication (FAB) manufacturing facilities <a name="fr30" href="#fn30">[30]</a> and as of January 2014, India was seeking to establish its first semiconductor characterisation lab in Bangalore. <a name="fr31" href="#fn31">[31]</a></p>
<p style="text-align: justify;"><strong>Macro Level: Telecom and Network Switches</strong></p>
<p style="text-align: justify;">The possibility of foreign equipment containing vulnerabilities and backdoors that are built into its software and hardware gives rise to concerns that India’s telecom and network infrastructure is vulnerable to being hacked and accessed by foreign governments (or non-state actors) through the use of spyware and malware that exploit such vulnerabilities. In 2013, some firms, including ZTE and Huawei, were barred by the Indian government from participating in a bid to supply technology for the development of its National Optic Network project due to security concerns. <a name="fr32" href="#fn32">[32]</a> Similar concerns have resulted in the Indian government holding back the conferment of ‘domestic manufacturer’ status on both these firms. <a name="fr33" href="#fn33">[33]</a></p>
<p style="text-align: justify;">Following reports that Chinese firms were responsible for transnational cyber attacks designed to steal confidential data from overseas targets, there have been moves to establish laboratories to test imported telecom equipment in India. <a name="fr34" href="#fn34">[34]</a> Despite these steps, in a February 2014 incident the state-owned telecommunication company Bharat Sanchar Nigam Ltd’s network was hacked, allegedly by Huawei. <a name="fr35" href="#fn35">[35]</a></p>
<blockquote style="text-align: justify;" class="pullquote">Security practitioners and policymakers need to avoid the zero-sum framing prevalent in popular discourse regarding security VIS-A-VIS privacy, transparency and technology.</blockquote>
<p style="text-align: justify;">A successful hack of the telecom infrastructure could result in massive disruption in internet and telecommunications services. Large-scale surveillance and espionage by foreign actors would also become possible, placing, among others, both governmental secrets and individuals personal information at risk.</p>
<p style="text-align: justify;">While India cannot afford to impose a general ban on the import of foreign telecommunications equipment, a number of steps can be taken to address the risk of inbuilt security vulnerabilities. Common International Criteria for security audits could be evolved by states to ensure compliance of products with international norms and practices. While India has already established common criteria evaluation centres, <a name="fr36" href="#fn36">[36]</a> the government monopoly over the testing function has resulted in only three products being tested so far. A Code Escrow Regime could be set up where manufacturers would be asked to deposit source code with the Government of India for security audits and verification. The source code could be compared with the shipped software to detect inbuilt vulnerabilities.</p>
<h3 style="text-align: justify;">Conclusion</h3>
<p style="text-align: justify;">Cyber security cannot be enhanced without a proper understanding of the relationship between security and other national imperatives such as privacy, transparency and technology. This paper has provided an initial sketch of those relationships, but sustained theoretical and empirical research is required in India so that security practitioners and policymakers avoid the zero-sum framing prevalent in popular discourse and take on the hard task of solving the optimisation problem by shifting policy, market and technological levers simultaneously. These solutions must then be applied in multiple contexts or scenarios to determine how they should be customised to provide maximum security bang for the buck.</p>
<hr />
<p style="text-align: justify;">[<a name="fn1" href="#fr1">1</a>]. Daniel J. Solove, Chapter 1 in Nothing to Hide: The False Tradeoff between Privacy and Security (Yale University Press: 2011), http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1827982.</p>
<p style="text-align: justify;">[<a name="fn2" href="#fr2">2</a>]. Bruce Schneier, “What our Top Spy doesn’t get: Security and Privacy aren’t Opposites,” Wired, January 24, 2008, http://archive.wired.com/politics/security commentary/security matters/2008/01/securitymatters_0124 and Bruce Schneier, “Security vs. Privacy,” Schneier on Security, January 29, 2008, https://www.schneier.com/blog/archives/2008/01/security_vs_pri.html.</p>
<p style="text-align: justify;">[<a name="fn3" href="#fr3">3</a>]. There are four sources of power in internet governance: Market power exerted by private sector organisations; regulatory power exerted by states; technical power exerted by anyone who has access to certain categories of technology, such as cryptography; and finally, the power of public pressure sporadically mobilised by civil society. A technically sound encryption standard, if employed by an ordinary citizen, cannot be compromised using the power of the market or the regulatory power of states or public pressure by civil society. In that sense, technology can be used to regulate state and market behaviour.</p>
<p style="text-align: justify;">[<a name="fn4" href="#fr4">4</a>]. Ann Cavoukian and Khaled El Emam, “Introducing Privacy-Protective Surveillance: Achieving Privacy and Effective Counter-Terrorism,” Information & Privacy Commisioner, September 2013, Ontario, Canada, http://www.privacybydesign.ca/content/uploads/2013/12/pps.pdf.</p>
<p style="text-align: justify;">[<a name="fn5" href="#fr5">5</a>]. Madan Oberoi, Pramod Jagtap, Anupam Joshi, Tim Finin and Lalana Kagal, “Information Integration and Analysis: A Semantic Approach to Privacy”(presented at the third IEEE International Conference on Information Privacy, Security, Risk and Trust, Boston, USA, October 2011), ebiquity.umbc.edu/_file_directory_/papers/578.pdf.</p>
<p style="text-align: justify;">[<a name="fn6" href="#fr6">6</a>]. Bruce Byfield, “Does Heartbleed disprove ‘Open Source is Safer’?,” Datamation, April 14, 2014, http://www.datamation.com/open-source/does-heartbleed-disprove-open-source-is-safer-1.html.</p>
<p style="text-align: justify;">[<a name="fn7" href="#fr7">7</a>]. “Cybersecurity Program should be more transparent, protect privacy,” Centre for Democracy and Technology Insights, March 20, 2009, https://cdt.org/insight/cybersecurity-program-should-be-more-transparent-protect-privacy/#1.</p>
<p style="text-align: justify;">[<a name="fn8" href="#fr8">8</a>]. “Cracked Credibility,” The Economist, September 14, 2013, http://www.economist.com/news/international/21586296-be-safe-internet-needs-reliable-encryption-standards-software-and.</p>
<p style="text-align: justify;">[<a name="fn9" href="#fr9">9</a>]. Miriam Elder, “Russian guard service reverts to typewriters after NSA leaks,” The Guardian, July 11, 2013, www.theguardian.com/world/2013/jul/11/russia-reverts-paper-nsa-leaks and Philip Oltermann, “Germany ‘may revert to typewriters’ to counter hi-tech espionage,” The Guardian, July 15, 2014, www.theguardian.com/world/2014/jul/15/germany-typewriters-espionage-nsa-spying-surveillance.</p>
<p style="text-align: justify;">[<a name="fn10" href="#fr10">10</a>]. Bruce Schneier, “A Plea for Simplicity,” Schneier on Security, November 19, 1999, https://www.schneier.com/essays/archives/1999/11/a_plea_for_simplicit.html.</p>
<p style="text-align: justify;">[<a name="fn11" href="#fr11">11</a>]. With inputs from Pranesh Prakash of the Centre for Internet and Society and Sharathchandra Ramakrishnan of Srishti School of Art, Technology and Design.</p>
<p style="text-align: justify;">[<a name="fn12" href="#fr12">12</a>]. “Frequently Asked Questions,” Controller of Certifying Authorities, Department of Electronics and Information Technology, Government of India, http://cca.gov.in/cca/index.php?q=faq-page#n41.</p>
<p>[<a name="fn13" href="#fr13">13</a>]. National Informatics Centre Homepage, Government of India, http://www.nic.in/node/41.</p>
<p style="text-align: justify;">[<a name="fn14" href="#fr14">14</a>]. Adam Langley, “Maintaining Digital Certificate Security,” Google Security Blog, July 8, 2014, http://googleonlinesecurity.blogspot.in/2014/07/maintaining-digital-certificate-security.html.</p>
<p style="text-align: justify;">[<a name="fn15" href="#fr15">15</a>]. This is similar to the kind of attack carried out against DigiNotar, a Dutch certificate authority. See: http://scholarcommons.usf.edu/cgi/viewcontent.cgi?article=1246&context=jss.</p>
<p>[<a name="fn16" href="#fr16">16</a>]. R. Ramachandran, “Digital Disaster,” Frontline, August 22, 2014, http://www.frontline.in/the-nation/digital-disaster/article6275366.ece.</p>
<p>[<a name="fn17" href="#fr17">17</a>]. Ibid.</p>
<p>[<a name="fn18" href="#fr18">18</a>]. “NIC’s digital certification unit hacked,” Deccan Herald, July 16, 2014, http://www.deccanherald.com/content/420148/archives.php.</p>
<p>[<a name="fn19" href="#fr19">19</a>]. National Informatics Centre Certifying Authority Homepage, Government of India, http://nicca.nic.in//.</p>
<p>[<a name="fn20" href="#fr20">20</a>]. Mozilla Wiki, “Public Key Pinning,” https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning.</p>
<p style="text-align: justify;">[<a name="fn21" href="#fr21">21</a>]. “Certificate Transparency - The quick detection of fraudulent digital certificates,” Ascertia, August 11, 2014, http://www.ascertiaIndira.com/blogs/pki/2014/08/11/certificate-transparency-the-quick-detection-of-fraudulent-digital-certificates.</p>
<p style="text-align: justify;">[<a name="fn22" href="#fr22">22</a>]. “Indira Gandhi International Airport (DEL/VIDP) Terminal 3, India,” Airport Technology.com, http://www.airport-technology.com/projects/indira-gandhi-international-airport-terminal -3/.</p>
<p style="text-align: justify;">[<a name="fn23" href="#fr23">23</a>]. “How techies used logic bomb to cripple Delhi Airport,” Rediff, November 21, 2011, http://www.rediff.com/news/report/how-techies-used-logic-bomb-to-cripple-delhi-airport/20111121 htm.</p>
<p style="text-align: justify;">[<a name="fn24" href="#fr24">24</a>]. Manu Kaushik and Pierre Mario Fitter, “Beware of the bugs,” Business Today, February 17, 2013, http://businesstoday.intoday.in/story/india-cyber-security-at-risk/1/191786.html.</p>
<p>[<a name="fn25" href="#fr25">25</a>]. “Stuxnet ‘hit’ Iran nuclear plants,” BBC, November 22, 2010, http://www.bbc.com/news/technology-11809827.</p>
<p>[<a name="fn26" href="#fr26">26</a>]. In this case, systems using Microsoft Windows and running Siemens Step7 software were targeted.</p>
<p>[<a name="fn27" href="#fr27">27</a>]. Jonathan Fildes, “Stuxnet worm ‘targeted high-value Iranian assets’,” BBC, September 23, 2010, http://www.bbc.com/news/technology-11388018.</p>
<p style="text-align: justify;">[<a name="fn28" href="#fr28">28</a>]. Farhad Manjoo, “Don’t Stick it in: The dangers of USB drives,” Slate, October 5, 2010, http://www.slate.com/articles/technology/technology/2010/10/dont_stick_it_in.html.</p>
<p>[<a name="fn29" href="#fr29">29</a>]. Ibid.</p>
<p style="text-align: justify;">[<a name="fn30" href="#fr30">30</a>]. “IBM invests in new $5bn chip fab in India, so is chip sale off?,” ElectronicsWeekly, February 14, 2014, http://www.electronicsweekly.com/news/business/ibm-invests-new-5bn-chip-fab-india-chip-sale-2014-02/.</p>
<p style="text-align: justify;">[<a name="fn31" href="#fr31">31</a>]. NT Balanarayan, “Cabinet Approves Creation of Two Semiconductor Fabrication Units,” Medianama, February 17, 2014, http://articles.economictimes.indiatimes.com/2014-02-04/news/47004737_1_indian-electronics-special-incentive-package-scheme-semiconductor-association.</p>
<p style="text-align: justify;">[<a name="fn32" href="#fr32">32</a>]. Jamie Yap, “India bars foreign vendors from national broadband initiative,” ZD Net, January 21, 2013, http://www.zdnet.com/in/india-bars-foreign-vendors-from-national-broadband-initiative-7000010055/.</p>
<p style="text-align: justify;">[<a name="fn33" href="#fr33">33</a>]. Kevin Kwang, “India holds back domestic-maker status for Huawei, ZTE,” ZD Net, February 6, 2013, http://www.zdnet.com/in/india-holds-back-domestic-maker-status-for-huawei-zte-70 00010887/. Also see “Huawei, ZTE await domestic-maker tag,” The Hindu, February 5, 2013, http://www.thehindu.com/business/companies/huawei-zte-await-domesticmaker-tag/article4382888.ece.</p>
<p style="text-align: justify;">[<a name="fn34" href="#fr34">34</a>]. Ellyne Phneah, “Huawei, ZTE under probe by Indian government,” ZD Net, May 10, 2013, http://www.zdnet.com/in/huawei-zte-under-probe-by-indian-government-7000015185/.</p>
<p style="text-align: justify;">[<a name="fn35" href="#fr35">35</a>]. Devidutta Tripathy, “India investigates report of Huawei hacking state carrier network,” Reuters, February 6, 2014, http://www.reuters.com/article/2014/02/06/us-india-huawei-hacking-idUSBREA150QK20140206.</p>
<p>[<a name="fn36" href="#fr36">36</a>]. “Products Certified,” Common Criteria Portal of India, http://www.commoncriteria-india.gov.in/Pages/ProductsCertified.aspx.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/security-privacy-transparency-and-technology'>http://editors.cis-india.org/internet-governance/blog/security-privacy-transparency-and-technology</a>
</p>
No publishersunilBig DataPrivacyInternet GovernanceFeaturedHomepage2015-09-15T10:53:52ZBlog EntrySameet Panda - Data Systems in Welfare: Impact of the JAM Trinity on Pension & PDS in Odisha during COVID-19
http://editors.cis-india.org/raw/sameet-panda-jam-trinity-pension-pds-odisha-covid-19
<b>This study by Sameet Panda tries to understand the integration of data and digital systems in welfare delivery in Odisha. It brings out the impact of welfare digitalisation on beneficiaries through primary data collected in November 2020. The researcher is thankful to community members for sharing their lived experiences during course of the study. Fieldwork was undertaken in three panchayats of Bhawanipatna block of Kalahandi district, Odisha. Additional research support was provided by Apurv Vivek and Vipul Kumar, and editorial contributions were made by Ambika Tandon (Senior Researcher, CIS). This study was conducted as part of a project on gender, welfare, and surveillance, supported by Privacy International, UK.</b>
<p> </p>
<h4>Report: <a href="https://cis-india.org/raw/sameet-panda-impact-of-the-jam-trinity-on-pension-pds-in-odisha-during-covid-19" target="_blank">Download</a> (PDF)</h4>
<hr />
<h3>Extract from the Report</h3>
<p>The COVID-19 pandemic has accelerated flaws in social institutions as never before - threatening food security, public health systems, and livelihood in the informal sector. At the time of writing this report,
India is the second-worst affected country in the world with over 9.8 million confirmed cases and more than 1.4 hundred thousand deaths. Unemployment has been increasing at an alarming rate, from 6.67 to 7 percent in October...</p>
<p>Following the national lockdown, many families belonging to low-income groups and daily wage earners found themselves stranded without money, food or credit from their employers. During the strict lockdown of the economy between March to June 2020 lakhs of migrants faced starvation in cities and walked back home. The government responded with some urgent measures, although inadequate. To cope with the food and economic crisis the Government of India and state governments initiated several social protection schemes. In Odisha, The central government provided two kinds of support, cash transfer through Direct Benefit Transfer (DBT) MGNREGS, Pradhan Mantri Jan Dhan Yojana (PMJDY) and Pradhan Mantri Ujjwala Yojana (PMUJ), advance release of pension in cash to existing beneficiaries and cash support of Rs. 1000. The Odisha government provided cash support of Rs. 1000
to ration card holding families. Beneficiaries of the Public Distribution System also received free-of-cost food grain under the Pradhan Mantri Garib Kalyan Anna Yojana...</p>
<p>Over the last couple of years, along with making the Aadhaar mandatory, the government has also been working towards linking mobile numbers and bank accounts of beneficiaries. An increasing number of schemes are shifting to Direct Benefit Transfer from in-kind or cash benefits - 324 schemes under 51 ministries of the Government of India. Such schemes are relying on the linkage of Jan Dhan accounts, the Aadhaar, and mobile numbers (the “JAM trinity”) to facilitate access to Direct Benefit Transfers. The Economic Survey 2015-16 has pointed out that without improving mobile penetration and rural banking infrastructure making the JAM trinity mandatory would continue to lead to exclusions. The issues with each of the components of the JAM trinity worsened during the COVID-19 crisis with restrictions on physical movement, difficulties in topping up mobile phone accounts, and enrolling for the Aadhaar or addressing other technical issues.</p>
<p>This report assesses the role of the data system in welfare delivery. It focuses on the impact of the three components of the JAM trinity - Jan Dhan Account, mobile numbers and the Aadhaar on Direct Benefit Transfer, social security pension and the Public Distribution System. The objective of this study is to understand the challenges faced by beneficiaries in accessing PDS and pension as a result of digitisation processes. This includes failures in Direct Benefit Transfers and exclusions from databases, particularly during the COVID-19 pandemic. The study focuses on gender as a key component shaping the impact of digitisation on beneficiaries. The sample includes both men and women beneficiaries in order to identify such gendered differences. It will also identify infrastructural constraints in Odisha that impact the implementation of digital systems in welfare. Also, it will analyse policy frameworks at central and state levels, to compare their discourse with the impact on the ground.</p>
<p> </p>
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/raw/sameet-panda-jam-trinity-pension-pds-odisha-covid-19'>http://editors.cis-india.org/raw/sameet-panda-jam-trinity-pension-pds-odisha-covid-19</a>
</p>
No publisherSameet PandaWelfare GovernanceData SystemsHomepageResearchFeaturedGender, Welfare, and PrivacyResearchers at Work2021-02-26T07:36:10ZBlog EntryRound Table on Assessing the Efficacy of Information and Communication Technologies (ICTs) for Public Initiatives: A Report
http://editors.cis-india.org/events/event-blogs/round-table-assessing-efficacy
<b>Zainab Bawa reports on the Round Table on Assessing the Efficacy of Information and Communication Technologies for Public Initiatives, hosted by the Centre for Internet and Society, Bangalore, on 17 June 2009, in collaboration with the Liberty Institute, New Delhi. </b>
<p></p>
<p>
In
recent times, there has been an upsurge in the use of ICTs to provide
information to people and to elicit participation. Individuals, corporate
organisations, NGOs, civil society organisations, collectives, municipalities,
political parties and politicians have been using the internet and other
mediums to communicate with people. The round table was organised primarily to
discuss two issues:</p>
<ol><li>What is the
effectiveness of the initiatives introduced in recent times?</li><li>How do we
move forward in terms of partnerships/collaborations in the areas of data
gathering, sharing, dissemination and architecture of information? </li></ol>
<p>Given
the constraints of time, however, we were only able to discuss a few issues with
respect to efficacy of initiatives, rather than come up with a concrete action
plan on how to measure effectiveness of many of the existing initiatives. This
remains an agenda for subsequent meetings.</p>
<p>This round table was the first meeting of its kind. It
brought together participants from diverse backgrounds to discuss key issues
involved in leveraging ICTs towards various ends, and to collaborate with each
other on ongoing initiatives. Participants included researchers,
persons who have developed information platforms and databases, individuals
working in the area of leveraging technology for streamlining processes in
society and people who have been studying usage patterns of social media tools.
