The Centre for Internet and Society
http://editors.cis-india.org
These are the search results for the query, showing results 1 to 8.
History of the Internet: Building Conceptual Frameworks
http://editors.cis-india.org/telecom/knowledge-repository-on-internet-access/history-of-internet-building-conceptual-frameworks
<b>In this module Nishant Shah analyses the understanding of the Internet, cyberspace and everyday life and why do we need to know the history of the internet.</b>
<h3>Introduction: Understanding the Internet</h3>
<p style="text-align: justify; ">Let’s begin at the beginning. Before we get into the history of the Internet, it might be a good thing to try and figure out what the Internet is and what exactly are we talking about when we say ‘Internet’. Let’s take a moment and figure out what the Internet is. If you pause right now, and try and define the Internet it is going to be tricky. However, if you look at other media and communication technologies you realise that the same is true for all the other technologies that you daily deal with. Try and define what a book is. Or, what is a film? It is one of the signs that a technology has become internal, personal and ubiquitous that it becomes transparent. It doesn’t require us to think about how it works. Almost like magic, the technologies just ease our way into life and perform crucial tasks of everyday living, without really making their internal mechanics transparent. So it is highly possible that unless you are trained in technologies, you have a vague idea of what the Internet is and how it works.</p>
<p style="text-align: justify; ">At a very basic level, the Internet is a network of computers that are able to talk to each other using a protocol that is popularly known as the TCP/IP suite. That is it. At a most cursory level, that is all there is to the Internet. An extensive network – even a network of network – that makes it possible for billions of users across the globe, to exchange information using digital data, in asynchronous and distributed forms. And this has been historically the case. The origins of the Internet are in military and state funded research in the United States of America in 1960s, where they were developing robust communication networks that could account for redundancy – which is to say that they wanted a network which would function even when particular nodes fell out of service, or certain flow-lines within the network were blocked. A history of the Internet then, will be a history of its technological development – the different protocols, programmes and innovations that allowed for this network to grow out of the defense research labs in the 1960s, be used extensively in American and European academia in the 1980s and then made available to the public in the 1990s. So that is one history that we might need to look at. It is a technological history of the Internet, that allows us to understand what the challenges, strengths, weaknesses and vulnerabilities of the Internet technologies have been and how we have constantly innovated to meet these problems and aspirations.</p>
<p style="text-align: justify; ">However, as you can imagine, that is a technical history of technology which is well documented, well, on the Internet. A look at the page on Wikipedia<a href="#fn1" name="fr1">[1] </a>will show you all the different technological, institutional and digital innovations that have shaped the Internet from its early days residing on the ARPANET to the global phenomenon that we know now. It is a history of facts and dates, names and numbers and it is easily accessible to anybody who wants to look at the different institutions, technologies and conversations shaped what we understand as the Internet today. You might also want to look at these three different accounts of that history to get the facts,<a href="#fn2" name="fr2">[2] </a>anecdotes<a href="#fn3" name="fr3">[3]</a> and stories<a href="#fn4" name="fr4">[4]</a> in order.</p>
<p style="text-align: justify; ">You will realise from the sources that the Internet is the backbone of our digital experience. It hosts a vast range of services, like peer-2-peer networks, voice and text chats, hypertext documents, and indeed, the most prominent of them all – the World Wide Web. We need to understand that the Internet is thus larger than the World Wide Web and what we have access to, using the WWW, is a very small subset of this larger global digital network. To know the structure of the internet, how it is governed, what are the different inequities, vulnerabilities and problems it creates are important to study because they give us an entry point into understanding how the technological and technical choices that are made affect and impact our everyday concerns around questions of privacy, identity, access, usage, affordability, accessibility etc. These are questions that often get addressed under the rubric of Internet Governance<a href="#fn5" name="fr5">[5] </a>and will be dealt with in the subsequent sessions for this Institute that expand upon the Infrastructure and Institutions that govern the Internet<a href="#fn6" name="fr6">[6]</a> In the meantime, I want to begin with the personal. Instead of beginning with the technological, I want to begin with our everyday experiences on the Internet, and particularly of this thing that we call cyberspace.</p>
<h3 style="text-align: justify; ">Pinning down Cyberspace</h3>
<p style="text-align: justify; ">Let’s take a pause and try and answer a hard question: What is Cyberspace? If you thought that defining the Internet was tough, you will quickly realise that defining Cyberspace is going to be even tougher. We know when we are on cyberspace. We use it across a variety of devices and interfaces. We think of ourselves as connected and online for most of our waking (and sleeping) hours. Cyberspace is right there – You will be able to point to it, give examples, even talk about what it facilitates. For example, cyberspace is a virtual space created by digital communication and connection. Or cyberspace is a repository of information that people create globally using computing technologies. Or cyberspace is a space where people manage their social networks. These are all different instances of cyberspace and indicate the wide variety of things that we do when we are online, but they don’t necessarily tell us what cyberspace is.</p>
<p style="text-align: justify; ">Like all good things, the origins of the word cyberspace are actually in Science Fiction. William Gibson in his iconic cyberpunk novel ‘NeuroMancer’ (1984), first coined the word cyberspace and defined it thus:</p>
<p style="text-align: justify; ">Cyberspace: A consensual hallucination experienced daily by billions of legitimate operators in every nation, by children being taught mathematical concepts... A graphic representation of data abstracted from the banks of every computer in the human system. Unthinkable complexity. Lines of light ranged in the nonspace of the mind, clusters and constellations of data. Like city lights, receding.</p>
<p style="text-align: justify; ">While there are several critiques of Gibson’s description of the word, we must remember that it is fiction and look at it to see what are the conceptual complexities that Gibson is throwing up that are now being discussed in contemporary debates. I want to highlight three things that Gibson’s definition brings up, which might be important to understand how deal and engage with cyberspace.</p>
<ol>
<li style="text-align: justify; "><i>Consensual hallucination</i> – This is probably one of the strongest and the strangest ways of talking about cyberspace. A hallucination is something that happens in your head. It is a space of virtuality. It is an event that nobody except for the one individual who claims it, can verify. It is thus, categorically the non-real. However, a consensual hallucination is a mystifying thing.<br /><br />Let’s say that you propose that from this moment on, you are a dog (even though, as the cartoon famously says, on the internet nobody knows you are a dog). If you were to stand up in your social circles and announce that you are a dog, it would lead to some strange reactions. If you persisted in acting like a dog and responding only to a dog, chances are that you might be put into a mental asylum to be treated of this hallucination. However, if everybody else in the room consented that you are a dog, and indeed, they are all, also dogs, then your hallucination becomes real. It gains valence. It has legitimacy. It becomes a norm.<br /><br />Gibson, in positing cyberspace as a ‘consensual hallucination’ is reminding us that this is indeed, the very way in which our reality is constructed. For instance, think of the colour blue. Now try and figure out how the blue that you are thinking about and the blue that I am thinking about is the same blue. We can’t verify that we are all talking about the same blue. And yet, there is a consensus among us that there is a blueness to the colour blue that we all refer to when we think of the colour blue.<br /><br />Reality is a process of consensual hallucination. So is Cyberspace. Which mean that instead of making the distinction between the real and the virtual, or trying to figure out what is real and what is not, it is more fruitful for us to engage with the idea that the virtual is a part of the real. There are various processes – social, cultural, political, economic, and governmental – that structure and validate our reality. And hence, reality is always changing. The science fiction futures that were dreamt in the last century are the present times that we live in. The idea of consensual hallucination, takes us away from a debate about Virtual Reality and Real Life (VR – RL) that has been endemic to the conversations around cyberspace. Following Gibson’s lead I would encourage us, not to think of cyberspace in terms of the virtual or the unreal, but as a constitutive and generative part of our reality.</li>
<li style="text-align: justify; "><i>A graphic representation of abstracted data:</i> The use of the term ‘space’ is often bewildering in Gibson’s coinage because it does not really seem to appear in the definition. Space, as we understand it, is a location metaphor. It refers to spatial dimensions of a thing. It gives us a sense of fixity. However, these are all expectations of physical space. The ‘space’ in cyberspace has more in common with the abstract concepts of space in mathematics and metaphors rather than in terms of geography and location.<br /><br />We need to understand that even in geographical terms, space is an abstraction of sorts. Space is the virtual or perceived usage, volume and experience of place. If you have a piece of land, that is the place of that land. The place is geographically present. It can be materially touched and located. However, the space is what you attribute to that piece of land. It is defined by the intentions and aspirations, by what is allowed and what is not. Space is a philosophical concept. Which is why, in everyday talk, when you say, ‘I need some space’, you don’t necessarily mean that you need geographical isolation, but often refers to the head-space that is less tangible.<br /><br />Similarly, the space in Cyberspace, even though it has been often used to talk about the space on the network that connects different webpages, or the immersive environments that role playing games offer, or the virtual communities on social networking sites like Facebook, it is important to remember that space is an abstraction. And cyberspace thus is not the actual mechanics and nitty-gritties of technology but what is built because of those interactions.<br /><br />Bruce Sterling, in his introduction to <i>The Hacker Crackdown</i> quite evocatively explains this: ‘Cyberspace is the "place" where a telephone conversation appears to occur. Not inside your actual phone, the plastic device on your desk. Not inside the other person's phone, in some other city. <b>The place between</b> the phones. [...] in the past twenty years, this electrical "space," which was once thin and dark and one-dimensional—little more than a narrow speaking-tube, stretching from phone to phone—has flung itself open like a gigantic jack-in-the-box. Light has flooded upon it, the eerie light of the glowing computer screen. This dark electric netherworld has become a vast flowering electronic landscape. Since the 1960s, the world of the telephone has cross-bred itself with computers and television, and though there is still no substance to cyberspace, nothing you can handle, it has a strange kind of physicality now. It makes good sense today to talk of cyberspace as a place all its own.”</li>
<li style="text-align: justify; ">Non-space of the mind: In the cyberpunk universe of the novel <i>Neuromancer</i>, Gibson makes a difference between cyberspace and meat-space. There is a definite privileging of cyberspace, which is the world of seduction, adventure, excitement and entertainment. The meat-space, where our biological bodies survive and live, is in a state of collapse and disrepair. This bleak vision of the biological as disintegrating and the digital as becoming the primary mode of existence has been espoused by various science fiction and fantasy narratives. For all of us who have seen <i>The Matrix</i>, we are familiar with this idea that slowly and singularly, we are moving towards creating digital lives which are gaining precedence over our ‘real’ lives.<a href="#fn7" name="fr7">[7]</a> Especially when it comes to the discourse around digital objects, this hierarchy of dismissing the biological and the real over the virtual and the digital is often reinforced. However, Gibson was already reminding us, with the ‘non-space of the mind’ that the digital and the biological are not as separate or discrete as we would have liked to imagine. Let us look at what the ‘non-space’ can mean. For this, we might have to look at two different conceptual moves in philosophy.</li>
</ol>
<ul>
<li style="text-align: justify; ">The first is a distinction between the brain and mind. It is obvious that the brain and the mind are not the same thing. The brain is the biological organ in our cranial cavity. It is made up on cells and neurons, flesh and blood, so to speak. It is what the artificial intelligence scholar Andy Clark calls ‘a skin bag’. The brain performs various functions that keep our body alive and sapient. The mind, is an abstraction of the brain. The mind is our thoughts, memories, associations, feelings, and all the other things that make us human. The brain might support the mind but they are not the same. I hope that this is beginning to sound familiar to us – that the brain-mind relationship is the same as we have mapped out for Internet-Cyberspace. Just like cyberspace is an abstraction of data that we have consented to be real, the mind is also an abstraction that encapsulates the interiority of our selves.</li>
<li style="text-align: justify; ">The second is an understanding of binaries and opposites. We are designed, as human beings (even though we attribute this to the digital machines) to think in binaries. Black-White, Good-Bad, Day-Night. This is the way in which our cultures have been built. We think of the positive and the negative and create a spectrum in between to understand our world. These binaries are often confused with being opposites. So we would say that the opposite of Black is white. Or that the opposite of Day is Night. However, in the study of Logics, we are taught that the binary is not the same as opposite. All the way back in history, Aristotle had already posited that it is a fallacy to mistake a binary for an opposite. So, for instance the binary opposition of ‘day’ might be ‘night’, but the logical opposite of ‘day’ is ‘non-day’. Or to make it simpler, the binary opposition of the colour ‘black’ is ‘white’. However, the logical opposite of ‘black’ is ‘non-black’ and hence every other colour that is not black, is its logical opposite. We go through this to realise that in the brain-mind mapping, the brain is the place. The mind is the non-brain, or the space. And then the non-space of the mind, is the brain all over again. Gibson does this recursive negation to remind us that the things that happen in cyberspace have direct consequences on meatspace. What happens in cyberspace directly affects the non-space of our bodies, our lived realities and experiences. </li>
</ul>
<h3>Cyberspace and Everyday Life</h3>
<p style="text-align: justify; ">It is important to begin with the definition that Gibson offered because it informs a lot of the debates that happened historically, around cyberspace and how we understand it. However, it also allows us to side-step these debates because they are not fruitful. They reinforce the idea that the internet and cyberspace are removed from our reality, that they are technological concerns rather than human, social and political concerns, and they insist that the internet and cyberspace are in opposition to being human. These ideas produce accounts of the internet and cyberspace which, for me, are fruitless. The leads from Gibson’s definition, instead, allow us to understand the internet and cyberspace as deeply implicated in our conditions of being human, being social and being political. They offer us a different way of rewriting the history of the Internet, not merely as a linear narrative of the technological advancements, but as a rich and complex account of how the internet and cyberspace have shaped and been shaped by the social, cultural and political milieu that they have emerged in.</p>
<p style="text-align: justify; ">And so, we approach the history of the internet in a different way. Instead of looking at the Internet as a technology, we deal with the Internet in its many forms, through cyberspace and our everyday engagement with it. Or, rather, we formulate the history of Internet & Society, thus trying to look at the ways in which the emergence of digital technologies – Internet and cyberspace – have led to questioning the ways in which understand our personal, social and political lives, and how, in-turn they have been changed through the various contexts that we live in.</p>
<h3 style="text-align: justify; ">Why do we need the history of the Internet?</h3>
<p style="text-align: justify; ">So here is the million dollar question. Why do we need to study the history of the Internet? And if we do, for what do we need to study the history of the internet? These are both important questions and this is where I am hoping we will be able to start a critical inquiry into our own engagement with the topic.</p>
<p style="text-align: justify; ">Let us begin by questioning the very structure of history writing. What does it mean to write the history of an particular object? If we were to write, let’s say, the history of a particular building. How far in time will we go? And in what minutiae shall we record it? Shall we begin by saying, how, once where the building stood, there was a tree. And on that trees, there were leaves. The first leaf fell. The second leaf fell. The third leaf fell. It could fill up pages documenting every leaf that fell, before we even come to the building. So we know that when we write the history of a particular object, person or phenomenon, there is a very clear notion of where the history began. But we also know that if, we had an interest in the ecological history of the building, we might have actually spent time looking at that tree and its falling leaves. Which means that what constitutes history also has to do with our intentions of writing it.</p>
<p style="text-align: justify; ">And then the last point about this brief capsule on history writing that I want to make, is that history of things does not mean that we focus only on the thing. If we were to look at the cultural significance of the building under question, for example, we would talk to the society that engages with it, the people who occupy it, and the ways in which it shapes the fabric of the space and time. So history is often a large canvas – it might keep one particular object in question, but it also weaves in the complex structure of processes and flows that surround that particular object of study.</p>
<p style="text-align: justify; ">There is a rich scholarship about the problems, structures and processes of history writing. But these three points are important for us to think through why we want to delve into the history of the internet. Where do we begin? What do we study? And why do we study what we study? The minute you put these questions out, you start realising that there can be no definitive history of the internet. There can definitely not be just one history of the internet. And that the history of the internet is as much about the world as it is about the technological, but the technological only becomes a lens or an entry point into unravelling the various questions that are a part of our personal and professional lives. So we are not looking at imparting the one authoritative history of the internet. Instead, I am proposing, for this module to introduce you to different ways of thinking about the history of the internet.</p>
<p>We are going to begin by looking at not the Internet – but cyberspace.</p>
<p>We are going to examine the intersections of cyberspace with three different objects and try and see how the debates at that intersection help us to define and entry point into the rich discourse around Internet & Society.</p>
<p><b>The body in cyberspace<br /></b></p>
<p style="text-align: justify; ">Perhaps one of the most interesting histories of the cyberspace has been its relationship with the body. Beginning with the meatspace-cyberspace divide that Gibson introduces, the question of our bodies’ relationship with the internet has been hugely contested. There have been some very polarized debates around this question. Where are we when we are online? Are we the person in the chair behind an interface? Are we the avatar in a social networking site interacting with somebody else? Are we a set of data running through the atmosphere? Are we us? Are we dogs? These are tantalising and teasing questions.</p>
<p style="text-align: justify; ">Early debates around the body-technology questions were polarized. There were people who offered that the cyberspace is a virtual space. What happens in that make-believe, performative space does not have any direct connections with who we are and how we live. They insisted that the cyberspace is essentially a performance space, and just like acting in a movie does not make us the character, all our interactions on the internet are also performances. The idea of a virtual body or a digital self were proposed, thinking of the digital as an extension of who we are – as a space that we occupy to perform different identities and then get on with our real lives.</p>
<p style="text-align: justify; ">Sherry Turkle, in her book <i>Life on the Screen</i>, was the first one to question this binary between the body and the digital self. Working closely with the first users of the online virtual reality worlds called Multiple User Dungeons, Turkle notes how being online started producing a different way of thinking about who we are and how we relate to the world around us. She indicates three different ways in which this re-thinking happens. The first, is at the level of language. She noticed how the users were beginning to think of their lives and their social relationships through the metaphors that they were using in the online world. So, for instance, people often thought of life through the metaphor of windows – being able to open multiple windows, performing multiple tasks and identities and ‘recycling’ them in their everyday life. Similarly, people saying that they are ‘low on bandwidth’ when they don’t have enough time and attention to devote to something, or thinking about the need to ‘upgrade’ our senses. We also are quite used to the idea that memory is something that resides on a chip and that computing is what machines do. These slippages in language, where we start attributing the machine characteristics to human beings are the first sign of understanding the human-technological relationship and history.</p>
<p style="text-align: justify; ">The second slippage is when the user start thinking of the avatars as human. We are quite used to, in our deep web lives, to think of machines as having agency. Our avatars act. Things that we do on the internet perform more actions than we have control of – a hashtag that we start on twitter gets used and responded to by others and takes on a life of its own. We live with sapient technologies – machines that care, artificial intelligence algorithms that customise search results for us, scripts and bots that protect us from malware and viruses. We haven’t attributed these kinds of human agencies to machines and technologies in the past. However, within the digital world, there is a complex network of actors, where all the actors are not always human. Bruno Latour, a philosopher of science and technology, posits in his ‘Actor Network Theory’ that the emergence of these non-human actors has helped us understand that we are not only dependent on machines and technologies for our everyday survival, but that many tasks that we had thought of as ‘human’ are actually performed, and performed better by these technologies. Hence, we have come to care for our machines and we also think of them as companions and have intimate relationships with them. And the machines, even as they make themselves invisible, start becoming more personal.</p>