Most of the participants were using ICTs to improve information access
related to health issues, education, budgets, development of rural areas and
recently, elections and governance. In the subsequent sections, I will briefly
elaborate on some of the key themes around which discussions took place
during the round table.</p>
<p><strong>Building on Ideas:</strong> In the morning
and pre-lunch sessions, one issue that featured prominently was the importance of developing ideas rather than trying to work out a perfect model that
we believe will solve what we perceive to be people’s problems. Two of the
participants explained that they started implementing ideas as they came to
them, rather than trying to come up with a framework that they thought would
work for the masses. They worked towards evolving their ideas, exploring what
works and what does not. One of them further pointed out that such evolution
cannot be observed as it happens; it only becomes apparent in hindsight. Hence,
discussions such as the current round table are useful.</p>
<p>It is
also important to note that we are still in a nascent stage of understanding
how ICTs can impact people’s lives and deploying them accordingly. As a result, many efforts are likely to be in the stage of trial and error.</p>
<p><strong>Key areas of interest and concern:</strong> Based
on the input from participants in the morning session, we
arrived at a list of areas that require more understanding and discussion.</p>
<ol><li><u>Information gathering, dissemination, access –
including information architecture, technology design</u>:
Here, three issues were discussed:</li>
<ul><li>Who are we talking about when we refer to information
access? It was pointed out that information is crucial particularly for people
who do not have computers and for whom internet is not a priority. The intensity
with which they seek information is remarkable. One of the participants argued
that we undervalue the potential of information to make a difference to
people’s lives.</li><li>How do we deliver information? Providing information
is not enough.</li><li>Representativeness of the information for those who it
is provided for.
</li></ul>
</ol>
<p>Another issue that was referred to
was whether language is a problem, i.e., most information is available only in
English. One of the participants suggested that this is not the case because Google has found that a very small percentage of the population actually refers
to material on the web in languages other than English.</p>
<ol type="1" start="2"><li><u>Community mobilization</u>:
During the deliberations, we referred to the problem of replication of initiatives. Two observers of social media pointed
out that replication happens because people are trying to create their own
unique communities around their initiatives. This is an important insight
for future efforts and also indicates the need to share databases and
information that individuals and organisations have compiled. They also
suggested that it is important to discover existing communities and spaces
where conversations around issues of governance, education, health and
development are taking place. This helps to plug into existing resource
pools and to extend outreach. <br /></li></ol>
<ol type="1" start="3"><li><u>Citizens’ participation</u>:
Initiatives that work and why they
succeed - We briefly discussed the Jaagore campaign and India Vote Report,
which were launched before the 2009 national elections in India to enable
people to register on the electoral rolls and to report irregularities during
elections respectively. Some people found it difficult to register
themselves on the Jaagore website and some had difficulties in finding the
local offices where they needed to follow-up with the process. It was also
pointed out that Vote Report did not connect with the end user because it
would have been easier to report irregularities and anomalies via SMS
rather than trying to report them by logging on to the site. If one looks
at the case of the Online Complaint Management System (OCMS) developed by
Praja, the availability of the telephone hotline service through which
citizens could register their complaints helped in widening usage. Thus,
it appears that two issues are pertinent:</li>
<ul><li>Whether the initiative connects with the people who
are likely to use it;</li><li>Simplicity of design/system that enables more users. <br />
</li></ul>
</ol>
<p><strong>Target
Audience:</strong> One of
the participants pointed out that some initiatives do not work because they are
targeted towards the wrong audiences. For example, when it comes to voting and
elections, poor groups are the ones who go out and vote in large numbers.
Hence, information systems need to be tailored to provide them with the data
that they need most. Access also has to be configured accordingly. In some
instances, the target is too broad to reach out effectively.</p>
<p>It appears that there is a need to
develop strategies on how platforms and databases that have been created to
enhance access to information can be made known among the masses and how people
can be made aware to use them. It is equally important to understand what
constitutes ‘information’ and for whom. Here,
the other issue to explore is how information links back to the people for who
it is provided.</p>
<ol type="1" start="4"><li><u>Technology</u>: In this
area, a key concern was the high costs involved in developing technologies
and whether we could learn from each other’s experience of developing
technologies instead of reinventing the wheel. We also discussed whether
open source software helps to reduce costs of development. The other issue
with respect to open source is whether there is enough assistance and
support available to resolve problems that may crop up during use of
technology from time to time. </li></ol>
<p><strong>Sharing
of Data:</strong> Discussions also veered around the issue of whether
appropriate technology and applications could be created to help with sharing
existing databases and information pools. We did not discuss this issue
in depth, but it remains relevant for subsequent meetings.</p>
<ol type="1" start="5"><li><u>Back end integration</u>: According
to some of the participants, one of major problems is the interface
between government and citizens, which remains weak. Technology
can be used to enhance the interactions. Participants also pointed out
the difficulty in obtaining data from government bodies that is important
to create the interface between government and citizens. A participant
involved with the Jaagore campaign referred to the problem of back-end
integration during their efforts to help citizens register themselves with
the election commission (EC) offices. A participant from Google similarly
reported that they faced problems in obtaining election results from the EC’s
offices as a result of which, they had to rely on their partners for this
information. Here too, we could not deliberate on how to resolve this
problem, but this could be a major theme for a subsequent meeting. <br /></li></ol>
<ol type="1" start="6"><li><u>Performance (monitoring, evaluation)</u>:
One of the themes that participants zeroed in on was the evaluation of
the performance of elected representatives and making this evaluation available for
people to see. Here, the debate was around the problem of evaluation being carried out according to the criteria we set which may not seem relevant
to other sections of society. One of the suggestions that came up was to
develop a matrix for evaluation and put out information accordingly.
People can then use it to make their own judgments. <img src="http://editors.cis-india.org/events/event-blogs/uploads/00016.jpg/image_preview" alt="rt2" class="image-right" title="rt2" /><br /></li></ol>
<p>In
the post-lunch session, some of the participants shared their experiences with
implementation and also the work they and their organisations are currently
engaged with. Towards the end of the round table, each one of the participants
explained their respective projects and how they may wish to collaborate with
other participants (who were present) in their initiatives. An e-group called “CIS-Info-Access” has
been created to take these conversations and collaborations further. </p>
<h3><strong>Evaluation of the Round Table and Way Forward:</strong> <br /></h3>
<p>When
invitations were sent out to people to participate in the round table, many of
the invitees expressed a genuine and enthusiastic interest in being part of
this effort. As mentioned above, one of the reasons for this enthusiasm was
because this was the first meeting of its kind, bringing together
individuals from the fields of technology, research and implementation. We
invited a total of 35 people out of which 27 finally attended the meeting.
The diversity of the participants was an asset in that a variety of issues were
brought to the table. The drawback was that there was not enough time to
discuss some of the pertinent issues in depth. Future meetings can be tailored
to discuss one or two specific themes such as back-end integration and sharing
of information, technology issues, ideas for mobilising citizens and
communities, etc.</p>
<p>The
possibilities of collaboration between participants in this meeting are immense
and we hope that some of the synergies will materialise into concrete outcomes.
Further, a few participants have expressed an interest in organising similar
meetings in their cities/towns, perhaps focusing on a few issues instead of
bringing people together under a broad theme. Of some of the issues discussed,
participants have indicated that back-end integration with government and
ideating on different ways of disseminating data can be further deliberated on
in future. One of the participants also suggested that there is a need to make
‘data’ more relevant to people’s lives.</p>
<p>While
the meeting was fruitful in many respects, one issue needs to be underlined.
This concerns the imagination of internet and ICTs as mediums that can resolve all existing problems with respect to citizen-government
interface, streamlining of processes and provision of information. Such an
overarching imagination of technology overlooks the cultural, economic, social and
political specificities of communities and contexts. Technology
can also have negative implications in some circumstances. It also needs to be
reinforced that technology is embedded in society and culture. Therefore we
need to view technology as one of the avenues among others available which will
facilitate interactions between people and their governments and the state.
Democratisation is more likely to be realised through such a perspective.</p>
<p></p>
<p>
For more details visit <a href='http://editors.cis-india.org/events/event-blogs/round-table-assessing-efficacy'>http://editors.cis-india.org/events/event-blogs/round-table-assessing-efficacy</a>
</p>
No publishersachiaSocial mediaDigital ActivismDigital AccessPublic AccountabilityDiscussionFeaturedTransparency, Politics2011-08-20T22:28:55ZBlog EntryRight to Read Campaign, Chennai
http://editors.cis-india.org/accessibility/blog/right-to-read-campaign-chennai
<b>A report on the first road show of the nationwide Right to Read Campaign which was launched at Loyola college, Chennai, on 26th September, 2009. </b>
<h2>Right to Read Campaign - An Overview</h2>
<h3>Fast Facts</h3>
<ul>
<li>At least three hundred million people around the world with sight problems and dyslexia cannot read standard print. India may be home to at least 70 million of these persons.</li>
</ul>
<ul>
<li>Globally, a massive 96 percent of books are never made available in formats that persons with print disability can enjoy and in India almost 99% books are unavailable in accessible formats.</li>
</ul>
<ul>
<li>Every day millions of adults and children are denied vital information for education, work, daily life as well as being denied the joy of reading a world of books. </li>
</ul>
<ul>
<li>The Indian Copyright Act 1957 does not permit conversion and distribution of books in accessible formats to persons with print disabilities.</li>
</ul>
<h3>Problem at hand</h3>
<p style="text-align: justify; ">Millions of Indians are unable to read printed material due to disabilities. There are technologies available which can help them read print if the material is converted into an alternate format such as large print, audio, Braille or any electronic format. While the Indian constitution guarantees the “right to read” as a fundamental right, the <i>Copyright Act of 1957</i> does not permit the conversion of books into accessible formats for the benefit of persons with print impairment, as a result of which a “book famine” is created. International conventions that India is a party to specifically require it to amend its copyright laws for the benefit of persons with disabilities and to make available information and material to them on an equal basis as others. Publishers also do not make books available in accessible formats as a result of which less than 0.5% of them are available. As a result, persons with print impairments get excluded from the education system and it impacts their career choices. In addition to this, there are no national policies or action plan to ensure that publications in accessible formats in all Indian languages are available to persons with print disabilities all over the country.</p>
<h3>Current situation in India</h3>
<p style="text-align: justify; ">The Indian Copyright Act, 1957 does not make any provision for the conversion and distribution of books in accessible formats for print impaired persons. Hence organizations serving them have to get permission from copyright holders for conversion. Because of this, other countries do not lend books in accessible formats to print impaired persons in our country.</p>
<p style="text-align: justify; ">In the case of books published in India, there are no accessible copies readily available in the market and while many publishers in principle are not averse to giving permission, the unwanted fear of piracy and lack of awareness prevents them from allowing organizations to undertake conversions. Consequently print impaired persons are denied the freedom to choose and read any book which is freely available to the public.</p>
<h3>Solution</h3>
<ul>
<li>The Government of India must immediately modify the Indian Copyright Act 1957 to permit conversion and distribution of books in accessible formats to persons with print disabilities.</li>
</ul>
<ul>
<li>India should support the Treaty on Copyright and the Reading Disabled being tabled at WIPO's Standing Committee on Copyright and Related Rights by the Governments of Brazil, Ecuador and Paraguay based on a text originally drafted by a global expert committee under the auspices of the World Blind Union, which is aimed at harmonization of copyright laws at an international level.</li>
</ul>
<h3>Objectives of the Right to Read Campaign</h3>
<ul>
<li>To accelerate change in copyright law</li>
</ul>
<ul>
<li>To raise public awareness on the issue</li>
</ul>
<ul>
<li>To gather Indian support for the Treaty on Copyright and the Reading Disabled being tabled at WIPO's Standing Committee on Copyright and Related Rights by the Governments of Brazil, Ecuador and Paraguay based on a text originally drafted by a global expert committee under the auspices of the World Blind Union.</li>
</ul>
<h3><b><span>Campaign Managers</span></b></h3>
<p style="text-align: justify; "><b>Centre for Internet and Society (www.cis-india.org): </b>The Centre for Internet and Society critically engages with concerns of digital pluralism, public accountability and pedagogic practices in the field of Internet and Society, with particular emphasis on South-South dialogues and exchange. In association with the Daisy Forum of India and Bookbole, the CIS is engaged in conducting the Right to Read Campaign supporting the acceleration of amendments in Copyright Law, creating public awareness and by gathering Indian support for the Treaty for the Blind proposed by the World Blind Union at the World Intellectual Property Organization (WIPO).</p>
<p style="text-align: justify; "><span class="Heading1Char"><b>DAISY Forum of India (www.daisyindia.org)</b></span>: DFI is a forum of 75 Not for Profit organizations from India who are involved in production of books and reading materials in accessible formats for persons who cannot read normal print. The DAISY Consortium envisions a world where people with print disabilities have equal access to information and knowledge without delay or additional expense. The DAISY Forum of India endorses this vision and is working towards its realization in India.</p>
<p style="text-align: justify; "><b>Bookbole (<a href="http://www.bookbole.com/"><span>www.bookbole.com</span></a>):</b> Bookbole is a library of books in multiple formats which can be accessed by persons using screen readers. Bookbole allows users to find, share, and manage personal libraries in a very easy fashion. This website has been developed by Inclusive Planet, a social venture involved in creating web based products and services for the differently-abled.</p>
<p><b>Loyola College (Chennai)</b> <b><span>(</span><a href="http://www.loyolacollege.edu/index.html"><span>www.loyolacollege.edu/index.html</span></a><span>)</span>: </b><span class="innertext1">Loyola College has played an important role in the history of education in India. Founded in 1925 by </span><b>Rev. Fr. Bertram, S.J.,</b><span class="innertext1"> who himself was twice the acting Vice- Chancellor of the Madras University, Loyola College has emerged in the last seventy-five years as a premier educational Institution in the country and it is striving to break new paths in education. One of the major breakthroughs in its history is the autonomous status it received in the year 1978.</span><span class="MsoHyperlink"><span><span> </span></span></span><span class="innertext1">Situated in the heart of Chennai, and having a large campus of about 98 acres, this institution provides an ideal environment for both teachers and students to enrich themselves intellectually, emotionally and physically by actively participating in the academic and co-curricular activities. Loyola has started several Centres of Excellence such as LIFE, (Loyola Institute of Frontier Energy) Entomology Research Institute, ACE, (Academy for Cumulative Excellence) Culture and Communication, LIVE (Loyola Institute of Vocational Education) and LISOR (Loyola Institute of Industrial and Social Science Research).</span></p>
<p><b><span><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/Loyola%20College%20-%20Right%20to%20Read%20Campaign%20-Chennai.jpg/image_preview" title="Loyola College - Chennai" height="124" width="320" alt="Loyola College - Chennai" class="image-inline" /></span></b></p>
<h3>Campaign activities</h3>
<p class="MsoListParagraphCxSpFirst">The nationwide Right to Read Campaign seeks to achieve the objective through a series of events like,</p>
<ul>
<li> Nationwide road-shows</li>
<li>Public rallies</li>
<li>Televised debates</li>
<li>Online petitions</li>
<li>Signature campaigns</li>
<li>Audio-video clips</li>
<li>Stalls where accessibility tools are demonstrated</li>
<li>Submission of a legal paper to the government on international scenario and constitutional compulsions for the amendment of the copyright law.</li>
</ul>
<p><b><span>Social Networks</span></b></p>
<p>The Right to read campaign has been active on various social networks like blogs, Twitter and Facebook. The campaign has been well received by the users and is succeeding in raising awareness on the issue.</p>
<p><b>Media Coverage</b></p>
<p style="text-align: justify; ">Even before its first event, the R2R campaign attracted significant press coverage in both Bangalore and Chennai. For details of the articles on the campaign in various newspapers both before and after the campaign please refer to Annexure A.</p>
<p><span class="Heading1Char"><b>Website</b></span>: <a href="http://www.righttoread.in/"><span><span>www.righttoread.in</span></span></a></p>
<p style="text-align: justify; ">This website, dedicated for the Right to Read campaign has details about the issue faced with regard to the copyright law and the objective of the campaign. It has a provision for signing the online petition and declaration forms. It has regular updates on the events being conducted and provides an opportunity to exploit ones creativity by blogging, shooting videos, clicking photos and writing slogans about the campaign. Its major objective is to spread awareness about the campaign.</p>
<h2><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0001.jpg/image_preview" alt="R2R-8" class="image-inline" title="R2R-8" /></h2>
<h2>Launch of Right to Read Campaign</h2>
<p>The first roadshow of the R2R campaign was launched at Chennai.</p>
<p><b>Venue: </b>Loyola College</p>
<p><b>Date: </b>26<sup>th</sup> September, 2009</p>
<p><b>Time: </b>9:30 AM</p>
<p><b>Topic:</b> Amend copyright law to grant access to reading materials for the print impaired</p>
<p><a href="http://editors.cis-india.org/accessibility/publications/uploads/RTR%20Campaign%20-%20Agenda.pdf/at_download/file" class="internal-link" title="R2R - Agenda"><b>Agenda</b></a></p>
<p><b>Launch of the campaign</b></p>
<p style="text-align: justify; ">This was the first major event with respect to the Right to Read campaign. A wide range of dignitaries were invited for the launch. The audience included students, social activists and visually challenged people. About 4oo students from 100 colleges around Chennai and 150 NSS volunteers attended from outside and an almost equal number of students participated from within Loyola College to make this a very large gathering of almost 800-1000 persons. The event was organized by the students of Department of Sociology at Loyola College, Chennai in collaboration with the campaign managers.</p>
<p style="text-align: justify; ">The Chief Guest of the event was Mr. Shri Kumar Verma, a well known writer, social activist and a professor of creative English and English literature. He spoke about the issue faced by print impaired persons and how apprehensive people are about sharing books in accessible formats as it is a legal infringement. He appreciated the fact that people have recognized the need for attention to this issue. He observed that Loyola College was the most appropriate venue for this event since students are proactively engaged with social issues. He promised to take initiatives and spread awareness about the campaign and expected the same from others.</p>
<p align="center" style="text-align: center; "><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/R2R%20-3.jpg/image_preview" title="R2R - 3" height="265" width="400" alt="R2R - 3" class="image-inline" /></p>
<p style="text-align: justify; ">Other dignitaries who honored the event were Dr. N. Raja Hussain, Program coordinator, NSS, University of Madras; Mr. Dipendra Manocha, Member, Executive Council, World Blind Union and President, Daisy Forum of India; Mr. Chandrasekar, Treasurer, National Association for the Blind; Ms. Nirmita Narasimhan, Programme Manager, CIS and Mr. Rahul Cherian, Policy Head, Inclusive Planet.</p>
<p style="text-align: justify; "><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0056.jpg/image_preview" alt="R2R-14" class="image-inline" title="R2R-14" /></p>
<p style="text-align: justify; ">They spoke about the need for the amendment and importance of spreading awareness about this burning issue. In her introduction to the campaign, Nirmita explained that it was not a question of just making the books available in particular formats. If people can read books, it will help literacy, education, employment and promote independent living. A majority of the visually impaired population don't pursue courses because they don't have study materials in accessible formats. This is substantiated by looking at the statistics of Delhi University - they have about 1,500 seats reserved for the handicapped. Despite that, in 2008, only 270 students applied and in 2009, only 350 applied. This just goes to show that in addition to making reservations, it is also necessary to provide an enabling reading framework to persons with disabilities by providing materials in accessible formats and a good support system. This statistics served as an eye opener to the audience.</p>
<h3><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0010.jpg/image_preview" alt="R2R-10" class="image-inline" title="R2R-10" /> <img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0009.jpg/image_preview" title="R2R-9" height="246" width="384" alt="R2R-9" class="image-inline" /></h3>
<h3></h3>
<h3><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0037.jpg/image_preview" alt="R2R-11" class="image-inline" title="R2R-11" /> <img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0042.jpg/image_preview" alt="R2R-13" class="image-inline" title="R2R-13" /></h3>
<p> </p>
<p><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0012.jpg/image_preview" alt="R2R-12" class="image-inline" title="R2R-12" /> <img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0083.jpg/image_preview" alt="R2R-15" class="image-inline" title="R2R-15" /></p>
<p> </p>
<h3></h3>
<h3><span><b>Signature Campaign</b></span></h3>
<p>The launch was followed by a signature campaign where a huge banner supporting the campaign was signed by the dignitaries and other participants of the event. In addition to this, volunteers were committed to the task of carrying out a signature campaign on paper. Supporters of the campaign were invited to sign on the declaration and to put down their names to volunteer for the campaign or to help out the print impaired in a sustained fashion by specifying the manner in which they would like to contribute.</p>
<h3><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/R2R%20-5.jpg/image_preview" title="R2R - 5" height="265" width="400" alt="R2R - 5" class="image-inline" /></h3>
<h3><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0091.jpg/image_preview" alt="R2R-16" class="image-inline" title="R2R-16" /> <img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0100.jpg/image_preview" alt="R2R-17" class="image-inline" title="R2R-17" /></h3>
<h3></h3>
<p><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0101.jpg/image_preview" alt="R2R-18" class="image-inline" title="R2R-18" /></p>
<p> </p>
<p> </p>
<p><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0122.jpg/image_preview" alt="R2R-20" class="image-inline" title="R2R-20" /></p>
<p> </p>
<p> </p>
<h3>Rally</h3>
<p>The students had organized a rally supporting the need for amendment of the copyright law and to spread awareness about the campaign. 200 students walked around the 97 acre campus with 100 banners carrying slogans like- “Support the Right to Read”, “Change Copyright Law,- free a world of knowledge”, “One Alphabet- several words; one book- several formats “, “Different states, different languages, different cultures- why not different formats? And so on.</p>
<p align="center" style="text-align: center; "><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0107.jpg/image_preview" alt="R2R-19" class="image-inline" title="R2R-19" /></p>
<p align="center" style="text-align: center; "><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/R2R%20-6.jpg/image_preview" title="R2R - 6" height="265" width="400" alt="R2R - 6" class="image-inline" /></p>
<h3><b><span>Declaration forms</span></b></h3>
<p>Interested people signed the declaration forms to endorse the campaign by voluntarily engaging themselves in any of the activities like creating awareness among public, gathering public support for The Treaty for the Blind at WIPO, online petitions and promoting the campaign online. <br /><a href="http://editors.cis-india.org/accessibility/publications/Declaration%20-%20Right%20to%20Read.doc/at_download/file" class="internal-link" title="Declaration - Right to Read Campaign">Declaration</a></p>
<h3><b><span>Panel Discussion - ‘We the people’</span></b></h3>
<p style="text-align: justify; ">The panel discussion kicked off at 1130 hrs with the Master of the Ceremony introducing the panelists; Mr. Dipendra Manocha, President, The Daisy Forum of India (DFI); Prof. Sivaraman, Professor of English, Presidency College, Chennai and Mr. Vijaykumar, Advocate. Ms. Nirmita Narasimhan, Programme Manager, Centre for Internet and Society (CIS) and Mr. Rahul Cherian, Co-founder and Policy Head, Inclusive Planet, were the moderators of the discussion. A salient point to be noted here was that all the panelists present were totally/partially visually challenged.</p>
<p style="text-align: justify; ">The discussion started off with Prof. Sivaraman citing his experiences with access to literature other than printed format since 2004. He shared information on the technology that he had been using to ‘read’ books that were prescribed for the students. These were text books or reference material that had been used over a period of time. However, he also threw light on the shortcomings – that newly published text books or literature were not readily available in accessible formats. It usually takes him a considerable amount of time and effort to get materials in Braille or audio formats and hence it is impossible for him to keep abreast of contemporary literature.</p>
<p style="text-align: justify; ">An equally important concern that was raised was that only new books with clear print and paper could be accurately scanned electronically owing to quality of the printed characters as well as deterioration of paper quality over time. Any pictorial representation including figures, charts or graphs and even italicized words present problems during scanning. Thus,</p>
<p style="text-align: justify; ">What is most urgently required to solve this problem is a digital library as in the case of USA, where the publishers deposit the electronic files of the books. These can be picked up and converted into any accessible format required for a print impaired person without wasting much time, effort and resources. Taking it a step further, he also put forth his views on the unauthorized access and ill-use that electronic books or e-books are put to. Persons who are not visually challenged can also access such books that are present online without any restrictions. Websites that are designed to be used by the visually challenged specifically state in their <i>Terms of Use</i> that accessing/reading of downloading of e-books are strictly meant for persons with partial/total sight impairment, persons with other forms of disabilities that would prevent them from reading printed material or for persons/aides assisting the above mentioned and that any download made by people other than those mentioned would be treated as infringement of the law. But not many people take these terms seriously and still would download such books that are meant for the visually challenged. Right now, there are no technological/legal measures in place to check this infringement owing to the inability to track the perpetrators identity/location. Since it is almost impossible to restrict the access to e-books to only the visually impaired, this acts as a serious set-back in persuading the government to amend the Copyright Act.</p>
<p style="text-align: justify; ">Mr. Vijaykumar continued the discussion, citing <i>Article 14</i> of the Constitution of India which mandates E<i>quality before law</i> and equal protection for everybody, saying that the fundamental right of Indian citizens – the right to read for everybody has not been upheld in India owing to the restrictions imposed by the <i>Copyright Act of 1957</i> and that the Copyright Act, by not including any exceptions or provisions, has failed to protect the interests of persons with visual impairment.</p>
<p style="text-align: justify; ">Mr. Dipendra Manocha, President, Daisy Forum of India, gave the international and technological perspective to the panel discussion. He explained about the DAISY (Digital Accessible Information System format) format which acts as a standard format to make 1 source document. This can then be used to convert into other accessible formats. He enlightened the crowd about the three factors that would help in solving the problems currently faced by persons with print impairment in India: First, technology such as Laptops or DAISY players and other handheld devices/readers that would assist in translating/reading out aloud e-books. Secondly, creation of e-books in accessible formats, the current high cost-of-conversion of which can be brought down by volunteering and thirdly by bringing in a change in the government policy on Copyright law. Mr. Manocha also informed the audience of how the US Government had amended their copyright law to include provisions for the visually challenged. This has brought down the cost of conversion of printed material into accessible formats to Rs. 2,000 from a whooping Rs. 20,000. He also highlighted the fact that in a developing country like India, it is not feasible to spend Rs. 20,000 for conversion of just one copy.</p>
<p style="text-align: justify; ">Answering the question as to what steps the Daisy Forum of India is taking with respect to making accessible formats available to the print-impaired, Mr. Manocha responded by saying that the DFI has been negotiating a deal with Adobe Systems Inc. USA, provider of the .<i>pdf </i>format of e-books, to include an option to <i>Save As Daisy format. </i>Also, providing books in accessible formats at the same cost as that of its printed counterpart was one of the visions of DFI.<br />When asked by a member of audience if we can take the law in our hands and start uploading/using e-books from the internet, Mr. Manocha again pointed out that it is the duty and responsibility of the Indian govt. to provide equal opportunities to everybody. In case the government fails to do that, citizens can take measures that would help alleviate the pains caused. But such measures should be taken keeping in mind all the stakeholders involved. Large-scale usage of electronic forms of literature would affect the business of authors/publishers. Hurting publishers is never the intention of this campaign. Mr. Manocha, Mr. Vijaykumar and Prof. Sivaraman made it clear that a coordinated effort was required on the part of all the stake-holders viz. the government, the copyright owners (authors, publishers etc.), the persons with print impairment and the organizations representing them, as well as the general public. The amendments to the Copyright Act should take into consideration the interests of all stake holders.</p>
<p style="text-align: justify; ">When the floor was opened to questions, the participation from audience was overwhelming. Many of the questions were from print impaired persons in the audience who were students in colleges or represented a disability organization like the National Federation for the Blind (NFB) and so on. Due to paucity of time, the interactive question and answer session was restricted to half an hour post the panel discussion but the audience were invited to discuss further questions with the panelists after the session.</p>
<h1 align="center" style="text-align: center; "></h1>
<p><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/R2R%20-7.jpg/image_preview" title="R2R - 7" height="265" width="400" alt="R2R - 7" class="image-inline" /> <img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0166.jpg/image_preview" alt="R2R-24" class="image-inline" title="R2R-24" /></p>
<h3><span><b>Musical Extravaganza</b></span></h3>
<p><span>After some serious food-for-thought, the silence of the convention hall was broken by a musical performance rendered by a Music Band from NFB Chennai. The performance began by two singers rendering a song in praise of the Gods and then went on to lighter numbers like <i>Jai Ho</i>, from the movie <i>Slumdog Millionaire and songs from some Tamil movies, which left the audience speechless</i>. <br /></span></p>
<p><span><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0130.jpg/image_preview" alt="R2R-21" class="image-inline" title="R2R-21" /> <img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0132.jpg/image_preview" alt="R2R-22" class="image-inline" title="R2R-22" /></span></p>
<p><span><br /></span></p>
<p><span><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/DSC_0133.jpg/image_preview" alt="R2R-23" class="image-inline" title="R2R-23" /><br /></span></p>
<h3 style="text-align: justify; "><b><span>Vote of Thanks</span></b></h3>
<p style="text-align: justify; ">The volunteers from Loyola College presented the Vote of thanks to all the dignitaries and panelists on stage and also to the audience present in the function after which the National Anthem was played. Later, the guests and the audience proceeded for lunch.</p>
<h3><b>Acknowledgements</b></h3>
<p class="MsoNoSpacing">We would to like to take this opportunity to specially thank <br />Rev. Fr. K. Amal SJ (Rector, Loyola College); <br />Rev. Fr. Albert Muthumalai SJ (Principal, Loyola College); <br />Dr. S. Alphonse Raj (<i>Vice- Principal & Faculty of Sociology Department</i>, Loyola College);</p>
<p class="MsoNoSpacing">Prof S. Iyyappan (<i>Co-coordinator, Extension service Department (NSS)</i>, Loyola College)<br />Prof J. Jerald Inico, Faculty Incharge, Resource Center for Differently abled (RCDA);<i> </i></p>
<p>Prof. Robert Bellarmine (Head, Department of Sociology); <br />Department of Sociology; students from RCDA; NSS; Students Union; <br />the teaching and non-teaching staff of Loyola College, who helped in organizing the campaign and without whom the first road show of the nationwide campaign would not have been a grand success that it has been.<br />We look forward to their continued support in the campaign.</p>
<p>We would also like to thank all the students and guests who came from different parts of the city and participated in the campaign.</p>
<h3>Videos</h3>
<p>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"> </embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"></embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"></embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"></embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"></embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"></embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"></embed>
</object>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="250" width="250">
<param name="src" value="about:blank">
<param name="allowfullscreen" value="true"><embed height="250" width="250" allowfullscreen="true" src="about:blank" type="application/x-shockwave-flash"></embed>
</object>
</p>
<p> </p>
<p> </p>
<p style="text-align: justify; "><b>Annexure A</b></p>
<p><b>Media Coverage</b></p>
<p style="text-align: justify; ">Details of the articles on the campaign in various newspapers both before and after the campaign are given below:</p>
<ul type="disc">
<li style="text-align: justify; "><b>DNA – Bangalore, 24<sup>th</sup> September, 2009</b></li>
</ul>
<p>CIS campaign to alter copyright law to favour visually impaired - An article by N T Balanarayan, DNA Bangalore - 24th September, 2009 <br /><a href="http://www.dnaindia.com/bangalore/report_cis-campaign-to-alter-copyright-law-to-favour-visually-imapired_1292662"><span><span>http://www.dnaindia.com/bangalore/report_cis-campaign-to-alter-copyright-law-to-favour-visually-imapired_1292662</span></span></a><b><span> </span></b></p>
<p>As Indians we enjoy our right to education and to read, but should learning be restricted to books provided in school? What if, some wish to broaden their horizon and learn more, only to realize there are no books available? <br />That's the situation the visually impaired in India face now. But Bangalore-based Centre for Information and Society (CIS) is out to change it. They're starting a new campaign-- Right to Read--demanding changes in the copyright law so that books can be converted into a medium with which the visually impaired will feel more comfortable.<br />According to the group, only 0.5% of the books available in India can be accessed in Braille or audio format. Further, the World Blind Union estimates that only five per cent of the total books that get published in developed countries are converted into accessible formats.<br />According to Nirmita Narasimhan who works with CIS, it's not a question of just making the books available in particular formats. "If people can read books, it will help literacy, education, employment and promote independent living. A majority of the visually impaired population don't pursue courses because they don't have study materials in accessible formats. This is substantiated by looking at the statistics of Delhi University -- they have about 1,500 seats reserved for the handicapped. Despite that, in 2008, only 270 students applied and in 2009, only 350 came forward. This just goes to show that in addition to making reservations, it is also necessary to provide an enabling reading framework to persons with disabilities by providing materials in accessible formats and a good support system," she says.<br />"Further, it is not necessarily any particular format--with technologies and the prolific use of computers; accessible electronic formats (not being jpeg images which screen readers can't make sense of) are most appreciated. One will find that blind persons are always reaching out to each other for study materials in accessible formats--this varies from materials for board exams to text for competitive exams," she adds. <br />Through the campaign, a road show scheduled to start on September 26 at Loyola College, Chennai, the group wants changes to be made in the copyright law. The roadshow will be organized in three other metros as well.<br />The event will comprise presentations, debates and demonstrations along with book reading sessions and stalls where various accessibility tools will be demonstrated.</p>
<ul type="disc">
<li style="text-align: justify; "><b>Times of India, 26<sup>th</sup> September, 2009</b><b> </b></li>
</ul>
<p style="text-align: justify; ">Tara Textreader, a boon for the visually-challenged – by M Ramya</p>