<p style="text-align: justify; ">The third slippage that Turkle points out is the way in which the boundaries between the interior and the exterior were dissolved in the accounts of the users’ narratives of their digital adventures. There is a very simplistic understanding that what is human is inside us, it is sacred and organic and emotional. Earlier representational technology products like cinema, books, TV etc. have emphasised this distinction between real life and reel life. No actor is punished for the crime they commit in the narrative of a film. It is not very often that an author claims to be the character in a book. We have always had a very strong sense of distinction between the real person and the fictional person. But within the virtual reality worlds, these distinctions seem to dematerialize. The users not only thought of their avatars as human but also experienced the emotions, frustrations, excitement and joy that their characters were simulating for them. And what is more important, they claimed these experiences for themselves.</p>
<p style="text-align: justify; ">Namita Malhotra, who is a legal scholar and a visual artist, in her monograph on Pleasure, Porn and the Law, looks at the way in which we are in a process of data-stripping – constant revelation of our deepest darkest secrets and desires, within the user generated content rubric. Looking at the low-res, grainy videos on sites like YouTube and Vimeo, which have almost no narrative content and are often empty of sexual content, produce all of us in a global orgiastic setting, where our bodies are being extended beyond ourselves. In the monograph, Malhotra argues that the Internet is not merely an extension but almost like a third skin that we wear around ourselves – it is a wrapper, but it is tied, through ligaments and tendons, to the flesh and bone of our being, and often things that we do online, even when they are not sexual in nature, can become pornographic. Conversely, the physical connections that we have are now being made photographically and visually available in byte sized morsels, turned into a twitpic, available to be shared virally, and disseminated using mobile applications, thus making our bodies escape the biological containers that we occupy but also simultaneously marks our bodies through all these adventures that we have on the digital infobahn.</p>
<p style="text-align: justify; "><b>Case Study: A Rape in Cyberspace<br /></b>A contemporary of Sherry Turkle, Julian Dibbell, in his celebrated account of ‘A Rape in Cyberspace’<b> </b><a href="#fn8" name="fr8">[8] </a>describes a case-study that corroborates many of the observations that Turkle posits. Dibbell analyses a particular incident that occurred one night in a special kind of MUD – LambdaMOO (MUD, Object-Oriented) – which was run by the Xerox Research Corporations. A MUD, is a text-based virtual reality space of fluid dimensions and purposes, where users could create avatars of themselves in textual representations. Actions and interactions within the MUD are also in long running scripts of texts. Of course, technically all this means that a specially designed database gives users the vivid impression of their own presence and the impression of moving through physical spaces that actually exists as descriptive data on some remotely located servers.</p>
<p style="text-align: justify; ">When users log into LambdaMoo, the program presents them with a brief textual description of one of the rooms (the coat closet) in the fictional database mansion. If the user wants to navigate, s/he can enter a command to move in a particular direction and the database replaces the original description with new ones, corresponding to the room located in the direction s/he chose. When the new description scrolls across the user’s screen, it lists not only the fixed features of the room but all its contents at that moment – including things (tools, toys, weapons), as well as other avatars (each character over which s/he has sole control). For the database program that powers the MOO, all of these entities are simply subprograms or data structures which are allowed to interact according to rules very roughly mimicking the laws of the physical world.</p>
<p style="text-align: justify; ">Characters may leave the rooms in particular directions. If a character says or does something (as directed by its user), then the other users who are located in the same ‘geographical’ region within the MOO, see the output describing the utterance or action. As the different players create their own fantasy worlds, interacting and socialising, a steady script of text scrolls up a computer screen and narratives are produced. The avatars, as in Second Life or even on Social Networking Sites like Orkut, have the full freedom to define themselves, often declining the usual referents of gender, sexuality, and context to produce fantastical apparitions. It is in such an environment of free-floating fantasy and role-playing, of gaming and social interaction mediated by digital text-based avatars, that a ‘crime’ happened.</p>
<p style="text-align: justify; ">Dibell goes on to give an account of events that unfolded that night. In the social lounge of LambdaMoo, which is generally the most populated of all the different nooks, corners, dimensions and rooms that users might have created for themselves, there appeared an avatar called Dr. Bungle. Dr. Bungle had created a particular program called Vodoo Doll, which allowed the creator to control avatars which were not his own, attributing to them involuntary actions for all the other players to watch, while the targeted avatars themselves remained helpless and unable to resist any of these moves. This Dr. Bungle, through his evil Vodoo Doll, took hold of two avatars – legba and Starsinger and started controlling them. He further proceeded to forcefully engage them in sexually violent, abusive, perverted and reluctant actions upon these two avatars. As the users behind both the avatars sent a series of invective and a desperate plea for help, even as other users in the room (# 17) watched, the Vodoo Doll made them enter into sexually degrading and extremely violent set of activities without their consent. The peals of his laughter were silenced only when a player with higher powers came and evicted Dr. Bungle from the Room # 17. As an eye-witness of the crime and a further interpolator with the different users then present, Dibbell affirms that most of the users were convinced that a crime had happened in the Virtual World of the digital Mansion. That a ‘virtual rape’ happened and was traumatic to the two users was not questioned. However, what this particular incident brought back into focus was the question of space.</p>
<p>Dibbell suggests that what we had was a set of conflicting approaches to understand the particular phenomenon:</p>
<p style="text-align: justify; ">Where virtual reality and its conventions would have us believe that legba and Starsinger were brutally raped in their own living room, here was the victim legba scolding Mr. Bungle for a breach of *civility* … [R]eal life, on the other hand, insists the incident was only an episode in a free-form version of Dungeons and Dragons, confined to the realm of the symbolic and at no point threatening any players life, limb, or material well-being…’</p>
<p style="text-align: justify; ">The meaning and the understanding of this particular incident and the responses that it elicited, lie in the ‘buzzing, dissonant gap’ between the perceived and experienced notion of Technosocial Space. The discussions that were initiated within the community asked many questions: If a crime had happened, where had the crime happened? Was the crime recognised by law? Are we responsible for our actions performed through a digital character on the cyberspaces? Is it an assault if it is just role playing?</p>
<p style="text-align: justify; ">The lack of ‘whereness’ of the crime, or rather the placelessness of the crime made it especially more difficult to pin it to a particular body. The users who termed the event as rape had necessarily inverted the expected notion of digital space as predicated upon and imitative of physical space; they had in fact done the exact opposite and exposed digital spaces as not only ‘bleeding into reality’ but also a constitutive part of the physical spaces. Their Technosocial Space was not the space of the LambdaMoo Room # 17 but the physical locations (and thus the bodies, rather than the avatars) of the players involved. However, this blurring was not to make an easy resolution of complex metaphysical questions. This blurring was to demonstrate, more than ever, that the actions and pseudonymous performances or narratives which are produced in the digital world are not as dissociated from the ‘Real’ as we had always imagined. More importantly, the notional simulation of place or a reference to the physical place is not just a symbolic gesture but has material ramifications and practices. As Dibell notes in his lyrical style,</p>
<p style="text-align: justify; ">‘Months later, the woman in Seattle would confide to me that as she wrote those words posttraumatic tears were streaming down her face -- a real-life fact that should suffice to prove that the words’ emotional content was no mere playacting. The precise tenor of that content, however, its mingling of murderous rage and eyeball-rolling annoyance, was a curious amalgam that neither the RL nor the VL facts alone can quite account for.’</p>
<p style="text-align: justify; ">The eventual decision to ‘toad’ Dr. Bungle – to condemn him to a digital death (a death only as notional as his crime) and his reappearance as another character take up the rest of Dibbell’s argument. Dibbell is more interested in looking at how a civil society emerged, formed its own ways of governance and established the space of LamdaMOO as more than just an emotional experience or extension; as a legitimate place which is almost as much, if not more real, than the physical places that we occupy in our daily material practices. Dibbell’s moving account of the entire incident and the following events leading the final ‘death’ and ‘reincarnation’ has now been extrapolated to make some very significant and insightful theorisations of the notions of the body and its representations online.</p>
<p style="text-align: justify; "><i>Exercise: Based on this case-study, break into small groups to determine whether a rape happened on cyberspace and how we can understand the relationship of our online personas with our bodies. </i></p>
<p style="text-align: justify; "><b>Cyberspace and the State</b><br />The history of body and technology is one way of approaching the history of the internet. However, as we realise, that more than the management of identity or the projection of our interiority, it is a narrative about governance. How does the body get regulated on the internet? How does it become the structure through which communities, networks, societies and collective can be imagined? The actions and transactions between the internet and the body can also help us to look at the larger questions of state, governance and technology which are such an integral part of our everyday experience of the internet. Questions of privacy, security, piracy, sharing, access etc. are all part of the way in which our practices of cultural production and social interaction are regulated, by the different intermediaries of the internet, of which the State is one.</p>
<p style="text-align: justify; ">Asha Achuthan, in her landmark work Re:Wiring Bodies<a href="#fn9" name="fr9">[9]</a> that looks at the history of science and technology in India, shows that these are not new concerns. In fact, as early as the 1930s and 1940s, when the architects of India’s Independence movements were thinking about shaping what the country is going to look like in the future, they were already discussing these questions. It is more popularly known that Jawaharlal Nehru was looking to build a ‘scientific temperament’ for the country and hoping to build it through scientific institutions as well as infrastructure – he is famously credited to having said that ‘dams are the temples of modern science.’ Apart from Nehru’s vision of a modern India, there was a particular conversation between M.K. Gandhi and Rabindranath Tagore, that Achuthan analyses in great detail. Achuthan argues that the dialogue between Gandhi and Tagore is so couched in ideology, poetry and spirituality that we often forget that these were actually conversations about a technology – specifically, the charkha or the spinning wheel.</p>