<p class="MsoListParagraphCxSpLast" style="text-align: justify; "><a href="http://m.timesofindia.com/PDATOI/articleshow/5058157.cms"><span><span>http://m.timesofindia.com/PDATOI/articleshow/5058157.cms</span></span></a><br />CHENNAI: Mahendran loses track of time as he listens to portions from Romeo and Juliet through Tara. The final year B A (Tamil) student of Loyola College is pleased with the Rs 1.35-lakh Tara Textreader that allows him to access printed material without help and convey information without a scribe. "The Sangeetha software has an Indian accent. So I have no problem accessing material in English," says Mahendran, who has visual disabilities. <br />Earlier, students like him could not access printed material that hadn't been digitized. Their computer systems could not read material that wasn't pre-recorded. Professor Jerald Inico, a lecturer in the computer science department and faculty in charge of the college's Resource Centre for Differently Abled, says the Textreader need not even be connected to a computer. <br />He says: "We were trying to come up with a formula to evaluate students with visual disabilities because we felt that when scribes write down the answers for the students some of the content would be lost in translation. The equipment can scan the question paper and read it out and will also allow the student to answer verbally and store it as an audio clip. For students who become blind later in life and have not learnt Braille this is a big help." <br />Tara, purchased from funds provided by the ministry of social justice and empowerment, can only speak English; now through Sangeetha the college is trying to install a Tamil optical character recognition software. While the students use Tara to read books now the equipment will be tested for exam evaluation during the April 2010 semester exams. But Mahendran is a bit wary. "If we can use Tara and still get extra time for the exams it will prove beneficial, but if we are given the same time as the others because we are using the textreader it will take time to comprehend what is being read to us and give the appropriate answers." <br />The college is also supporting a nationwide Right to Read' campaign for persons with print impairments to be launched in Chennai on Saturday. Nirmita Narasimhan, programme manager at the Centre for Internet and Society (CIS) which is one of the organisers of the campaign, says: "Two years ago when we proposed a change in the Copyright Act a clause was incoporated that said that books can be reproduced in formats exclusively for the use of the blind. This limits the reproduction to one or two options and newer technologies cannot be used. It also leaves out people with other disabilities like the dyslexic who also have print impairments. Technology is enabling, but law is disabling. We want to create awareness of the issue through the campaign." <br />Registration for the campaign begins at 8 am at the college. The CIS, DAISY Forum of India and Bookbole will take the campaign to other cities in the country.</p>
<ul type="disc">
<li><span class="Heading1Char"><b>The Hindu – 29<sup>th</sup> September, 2009</b></span></li>
</ul>
<p><span>‘Right to read’ campaign launched <br /><span>http://www.hindu.com/2009/09/29/stories/2009092957440200.htm</span></span><br /><span>CHENNAI: About 100 National Service Scheme (NSS) volunteers from various colleges in the State kick-started a ‘right to read’ campaign at Loyola College recently. The aim of the campaign is to make books accessible to persons with disabilities. <br /></span>The speakers, who included the visually challenged, persons with low vision and dyslexia, said the Copyright Act did not allow persons with print impairments to convert reading matter using assistive technologies to accessible formats. Dipendra Manocha, executive committee member of World Blind Union, said: “We need organisations, individuals and volunteers to contribute and create accessible books.”<br />Nirmitha Narasimhan, programme manager of the Centre for Internet and Society felt access to information would ensure a better contribution by the visually challenged to society. “It is not that weare insensitive. The suggestion for amendments to the Copyright Act has not yet been incorporated,” she said. <br />Writer Sreekumar Varma, who inaugurated the campaign, recalled his experience as a scribe during his days as a lecturer. C.P. Chandrasekar, treasurer, National Association for the Blind, and Loyola College Principal Albert Muthumalai spoke.</p>
<ul type="disc">
<li><span class="Heading1Char"><b>Deccan Herald – 29<sup>th</sup> September, 2009</b></span></li>
</ul>
<p>‘Right to Read’ campaign launched - Fighting against copyright regulations – an article by L Subramani.<span class="Heading1Char"> </span></p>
<p class="MsoPlainText"><a href="http://www.deccanherald.com/content/27678/right-read-campaign-launched.html"><span><span>http://www.deccanherald.com/content/27678/right-read-campaign-launched.html</span></span></a></p>
<p>To highlight the issues faced by persons with print disability – those deprived of Indian books due to unfriendly copyright regulations – a group of organisations launched the Right To Read (R2R) campaign on September 26.<span class="Heading1Char"><br /></span>The campaign, jointly launched by the Bangalore-based Centre for Internet and Society (CIS), Daisy Forum of India (DFI), bookbole.com and Inclusive Planet, kickstarted at Loyola College in Chennai on Saturday.<br />“This campaign was part of the World Blind Union’s (WBU) global campaign,” said Nirmita Narasimhan, Programme Manager, CIS. “We are asking all the organisations to lend their support to our initiative.”<br />The campaign comes at a time when the Indian government is preparing to consider changes to the copyright law, which it failed to implement two years ago after disability rights campaigners objected to the proposal to make books and other print materials be made in an “exclusive” format.<br />Nirmita said that this would also be an occasion for activists to urge Government of India to throw its weight behind a WBU treaty tabled at the World Intellectual Property Organisation (WIPO) asking for a global copyright regulation that takes into account the needs of persons with print disabilities.<br />“The treaty is coming up for discussion at Geneva (WIPO's head quarters) in December,” Nirmita said and added: “Right now only three Latin American nations are supporting it. Since India has the largest number of persons with print disability, which includes the visually challenged, persons with autism and children with learning difficulties, our support would likely tilt the balance in favour of the treaty.” Now, the campaign will be gradually taken to other parts of the country, said Rahul Cherian from Inclusive Planet. A signature campaign and distribution of a declaration supporting accommodation of persons with print disability in copyright laws will also be held as part of the campaign.<br /><span class="Heading1Char"> </span></p>
<ul type="disc">
<li><span class="Heading1Char"><b>NDTV – Hindu</b></span></li>
</ul>
<p>The first event was covered by NDTV Hindu and an interview with Rahul Cherian and Nirmita Narasimhan was also telecast on 26<sup>th</sup> September. A brief excerpt from the interview can be viewed at:<br /><br />Part 1: <a href="http://www.youtube.com/user/ndtvhindu#play/uploads/16/o4sQ-ycaoBw"><span><span>http://www.youtube.com/user/ndtvhindu#play/uploads/16/o4sQ-ycaoBw</span></span></a></p>
<p class="MsoPlainText">Part 2: <a href="http://www.youtube.com/user/ndtvhindu#play/uploads/15/Q5HCm2evUYE"><span><span>http://www.youtube.com/user/ndtvhindu#play/uploads/15/Q5HCm2evUYE</span></span></a></p>
<ul>
<li> <span class="Heading1Char"><b>Deccan Chronicle – 27<sup>th</sup> September, 2009</b></span></li>
</ul>
<p><span class="Heading1Char">Nirmita Narasimhan, Programme Manager, CIS, speaks at the launch of ‘Right to Read’ campaign. Loyola College in the city on Saturday launched the campaignto amend the Indian Copyright Act, 1957, and give visually challenged and dyslexic people better access to printed books in the form of Braille copy and big prints. </span><span class="Heading1Char"><br /></span></p>
<p><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/R2RDC.jpg/image_preview" title="DC" height="400" width="398" alt="DC" class="image-inline" /></p>
<p><b> </b></p>
<p><b> </b></p>
<ul>
<li><b>Tamil Murasu</b><b> </b></li>
</ul>
<h2></h2>
<h2><img src="http://editors.cis-india.org/home-images/right-to-read-campaign-chennai/R2R%20-%20tamilmurasu.jpg/image_preview" alt="R2R - Tamil Murasu" class="image-inline" title="R2R - Tamil Murasu" /></h2>
<ul>
<li><a class="external-link" href="http://www.cbrforum.in/news_archive/2009/news_oct09.htm">Coverage in the October Issue of: CBR Forum - E- News Bulletin</a></li>
</ul>
<p><a href="http://editors.cis-india.org/accessibility/publications/uploads/R2R%20Chennai%20-%20Report.pdf/at_download/file" class="internal-link" title="R2R-Chennai (Report)">Report</a> Prepared by</p>
<p style="text-align: justify; "><b>Centre for Internet and Society</b></p>
<p style="text-align: justify; "><a href="http://editors.cis-india.org/"><span><span>www.cis-india.org</span></span></a></p>
<p style="text-align: justify; ">29<sup>th</sup> September, 2009</p>
<hr />
<p>Videos<br /><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGr9UoA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGr9UoA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGr9UoA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGr%2B34A.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGr+34A"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGr+34A" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGsmWAA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGsmWAA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGsmWAA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGsnSEA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGsnSEA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGsnSEA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGsvRcA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGsvRcA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGsvRcA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGs4E4A.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGs4E4A"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGs4E4A" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGs4HYA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGs4HYA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGs4HYA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGs4WkA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGs4WkA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGs4WkA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGt0kwA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGt0kwA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGt0kwA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGt02sA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGt02sA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGt02sA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGt9DMA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGt9DMA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGt9DMA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGt9WcA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGt9WcA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGt9WcA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGt90UA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGt90UA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGt90UA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGuwFYA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGuwFYA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGuwFYA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGuwW8A.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGuwW8A"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGuwW8A" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p><iframe frameborder="0" height="250" src="http://blip.tv/play/AYGuxTAA.html?p=1" width="250"></iframe>
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" height="100" width="100">
<param name="src" value="http://a.blip.tv/api.swf#AYGuxTAA"><embed height="100" width="100" src="http://a.blip.tv/api.swf#AYGuxTAA" type="application/x-shockwave-flash"></embed>
</object>
</p>
<hr />
<p>
For more details visit <a href='http://editors.cis-india.org/accessibility/blog/right-to-read-campaign-chennai'>http://editors.cis-india.org/accessibility/blog/right-to-read-campaign-chennai</a>
</p>
No publisherradhaFeaturedAccessibility2013-02-04T06:19:31ZBlog EntryResponses to the DIPP's Discussion Paper on SEPs and their Availability on FRAND Terms
http://editors.cis-india.org/a2k/blogs/responses-to-the-dipps-discussion-paper-on-seps-and-their-availability-on-frand-terms
<b>The Department of Industrial Policy and Promotion (DIPP), Government of India, requested comments through its "Discussion Paper on Standard Essential Patents and Their Availability on FRAND Terms" on March 1, 2016. This post is a compilation of various comments submitted in response to it.</b>
<p style="text-align: justify; ">The Centre for Internet & Society (CIS) commends the DIPP for its efforts at seeking inputs from various stakeholders on this important and timely issue. CIS is thankful for the opportunity to put forth its views. The submission is divided in 3 main parts. The first part, ‘Preliminary’, introduces the document; the second part, ‘About CIS’, is an overview of the organization; and, the third part, ‘Submissions on the Issues’, answers the questions raised in the discussion paper. A list of annexures and their URLs is included at the end of the document. The submission to the DIPP was prepared by Anubha Sinha, Nehaa Chaudhari and Rohini Lakshané.</p>
<hr style="text-align: justify; " />
<div style="text-align: justify; "><b><a href="http://editors.cis-india.org/a2k/blogs/dipp-comments.pdf" class="internal-link"> </a></b></div>
<h3 style="text-align: justify; ">Download</h3>
<table class="plain" style="text-align: justify; ">
<tbody>
<tr>
<th>
<ul>
<li><a href="http://editors.cis-india.org/a2k/blogs/discussion-paper-on-standard-essential-patents-and-their-availability-on-frand-terms" class="internal-link"><span style="text-decoration: underline;">Discussion Paper on Standard Essential Patents and their Availability on Frand Terms</span></a> (Government of India, Department of Industrial Policy and Promotion, Ministry of Commerce and Industry, March 1, 2016)</li>
<li><a href="http://editors.cis-india.org/a2k/blogs/dipp-comments.pdf" class="internal-link">Centre for Internet and Society</a></li>
<li><a class="external-link" href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2769239">Centre for Internet and Society (hosted on Social Science Research Network)</a></li>
<li><a class="external-link" href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2768496">Prof. Jorge L. Contreras</a></li>
<li><a href="http://editors.cis-india.org/a2k/blogs/aba-comments.pdf" class="internal-link">Joint Comments of the American Bar Association (ABA) Sections of Anti-Trust Law, Intellectual Property Law, International Law, and Science & Technology Law</a></li>
<li><a href="http://editors.cis-india.org/a2k/blogs/g-mason-dipp-response" class="internal-link">Global Antitrust Institute, George Mason University School of Law</a></li>
<li><a href="http://editors.cis-india.org/a2k/blogs/cmai-tema" class="internal-link">CMAI-TEMA (Communication Multimedia and Infrastructure Association of India - Telecom Equipment Manufacturers Association of India)</a></li>
<li><a class="external-link" href="http://sflc.in/comments-on-dipp-discussion-paper-on-standard-essential-patents-and-their-availability-on-frand-terms/">Software Freedom Law Centre (SFLC)</a></li>
<li><a class="external-link" href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2779696">Yogesh Pai</a></li>
</ul>
</th>
</tr>
</tbody>
</table>
<p>
For more details visit <a href='http://editors.cis-india.org/a2k/blogs/responses-to-the-dipps-discussion-paper-on-seps-and-their-availability-on-frand-terms'>http://editors.cis-india.org/a2k/blogs/responses-to-the-dipps-discussion-paper-on-seps-and-their-availability-on-frand-terms</a>
</p>
No publisherAnubha Sinha, Nehaa Chaudhari, and Rohini LakshanéDIPPFeaturedAccess to Knowledge2016-07-07T16:24:01ZBlog EntryResponse to TRAI Consultation Paper on Regulatory Framework for Over-the-Top (OTT) Services
http://editors.cis-india.org/telecom/blog/joint-response-to-trai-consultation-paper-on-regulatory-framework-for-over-the-top-services
<b>The Centre for Internet and Society (CIS) sent a joint response to the TRAI Consultation Paper on Regulatory Framework for Over-the-top (OTT) Services with scholars from Indian Institute of Management, Ahmedabad. The response was sent on March 27, 2015.</b>
<h3 style="text-align: justify; ">Executive Summary</h3>
<p style="text-align: justify; ">The principle objective of net neutrality is that “all the Internet traffic has to be treated equally without any discrimination”; but this has had different interpretations over varied contexts. While the discourse in India has often treated net neutrality as a singular policy construct, we break down net neutrality to its various components. We then individually contextualise each component to the unique characteristics of the Indian telecommunications industry such as dependence on wireless internet access, the fragmented and non-contiguous distribution of spectrum, high competition between TEL-SPs and low digital literacy. The evolving nature of markets and networks are also considered while taking into account various public policy perspectives.</p>
<p style="text-align: justify; ">In this submission, we also argue for the need to introduce reasonable regulatory parity between functionally equivalent communications services provided by OTT-SPs and TEL-SPs. We compare the regulations for OTT-SPs under the Information Technology Act 2000 (as amended) with the regulations for TEL-SPs under the Telegraph Act 1885 (as amended), the license agreements (UL, UASL, ISP-L) and TRAI Regulations. Based on an analysis of the current laws and regulations, we suggest how TRAI needs to intervene to create this regulatory parity (for example in areas such as privacy, spam/UCC, interception etc.).</p>
<p style="text-align: justify; ">Through the above analysis, we recommend an overall regulatory framework that should be adopted by the Government. The framework takes a nuanced approach to various components of net neutrality, contextualised to India, and also attempts to bring reasonable regulatory parity. Instead of compartmentalising TEL-SPs and OTT-SPs as two distinct actors, the recommended framework considers a two-layered approach which recognises that there is an overlap between TEL-SPs and OTT-SPs. The first layer comprises of network and infrastructure (collectively called the network layer) and the second layer comprises of services and applications (collectively called the service layer).</p>
<p style="text-align: justify; ">The framework further divides the service layer into “Non-IP Services”, “Specialised Services” and “Internet Based Services”. The concept of “Specialised Services”, which is borrowed from the European Union, refers to traditional services that have migrated to an IP architecture such as facilities-based VoIP calls to PSTN and IPTV, and are either logically distinct from the Internet or have special needs which the “best efforts” delivery of the general Internet cannot satisfy. This concept helps in applying different evaluation criteria to functionally equivalent “Non-IP Services”, “Specialised Services” and “Internet Based Services”. In the framework, “Specialised Services” are also recognised as an exception to net neutrality. The concept of “Specialised Services” also helps to create an incentive for continued investment in underlying infrastructure by TEL-SPs.</p>
<p style="text-align: justify; ">This framework has helped us to bring a more balanced approach from the perspective of both TEL-SPs and OTT-SPs, while also taking into account technological convergence. It has also helped us to bring a more nuanced approach to various issues comprising net neutrality such as zero rating, paid prioritisation etc. We have considered best practices from different international regimes and the pros and cons during implementation in order to determine the exceptions and boundaries of net neutrality that should be adopted in India.</p>
<p style="text-align: justify; "><a href="http://editors.cis-india.org/telecom/blog/trai-response-paper.pdf" class="internal-link">Download the full text of the Response</a></p>
<p>
For more details visit <a href='http://editors.cis-india.org/telecom/blog/joint-response-to-trai-consultation-paper-on-regulatory-framework-for-over-the-top-services'>http://editors.cis-india.org/telecom/blog/joint-response-to-trai-consultation-paper-on-regulatory-framework-for-over-the-top-services</a>
</p>
No publisherpraneshTelecomFeatured2015-05-09T11:27:15ZBlog EntryReport of the Group of Experts on Privacy vs. The Leaked 2014 Privacy Bill
http://editors.cis-india.org/internet-governance/blog/report-of-group-of-experts-on-privacy-vs-leaked-2014-privacy-bill
<b>Following our previous post comparing the leaked 2014 Privacy Bill with the leaked 2011 Privacy Bill, this post will compare the recommendations provided in the Report of the Group of Experts on Privacy by the Justice AP Shah Committee to the text of the leaked 2014 Privacy Bill. Below is an analysis of recommendations from the Report that are incorporated in the text of the Bill, and recommendations in the Report that are not incorporated in the text of the Bill. </b>
<h2>Recommendations in the Report of the Group of Experts on Privacy that are Incorporated in the 2014 Privacy Bill</h2>
<h3>Constitutional Right to Privacy</h3>
<p style="text-align: justify; ">The Report of the Group of Experts on Privacy recommends that any privacy legislation for India specify the constitutional basis of a right to privacy. The 2014 Privacy Bill has done this, locating the Right to Privacy in Article 21 of the Constitution of India.</p>
<h3 style="text-align: justify; ">Nine National Privacy Principles</h3>
<p style="text-align: justify; ">The Report of the Group of Experts on Privacy recommends that nine National Privacy Principles be adopted and applied to harmonize existing legislation and practices. The 2014 Privacy Bill also adopts nine National Privacy Principles. Though these principles differ slightly from the National Privacy Principles recommended in the Report, they are broadly the same, and importantly will apply to all existing and evolving practices, regulations and legislations of the Government that have or will have an impact on the privacy of any individual. Presently, the 2014 Privacy Bill locates the nine National Privacy Principles in an Annex to the Bill, but also incorporates the principles in more detail in sections relating to personal data. An analysis of the principles as compared in the Report and the Bill is below:</p>
<ul>
<li style="text-align: justify; "><b>Notice</b>: The principle of notice as recommended by the Report of the Group of Experts on Privacy<b> </b>differs from the principle of notice in the 2014 Privacy Bill. According to the notice principle in the Report, a data controller shall give sample to understand notice of its information practices to all individuals, in clear and concise language, before any personal information is collected from them. Such notices should include: (during collection) What personal information is being collected; Purposes for which personal information is being collected; Uses of collected personal information; Whether or not personal information may be disclosed to third persons; Security safeguards established by the data controller in relation to the personal information; Processes available to data subjects to access and correct their own personal information; Contact details of the privacy officers and SRO ombudsmen for filing complaints. (Other Notices) Data breaches must be notified to affected individuals and the commissioner when applicable. Individuals must be notified of any legal access to their personal information after the purposes of the access have been met. Individuals must be notified of changes in the data controller’s privacy policy. Any other information deemed necessary by the appropriate authority in the interest of the privacy of data subjects. <br /><br />In contrast, the 2014 Privacy Bill requires that all the data controllers provide adequate and appropriate notice of their information practices in a form that is easily understood by all intended recipients. In addition to this principle as listed in an annex, the Bill requires that on initial collection data controllers provide notice of what personal data is being collected and the legitimate purpose for which the personal data is being collected. If the purpose for which the personal data changes, data controllers must provide data subjects with a further notice that would include the use to which the personal data shall be put, whether or not the personal data will be disclosed to at third person and, if so, the identity of such person if the personal data being collected is intended to be transferred outside India and the reasons for doing so; how such transfer helps in achieving the legitimate purpose; and whether the country to which such data is transferred has suitable legislation to provide for adequate protection and privacy of the data; the security and safeguards established by the data controller in relation to the personal data; the processes available to a data subject to access and correct his personal data; the recourse open to a data subject, if he has any complaints in respect of collection or processing of the personal data and the procedure relating thereto; the name, address and contact particulars of the data controller and all persons who will be processing the personal data on behalf of the data controller. Additionally, if a breach of data takes place data controllers must inform the affected data subject that lost or stolen; accessed or acquired by any person not authorized to do so; damaged, deleted or destroyed; processed, re-identified or disclosed in an unauthorized manner.<br /><br />Though the 2014 Privacy Bill requires a more comprehensive notice to be issued if the purpose for the use of personal data changes, it does not specify (as recommended by the Group of Experts on Privacy) that notice of changes to a data controller’s privacy policy be issued.</li>
</ul>
<ul>
<li style="text-align: justify; "><b>Choice and Consent</b>: The principle of choice and consent in the 2014 Privacy Bill is similar to the principle in the Report of the Group of Experts on privacy in that it requires that all data subjects be provided with a choice to provide or not to provide personal data and that data subject will have the option of withdrawing consent at any time. Though not a part of the specific principle on ‘choice and consent’ listed in the annex the 2014 Privacy Bill also contains provisions that address mandatory collection of information which require, as recommended by the Report of the Group of Experts, that the information is anonymoized. Furthermore, the 2014 Privacy Bill provides individuals an opt-in or opt-out choice with respect to the provision of personal data. <br /><br />Different from as recommended in the principle in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill does not specify that in exception cases when it is not possible to provide a service with choice and consent, then choice and consent will not be required.</li>
</ul>
<ul>
<li style="text-align: justify; "><b>Collection Limitation:</b> The principle of collection limitation as recommended in the Report of the Group of Experts on Privacy and the principle of collection limitation in the Annex of the 2014 Privacy Bill are similar in that both require that only data that is necessary to achieve an identified purpose be collected. As recommended in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill also requires that notice be provided prior to collection and content taken. </li>
</ul>
<ul>
<li style="text-align: justify; "><b>Purpose Limitation</b>: Though the principle of Purpose Limitation are similar in the Report of the Group of Experts on Privacy and the 2014 Privacy Bill as they both require personal data to be used only for the purposes for which it was collected and that the data must be destroyed after the purposes have been served, the 2014 Privacy Bill does not specify that information collected by a data controller must be adequate and relevant for the purposes for which they are processed. The 2014 Privacy Bill also incorporates elements from the principle of Purpose Limitation as defined by the Report of the Group of Experts in other parts of the Bill. For example, the 2014 Bill requires that notice be provided to the individual if there is a change in purpose for the use of the personal information, and designates a section on retention of personal data. </li>
</ul>
<ul>
<li><b>Access and Correction</b>: The principle of Access and Correction in the 2014 Privacy Bill reflects the principle of Access and Correction in the Report of the Group of Experts (though not verbatim). Importantly, the 2014 Privacy Bill incorporates the recommendation from the Report of the Group of Experts on Privacy that prohibits access to personal data if it will affect the privacy rights of another individual. </li>
</ul>
<ul>
<li style="text-align: justify; "><b>Disclosure of Information: </b>The principle of ‘Disclosure of Information’ in the Privacy Bill 2014 is similar to the principle of ‘Disclosure of Information’ as recommended in the Report of the Group of Experts on Privacy (though not verbatim). As recommended this principle requires that personal data be disclosed to third parties only if informed consent has been taken from the individual and the third party is bound the adhere to all relevant and applicable privacy principles.</li>
</ul>
<ul>
<li style="text-align: justify; "><b>Security:</b> The principle of security in the 2014 Privacy Bill reflects the principle of Security recommended in the Report of the Group of Experts on Privacy and requires that personal data be secured through reasonable security safeguards against unauthorized access, destruction, use, modification, de-anonymization or unauthorized disclosure.</li>
</ul>
<ul>
<li style="text-align: justify; "><b>Openness:</b> The principle of Openness in the 2014 Privacy Protection Bill is similar to the principle of Openness recommended in the Report of the Group of Experts on Privacy in that it requires data controllers to make available to all individuals in an intelligible form, using clear and plain language, the practices, procedures, and policies, and systems that are in place to ensure compliance with the privacy principles. The principle in the 2014 Privacy Bill differs from the recommendation in the Report of the Group of Experts on Privacy in that it does not require data controllers to take necessary steps to implement practices, policies, and procedures in a manner proportional to the scale, scope, and sensitivity to the data they collect. </li>
</ul>
<ul>
<li style="text-align: justify; "><b>Accountability:</b> The principle of Accountability in the 2014 Privacy Bill is similar to the principle of Accountability as recommended in the Report of the Group of Experts as both require that the data controller is accountable for compliance with the national Privacy Principles. </li>
</ul>
<p style="text-align: justify; "><b>Application to interception and access, video and audio recording, personal identifiers, bodily and genetic material</b>: The Privacy Bill 2014 incorporates the recommendations from the Report of the Group of Experts on Privacy and specifies the way in which the National Privacy Principles will apply to the interception and access of communications, video and audio recording, and personal identifiers. But the 2014 Privacy Bill does not specify the application of the National Privacy Principles to bodily and genetic material (though this information is included in the definition of sensitive personal information).</p>
<p style="text-align: justify; ">With respect to the installation and operation of video recording equipment in a public space, the 2014 Privacy Bill requires that video recording equipment may only be used in accordance with a prescribed procedure and for a legitimate purpose that is proportionate to the objective for which it was installed. Furthermore, individuals cannot use video recording equipment for the purpose of identifying an individual, monitoring his personal particulars, or revealing in public his personal information. The provisions in the Bill that speak to storage, processing, retention, security, and disclosure of personal data apply to the installation and use of video recording equipment. As a note the 2014 Privacy Bill carves out an exception for law enforcement and government intelligence agencies in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India. <br /><br />With respect to the application of the National Privacy Principles to the interception of communications, the 2014 Privacy Bill lays down a regime for the interception of communications and specifies that the principles of notice, choice, consent, access and correction, and openness will apply to the interception of communications when authorised. <br /><br />With respect to Personal Identifiers, the 2014 Privacy Bill notes that the principles of notice, choice, and consent will not apply to the collection of personal identifiers by the government. Additionally, the government will not be obliged to use any personal identifier only for the limited purpose for which the personal identifier was collected, provided that the use is in conformance with the other National Privacy Principles.</p>
<h3 style="text-align: justify; ">Additional Protection for Sensitive Personal Data</h3>
<p style="text-align: justify; ">The <b>Report of the Group of Experts on Privacy</b> broadly recommends that sensitive personal data be afforded additional protection and existing definitions of sensitive personal data should be harmonised. The <b>2014 Privacy Bill</b> incorporates these recommendations by defining sensitive personal data as data relating to physical and mental health including medical history, biometric, bodily or genetic information; criminal convictions; password, banking credit and financial data; narco analysis or polygraph test data, sexual orientation. The 2014 Privacy Bill also requires authorization from the Data Protection Authority for the collection and processing of sensitive personal data and defines circumstances of when this authorization would not be required including: collection or processing of such data is authorized by any other law for the time being in force; such data has already been made public as a result of steps taken by the data subject; collection and processing of such data is made in connection with any legal proceedings by an order of the competent court; such data relating to physical or mental health or medical history of an individual is collected and processed by a medical professional, if such collection and processing is necessary for medical care and health of that individual; such data relating to biometrics, bodily or genetic material, physical or mental health, prior criminal convictions or financial credit history is processed by the employer of an individual for the purpose of and in connection with the employment of that individual; such data relating to physical or mental health or medical history is collected an processed by an insurance company, if such processing is necessary for the purpose of and in connection with the insurance policy of that individual; such data relating to criminal conviction, biometrics and genetic is processed and collected by law enforcement agencies; such data regarding credit, banking and financial details of an individual is processed by a specific user under the Credit Information Companies (Regulation) Act, 2005; such data is processed by schools or other education institutions in connection with imparting of education to an individual; such data is collected or processed by the government Intelligence agencies in the interest of the sovereignty, integrity, security or the strategic, scientific or economic interest of India, the authority has, by a general or specified order permitted the processing of such data for specific purpose and is limited to the extent of such permission. The 2014 Privacy Bill also prohibits additional transactions from being performed using sensitive personal information unless free consent was obtained for such transaction.</p>
<h3 style="text-align: justify; ">Privacy Officers</h3>
<p style="text-align: justify; ">The Report of the Group of Experts on Privacy recommends that Privacy Officers be established at the organizational level for overseeing the processing of personal data and compliance with the Act. This recommendation has been incorporated in the 2014 Privacy Bill, which establishes Privacy Officers at the organizational level.</p>
<h3 style="text-align: justify; ">Co-regulatory Framework</h3>
<p style="text-align: justify; ">The Report of the Group of Experts on Privacy recommends that a system of co-regulation be established, where industry levels self regulatory organizations develop privacy norms, which are in turn approved and enforced by the Privacy Commissioner. The 2014 Privacy Bill puts in place a similar co-regulatory framework where industry level self regulatory organizations can develop norms which will be turned into regulations and enforced by the Data Protection Authority. If a sector does not develop norms, the Data Protection Authority can develop norms for the specific sector.</p>
<h2 style="text-align: justify; ">Recommendations in the Report that are not in the Bill</h2>
<h3>Scope</h3>
<p style="text-align: justify; ">The Report of the Group of Experts on Privacy recommends that the scope of any privacy framework extends to all individuals, all data processed in India, and all data originating from India. The 2014 Privacy Bill differs from these recommendations by extending the right to privacy to all residents of India, while remaining silent on whether or not the scope of the legislation extends to all data processed in India and all data originating in India. Despite this, the 2014 Bill does specify that any organization that processes or deals with data of an Indian resident, but does not have a place of business within India, must establish a ‘representative resident’ in India who will be responsible for compliance with the Act.</p>
<h3 style="text-align: justify; ">Exceptions</h3>
<p>The Report of the Group of Experts recommends the following as exceptions to the right to privacy:</p>
<ol>
<li>National security</li>
<li>Public order</li>
<li>Disclosure in the public interest </li>
<li>Prevention, detection, investigation, and prosecution of criminal offenses </li>
<li>Protection of the individual and rights and freedoms of others </li>
</ol>
<p>The Report further clarifies that any exception must be qualified and measured against the principles of proportionality, legality, and necessary in a democratic state.</p>
<p style="text-align: justify; ">The Privacy Bill 2014 reflects only the exception of “protection of the individual rights and freedoms of others”. The exceptions as defined in the 2014 Bill are:</p>
<ol>
<li>Sovereignty, integrity or security of India or</li>
<li>Strategic, scientific or economic interest of India; or</li>
<li>Preventing incitement to the commission of any offence; or</li>
<li>Prevention of public disorder; or</li>
<li>The investigation of any crime; or</li>
<li>Protection of rights and freedoms others; or</li>
<li>Friendly relations with foreign states; or</li>
<li>Any other legitimate purpose mentioned in this Act.</li>
</ol>
<p style="text-align: justify; ">Instead of qualifying these exceptions with the principles of proportionality, legality, and necessary in a democratic state – as recommended in the Report of Group of Experts on Privacy, the 2014 Privacy Bill qualifies that any restriction must be adequate and not excessive to the objectives it aims to achieve.</p>
<h3 style="text-align: justify; ">Constitution of Infringement of Privacy</h3>
<p style="text-align: justify; ">The Report of the Group of Experts on Privacy specifies that the publication of personal data for artistic and journalistic purposes in the public interest, disclosure under the Right to Information Act, 2005, and the use of personal data for household purposes should not constitute an infringement of privacy. In contrast the 2014 Privacy Bill specifies that the processing of personal data by an individual purely for his personal or household use, the disclosure of information under the provisions of the Right to information Act, 2005, and any other action specifically exempted under the Act will not constitute an infringement of privacy.</p>
<h3 style="text-align: justify; ">The Data Protection Authority</h3>
<p style="text-align: justify; ">The Report of the Group of Experts on Privacy recommends the establishment of Privacy Commissioners (and places emphasis on Privacy Commissioner rather than Data Protection Authority) at the Central and Regional level. The Privacy Commissioner should be of a rank no lower than a retired Supreme Court Judge at the Central level and a retired High Court Judge at the regional level. The privacy commissioner should have the power to receive and investigate class action complaints and investigative powers of the commissioner should include the power to examine and call for documents, examine witnesses, and take a case to court if necessary. The Commissioner should be able to investigate data controllers on receiving complaints or suo moto, and can order privacy impact assessments. Organizations should not be able to appeal fines levied by the Privacy Commissioner, but individuals can appeal a decision of the Privacy Commissioner to the court. The Commissioner should also have broad oversight with respect to interception/access, audio & video recordings, use of personal identifiers, and the use of bodily or genetic material. The Privacy Commissioner will also have the responsibility of approving codes of conduct developed by the industry level SRO’s.</p>
<p style="text-align: justify; ">Differing from the recommendations in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill establishes a Data Protection Authority (as opposed to a Privacy Commissioner) at the Central level. Instead of creating regional Data Protection Authorities, the 2014 Privacy Bill allows for the Central Government to decide where other offices of the Data Protection Authority will be located. Furthermore, the 2014 Privacy Bill does not specify a qualification for the Data Protection Authority and instead establishes a selection committee to choose and appoint a Data Protection Authority. This committee is comprised of a Cabinet Secretary, Secretary to the Department of Personnel and Training, Secretary to the Department of Electronics and Information Technology, and two experts of eminence from relevant fields that will be nominated by the Central Government.</p>