<p style="text-align: justify; ">For both Gandhi and Tagore, the process of nation building was centred around this one particular charkha. The charkha was the mobile, portable, wearable device (much like our smart phones) that was supposed to provide spiritual salvation and modern resources to overcome the evils of both traditional and conservative values as well as unemployment and production. The difference in Gandhi and Tagore was not whether the charkha – as a metaphor of production and socio-economic organisation – should be at the centre of our discourse. The difference was that Gandhi thought that the usage of charka, complete immersion in the activity, and the devotion to it would help us weave a modern nation For Gandhi, the citizen was not somebody who used the charkha, but the citizen was somebody who becomes a citizen in the process of using the charkha. Tagore, meanwhile, was more concerned about whether we are building a people-centred nation or a technology-centred device. He was of the opinion that building a nation with the technology at its core, might lead to an apocalyptic future where the ‘danava yantra’ or demonic machine might take over and undermine the very human values and ideals that we are hoping to structure the nation through.</p>
<p style="text-align: justify; ">If you even cursorily look at this debate, you will realise that the way Gandhi was talking about the charkha is in resonance with how contemporary politicians talk about the powers of the internet and the way in which, through building IT Cities, through foreign investment, through building a new class of workers for the IT industry, and through different confluences of economic and global urbanisation, we are going to Imagine India<a href="#fn10" name="fr10">[10]</a> of the future. Similarly, the caution that Tagore had, of the charkha as superseding the human, finds its echoes in the sceptics who have been afraid that the human is being forgotten<a href="#fn11" name="fr11">[11]</a> in the e-governance systems that are being set up, which concentrate more on management of data and information rather than the rights and the welfare of people.</p>
<p style="text-align: justify; ">This historical continuity between technology and governance, also finds theorisation in Ashish Rajadhyaksha’s book The Cultural Last Mile<a href="#fn12" name="fr12">[12] </a>that looks at the critical turns in India’s governance and policy history and how the technological paradigm has been established. Rajadhyaksha opens up the State-technology-governance triad to more concrete examples and looks at how through the setting up of community science centres, the building of India’s space and nuclear programmes, and through on-the-ground inventions like radio and chicken-mesh wire-loops, we have tried to reinforce a broadcast based model of governance. Rajadhyaksha proposes that the earlier technologies of governance which were at our disposal, helped us think of the nation state through the metaphor of broadcast. So we had the State at the Centre, receiving and transmitting information, and in fact managing all our conversation and communication by being the central broadcasting agency. And hence, because the state was responsible for the message of the state reaching every single person, but also responsible that every single person can hypothetically communicate with every other single person, the last mile became important. The ability to reach that last person became important. And the history of technology and governance has been a history of innovations to breach that last mile and make the message reach without noise, without disturbance, and in as clean and effective a way as possible.</p>
<p style="text-align: justify; ">With the emergence of the digital governance set up, especially with the building of the Unique Identity Project,<a href="#fn13" name="fr13">[13]</a> we now have the first time when the government is not concerned about breaching the last mile. The p2p networks that are supposed to manage the different flows of information mean that the State is not a central addressee of our communication but one of the actors. It produces new managers – internet service providers, telecom infrastructure, individual hubs and connectors, traditional media agencies – that help us think of governance in a new way. Which is why, for instance, with the UID authorities, we are no longer concerned about the relay of state information from the centre to the subject. Hence, we have many anecdotal stories of people enrolling for the Aadhaar card without actually knowing what benefits it might accrue them. We also have stories coming in about how there are people with Aadhaar numbers which have flawed information but these are not concerns. Because for once, the last mile has to reach the Government. The State is a collector but there are also other registrars. And there is a new regime here, where the government is now going to become one of the actors in the field of governance and it is more interested in managing data and information rather than directly governing the people.</p>
<p style="text-align: justify; ">This historical turn is interesting, because it means that we are being subjected to different kinds of governance structures and institutions, without necessarily realising how to negotiate with them to protect us. One of the most obvious examples, is the Terms of Services<a href="#fn14" name="fr14">[14]</a> that we almost blindly sign off when using online platforms and services and what happens when they violate rights that we think are constitutionally given. What happens when Facebook removes some content from your profile without your permission because it thinks that it is problematic? Who do you complain to? Are your rights as a user or a citizen? Which jurisdiction will it fall under? Conversely, what happens when you live in a country that does not grant you certain freedoms (of speech and expression, for instance) and you commit an infraction using a social media platform. What happens when your private utterances on your social networks make you vulnerable<a href="#fn15" name="fr15">[15]</a> to persecution and prosecution in your country?</p>
<p style="text-align: justify; ">These are all questions of the human, the technological, and the governmental which have been discussed differently and severally historically, in India and also at the global level. Asking these questions, unpacking the historical concerns and how they have leap-frogged in the contemporary governmental debates is important because it helps us realise that the focus of what is at stake, what it means to be human, what we recognise as fair, just and equal are also changing in the process. Instead of thinking of e-governance as just a digitization of state resources, we have to realise that there is a certain primacy that the technologies have had in the state’s formation and manifestation, and that the digital is reshaping these formulations in new and exciting, and sometimes, precarious ways.</p>
<p style="text-align: justify; "><b>Cyberspace and Criminality<br /></b>The history of the internet in India, but also around the world, is bookended between pornography and terrorism. While there has been an incredible promise of equity, equality, fairness, and representation of alternative voices on the internet, there is no doubt that what the internet has essentially done is turn us all into criminals – pornographers, pirates, terrorists, hackers, lurkers… If you have been online, let us just take for granted that you have broken some law or the other, no matter how safe you have been online, and where you live. The ways in which the internet has facilitated peer-2-peer connections and the one-one access means that almost everything that was governed in the public has suddenly exploded in one large grey zone of illegality.</p>
<p style="text-align: justify; ">Ravi Sundaram calls this grey zone of illegal or semi-legal practices the new ‘cyberpublics’. For Sundaram, the new public sphere created by the internet is not only in the gentrified, middle-class, educated people who have access to the cyberspaces and are using social media and user generated content sites to bring about active social and political change. More often than not, the real interesting users of the internet are hidden. They access the internet from cybercafés, in shared names. They have limited access to the web through apps and services on their pirated phones. They share music, watch porn, gamble, engage in illicit and surreptitious social and sexual engagements and they are able to do this by circumventing the authority and the gaze of the law.</p>
<p style="text-align: justify; ">On the other side are the more tech savvy individuals who create alternative currencies like Bitcoin, trade for weapons, drugs and sex on SilkRoute, form guerrilla resistance groups like Anonymous, and create viruses and malware that can take over the world. These cyberpublics are not just digital in nature. They erupt regularly in the form of pirate bazaars, data swaps, and the promiscuous USB drive that moves around the machines, capturing information and passing it on further. These criminalities are often the defining point of internet policy and politics – they serve as the subjects that need to be governed, as well as the danger that lurks in the digital ether, from which we need to be protected. For Sundaram, the real contours and borders of the digital world are to be tested in an examination of these figures. Because, as Lawrence Liang suggests, the normative has already been assimilated in the system. The normative or the good subject is no longer a threat and has developed an ethical compass of what is desirable and not. However, this ethical subject also engages in illicit activities, while still producing itself as a good person. This contradiction makes for interesting stories.</p>
<p style="text-align: justify; "><b>DPS MMS: Case Study<br /></b>One of the most fascinating cases of criminality that captured both public and legal attention was the notoriously cases where the ideas of Access were complicated in the Indian context, was the legal and public furore over the distribution of an MMS (Multi-Media Message) video that captured two underage young adults in a sexual act. The clip, which was dubbed in popular media as ‘DPS Dhamaka’ became viral on the internet. The video clip was listed on an auction (peer-2-peer) website as an e-book and as ‘Item 27877408 – DPS Girl having fun!!! Full video + Bazee points’ for Rs. 125. This visibility of the clip on the auction site Bazee.com, brought it to the eyes of the State where its earlier circulation through private circuits and P2P networks had gone unnoticed. Indeed, the newspapers and TV channels had created frenzy around it, this video clip would have gone unnoticed. However, the attention that Bazee.com drew led to legal intervention.</p>
<p style="text-align: justify; ">Following the visibility of the video clip, there was an attempt to find somebody responsible for the crime and be held liable for the ‘crime’ that had happened. Originally, Ravi Raj, a student at IIT Kharagpur, who had put up the clip on Bazee was arrested for possessing and selling pornography. He was arrested and kept in police custody for at least three days and so was the male student who made the clip. They were both made to go through proceedings in juvenile court (though he was the last to be arrested). Both the students in the video were suspended from school after the incident. Eventually, the most high profile arrest and follow up from the DPS MMS incident was the arrest of the CEO of Bazee.com – Avnish Bajaj. However, Bajaj was released soon because as the host of the platform and not its content, he had no liability.</p>
<p style="text-align: justify; ">This is the beginning of a series of slippages where a punishable body in the face of public outcry had to be identified. We witnessed a witch-hunt that sought to hold the boy who made the video clip responsible, the student of IIT who attempted to circulate the clip and eventually the CEO of Bazee. The string of failed prosecutions seems to indicate that the pornographer-as-a-person was slipping through the cracks of the legal system. As Namita Malhotra argues, it is not the pornographic object which is ‘eluding the grasp of the court’ but that it seems to be an inescapable condition of the age of the internet - that the all transactions are the same transactions, and all users are pornographers.</p>