<p style="text-align: justify; ">The 2014 Privacy Bill does not specify that fines ordered by the Data Protection Authority will be binding for organizations, but does allow individuals to appeal decisions of the Data Protection Authority to the Appellate Tribunal. Differing from the recommendations in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill gives the Data Protection Authority the power to call upon any data controller at any time to furnish in writing information or explanation relating to its affairs, and receive and investigate complaints about alleged violations of privacy of individuals in respect of matters covered under this Act, conduct investigations and issue appropriate orders or directions to the parties concerned. Furthermore, the 2014 Privacy Bill does not specify that the Data Protection Authority will carry out privacy impact assessments, but the Authority can conduct audits of any or all personal data controlled by a data controller, can investigate data breaches, investigate in complaint received, and adjudicate on a dispute arising between data controllers or data subjects and data controllers. Unlike the recommendations in the Report of the Group of Experts on Privacy, it does not seem that the Data Protection Authority will play an overseeing role with respect to interception, the use of video recording equipment, personal identifiers, and the use of bodily and genetic material.</p>
<h3 style="text-align: justify; ">Tribunal and System of Complaints</h3>
<p style="text-align: justify; ">Differing from the recommendation in the Report of the Group of Experts on Privacy, which specified that a Tribunal should not be established as under the Information Technology Act as there is the risk that the institutions will not have the capacity to rule on a broad right to privacy, the 2014 Privacy Bill does establish a Tribunal under the Information Technology Act. The Report of the Group of Experts on Privacy also recommended that complaints be taken to the district level, high level, and Supreme Court – whereas the 2014 Privacy Bill allows individuals to appeal decisions from the Tribunal only to a High Court. Similar to the recommendations of the Report of the Group of Experts, the 2014 Privacy Bill has in place Alternative Dispute Resolution mechanisms at the level of the industry self regulatory organization. The 2014 Privacy Bill also specifies that individuals can seek civil remedies and leaves the issuance of compensation for privacy harm to be from a Court. Unlike the recommendations in the Report of the Group of Experts on Privacy, the 2014 Privacy Bill does not specify that the Data Protection Authority will be able to take a case to the court.</p>
<h3 style="text-align: justify; ">Penalties and Offenses</h3>
<p style="text-align: justify; ">The Report of the Group of Experts on Privacy did not provide specific recommendations for types of offences and penalties, but did suggest that offenses similar to those spelled out in the UK Data Protection Act and Australian Privacy Act be adopted – namely non-compliance with the privacy principles, unlawful collection, processing, sharing/disclosure, access, and use of personal data, and obstruction of the privacy commissioner. The 2014 Privacy Bill does create offenses for the unlawful collection, processing, sharing/disclosure, access, and use of personal data, but does not create offenses for obstruction of the privacy commissioner or broad non-compliance with the privacy principles.</p>
<h3 style="text-align: justify; ">Conclusion</h3>
<p style="text-align: justify; ">The Centre for Internet and Society welcomes the similarities between the recommendations in the Report of the Group of Experts on Privacy and the leaked 2014 Privacy Bill, but would recommend that on areas where there are differences, particularly in the scope of the Privacy Bill and the powers and functions of the Data Protection Authority, the 2014 Bill be brought in line with the recommendations from the Report of the Group of Experts on Privacy.</p>
<p style="text-align: justify; ">In the upcoming post, we will be comparing the text of the leaked 2014 Privacy Bill to international best practices and standards.</p>
<ul>
</ul>
<hr />
<p><b>References</b></p>
<ol>
<li><a href="http://editors.cis-india.org/internet-governance/blog/leaked-privacy-bill-2014-v-2011/" class="external-link">Leaked Privacy Bill: 2014 vs. 2011 </a></li>
<li><a class="external-link" href="http://planningcommission.nic.in/reports/genrep/rep_privacy.pdf">Report of the Group of Experts on Privacy</a></li>
</ol>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/report-of-group-of-experts-on-privacy-vs-leaked-2014-privacy-bill'>http://editors.cis-india.org/internet-governance/blog/report-of-group-of-experts-on-privacy-vs-leaked-2014-privacy-bill</a>
</p>
No publisherelonnaiFeaturedInternet GovernancePrivacy2014-04-14T06:10:20ZBlog EntryRejuvenating India’s Rivers the Wiki Way
http://editors.cis-india.org/a2k/blogs/subodh-kulkarni-rejuvenating-indias-rivers-the-wiki-way
<b>Tarun Bharat Sangh (TBS), an organisation working on rejuvenation of rivers in India, has began documentation of rivers on Wiki, especially to draw attention to and mitigate the crisis of toxic deposits facing more than 40 rivers in India. The work was started by Jal Biradari, TBS’s Maharashtra based group, in Sangli district with the help of the Access to Knowledge (CIS-A2K) team of CIS. Here is the report from the first pilot workshop conducted by CIS-A2K during 22-25 December 2018 at Tarun Bharat Sangh Ashram, in Alwar, Rajasthan.</b>
<p> </p>
<h4>Events details on Wikimedia <a href="https://meta.wikimedia.org/wiki/CIS-A2K/Events/Workshop_of_river_activists_at_Tarun_Bharat_Sangh,_Bhikampura,_Rajasthan">meta page</a></h4>
<hr />
<h2>The Workshop</h2>
<p>As per a <a href="http://www.indiaenvironmentportal.org.in/files/file/status_trace_toxic_materials_indian_rivers.pdf">Government of India report</a> 42 rivers in India are polluted with toxic heavy metal deposits in them. To mitigate this crisis Tarun Bharat Sangh (TBS), an organization working on rejuvenation of rivers in India began documentation of rivers on Wiki. The work was started by TBS’s Maharashtra based group Jal Biradari in Sangli district with the help of the Access to Knowledge team of CIS (CIS-A2K).</p>
<p>Realizing the potential of the project TBS decided to integrate this as training module in their capacity building workshops conducted at Bhikampura in Rajasthan. The first pilot workshop was conducted by CIS-A2K during 22-25 December 2018 at Tarun Bharat Sangh Ashram, Bhikampura, Alwar in Rajasthan for 34 participants from eight states of India. Dr. Rajendra Singh, Maulik Sisodiya and Subodh Kulkarni, CIS-A2K were the facilitators. The objectives behind organizing the workshop was to build an open knowledge resource on water related issues in all Indian languages, document the river basins of India, train volunteers working in the sector to work in Wikimedia projects, open street mapping exercises and photo walks along the river and post free content on Commons and Wikisource projects.</p>
<p>The documentation structure for river basin was decided through participatory process. The participants were divided into 6 groups for working on 6 river basins of Arvari district. The resource material available with TBS in the form of maps, reports, training booklets was used to prepare the schematic maps of each river basin. The water bodies such as ponds, manmade structures like dams were also listed.</p>
<table class="invisible">
<tbody>
<tr>
<th><img src="http://editors.cis-india.org/home-images/WorkshopofRiverActivities.jpg/@@images/e336ea4b-9b8b-4b22-a647-79950225f98e.jpeg" alt="null" class="image-inline" title="Workshop on River Activities" /></th>
<th><img src="http://editors.cis-india.org/home-images/WorkshopofWaterActivities.jpg/@@images/d96a9ca9-4520-4d09-9eb4-f215492c8839.jpeg" alt="null" class="image-inline" title="Workshop on Water Activities" /></th>
</tr>
<tr>
<td style="text-align: center;" colspan="2"><em>Activists during the workshop conducted by TBS in Alwar, Rajasthan in December 2018</em><br /><br /></td>
</tr>
</tbody>
</table>
<p>After this pre-work, the training on Wikipedia editing started. The participants worked in sandboxes first on their articles. The manual of style, giving offline and online references and categorisation were discussed and practiced on sandboxes. The Commons session started with elaborate discussion on copyrights, licenses and encyclopedic content. The images were uploaded on Commons and used in the articles. The articles in the sandboxes were presented by each working group. Taking into consideration various suggestions, appropriate modifications were done. The finished new articles and the additional content into existing articles were then moved in the main namespace of respective language Wikipedia. TBS has decided to re-license 30 books and training material on river in CC-BY-SA. Participants who attended the workshop have started contributing in various languages.<br /><br /></p>
<h2>Participants' Feedback</h2>
<blockquote style="text-align: justify;" class="quoted">“Rivers are essential for existence of life in land. Keeping its sanctity and health is very important. The Wikimedia workshop gave an insight on river pollution issues and the importance of reviving them. As Wikipedia is an open platform it can create a larger impact by reaching out to the society.” - <a title="en:Username:Mrityunjay1010" href="https://en.wikipedia.org/wiki/Username:Mrityunjay1010">Mrityunjay1010</a></blockquote>
<blockquote style="text-align: justify;" class="quoted">“The wiki-workshop on "Rivers on Wiki" has been my maiden experience in the context of generalizing the knowledge for common good. The workshop gave me a lens to see the usage of Wikipedia in regional languages as a medium for environmental consciousness building as well as conservation. Wikipedia as a means for social audit was also another enriching experience in that workshop.” - <a title="en:Username:Simantabharati" href="https://en.wikipedia.org/wiki/Username:Simantabharati">Simantabharati</a></blockquote>
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/a2k/blogs/subodh-kulkarni-rejuvenating-indias-rivers-the-wiki-way'>http://editors.cis-india.org/a2k/blogs/subodh-kulkarni-rejuvenating-indias-rivers-the-wiki-way</a>
</p>
No publishersubodhCIS-A2KAccess to KnowledgeWikimediaWikipediaFeaturedHomepage2019-04-01T13:18:33ZBlog EntryReclaiming AI Futures: Call for Contributions and Provocations
http://editors.cis-india.org/internet-governance/blog/reclaiming-ai-futures-call-for-contributions-and-provocations
<b>CIS is pleased to share this call for contributions by Mozilla Fellow Divij Joshi. CIS will be working with Divij to edit, collate, and finalise this publication. This publication will add to Divij’s work as part of the AI observatory. The work is entirely funded by Divij Joshi.</b>
<div> </div>
<div> </div>
<p id="docs-internal-guid-3165c9a9-7fff-9881-71cc-4b816e9c6877" dir="ltr"> </p>
<p> </p>
<p dir="ltr">Please visit this <a class="external-link" href="https://medium.com/@divij.joshi/reclaiming-ai-futures-call-for-contributions-and-provocations-ef6d75ce2a31">link</a> for the full call, and details on how to apply.</p>
<p> </p>
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/reclaiming-ai-futures-call-for-contributions-and-provocations'>http://editors.cis-india.org/internet-governance/blog/reclaiming-ai-futures-call-for-contributions-and-provocations</a>
</p>
No publisherDivij JoshiFeaturedInternet Governance2020-11-18T09:04:25ZBlog EntryRebuttal of DIT's Misleading Statements on New Internet Rules
http://editors.cis-india.org/internet-governance/blog/rebuttal-dit-press-release-intermediaries
<b>The press statement issued on May 11 by the Department of Information Technology (DIT) on the furore over the newly-issued rules on 'intermediary due diligence' is misleading and is, in places, plainly false. We are presenting a point-by-point rebuttal of the DIT's claims.</b>
<p>In its <a class="external-link" href="http://pib.nic.in/newsite/erelease.aspx?relid=72066">press release on Wednesday, May 11, 2011</a>, the DIT stated:
<blockquote>The
attention of Government has been drawn to news items in a section of
media on certain aspects of the Rules notified under Section 79
pertaining to liability of intermediaries under the Information
Technology Act, 2000. These items have raised two broad issues. One is
that words used in Rules for objectionable content are broad and could
be interpreted subjectively. Secondly, there is an apprehension that the
Rules enable the Government to regulate content in a highly subjective
and possibly arbitrary manner. <br /></blockquote>
<p>There are actually more issues than merely "subjective interpretation" and "arbitrary governmental regulation".</p>
<ul><li style="list-style-type: disc;">The
Indian Constitution limits how much the government can regulate
citizens’ fundamental right to freedom of speech and expression. Any
measure afoul of the constitution is invalid. </li><li style="list-style-type: disc;">Several
portions of the rules are beyond the limited powers that Parliament had
granted the Department of IT to create interpretive rules under the
Information Technology Act. Parliament directed the Government to merely
define what “due diligence” requirements an intermediary would have to
follow in order to claim the qualified protection against liability that
Section 79 of the Information Technology Act provides; these current
rules have gone dangerously far beyond that, by framing rules that
insist that intermediaries, without investigation, has to remove content within 36-hours of receipt of a
complaint, keep records of a users' details and provide them to
law enforcement officials.</li></ul>
<p>The Department of Information Technology (DIT), Ministry of
Communications & IT has clarified that the Intermediaries Guidelines
Rules, 2011 prescribe that due diligence need to be observed by the
Intermediaries to enjoy exemption from liability for hosting any third
party information under Section 79 of the Information Technology Act,
2000. These due diligence practices are the best practices followed
internationally by well-known mega corporations operating on the
Internet. The terms specified in the Rules are in accordance with the
terms used by most of the Intermediaries as part of their existing
practices, policies and terms of service which they have published on
their website.</p>
<ol><li>We are not aware of any country that actually goes to the extent of
deciding what Internet-wide ‘best practices’ are and actually converting
those ‘best practices’ into law by prescribing a universal terms of
service that all Internet services, websites, and products should enforce.</li><li>The Rules require all intermediaries to include the
government-prescribed terms in an agreement, no matter what services
they provide. It is one thing for a company to choose the terms of its
terms of service agreement, and completely another for the government to
dictate those terms of service. As long as the terms of service of an
intermediary are not unlawful or bring up issues of users’ rights (such
as the right to privacy), there is no reason for the government to jump
in and dictate what the terms of service should or should not be.</li><li>The DIT has not offered any proof to back up its assertion that 'most'
intermediaries already have such terms. Google, a ‘mega corporation’
which is an intermediary, <a class="external-link" href="http://www.google.com/accounts/TOS?hl=en">does not have such an overarching policy</a>. Indiatimes, another ‘mega
corporation’ intermediary, <a class="external-link" href="http://www.indiatimes.com/policyterms/1555176.cms">does not either</a>. Just because <a class="external-link" href="http://www.rediff.com/termsofuse.html">a
company like Rediff</a> and <a class="external-link" href="http://us.blizzard.com/en-us/company/legal/wow_tou.html">
Blizzard's World of Warcraft</a> have some of those terms does not mean a) that they should have all of those terms, nor that b) everyone else should as well.<br /><br />In
attempting to take different terms of service from different Internet
services and products—the very fact of which indicate the differing
needs felt across varying online communities—the Department has put in
place a one-size-fits-all approach. How can this be possible on the Internet, when we wouldn't regulate the post-office and a book publisher under the same rules of liability for, say, defamatory speech.</li><li>There is also a significant difference between the effect of those
terms of service and that of these Rules. An intermediary-framed terms of service
suggest that the intermediary <em>may</em> investigate and boot someone off a service for violation, while the Rules insist that
the intermediary simply has to mandatorily remove content, keep records of users' details and provide them to law enforcement officials,
else be subject to crippling legal liability.</li></ol>
<p>So
to equate the effect of these Rules to merely following ‘existing
practices’ is plainly wrong. An intermediary—like the CIS website—should have the freedom to choose not to have terms of service
agreements. We now don’t.“In case any issue arises concerning the interpretation of the terms
used by the Intermediary, which is not agreed to by the user or affected
person, the same can only be adjudicated by a Court of Law. The
Government or any of its agencies have no power to intervene or even
interpret. DIT has reiterated that there is no intention of the
Government to acquire regulatory jurisdiction over content under these
Rules. It has categorically said that these rules do not provide for any
regulation or control of content by the Government.”</p>
<p>The
Rules are based on the presumption that all complaints (and resultant
mandatory taking down of the content) are correct, and that the
incorrectness of the take-downs can be disputed in court. Why not just
invert that, and presume that all complaints need to be proven first, and the correctness of the complaints (instead of the take-downs) be disputed in court? </p>
<p>Indeed,
the courts have insisted that presumption of validity is the only
constitutional way of dealing with speech. (See, for instance, <em>Karthikeyan R. v. Union
of India</em>, a 2010 Madras High Court judgment.)</p>
<p>Further,
only constitutional courts (namely High Courts and the Supreme Court)
can go into the question of the validity of a law. Other courts have to
apply the law, even if it the judge believes it is constitutionally
invalid. So, most courts will be forced to apply this law of highly
questionable constitutionality until a High Court or the Supreme Court
strikes it down.</p>
<p>What
the Department has in fact done is to explicitly open up the floodgates
for increased liability claims and litigation - which runs exactly
counter to the purpose behind the amendment of Section 79 by Parliament
in 2008.</p>
<blockquote>“The
Government adopted a very transparent process for formulation of the
Rules under the Information Technology Act. The draft Rules were
published on the Department of Information Technology website for
comments and were widely covered by the media. None of the Industry
Associations and other stakeholders objected to the formulation which is
now being cited in some section of media.”<br /></blockquote>
<p>This is a blatant lie.</p>
<p>Civil
society voices, including <a href="http://editors.cis-india.org/internet-governance/blog/2011/02/25/intermediary-due-diligence" class="external-link">CIS</a>, <a class="external-link" href="http://www.softwarefreedom.in/index.php?option=com_idoblog&task=viewpost&id=86&Itemid=70">Software Freedom Law Centre</a>, and
individual experts (such as the lawyer and published author <a class="external-link" href="http://www.iltb.net/2011/02/draft-rules-on-intermediary-liability-released-by-the-ministry-of-it/">Apar Gupta</a>)
sent in comments. Companies <a class="external-link" href="http://online.wsj.com/article/SB10001424052748704681904576314652996232860.html?mod=WSJINDIA_hps_LEFTTopWhatNews">such as Google</a>, <a class="external-link" href="http://e2enetworks.com/2011/05/13/e2e-networks-response-to-draft-rules-for-intermediary-guidelines/">E2E Networks</a>, and others had apparently
raised concerns as well. The press has published many a cautionary note, including editorials, op-ed and articles in <a class="external-link" href="http://www.thehindu.com/opinion/lead/article1487299.ece">the</a> <a class="external-link" href="http://www.thehindu.com/opinion/editorial/article1515144.ece">Hindu</a>, <a class="external-link" href="http://www.thehoot.org/web/home/story.php?sectionId=6&mod=1&pg=1&valid=true&storyid=5163">the Hoot</a>, Medianama.com, and Kafila.com, well before the new rules were notified. We at CIS even received a 'read notification'
from the email account of the Group Coordinator of the DIT’s Cyber Laws
Division—Dr. Gulshan Rai—on Thursday, March 3, 2011 at 12:04 PM (we had
sent the mail to Dr. Rai on Monday, February 28, 2011). We never
received any acknowledgement, though, not even after we made an express
request for acknowledgement (and an offer to meet them in person to
explain our concerns) on Tuesday, April 5, 2011 in an e-mail sent to Mr.