<p style="text-align: justify; ">We can see in the case that the earlier positions that were easily criminalised when it came to objects in mass media – producer, consumer, distributor of obscenity, were vacated rapidly in the DPS MMS case. We have a case where the bodies, when looked at through simplified ideas of Access, could not be regulated. The girl in the clip could not be punished because she was the victim in the case that could be read as statutory rape. In the case of the boy, a stranger argument was posed – ‘that in our fast urbanising societies where parents don’t have time for children, they buy off their love by giving them gadgets – which makes possible certain kinds of technological conditions...thus the blame if it is on the boy, is on the larger society’ (Malhotra, 2011).</p>
<p style="text-align: justify; ">Eventually, the court held that the description of the object and the context of its presence indicates that the said obscene object is just a click away and such a ‘listing which informed the potential buyer that such a video clip that is pornographic can be procured for a price’. There is a suggestion that there was nobody in particular that could be fixed with the blame. What was at blame was access to technology and conditions of technology within which the different actors in this case were embedded. Malhotra points out that in earlier cases around pornography, judgements have held pornography responsible for itself.</p>
<p style="text-align: justify; ">In the case of the DPS MMS, it seemed that technology – especially access to technology by unsupervised persons – has taken that role. The eventual directive that came out of this case was a blanket warning issued to the public that ‘anyone found in possession of the clip would be fined and prosecuted’. It is as if the attention of the court was on the ways in which the video clip was produced, circulated and disseminated, rather than the content. There was an anxiety around peoples’ unsupervised access to digital technologies, the networks that facilitated access to content without the permission of the state, and modes of circulation and dissemination that generated high access to audiences which cannot be controlled or regulated.</p>
<p style="text-align: justify; ">The State’s interest in this case, is not in the sexual content of the material but in the way it sidesteps the State’s authorial positions and produces mutable, transmittable, and transferable products as well as conditions of access. Such a focus on practices and behaviours around the obscene object, rather than the content itself, seems not to disrupt the law’s neat sidestepping of the force of the image itself. These different tropes of access to technology informed the State’ attempt at control and containment of technosocial practices in the country, giving rise to imaginations of the User as being in conditions of technology which make him/her a potential criminal. This idea of access as transgression or overriding the legal regulatory framework does not get accounted for in the larger technology discourse. However, it does shape and inform the Information Technology regulations which are made manifest in the IT Act. The DPS MMS case complicated the notion of access and posited a potentially criminal technosocial subject who, because of access to the digital, will be able to consume information and images beyond the sanction of the law.</p>
<p style="text-align: justify; ">The DPS MMS case shows how the ways in which public discourse can accuse, blame and literally hang technology seems to diverge from how the court attempts to pin down an offence or crime and prosecute by constructing a technosocial subject as the pervert, while also accusing pornography as a phenomenon. The court is unable to hold technology to blame but the accused is technology-at-large and modernity, which subsumes practices around technology and separates out the good and ethical ways in which a citizen should access and use technologies to rise from the potentially criminal conditions of technology within which their Technosocial identity is formed.</p>
<h2 style="text-align: justify; ">Summary</h2>
<p style="text-align: justify; ">We started by making a distinction between Internet and Cyberspace to see how the two are separate objects of focus and have a relationship that needs to be examined in greater detail. It was argued that while the Internet – in material, infrastructural and technological forms – is important to understand the different policies and politics at the local, regional and global level, it has an account that is easier to follow. Cyberspace, on the other hand, because it deals with human interactions and experiences, allows for a more complex set of approaches into understanding our engagement with the digital domain. We began with the original definitions and imaginations of cyberspace and the ways in which it founded and resolved debates about the real-virtual, the physical-digital, and the brain-mind divides which have been historically part of the cybercultures discourse.</p>
<p style="text-align: justify; ">It was proposed, hence, that instead of looking at the history of the Internet, we will look at the history of cyberspace, and see if we can move away from a straight forward historical narrative of the Internet which focuses largely on the institutions, numbers, names and technological advances. The ambition was not to just produce a similar history of cyberspace but think of conceptual frameworks through which cyberspace can be studied. The proposition was that instead of just looking at history as a neutral and objective account of events and facts, we can examine how and why we need to create histories. Also, that it is fruitful to look at the aspirations and ambitions we have in creating historical narratives.</p>
<p style="text-align: justify; ">It was then suggested that instead of trying to create a definitive history, or even a personal history of the internet, it might be more fruitful to look at the intersections that cyberspace has with different questions and concerns that have historically defined the relationship between technologies and society. 3 different conceptual frameworks were introduced as methods or modes by which this historical mode of inquiry can be initiated.</p>
<p style="text-align: justify; ">The first framework examined how we can understand the boundaries and contours of the internet and cyberspace by looking at its relationship with our bodies. The ways in which we understand our bodies, the mediation by technologies, and the extensions and simulations that we live with, help us to understand the human-technology relationship in more nuanced fashions. Looking at the case-study of a rape that happened in cyberspace, we mapped out the different ways in which we can think of a technosocial relationship.</p>
<p style="text-align: justify; ">The second framework drew from historical debates around technology and governance to see how the current concerns of e-governance and digital subjectivity are informed by older debates about technology and nation building. Looking at the dialogues between Gandhi and Tagore, and then the imagination of a nation through the broadcast technologies, we further saw how the new modes of networked governance are creating new actors, new conditions and new contexts within which to locate and operate technologies.</p>
<p style="text-align: justify; ">The third framework showed how the technological is not merely at the service of the human. In fact, the presence of the technological creates new identities and modes of governance that create potential criminals of all of us. Through the case-study of the DPS MMS, and in an attempt to look at the grey zone of illegal cyberpublics, we saw how at new technosocial identities are created at the intersection of law, technology, governance and everyday practices of the web. The fact that the very condition of technology access can create us as potential criminals, in need to be governed and regulated, reflects in the development of internet policy and governance.</p>
<p style="text-align: justify; ">It was the intention of this module to complicate three sets of presumptions and common knowledge that exist in the discourse around Internet and Cyberspace. The first was to move away from thinking of the Internet merely as infrastructure and networks. The second was to suggest that entering the debates around human-technology everyday relationships would offer more interesting ways of looking at accounts of the technological. The third was to propose that the history of the internet does not begin only with the digital, but it needs larger geographical and techno-science contexts in order to understand how the contemporary landscape of internet policy and governance is shaped.</p>
<p style="text-align: justify; ">The module was not designed to give a comprehensive history and account of the internet. Instead, it built a methodological and conceptual framework that would allow us to examine the ways in which we approach Internet and Society questions – in the process, it would also help us reflect on our own engagement, intentions and expectations from the Internet and how we create the different narratives and accounts for it.</p>
<ol> </ol>
<hr />
<p style="text-align: justify; ">[<a href="#fr1" name="fn1">1</a>]. http://en.wikipedia.org/wiki/History_of_the_Internet</p>
<p style="text-align: justify; ">[<a href="#fr2" name="fn2">2</a>]. http:\www.sigcomm.org\sites\default\files\ccr\papers\2009\October\1629607-1629613.pdf</p>
<p style="text-align: justify; ">[<a href="#fr3" name="fn3">3</a>]. http://www.walthowe.com/navnet/history.html</p>
<p style="text-align: justify; ">[<a href="#fr4" name="fn4">4</a>]. http:\www.internetsociety.org\internet\what-internet\history-internet\brief-history-internet</p>
<p style="text-align: justify; ">[<a href="#fr5" name="fn5">5</a>]. http://en.wikibooks.org/wiki/Governing_the_Internet/Introduction_to_Internet_Governance</p>
<p style="text-align: justify; ">[<a href="#fr6" name="fn6">6</a>]. Recommended reading: Internet Governance: Infrastructure and Institutions eds. Lee Bygrave and Jon Bing http://www.amazon.com/Internet-Governance-Infrastructure-Institutions-Bygrave/dp/0199561133</p>
<p style="text-align: justify; ">[<a href="#fr7" name="fn7">7</a>]. Recommended watching material to look at some of these questions: 1. The final flight of the Osiris -http://www.youtube.com/watch?v=ueiBYxI6Eqg 2. The Second Renaissance - part 1 - http://www.gametrailers.com/videos/n5vpzw/the-second-renaissance-part-i 3. The Second Ranaissance - part 2 - http://www.gametrailers.com/videos/va807i/animatrix-second-renaissance-part2</p>
<p style="text-align: justify; ">[<a href="#fr8" name="fn8">8</a>]. http://www.juliandibbell.com/articles/a-rape-in-cyberspace/</p>
<p style="text-align: justify; ">[<a href="#fr9" name="fn9">9</a>]. http://cis-india.org/raw/rewiringdoc/view</p>
<p style="text-align: justify; ">[<a href="#fr10" name="fn10">10</a>]. http://www.amazon.com/Imagining-India-Idea-Renewed-Nation/dp/0143116673</p>
<p style="text-align: justify; ">[<a href="#fr11" name="fn11">11</a>]. http://www.jstor.org/stable/10.1086/670950</p>
<p style="text-align: justify; ">[<a href="#fr12" name="fn12">12</a>]. http://cis-india.org/raw/histories-of-the-internet/last-cultural-mile.pdf</p>
<p style="text-align: justify; ">[<a href="#fr13" name="fn13">13</a>]. http://eprints.cscsarchive.org/532/</p>
<p style="text-align: justify; ">[<a href="#fr14" name="fn14">14</a>]. http://tosdr.org/</p>
<p style="text-align: justify; ">[<a href="#fr15" name="fn15">15</a>]. http://www.amazon.com/The-Googlization-Everything-Should-Worry/dp/0520258827</p>
<p>
For more details visit <a href='http://editors.cis-india.org/telecom/knowledge-repository-on-internet-access/history-of-internet-building-conceptual-frameworks'>http://editors.cis-india.org/telecom/knowledge-repository-on-internet-access/history-of-internet-building-conceptual-frameworks</a>
</p>
No publishernishantInternet Access2014-01-08T07:56:16ZPageThe Legal Validity of Internet Bans: Part II
http://editors.cis-india.org/internet-governance/blog/the-legal-validity-of-internet-bans-part-ii
<b>In recent months, there has been a spree of bans on access to Internet services in Indian states, for different reasons. The State governments have relied on Section 144, Code of Criminal Procedure 1973 to institute such bans. Despite a legal challenge, the Gujarat High Court found no infirmity in this exercise of power in a recent order. We argue that it is Section 69A of the Information Technology Act 2000, and the Website Blocking Rules, which set out the legal provision and procedure empowering the State to block access to the Internet (if at all it is necessary), and not Section 144, CrPC.</b>