Prafulla Kumar and Dr. Gulshan Rai of DIT.</p>
<p>The
process can hardly be called 'transparent' when the replies received
from 'industry associations and other stakeholders' have not been made
public by the DIT. Those comments which are public all indicate that
serious concerns were raised as to the constitutionality of the Rules.</p>
<p>The Government has been forward looking to create a conducive
environment for the Internet medium to catapult itself onto a different
plane with the evolution of the Internet. The Government remains fully
committed to freedom of speech and expression and the citizen’s rights
in this regard.</p>
<p><span id="internal-source-marker_0.8528041979429147">The DIT has limited this statement to the rules on intermediary due
diligence, and has not spoken about the controversial new rules that
stifle cybercafes, and restrict users' privacy and freedom to receive
information.<br /></span></p>
<p><span id="internal-source-marker_0.8528041979429147"></span>If
the government is serious about creating a conducive environment for
innovation, privacy and free expression on the Internet, then it wouldn’t be
passing Rules that curb down on them, and it definitely will not be
doing so in such a non-transparent fashion.</p></p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/rebuttal-dit-press-release-intermediaries'>http://editors.cis-india.org/internet-governance/blog/rebuttal-dit-press-release-intermediaries</a>
</p>
No publisherpraneshFreedom of Speech and ExpressionIT ActFeaturedIntermediary Liability2012-07-11T13:18:04ZBlog EntryRBI Directions on Account Aggregators
http://editors.cis-india.org/internet-governance/blog/rbi-directions-on-account-aggregators
<b>The Reserve Bank of India's (RBI) Directions for account aggregator services in India seem to lay great emphasis on data security by allowing only direct access between institutions and do away with data scraping techniques.</b>
<p style="text-align: justify; ">These days’ people have access to various financial services and manage their finances in a diverse manner while dealing with a large number of financial service providers, each providing one or more services that the user may need such as banking, credit card services, investment services, etc. This multiplicity of financial service providers could make it inconvenient for the users to keep track of their finances since all the information cannot be provided at the same place. This problem is sought to be solved by the account aggregators by providing all the financial data of the user at a single place. Account aggregation is the consolidation of online financial account information (e.g., from banks, credit card companies, etc.) for online retrieval at one site. In a typical arrangement, an intermediary (e.g., a portal) agrees with a third party service provider to provide the service to consumers, the intermediary would then generally privately label the service and offer consumers access to it at the intermediary’s website.<a href="#_ftn1" name="_ftnref1">[1]</a> There are two major ways in which account aggregation takes place, (i) <i>direct access</i>: wherein the account aggregator gets direct access to the data of the user residing in the computer system of the financial service provider; and (ii) <i>scraping</i>: where the user provides the account aggregator the username and password for its account in the different financial service providers and the account aggregator scrapes the information off the website/portal of the different financial service providers.</p>
<p style="text-align: justify; ">Since account aggregation involves the use and exchange of financial information there could be a number of potential risks associated with it such as (i) loss of passwords; (ii) frauds; (iii) security breaches at the account aggregator, etc. It is for this reason that on the advice of the Financial Stability and Development Council,<a href="#_ftn2" name="_ftnref2">[2]</a> the Reserve Bank of India (“<b>RBI</b>”) felt the need to regulate this sector and on September 2, 2016 issued the Non-Banking Financial Company - Account Aggregator (Reserve Bank) Directions, 2016 to provide a framework for the registration and operation of Account Aggregators in India (the “<b>Directions</b>”). The Directions provide that no company shall be allowed to undertake the business of account aggregators without being registered with the RBI as an NBFC-Account Aggregator. The Directions also specify the conditions that have to be fulfilled for consideration of an entity as an Account Aggregator such as:</p>
<ol style="text-align: justify; ">
<li>the company should have a net owned fund of not less than rupees two crore, or such higher amount as the Bank may specify;</li>
<li>the company should have the necessary resources and wherewithal to offer account aggregator services;</li>
<li>the company should have adequate capital structure to undertake the business of an account aggregator;</li>
<li>the promoters of the company should be fit and proper individuals;</li>
<li>the general character of the management or proposed management of the company should not be prejudicial to the public interest;</li>
<li>the company should have a plan for a robust Information Technology system;</li>
<li>the company should not have a leverage ratio of more than seven;</li>
<li>the public interest should be served by the grant of certificate of registration; and</li>
<li>Any other condition that made be specified by the Bank from time to time.<a href="#_ftn3" name="_ftnref3">[3]</a></li>
</ol>
<p style="text-align: justify; ">The Direction further talk about the responsibilities of the Account Aggregators and specify that the account aggregators shall have the duties such as: (a) Providing services to a customer based on the customer’s explicit consent; (b) Ensuring that the provision of services is backed by appropriate agreements/ authorisations between the Account Aggregator, the customer and the financial information providers; (c) Ensuring proper customer identification; (d) Sharing the financial information only with the customer or any other financial information user specifically authorized by the customer; (e) Having a Citizen's Charter explicitly guaranteeing protection of the rights of a customer.<a href="#_ftn4" name="_ftnref4">[4]</a></p>
<p style="text-align: justify; ">The Account Aggregators are also prohibited from indulging in certain activities such as: (a) Support transactions by customers; (b) Undertaking any other business other than the business of account aggregator; (c) Keeping or “residing” with itself the financial information of the customer accessed by it; (d) Using the services of a third party for undertaking its business activities; (e) Accessing user authentication credentials of customers; (f) Disclosing or parting with any information that it may come to acquire from/ on behalf of a customer without the explicit consent of the customer.<a href="#_ftn5" name="_ftnref5">[5]</a> The fact that there is a prohibition on the information accessed from actually residing with the Account Aggregator will ensure greater security and protection of the information.</p>
<p style="text-align: justify; "><b>Consent Framework</b></p>
<p style="text-align: justify; ">The Directions specify that the function of obtaining, submitting and managing the customer’s consent should be performed strictly in accordance with the Directions and that no information shall be retrieved, shared or transferred without the explicit consent of the customer.<a href="#_ftn6" name="_ftnref6">[6]</a> The consent is to be taken in a standardized artefact, which can also be obtained in electronic form,<a href="#_ftn7" name="_ftnref7">[7]</a> and shall contain details as to (i) the identity of the customer and optional contact information; (ii) the nature of the financial information requested; (iii) purpose of collecting the information; (iv) the identity of the recipients of the information, if any; (v) URL or other address to which notification needs to be sent every time the consent artefact is used to access information; (vi) Consent creation date, expiry date, identity and signature/ digital signature of the Account Aggregator; and (vii) any other attribute as may be prescribed by the RBI.<a href="#_ftn8" name="_ftnref8">[8]</a> The account aggregator is required to inform the customer of all the necessary attributes to be contained in the consent artefact as well as the customer’s right to file complaints with the relevant authorities.<a href="#_ftn9" name="_ftnref9">[9]</a> The customers shall also be provided an option to revoke consent to obtain information that is rendered accessible by a consent artefact, including the ability to revoke consent to obtain parts of such information.<a href="#_ftn10" name="_ftnref10">[10]</a></p>
<p style="text-align: justify; ">Comments: While the Directions have specific provisions regarding how the financial data shall be dealt with, it is pertinent to note that the actual consent artefact also has personal information and it is not clear whether Account Aggregators are allowed disclose that information to third parties are not.</p>
<p style="text-align: justify; "><b>Disclosure and sharing of financial information</b></p>
<p style="text-align: justify; ">Financial information providers such as banks, mutual funds, etc. are allowed to share information with account aggregators only upon being presented with a valid consent artifact and also have the responsibility to verify the consent as well as the credentials of the account aggregator.<a href="#_ftn11" name="_ftnref11">[11]</a> Once the verification is done, the financial information provider shall digitally sign the financial information and transmit the same to the Account Aggregator in a secure manner in real time, as per the terms of the consent.<a href="#_ftn12" name="_ftnref12">[12]</a> In order to ensure smooth flow of data, the Directions also impose an obligation on financial information providers to:</p>
<ul style="text-align: justify; ">
<li>implement interfaces that will allow an Account Aggregator to submit consent artefacts, and authenticate each other, and enable secure flow of financial information;</li>
<li>adopt means to verify the consent including digital signatures;</li>
<li>implement means to digitally sign the financial information; and</li>
<li>maintain a log of all information sharing requests and the actions performed pursuant to such requests, and submit the same to the Account Aggregator.<a href="#_ftn13" name="_ftnref13">[13]</a></li>
</ul>
<p style="text-align: justify; ">Comments: The Directions provide that the Account Aggregator will not support any transactions by the customers and this seems to suggest that in case of any mistakes in the information the customer would have to approach the financial information provider and not the Account Aggregator.</p>
<p style="text-align: justify; "><b>Use of Information</b></p>
<p style="text-align: justify; ">The Directions provide that in cases where financial information has been provided by a financial information provider to an Account Aggregator for transferring the same to a financial information user with the explicit consent of the customer, the Account Aggregator shall transfer the same in a secure manner in accordance with the terms of the consent artefact only after verifying the identity of the financial information user.<a href="#_ftn14" name="_ftnref14">[14]</a> Such information, as well as information which may be provided for transferring to the customer, shall not be used or disclosed by the Account Aggregator or the Financial Information user except as specified in the consent artefact.<a href="#_ftn15" name="_ftnref15">[15]</a></p>
<p style="text-align: justify; "><b>Data Security</b></p>
<p style="text-align: justify; ">The Directions specify that the business of an Account Aggregator will be entirely Information Technology (IT) driven and they are required to adopt <b>required IT framework</b> and interfaces to ensure secure data flows from the financial information providers to their own systems and onwards to the financial information users.<a href="#_ftn16" name="_ftnref16">[16]</a> This technology should also be scalable to cover any other financial information or financial information providers as may be specified by the RBI in the future.<a href="#_ftn17" name="_ftnref17">[17]</a> The IT systems should also have adequate safeguards to ensure they are protected against unauthorised access, alteration, destruction, disclosure or dissemination of records and data.<a href="#_ftn18" name="_ftnref18">[18]</a> Information System Audit of the internal systems and processes should be in place and be conducted at least once in two years by CISA certified external auditors whose report is to be submitted to the RBI.<a href="#_ftn19" name="_ftnref19">[19]</a> The Account Aggregators are prohibited from asking for or storing customer credentials (like passwords, PINs, private keys) which may be used for authenticating customers to the financial information providers and their access to customer’s information will be based only on consent-based authorisation (for scraping).<a href="#_ftn20" name="_ftnref20">[20]</a></p>
<p style="text-align: justify; "><b>Grievance Redressal</b></p>
<p style="text-align: justify; ">The Directions require the Account Aggregator to put in place a policy for handling/ disposal of customer grievances/ complaints, which shall be approved by its Board and also have a dedicated set-up to address customer grievances/ complaints which shall be handled and addressed in the manner prescribed in the policy.<a href="#_ftn21" name="_ftnref21">[21]</a> The Account Aggregator also has to display the name and details of the Grievance Redressal Officer on its website as well as place of business.<a href="#_ftn22" name="_ftnref22">[22]</a></p>
<p style="text-align: justify; "><b>Supervision</b></p>
<p style="text-align: justify; ">The Directions require the Account Aggregators to put in place various internal checks and balances to ensure that the business of the Account Aggregator does not violate any laws or regulations such as constitution of an Audit Committee, a Nomination Committee to ensure the “fit and proper” status of its Directors, a Risk Management Committee and establishment of a robust and well documented risk management framework.<a href="#_ftn23" name="_ftnref23">[23]</a> The Risk Management Committee is required to (a) give due consideration to factors such as reputation, customer confidence, consequential impact and legal implications, with regard to investment in controls and security measures for computer systems, networks, data centres, operations and backup facilities; and b) have oversight of technology risks and ensure that the organisation’s IT function is capable of supporting its business strategies and objectives.<a href="#_ftn24" name="_ftnref24">[24]</a> Further the RBI also has the power to inspect any Account Aggregator at any time.<a href="#_ftn25" name="_ftnref25">[25]</a></p>
<p style="text-align: justify; "><b>Penalties</b></p>
<p style="text-align: justify; ">The Directions themselves do not provide for any penalties for non compliance, however since the Directions are issued under Section 45JA of the Reserve Bank of India Act, 1934 (“<b>RBI Act</b>”), this means that any contravention of these directions will be punishable under Section 58B of the RBI Act which provides for an imprisonment of upto 3 years as well as a fine for any contravention of such directions.</p>
<p style="text-align: justify; "><b>Conclusion</b></p>
<p style="text-align: justify; ">The Directions by the RBI provide a number of regulations and checks on Account Aggregators with the view to ensure safety of customer financial data. These Directions appear to be quite trendsetting in the sense that in most other jurisdictions such as the United States or even Europe there are no specific regulations governing Account Aggregators but their activities are mainly being governed under existing privacy or consumer protection legislations.<a href="#_ftn26" name="_ftnref26">[26]</a></p>
<p style="text-align: justify; ">The entire regulatory regime for Account Aggregators seems to suggest that the RBI wants Account Aggregators to be like funnels to channel information from various platforms right to the customer (or financial information user) and it does not want to take a chance with the information actually residing with the Account Aggregators. Further, by prohibiting Account Aggregators from accessing user authentication credentials, the RBI is trying to eliminate the possibility of this information being leaked or stolen. Although this may make it more onerous for Account Aggregators to provide their services, it is a great step to ensure the safety and security of customer data.</p>
<p style="text-align: justify; ">In recent months the RBI has been trying to actively engage with the various new products being introduced in the financial sector owing to various technological advancements, be it the circular informing the public about the risks of virtual currencies including Bitcoin, the consultation paper on P2P lending platforms or these current guidelines on Account Aggregators. These recent actions of the RBI seem to suggest that the RBI is well aware of various technological advancements in the financial sector and is keeping a keen eye on these technologies and products, but appears to be taking a cautious and weighted approach regarding how to deal with them.</p>
<hr />
<p style="text-align: justify; "><a href="#_ftnref1" name="_ftn1">[1]</a> Ann S. Spiotto, <i>Financial Account Aggregation: The Liability Perspective</i>, Fordham Journal of Corporate & Financial Law, 2006, Volume 8, Issue 2, Article 6, available at <a href="http://ir.lawnet.fordham.edu/cgi/viewcontent.cgi?article=1181&context=jcfl">http://ir.lawnet.fordham.edu/cgi/viewcontent.cgi?article=1181&context=jcfl</a></p>
<p style="text-align: justify; "><a href="#_ftnref2" name="_ftn2">[2]</a> <a href="https://rbi.org.in/scripts/BS_PressReleaseDisplay.aspx?prid=34345">https://rbi.org.in/scripts/BS_PressReleaseDisplay.aspx?prid=34345</a></p>
<p style="text-align: justify; "><a href="#_ftnref3" name="_ftn3">[3]</a> Clause 4.2.2 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref4" name="_ftn4">[4]</a> Clause 5 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref5" name="_ftn5">[5]</a> Clause 5 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref6" name="_ftn6">[6]</a> Clauses 6.1 and 6.2 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref7" name="_ftn7">[7]</a> Clause 6.4 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref8" name="_ftn8">[8]</a> Clause 6.3 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref9" name="_ftn9">[9]</a> Clause 6.5 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref10" name="_ftn10">[10]</a> Clause 6.6 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref11" name="_ftn11">[11]</a> Clauses 7.1 and 7.2 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref12" name="_ftn12">[12]</a> Clauses 7.3 and 7.4 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref13" name="_ftn13">[13]</a> Clause 7.5 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref14" name="_ftn14">[14]</a> Clause 7.6.1 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref15" name="_ftn15">[15]</a> Clause 7.6.2 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref16" name="_ftn16">[16]</a> Clause 9(a) of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref17" name="_ftn17">[17]</a> Clause 9(c) of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref18" name="_ftn18">[18]</a> Clause 9(d) of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref19" name="_ftn19">[19]</a> Clause 9(f) of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref20" name="_ftn20">[20]</a> Clause 9(b) of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref21" name="_ftn21">[21]</a> Clauses 10.1 and 10.2 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref22" name="_ftn22">[22]</a> Clause 10.3 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref23" name="_ftn23">[23]</a> Clauses 12.2, 12.3 and 12.4 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref24" name="_ftn24">[24]</a> Clause 12.4 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref25" name="_ftn25">[25]</a> Clause 15 of the Directions.</p>
<p style="text-align: justify; "><a href="#_ftnref26" name="_ftn26">[26]</a> <a href="http://www.canadiancybersecuritylaw.com/2016/07/german-regulator-finds-banks-data-rules-impede-non-bank-competitors/">http://www.canadiancybersecuritylaw.com/2016/07/german-regulator-finds-banks-data-rules-impede-non-bank-competitors/</a></p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/rbi-directions-on-account-aggregators'>http://editors.cis-india.org/internet-governance/blog/rbi-directions-on-account-aggregators</a>
</p>
No publisherVipul Kharbanda and Elonnai HickokBankingFeaturedInternet GovernancePrivacy2016-10-21T15:25:01ZBlog EntryPublic Consultation for the First Draft of 'Government Open Data Use License - India' Announced
http://editors.cis-india.org/openness/public-consultation-for-the-first-draft-of-government-open-data-use-license-india-announced
<b>The first public draft of the open data license to be used by Government of India was released by the Department of Legal Affairs earlier this week. Comments are invited from general public and stakeholders. These are to be submitted via the MyGov portal by July 25, 2016. CIS was a member of the committee constituted to develop the license concerned, and we contributed substantially to the drafting process.