<p style="text-align: justify; "><span>As we saw earlier, the Gujarat High Court held that Section 144, CrPC empowers the State apparatus to order blocking of access to data services. According to the Court, Section 69A, IT Act can be used to block certain websites, while under Section 144, CrPC, the District Magistrate can direct telecom companies like Vodafone and Airtel, who</span><i> </i><span>extend the facility of Internet access. In effect, the High Court agreed with the State government’s argument that the scope of Section 69A, IT Act covers only blocking of </span><i>certain </i><span>websites, while Section 144, CrPC grants a wider power.</span></p>
<p style="text-align: justify; ">This is what the Court said (para 9 of the <a href="http://indiankanoon.org/doc/29352399/">order</a>):</p>
<p style="text-align: justify; ">“<i>If the comparison of both the sections in the field of operations is made, barring certain minor overlapping more particularly for public order </i>[sic]<i>, one can say that the area of operation of Section 69A is not the same as that of Section 144 of the Code. <span>Section 69A may in a given case also be exercised for blocking certain websites</span>, whereas under <span>Section 144 of the Code, directions may be issued to certain persons who may be the source for extending the facility of internet access</span>. Under the circumstances, we do not find that the contention raised on behalf of the petitioner that the resort to only Section 69A was available and exercise of power under Section 144 of the Code was unavailable, can be accepted.</i>” (emphases ours)</p>
<p style="text-align: justify; ">We submit that the High Court’s reasoning failed to examine the scope of Section 69A, IT Act thoroughly. Section 69A does, in fact, empower the government to order blocking of access to data services, and it is a special law. Importantly, it sets forth a procedure that State governments, union territories and the Central Governments must follow to order blocks on websites or data services.</p>
<h3 style="text-align: justify; ">I. Special Law Prevails Over General Law</h3>
<p style="text-align: justify; ">The IT Act, 2000 is a special law dealing with matters relating to the Internet, including offences and security measures. The CrPC is a general law of criminal procedure.</p>
<p style="text-align: justify; ">When a special law and a general law cover the same subject, then the special law supersedes the general law. This is a settled legal principle. Several decisions of the Supreme Court attest to this fact. To take an example, in <a href="http://www.asianlii.org/in/cases/cen/INSC/2010/526.html"><i>Maya Mathew </i>v. <i>State of Kerala</i></a>, (2010) 3 SCR 16 (18 February 2010), when there was a contention between the Special Rules for Kerala State Homoeopathy Services and the general Rules governing state and subordinate services. The Supreme Court held that when a special law and a general law both govern a matter, the Court should try to interpret them harmoniously as far as possible. But if the intention of the legislature is that one law should prevail over another, and this intention is made clear expressly or impliedly, then the Court should give effect to this intention.</p>
<p style="text-align: justify; ">On the basis of this principle, let’s take a look at the IT Act, 2000. <a href="http://cybercrime.planetindia.net/ch13_2008.htm">Section 81, IT Act</a> expressly states that the provisions of the IT Act shall have overriding effect, notwithstanding anything inconsistent with any other law in force. Moreover, in the <a href="http://cybercrime.planetindia.net/statement-objects-foritaa-2006.htm">Statement of Objects and Reasons</a> of the IT (Amendment) Bill, 2006, the legislature clearly notes that amendments inserting offences and security measures into the IT Act are necessary given the proliferation of the Internet and e-transactions, and the rising number of offences. These indicate expressly the legislature’s intention for the IT Act to prevail over general laws like the CrPC in matters relating to the Internet.</p>
<p style="text-align: justify; ">Now, we will examine whether the IT Act empowers the Central and State governments to carry out complete blocks on access to the Internet or data services, in the event of emergencies. If the IT Act does cover such a situation, then the CrPC should not be used to block data services. Instead, the IT Act and its Rules should be invoked.</p>
<h3 style="text-align: justify; "><strong>II. Section 69A, IT Act Allows Blocks on Internet Access</strong></h3>
<p style="text-align: justify; ">Section 69A(1), IT Act says:</p>
<p style="text-align: justify; ">“Where the Central Government or any of its officer specially authorised by it in this behalf is satisfied that it is necessary or expedient so to do, in the interest of sovereignty and integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above, it may subject to the provisions of sub-section (2) for reasons to be recorded in writing, by order, direct any agency of the Government or intermediary to block for <span>access</span> by the public or cause to be blocked for access by the public any<span> information </span>generated, transmitted, received, stored or hosted in any <span>computer resource</span>.” (<i>emphasis ours</i>)</p>
<p style="text-align: justify; ">Essentially, Section 69A says that the government can block (or cause to be blocked) for access by the public, any information<i> </i>generated, transmitted, etc. in any computer resource, if the government is satisfied that such a measure is in the interests of public order.</p>
<p style="text-align: justify; "><span>Does this section allow the government to institute bans on Internet access in Gujarat? To determine this, we will examine each underlined term from above.</span></p>
<p style="padding-left: 90px; text-align: justify; "><strong><i>Access</i></strong>: <a href="http://indiankanoon.org/doc/1890726/">Section 2(1)(a)</a>, IT Act defines access as “...<i><span>gaining entry into</span></i>, instructing or communicating with… resources of a <i><span>computer</span></i>, <i><span>computer system</span></i> or <i><span>computer network</span></i>”.</p>
<p style="padding-left: 90px; text-align: justify; "><strong><i>Computer resource</i></strong>: <a href="http://indiankanoon.org/doc/1768009/">Section 2(1)(k)</a>, IT Act defines computer resource as “computer, computer system, computer network...”</p>
<p style="padding-left: 90px; text-align: justify; "><strong><i>Information</i></strong>: <a href="http://indiankanoon.org/doc/146402352/">Section 2(1)(v)</a>, IT Act defines information as “includes… data, message, text, images, sound, voice...”</p>
<p style="text-align: justify; ">So ‘blocking for access’ under Section 69A includes preventing gaining entry or communicating with the resources of a computer, computer system or computer network, and it includes blocking communication of data, message, text, images, sound, etc. Now two questions arise:</p>
<p style="text-align: justify; ">(1) Do 2G and 3G services, broadband and Wifi fall within the definition of ‘computer network’?</p>
<p style="padding-left: 90px; text-align: justify; "><strong><i>Computer network</i></strong>: <a href="http://indiankanoon.org/doc/29924/">Section 2(1)(j)</a>, IT Act defines computer network as “inter-connection of one or more computers or computer systems <i><span>or communication device</span></i>…” by “...use of satellite, microwave, <i><span>terrestrial line, wire, wireless or other communication media</span></i>”.</p>
<p style="text-align: justify; ">(2) Do mobile phones that can connect to the Internet (we say smartphones for simplicity) qualify as fall within the definition of ‘computer resource’?</p>
<p style="padding-left: 90px; text-align: justify; "><strong><i>Communication device</i></strong><span>: </span><a href="http://indiankanoon.org/doc/59759075/">Section 2(1)(ha)</a><span>, IT Act defines communication device as “</span><i>cell phones</i><span>, personal digital assistance or combination of both or any other device </span><i>used to communicate, send or transmit any text, video, audio or image</i><span>”.</span></p>
<p style="text-align: justify; ">So a cell phone is a communication device. A computer network is an inter-connection of communication devices by wire or wireless connections. A computer network is a computer resource also. Blocking of access under Section 69A, IT Act includes, therefore, gaining entry into or communicating with the resources of a computer network, which is an interconnection of communication devices, including smartphones. Add to this, the fact that <i>any information</i> (data, message, text, images, sound, voice) can be blocked, and the conclusion seems clear.</p>
<p style="text-align: justify; "><span>The power to block access to Internet services (including data services) can be found within Section 69A, IT Act itself, the special law enacted to cover matters relating to the Internet. Not only this, the IT Act envisages emergency situations when blocking powers may need to be invoked.</span></p>
<h3 style="text-align: justify; ">III. Section 69A Permits Blocking in Emergency Situations</h3>
<p style="text-align: justify; ">Section 69A, IT Act doesn’t act in isolation. The Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009 (“<strong>Blocking Rules</strong>”) operate together with Section 69A(1).</p>
<p style="text-align: justify; ">Rule 9 of the Blocking Rules deals with blocking of information in cases of emergency. It says that in cases of emergency, when “<i>no delay is acceptable</i>”, the Designated Officer (DO) shall examine the request for blocking. If it is within the scope of Section 69A(1) (i.e., within the grounds of public order, etc.), then the DO can submit the request to the Secretary, Department of Electronics and Information Technology (DeitY). If the Secretary is satisfied of the need to block during the emergency, then he may issue a reasoned order for blocking, in writing as an interim measure. The intermediaries do not need to be heard in such a situation.</p>
<p style="text-align: justify; ">After a blocking order is issued during an urgent situation, the DO must bring the blocking request to the Committee for Examination of Request constituted under Rule 7, Blocking Rules. There is also a review process, by a Review Committee that meets every two months to evaluate whether blocking directions are in compliance with Section 69A(1) [Rule 14].</p>
<p style="text-align: justify; ">We submit, therefore, that the Gujarat High Court erred in holding that Section 144, CrPC is the correct legal provision to enable Internet bans. Not only does Section 69A, IT Act cover blocking of access to Internet services, but it also envisages blocking in emergency situations. As a special law for matters surrounding the Internet, Section 69A should prevail over the general law provision of Section 144, CrPC.</p>
<p style="text-align: justify; "> </p>
<p style="text-align: justify; "><strong>Acknowledgements</strong><span style="text-align: justify; ">: We would like to thank Pranesh Prakash, Japreet Grewal, Sahana Manjesh and Sindhu Manjesh for their invaluable inputs in clarifying arguments and niggling details for these two posts.</span></p>
<hr size="1" style="text-align: justify; " width="33%" />
<p style="text-align: justify; ">Geetha Hariharan is a Programme Officer with Centre for Internet & Society. Padmini Baruah is in her final year of law at the National Law School of India University, Bangalore (NLSIU) and is an intern at CIS.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/the-legal-validity-of-internet-bans-part-ii'>http://editors.cis-india.org/internet-governance/blog/the-legal-validity-of-internet-bans-part-ii</a>
</p>
No publisherGeetha Hariharan and Padmini BaruahSocial MediaFreedom of Speech and ExpressionInternet Access69ASection 144Article 19(1)(a)Blocking2015-10-08T11:17:24ZBlog EntryReply to RTI filed with BSNL regarding Network Neutrality and Throttling
http://editors.cis-india.org/internet-governance/blog/reply-to-rti-filed-with-bsnl-regarding-network-neutrality-and-throttling
<b>As part of its work on Network Neutrality, the Centre for Internet and Society through Tarun Krishnakumar had filed a Right To Information (RTI) application with Bharat Sanchar Nigam Ltd. (BSNL), a state-owned teleco holding a market share of 65 per cent in the Indian land line and broadband markets — regarding its position on and adherence to Network Neutrality principles.
</b>
<p style="text-align: justify; ">The application — targeted at easing the information asymmetry between internet service providers (ISPs) and consumers — elicited responses that provide interesting insights into the functioning of ISPs in India.</p>
<p>The application queried BSNL about its:</p>
<ul>
<li>Adherence to net neutrality / non-discrimination principles</li>
<li>Throttling on the basis of content</li>
<li>Throttling on the basis of protocol</li>
<li>Limiting traffic / speeds for pornographic websites</li>
<li>Limiting traffic / speeds for P2P / torrent connection</li>
</ul>
<ul>
</ul>
<p style="text-align: justify; ">In its reply, BSNL denied all forms of throttling on the basis of content and reaffirmed that it is bound by the terms of its ISP license granted by the Department of Telecommunications. The application and response are below:</p>
<p> </p>
<h3 style="text-align: center; "><a name="application"></a><b><span>Application</span>:</b></h3>
<p align="center" style="text-align: center; "><b><span>Request for Information under the Right to Information Act, 2005</span></b></p>
<p>To,</p>
<p>Sh. Suresh Kumar<br />Addl.GM (MIS) & CPIO ,BSNL Co.<br />R. No. -29, IR Hall<br />Eastern Court, Janpath<br />New Delhi – 110001</p>
<p><b>Date of application</b>: 08-10-2014</p>
<p align="center" style="text-align: center; "><span style="text-decoration: underline;"><b>Subject: Network Neutrality / Throttling / Data discrimination policies of BSNL</b></span></p>
<p style="text-align: justify; ">Please provide information as to the policies of BSNL / decisions taken in respect of the following questions. Please supply where possible a copy of the relevant documents, minutes of meeting, position papers etc.</p>
<ol>
<li>Does BSNL support the principle of net neutrality and non-discrimination of data?</li>
<li>Does BSNL regulate internet traffic flows depending on the type of content being accessed by the user on its broadband connections?</li>
<li>Does BSNL regulate internet traffic flows depending on the type of protocol being used by the user on its broadband connections?</li>
<li>Please provide details of the various types of content/protocols for which BSNL regulates traffic and the nature of such regulations, restrictions as the case may be.</li>
<li>Please provide a list of traffic for which BSNL engages in limiting internet speed or throttling.</li>
<li>Does BSNL limit internet traffic or upload/download speeds for pornographic websites and content?</li>
<li>Does BSNL limit internet traffic or upload/download speeds for Peer-to-peer or torrent connections?</li>
</ol>
<p>Please provide copies of all documents that pertain to BSNL’s policies and decisions in this regard.</p>
<p style="text-align: justify; ">It is certified that I am a citizen of India and that I do not fall within the BPL category. I am enclosing Rupees thirty (Rs. 30) towards the application fee and photocopying costs under the RTI Act for the information and documents requested. Kindly inform me at the address stated below if any further fees are required to be paid.</p>
<p><b>Applicant</b>:</p>
<p>Tarun Krishnakumar<br />Centre for Internet and Society<br />No.194, 2nd C Cross Road, Domlur II Stage,<br />Bangalore - 560071</p>
<p> </p>
<h3 style="text-align: center; "><span>RESPONSE FROM BSNL:</span></h3>
<div style="text-align: center; "><span><br /></span></div>
<p>To,</p>
<p>Sh. Tarun Krishnakumar<br />Centre for Internet and Society<br />No. 194, 2<sup>nd</sup> C Cross Road, Domulur II stage,<br />Bengaluru – 560071</p>
<p><span style="text-decoration: underline;">Subject: Supply of Information under RTI ACT – 2005</span></p>
<p>Case of Shri. Tarun Krishnakumar – reg.</p>
<p>Ref: - 1. No. BSNL/BBNW/RTI Act/Vol II/2012-13/52 dtd 28.10.2014</p>
<p>2. No. 23-744/14-RTI dtd 21.10.2014</p>
<p>With reference to the above subject, for the point wise information furnished as below:</p>
<ol>
<li>BSNL is following the guidelines as per the ISP License Agreement of DOT.</li>
<li>NO, BSNL is NOT regulating the Internet traffic flow based on content.</li>
<li>NO, BSNL is not regulating the Internet traffic flow based on the type of protocol.</li>
<li>Not Applicable</li>
<li>Not Applicable</li>
<li>NO</li>
<li>NO</li>
<li>The documents relating to above are available on DOT’s website http://dot.gov.in</li>
</ol>
<p>(Sd/-)</p>
<p>DE Admin and APIO<br />O/o General Manager<br />BBNW, BSNL,<br />5<sup>th</sup> floor, BG (E), TE Building,<br />Lazar Road, Fraser Town,<br />Bengaluru – 560005<br />Tel No. 080 - 25808878</p>
<p>Copy to:</p>
<ol>
<li>The Addl. GM (A) & CPIP O/o CGM, BBNW, New Delhi for information pl.</li>
</ol>
<p>The scanned version of the reply is available <a class="external-link" href="https://www.scribd.com/doc/250739602/BSNL-Reply-on-Net-Neutrality">here</a>.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/reply-to-rti-filed-with-bsnl-regarding-network-neutrality-and-throttling'>http://editors.cis-india.org/internet-governance/blog/reply-to-rti-filed-with-bsnl-regarding-network-neutrality-and-throttling</a>
</p>
No publishertarunInternet AccessNet NeutralityInternet GovernanceInformation Technology2014-12-22T14:45:03ZBlog EntryThe Legal Validity of Internet Bans: Part I
http://editors.cis-india.org/internet-governance/blog/the-legal-validity-of-bans-on-internet-part-i
<b>In recent months, there has been a spree of bans on access to Internet services in Indian states, for different reasons. The State governments have relied on Section 144, Code of Criminal Procedure 1973 to institute such bans. Despite a legal challenge, the Gujarat High Court found no infirmity in this exercise of power in a recent order. We argue that it is Section 69A of the Information Technology Act 2000, and the Website Blocking Rules, which set out the legal provision and procedure empowering the State to block access to the Internet (if at all it is necessary), and not Section 144, CrPC.</b>
<p> </p>
<p> </p>
<p dir="ltr" style="text-align: justify; "><span>In recent months, there has been a spree of bans on access to Internet services in India states, for different reasons. In Gujarat, the State government banned access to mobile Internet (data services) citing breach of peace during the </span><a href="http://www.ibtimes.co.in/gujarat-rioting-reported-several-parts-ahmedabad-patel-rally-event-turns-violent-644192">Hardik Patel agitation</a><span>. In Godhra in Gujarat, mobile Internet was banned as a precautionary measure </span><a href="http://indianexpress.com/article/india/gujarat/gujarat-internet-services-in-godhra-suspended-for-24-hours/">during Ganesh <i>visarjan</i></a><span>. In Kashmir, mobile Internet was banned for three days or more because the government feared that people would share pictures of </span><a href="http://indianexpress.com/article/india/india-news-india/jk-govt-plans-three-day-mobile-internet-ban-in-valley/">slaughter of animals during Eid</a><span> on social media, which would spark unrest across the state.</span></p>
<p style="text-align: justify; ">Can State or Central governments impose a ban on Internet access? If the State or its officials anticipate disorder or a disturbance of ‘public tranquility’, can Internet access through mobiles be banned? According to a <a href="http://indiankanoon.org/doc/29352399/">recent order of the Gujarat High Court</a>: Yes; <a href="http://indiankanoon.org/doc/930621/">Section 144 of the Code of Criminal Procedure, 1973</a> (<strong>“CrPC”</strong>) empowers the State government machinery to impose a temporary ban.</p>
<p style="text-align: justify; ">But the Gujarat High Court’s order neglects the scope of Section 69A, IT Act, and wrongly finds that the State government can exercise blocking powers under Section 144, CrPC. In this post and the next, we argue that it is <a href="http://indiankanoon.org/doc/10190353/">Section 69A of the Information Technology Act, 2000</a> (“<strong>IT Act</strong>”) which is the legal provision empowering the State to block access to the Internet (including data services), and not Section 144, CrPC. Section 69A covers blocks to Internet access, and since it is a special law dealing with the Internet, it prevails over the general Code of Criminal Procedure.</p>
<p style="text-align: justify; ">Moreover, the blocking powers must stay within constitutional boundaries prescribed in, <i>inter alia</i>, Article 19 of the Constitution. Blocking powers are, therefore, subject to the widely-accepted tests of legality (foresight and non-arbitrariness), legitimacy of the grounds for restriction of fundamental rights and proportionality, calling for narrowly tailored restrictions causing minimum disruptions and/or damage.</p>