</b>
<p> </p>
<h4>Please read the call for comments <a class="external-link" href="https://www.mygov.in/group-issue/public-consultation-government-open-data-use-license-india/">here</a>.</h4>
<h4>The PDF version of the draft license document can be accessed <a class="external-link" href="https://www.mygov.in/sites/default/files/mygov_1466767582190667.pdf">here</a>.</h4>
<h4><em>Comments are to be submitted by July 25, 2016.</em></h4>
<hr />
<h4 style="text-align: center;"><strong>Government Open Data Use License - India</strong></h4>
<h4 style="text-align: center;"><strong>National Data Sharing and Accessibility Policy</strong></h4>
<h4 style="text-align: center;"><strong>Government of India</strong></h4>
<h2>1. Preamble</h2>
<p style="text-align: justify;">Structured data available in open format and open license for public access and use, usually termed as “Open Data,” is of prime importance in the contemporary world. Data also is one of the most valuable resources of modern governance, sharing of which enables various and non-exclusive usages for both commercial and non-commercial purposes. Licenses, however, are crucial to ensure that such data is not misused or misinterpreted (for example, by insisting on proper attribution), and that all users have the same and permanent right to use the data.</p>
<p style="text-align: justify;">The open government data initiative started in India with the notification of the National Data Sharing and Accessibility Policy (NDSAP), submitted to the Union Cabinet by the Department of Science and Technology, on 17th March 2012 <strong>[1]</strong>. The NDSAP identified the Department of Electronics & Information Technology (DeitY) as the nodal department for the implementation of the policy through National Informatics Centre, while the Department of Science and Technology continues to be the nodal department on policy matters. In pursuance of the Policy, the Open Government Data Platform India <strong>[2]</strong> was launched in 2012.</p>
<p style="text-align: justify;">While, the appropriate open formats and related aspects for implementation of the Policy has been defined in the “NDSAP Implementation Guidelines” prepared by an inter- ministerial Task Force constituted by the National Informatics Centre <strong>[3]</strong>, the open license for data sets published under NDSAP and through the OGD Platform remained unspecified till now.</p>
<h2>2. Definitions</h2>
<p style="text-align: justify;">a. <strong>“Data”</strong> means a representation of Information, numerical compilations and observations, documents, facts, maps, images, charts, tables and figures, concepts in digital and/or analog form, and includes metadata <strong>[4]</strong>, that is all information about data, and/or clarificatory notes provided by data provider(s), without which the data concerned cannot be interpreted or used <strong>[5]</strong>.</p>
<p style="text-align: justify;">b. <strong>“Information”</strong> means processed data <strong>[6]</strong>.</p>
<p style="text-align: justify;">c. <strong>“Data Provider(s)”</strong> means person(s) publishing and providing the data under this license.</p>
<p style="text-align: justify;">d. <strong>“License”</strong> means this document.</p>
<p style="text-align: justify;">e. <strong>“Licensor”</strong>means any data provider(s) that has the authority to offer the data concerned under the terms of this licence.</p>
<p style="text-align: justify;">f. <strong>“User”</strong> means natural or legal persons, or body of persons corporate or incorporate, acquiring rights in the data (whether the data is obtained directly from the licensor or otherwise) under this licence.</p>
<p style="text-align: justify;">g. <strong>“Use”</strong> includes lawful distribution, making copies, adaptation, and all modification and representation of the data, subject to the provisions of this License.</p>
<p style="text-align: justify;">h. <strong>“Adapt”</strong> means to transform, build upon, or to make any use of the data by itsre-arrangement or alteration <strong>[7]</strong>.</p>
<p style="text-align: justify;">i. <strong>“Redistribute”</strong> means sharing of the data by the user, either in original or in adapted form (including a subset of the original data), accompanied by appropriate attribute statement, under the same or other suitable license.</p>
<p style="text-align: justify;">j. <strong>“Attribution Statement”</strong> means a standard notice to be published by all users of data published under this license, that contains the details of the provider, source, and license of the data concerned <strong>[8]</strong>.</p>
<p style="text-align: justify;">k. <strong>“Personal Information”</strong> means any Information that relates to a natural person,which, either directly or indirectly, in combination with other Information available or likely to be available with a body corporate, is capable of identifying such person <strong>[9]</strong>.</p>
<h2>3. Permissible Use of Data</h2>
<p style="text-align: justify;">Subject to the conditions listed under section 7, the user may:</p>
<p style="text-align: justify;">a. Access, use, adapt, and redistribute data published under this license for all lawful and non-exclusive purposes, without payment of any royalty or fee;</p>
<p style="text-align: justify;">b. Apply this license worldwide, and in perpetuity;</p>
<p style="text-align: justify;">c. Access, study, copy, share, adapt, publish, redistribute and transmit the data in any medium or format; and</p>
<p style="text-align: justify;">d. Use, adapt, and redistribute the data, either in itself, or by combining it with other data, or by including it within a product/application/service, for all commercial and/or non-commercial purposes.</p>
<h2>4. Terms and Conditions of Use of Data</h2>
<p style="text-align: justify;">a. <strong>Attribution:</strong> The user must acknowledge the provider, source, and license of data by explicitly publishing the attribution statement, including the DOI (Digital Object Identifier), or the URL (Uniform Resource Locator), or the URI (Uniform Resource Identifier) of the data concerned.</p>
<p style="text-align: justify;">b. <strong>Attribution of Multiple Data:</strong> If the user is using multiple data together and/or listing of sources of multiple data is not possible, the user may provide a link to a separate page/list that includes the attribution statements and specific URL/URI of all data used.</p>
<p style="text-align: justify;"> c. <strong>Non-endorsement:</strong> The User must not indicate or suggest in any manner that the data provider(s) endorses their use and/or the user.</p>
<p style="text-align: justify;">d. <strong>No Warranty:</strong> The data provider(s) are not liable for any errors or omissions, and will not under any circumstances be liable for any direct, indirect, special, incidental, consequential, or other loss, injury or damage caused by its use or otherwise arising in connection with this license or the data, even if specifically advised of the possibility of such loss, injury or damage. Under any circumstances, the user may not hold the data provider(s) responsible for: i) any error, omission or loss of data, and/or ii) any undesirable consequences due to the use of the data as part of an application/product/service (including violation of any prevalent law).</p>
<p style="text-align: justify;">e. <strong>Permanent Disclosure and Versioning:</strong> The data provider(s) will ensure that a data package once published under this license will always remain publicly available for reference and use. If an already published data is updated by the provider, then the earlier appropriate version(s) must also be kept publicly available with accordance with the archival policy of the National Informatics Centre.</p>
<p style="text-align: justify;">f. <strong>Continuity of Provision:</strong>The data provider(s) will strive for continuously updating the data concerned, as new data regarding the same becomes available. However, the data provider(s) do not guarantee the continued supply of updated or up-to-date versions of the data, and will not be held liable in case the continued supply of updated data is not provided.</p>
<h2>5. Template for Attribution Statement</h2>
<p style="text-align: justify;">Unless the user is citing the data using an internationally accepted data citation format <strong>[10]</strong>, an attribution notice in the following format must be explicitly included:</p>
<p>“Data has been published by [Name of Data Provider] and sourced from Open Government Data (OGD) Platform of India: [Name of Data]. ([date of Publication: dd/mm/yyyy]) .[DOI / URL / URI]. Published under Open Government Data License - India: [URL of Open Data License – India].”</p>
<p>For example, “Data has been published by Ministry of Statistics and Programme Implementation and sourced from Open Government Data (OGD) Platform of India: Overall Balance of Payments. (08/09/2015). <a href="https://data.gov.in/catalog/overall-balance-payments">https://data.gov.in/catalog/overall-balance-payments</a>. Published under Open Government Data License - India: [URL of Open Data License - India].”</p>
<h2>6. Exemptions</h2>
<p style="text-align: justify;">The license does not grant the right to access, use, adapt, and redistribute the following kinds of data:</p>
<p style="text-align: justify;">a. Personal information;</p>
<p style="text-align: justify;">b. Data that the data provider(s) is not authorised to licence;</p>
<p style="text-align: justify;">c. Names, crests, logos and other official symbols of the data provider(s);</p>
<p style="text-align: justify;">d. Data subject to other intellectual property rights, including patents, trade-marks and official marks;</p>
<p style="text-align: justify;">e. Military insignia;</p>
<p style="text-align: justify;">f. Identity documents; and</p>
<p style="text-align: justify;">g. Any data publication of which may violate section 8 of the Right to Information Act, 2005 <strong>11</strong>.</p>
<h2>7. Termination</h2>
<p style="text-align: justify;">a. Failure to comply with stipulated terms and conditions will cause the user’s rights under this license to end automatically.</p>
<p style="text-align: justify;">b. Where the user’s rights to use data have terminated under the aforementioned clauses or any other Indian law, it reinstates:</p>
<p style="text-align: justify;">i. automatically, as of the date the violation is cured, provided it is cured within 30 days of the discovery of the violation; or</p>
<p style="text-align: justify;">ii. upon express reinstatement by the Licensor.</p>
<p style="text-align: justify;">c. For avoidance of doubt, this section does not affect any rights the licensor may have to seek remedies for violation of this license.</p>
<h2>8. Dispute Redressal Mechanism</h2>
<p style="text-align: justify;">This license is governed by Indian law, and the copyright of any data shared under this license vests with the licensor, under the Indian Copyright Act.</p>
<h2>9. Endnotes</h2>
<p><strong>[1]</strong> Ministry of Science and Technology. 2012. National Data Sharing and Accessibility Policy (NDSAP) 2012. Gazette of India. March 17. <a href="http://data.gov.in/sites/default/files/NDSAP.pdf">http://data.gov.in/sites/default/files/NDSAP.pdf</a>.</p>
<p><strong>[2]</strong> See: <a href="https://data.gov.in/">https://data.gov.in/</a>.</p>
<p><strong>[3]</strong> See section 3.2 of the Implementation Guidelines for National Data Sharing and Accessibility Policy (NDSAP) Version 2.2. <a href="https://data.gov.in/sites/default/files/NDSAP_Implementation_Guidelines_2.2.pdf">https://data.gov.in/sites/default/files/NDSAP_Implementation_Guidelines_2.2.pdf</a>.</p>
<p><strong>[4]</strong> See section 2.1 of NDSAP 2012.</p>
<p><strong>[5]</strong> See section 2.6 of NDSAP 2012.</p>
<p><strong>[6]</strong> See section 2.7 of NDSAP 2012.</p>
<p><strong>[7]</strong> See section 2 (a) of Indian Copyright Act 1957. <a href="http://copyright.gov.in/Documents/CopyrightRules1957.pdf">http://copyright.gov.in/Documents/CopyrightRules1957.pdf</a>.</p>
<p><strong>[8]</strong> The template of the attribution statement is given in section 5 of the license.</p>
<p><strong>[9]</strong> See section 2 (i) of Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. <a href="http://deity.gov.in/sites/upload_files/dit/files/GSR313E_10511%281%29.pdf">http://deity.gov.in/sites/upload_files/dit/files/GSR313E_10511%281%29.pdf</a>.</p>
<p><strong>[10]</strong>For example, those listed in the DOI Citation Formatter tool developed by DataCite, CrossRef and others: <a href="http://crosscite.org/citeproc/">http://crosscite.org/citeproc/</a>.</p>
<p><strong>[11]</strong> See: <a href="http://rti.gov.in/webactrti.htm">http://rti.gov.in/webactrti.htm</a>.</p>
<div> </div>
<p>
For more details visit <a href='http://editors.cis-india.org/openness/public-consultation-for-the-first-draft-of-government-open-data-use-license-india-announced'>http://editors.cis-india.org/openness/public-consultation-for-the-first-draft-of-government-open-data-use-license-india-announced</a>
</p>
No publishersinhaOpen Government DataOpen LicenseOpen DataNDSAPFeaturedOpenness2016-06-30T09:41:07ZBlog EntryPrivacy vs. Transparency: An Attempt at Resolving the Dichotomy
http://editors.cis-india.org/openness/blog-old/privacy-v-transparency
<b>The right to privacy has been articulated in international law and in some national laws. In a few countries where the constitution does not explicitly guarantee such a right, courts have read the right to privacy into other rights (e.g., the right to life, the right to equal treatment under law and also the right to freedom of speech and expression).</b>
<hr />
<p><i>With feedback and inputs from Sumandro Chattapadhyay, Elonnai Hickok, Bhairav Acharya and Geetha Hariharan</i>. I would like to apologize for not providing proper citation to Julian Assange when the first version of this blog entry was published. I would also like to thank Micah Sifry for drawing this failure to his attention. The blog post originally published by Omidyar Network <a class="external-link" href="http://www.openup2014.org/privacy-vs-transparency-attempt-resolving-dichotomy/">can be read here</a>. Also see <a class="external-link" href="http://newint.org/features/2015/01/01/privacy-transparency/">http://newint.org/features/2015/01/01/privacy-transparency/</a></p>
<hr />
<p style="text-align: justify; ">In other countries where privacy is not yet an explicit or implicit right, harm to the individual is mitigated using older confidentiality or secrecy law. After the Snowden affair, the rise of social media and the sharing economy, some corporations and governments would like us to believe that “privacy is dead”. Privacy should not and cannot be dead, because that would mean that security is also dead. This is indeed the most dangerous consequence of total surveillance as it is technically impossible to architect a secure information system without privacy as a precondition. And conversely, it is impossible to guarantee privacy without security as a precondition.</p>
<p style="text-align: justify; ">The right to transparency [also known as the right to information or access to information] – while unavailable in international law – is increasingly available in national law. Over the last twenty years this right has become encoded in national laws – and across the world it is being used to hold government accountable and to balance the power asymmetry between states and citizens. Independent and autonomous offices of transparency regulators have been established. Apart from increasing government transparency, corporations are also increasingly required to be transparent as part of generic or industry specific regulation in the public interest. For instance, India’s Companies Act, 2013, requires greater transparency from the private sector. Other areas of human endeavor such as science and development are also becoming increasingly transparent though here it is still left up to self-regulation and there isn’t as much established law. Within science and research more generally, the rise of open data accompanied the growth of the Open Access and citizen science movement.</p>
<p style="text-align: justify; ">So the question before us is: Are these two rights – the right to transparency and the right to privacy – compatible? Is it a zero-sum game? Do we have to sacrifice one right to enforce the other? Unfortunately, many privacy and transparency activists think this is the case and this has resulted in some conflict. I suggest that these rights are completely compatible when it comes to addressing the question of power. These rights do not have to be balanced against one another. There is no need to settle for a sub-optimal solution. <b>Rather this is an optimization problem and the solution is as follows: privacy protections must be inversely proportionate to power and as Julian Assange says transparency requirements should be directly proportionate to power.</b><a href="#fn*" name="fr*">[*] </a></p>
<p style="text-align: justify; ">In most privacy laws, the public interest is an exception to privacy. If public interest is being undermined, then an individual privacy can be infringed upon by the state, by researchers, by the media, etc. And in transparency law, privacy is the exception. If the privacy of an individual can be infringed, transparency is not required unless it is in the public interest. In other words, the “public interest” test allows us to use privacy law and transparency law to address power asymmetries rather than exacerbate them. What constitutes “public interest” is of course left to courts, privacy regulators, and transparency regulators to decide. Like privacy, there are many other exceptions in any given transparency regime including confidentiality and secrecy. Given uneven quality of case law there will be a temptation by the corrupt to conflate exceptions. Here the old common-law principle of “there is no confidence as to the disclosure of iniquity” – which prevents confidentiality law from being used to cover malfeasance or illegality – can be adopted in appropriate jurisdictions.</p>
<p style="text-align: justify; ">Around 10 years ago, the transparency movement gave birth to yet another movement – the open government data movement. The tension between privacy and transparency is most clearly seen in the open government data movement. The open government data movement in some parts of the world is dominated by ahistorical and apolitical technologists, and some of them seem intent on reinventing the wheel. In India, ever since the enactment of the Right to Information Act, 2003, 30 transparency activists are either killed, beaten or criminally intimidated every year. This is the statistic from media coverage alone. Many more silently suffer. RTI or transparency is without a doubt one of the most dangerous sectors within civil society that you could choose to work in. In contrast, not a single open data activist has ever been killed, beaten or criminally intimidated. I suspect this is because open data activists do not sufficiently challenge power hierarchies. Let us look a little bit closely at their work cycle. When a traditional transparency activist asks a question, that is usually enough to get them into trouble. When an open data activist publishes an answer [a dataset nicely scrubbed and machine readable, or a visualization, or a tool] they are often frustrated because nobody seems interested in using it. Often even the activist is unclear what the question is. This is because open data activist works where data is available. Open data activists are obsessed with big datasets, which are easier to find at the bottom of the pyramid. They contribute to growing surveillance practices [the nexus between Internet giants, states, and the security establishment] rather that focusing on sousveillance [citizen surveillance of the state, also referred to as citizen undersight or inverse surveillance]. They seem to be obsessed only with tools and technologies, rather than power asymmetries and injustices.</p>
<p style="text-align: justify; ">Finally, a case study to make my argument easier to understand – Aadhaar or UID, India’s ambitious centralized biometric identity and authentication management system. There are many serious issues with its centralized topology, proprietary technology, and dependence on biometrics as authentication factors – all of which I have written about in the past. In this article, I will explain how my optimization solution can be applied to the project to make it more effective in addressing its primary problem statement that corruption is a necessary outcome of power asymmetries in India.</p>
<p style="text-align: justify; ">In its current avatar – the Aadhaar project hopes to assign biometric-based identities to all citizens. The hope is that, by doing authentication in the last mile, corruption within India’s massive subsidy programmes will be reduced. This, in my view, might marginally reduce retail corruption at the bottom of the pyramid. It will do nothing to address wholesale corruption that occurs as subsidies travel from the top to the bottom of the pyramid. I have advocated over the last two years that we should abandon trying to issue biometric identities to all citizens, thereby making them more transparent to the state. Let us instead issue Aadhaar numbers to all politicians and bureaucrats and instead make the state more transparent to citizens. There is no public interest in reducing privacy for ordinary citizens – the powerless – but there are definitely huge public interest benefits to be secured by increasing transparency of politicians and bureaucrats, who are the powerful.</p>
<p style="text-align: justify; ">The Indian government has recently introduced a biometric-based attendance system for all bureaucrats and has created a portal that allows Indian citizens to track if their bureaucrats are arriving late or leaving early. This unfortunately is just bean counting [for being corrupt and being punctual are not mutually exclusive] and public access to the national portal was turned off because of legitimate protests from some of the bureaucrats. What bureaucrats do in office, who they meet, and which documents they process is more important than when they arrive at or depart from work. The increased transparency or reduced privacy was not contributing to the public interest.</p>
<p style="text-align: justify; ">Instead of first going after small-ticket corruption at the bottom of the pyramid, maximization of public interest requires us to focus on the top, for there is much greater ROI for the anti-corruption rupee. For example: constructing a digital signature based on audit trails that track all funds and subsidies as they move up and down the pyramid. These audit trails must be made public so that ordinary villagers can be supported by open data activists, journalists, social entrepreneurs, and traditional civil society in verification and course correction.</p>
<p style="text-align: justify; ">I hope open data activists, data scientists, and big data experts will draw inspiration from the giants of the transparency movement in India. I hope they will turn their attention to power, examine power asymmetries and then ask how the Aadhaar project can be leveraged to make India more rather than less equal.</p>
<h3 style="text-align: justify; ">Videos</h3>
<table class="plain">
<tbody>
<tr>
<th>
<p style="text-align: justify; ">Open Up? 2014: Risky Business: Transparency, Technology, Security, and Human Rights</p>
</th>
</tr>
<tr>
<td><iframe frameborder="0" height="315" src="http://www.youtube.com/embed/tDf8TFjxqiQ" width="560"></iframe></td>
</tr>
<tr>
<td><b>Open Up? 2014: Data Collection and Sharing: Transparency and the Private Sector</b></td>
</tr>
<tr>
<td><iframe frameborder="0" height="315" src="http://www.youtube.com/embed/lPHWkYZjqzo" width="560"></iframe></td>
</tr>
</tbody>
</table>
<p>The videos can also be watched on Vimeo:</p>
<ol>
<li><a class="external-link" href="http://vimeo.com/111729069">Open Up? 2014: Risky Business: Transparency, Technology, Security, and Human Rights </a></li>
<li><a class="external-link" href="http://vimeo.com/111748146">Open Up? 2014: Data Collection and Sharing: Transparency and the Private Sector </a></li>
</ol>
<hr />
<p>[<a href="#fr*" name="fn*">*</a>].<a class="external-link" href="http://prospect.org/article/real-significance-wikileaks">http://prospect.org/article/real-significance-wikileaks</a> “Transparency should be proportional to the power that one has.”</p>
<p>Read the presentation on Risky Business: Transparency, Technology, Security and Privacy made at the Pecha Kucha session <a href="http://editors.cis-india.org/openness/blog-old/risky-business.odp" class="internal-link">here</a>. (ODP File, 35 kb)</p>
<p style="text-align: justify; "><i>Disclaimer: The views, opinions, and positions expressed by the author(s) of this blog are theirs alone, and do not necessarily reflect the views, opinions, or positions of Omidyar Network. We make no representations as to accuracy, completeness, timeliness, suitability or validity of any information presented by individual authors of the blogs and will not be liable for any errors, omissions, or delays in this information or any losses, injuries or damages arising from its display or use.</i></p>
<p>
For more details visit <a href='http://editors.cis-india.org/openness/blog-old/privacy-v-transparency'>http://editors.cis-india.org/openness/blog-old/privacy-v-transparency</a>
</p>
No publishersunilPrivacyFeaturedVideoAadhaarOpennessOpen Access2015-03-08T06:26:21ZBlog EntryPrivacy Protection Bill, 2013 (With Amendments based on Public Feedback)
http://editors.cis-india.org/internet-governance/blog/privacy-protection-bill-2013-with-amendments-based-on-public-feedback
<b>In 2013 CIS drafted the Privacy Protection Bill as a citizens' version of a privacy legislation for India. Since April 2013, CIS has been holding Privacy Roundtables in collaboration with FICCI and DSCI, with the objective of gaining public feedback to the Privacy Protection Bill and other possible frameworks for privacy in India.</b>
<hr />
<p><i>This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC</i></p>
<hr />
<p>As a part of this process, CIS has been amending the Privacy Protection Bill based on public feedback. Below is the text of the Bill as amended according to feedback gained from the New Delhi, Bangalore, and Chennai Roundtables.</p>
<p style="text-align: center; "><b><a href="http://editors.cis-india.org/internet-governance/blog/privacy-protection-bill-2013-amendments.pdf" class="internal-link">Click to download the Privacy Protection Bill, 2013 with latest amendments</a></b> (PDF, 196 Kb).</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/privacy-protection-bill-2013-with-amendments-based-on-public-feedback'>http://editors.cis-india.org/internet-governance/blog/privacy-protection-bill-2013-with-amendments-based-on-public-feedback</a>
</p>
No publisherelonnaiFeaturedSAFEGUARDSInternet GovernancePrivacy2013-07-12T10:50:22ZBlog Entry