<p style="text-align: justify; "><span>In </span><strong>Section I </strong><span>of this post, we set out a brief record of the events that preceded the blocking of access to data services (mobile Internet) in several parts of Gujarat. Then in </span><strong>Section II</strong><span>, we summarise the order of the Gujarat High Court, dismissing the petition challenging the State government’s Internet-blocking notification under Section 144, CrPC. In the next post, </span><span>we examine the scope of Section 69A, IT Act to determine whether it empowers the State and Central government agencies to carry out blocks on Internet access through mobile phones (i.e., data services such as 2G, 3G and 4G) under certain circumstances. We submit that Section 69A does, and that Section 144, CrPC cannot be invoked for this purpose. </span></p>
<h2 style="text-align: justify; ">I. The Patidar Agitation in Gujarat:</h2>
<p style="text-align: justify; ">This question arose in the wake of agitation in Gujarat in the Patel community. The Patels or Patidars are <a href="http://indianexpress.com/article/explained/simply-put-who-are-gujarats-patidars-and-why-are-they-angry/">politically and economically influential</a> in Gujarat, with several members of the community holding top political, bureaucratic and industrial positions. In the last couple of months, the Patidars have been agitating, demanding to be granted status as Other Backward Classes (OBC). OBC status would make the community eligible for reservations and quotas in educational institutions and for government jobs.</p>
<p style="text-align: justify; ">Towards this demand, the Patidars organised <a href="http://indianexpress.com/article/cities/ahmedabad/demand-for-obc-status-patidars-stir-spreads-to-saurashtra/">multiple rallies</a> across Gujarat in August 2015. The largest rally, called the <i>Kranti Rally</i>, <a href="http://m.ibnlive.com/news/politics/turmoil-brewing-in-gujarat-as-patel-community-demands-obc-status-hardik-patel-begins-indefinite-hunger-strike-1051104.html">was held</a> in Ahmedabad, Gujarat’s capital city, on August 25, 2015. Hardik Patel, a leader of the agitation, reportedly went on hunger strike seeking that the Patidars’ demands be met by the government, and was arrested as he did not have permission to stay on the rally grounds after the rally. While media reports vary, it is certain that <a href="http://www.ibtimes.co.in/gujarat-rioting-reported-several-parts-ahmedabad-patel-rally-event-turns-violent-644192">violence and agitation broke out</a> after the rally. <a href="http://timesofindia.indiatimes.com/india/Patidar-agitation-Uneasy-calm-in-violence-hit-Gujarat-death-toll-rises-to-10/articleshow/48699151.cms">Many were injured</a>, some lost their lives, property was destroyed, businesses suffered; the army was deployed and curfew imposed for a few days across the State.</p>
<p style="text-align: justify; ">In addition to other security measures, the State government also imposed a ban on mobile Internet services across different parts of Gujarat. Reportedly, Hardik Patel had called for a state-wide <i>bandh </i>over Whatsapp. <a href="http://www.ndtv.com/india-news/after-clashes-over-hardik-patels-detention-no-whatsapp-in-gujarat-1211058?pfrom=home-lateststories">The police cited</a> “<i>concerns of rumour-mongering and crowd mobilisation through Whatsapp</i>” as a reason for the ban, which was instituted under <a href="http://indiankanoon.org/doc/930621/">Section 144, Code of Criminal Procedure, 1973</a> (<strong>“CrPC”</strong>). In most of Gujarat, the ban lasted six days, from August 25 to 31, 2015, <a href="http://www.ibtimes.co.in/gujarat-patel-agitation-ban-mobile-internet-whatsapp-lifted-ahmedabad-644924">while it continued</a> in Ahmedabad and Surat for longer.<span> </span></p>
<h2 style="text-align: justify; ">II. The Public Interest Litigation:</h2>
<p style="text-align: justify; ">A public interest petition was filed before the Gujarat High Court, challenging the mobile Internet ban. Though the petition was dismissed at the preliminary stage by Acting Chief Justice Jayant Patel and Justice Anjaria by an <a href="http://indiankanoon.org/doc/29352399/">oral order</a> delivered on September 15, 2015, the legal issues surrounding the ban are important and the order calls for some reflection.</p>
<p style="text-align: justify; ">In the PIL, the petitioner prayed that the Gujarat High Court declare that the notification under Section 144, CrPC, which blocked access to mobile Internet, is “void <i>ab initio</i>, <i>ultra vires </i>and unconstitutional” (para 1 of the <a href="http://indiankanoon.org/doc/29352399/">order</a>). The ban, argued the petitioner, violated Articles 14, 19 and 21 of the Constitution by being arbitrary and excessive, violating citizens’ right to free speech and causing businesses to suffer extensive economic damage. In any event, the power to block websites was specifically granted by Section 69A, IT Act, and so the government’s use of Section 144, CrPC to institute the mobile Internet block was legally impermissible. Not only this, but the government’s ban was excessive in that mobile Internet services were <i>completely blocked</i>; had the government’s concerns been about social media websites like Whatsapp or Facebook, the government could have suspended only those websites using Section 69A, IT Act. And so, the petitioner prayed that the Gujarat High Court issue a writ “<i>permanently restraining the State government from imposing a complete or partial ban on access to mobile Internet/broadband services</i>” in Gujarat.</p>
<p style="text-align: justify; ">The State Government saw things differently, of course. At the outset, the government argued that there was “<i>sufficient valid ground for exercise of power</i>” under Section 144, CrPC, to institute a mobile Internet block (para 4 of the <a href="http://indiankanoon.org/doc/29352399/">order</a>). Had the blocking notification not been issued, “<i>peace could not have been restored with the other efforts made by the State for the maintenance of law and order</i>”. The government stressed that Section 144, CrPC notifications were generally issued as a “last resort”, and in any case, the Internet had not been shut down in Gujarat; broadband and WiFi services continued to be active throughout. Since the government was the competent authority to evaluate law-and-order situations and appropriate actions, the Court ought to dismiss the petition, the State prayed.</p>
<p style="text-align: justify; ">The Court agreed with the State government, and dismissed the petition without issuing notice (para 9 of the <a href="http://indiankanoon.org/doc/29352399/">order</a>). The Court examined two issues in its order (very briefly):</p>
<ol style="text-align: justify; ">
<li>The scope and distinction between Section 144, CrPC and Section 69A, IT Act, and whether the invocation of Section 144, CrPC to block mobile Internet services constituted an arbitrary exercise of power;</li>
<li>The proportionality of the blocking notification (though the Court doesn’t use the term ‘proportionality’).</li>
</ol>
<p><span style="text-align: justify; ">We will examine the Court’s reading of Section 69A, IT Act and Section 144, CrPC, to see whether their fields of operation are in fact different.</span></p>
<p> </p>
<p><strong style="text-align: justify; ">Acknowledgements</strong><span style="text-align: justify; ">: We would like to thank Pranesh Prakash, Japreet Grewal, Sahana Manjesh and Sindhu Manjesh for their invaluable inputs in clarifying arguments and niggling details for these two posts.</span></p>
<hr size="1" style="text-align: justify; " width="33%" />
<p style="text-align: justify; "><span>Geetha Hariharan is a Programme Officer with Centre for Internet & Society. Padmini Baruah is in her final year of law at the National Law School of India University, Bangalore (NLSIU) and is an intern at CIS.</span></p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/the-legal-validity-of-bans-on-internet-part-i'>http://editors.cis-india.org/internet-governance/blog/the-legal-validity-of-bans-on-internet-part-i</a>
</p>
No publisherGeetha Hariharan and Padmini BaruahSocial MediaFreedom of Speech and ExpressionInternet Access69ASection 144Article 19(1)(a)Blocking2015-10-08T11:18:34ZBlog EntryWSIS+10 High Level Event: A Bird's Eye Report
http://editors.cis-india.org/internet-governance/blog/wsis-10-high-level-event-a-birds-eye-report
<b>The WSIS+10 High Level was organised by the ITU and collaborative UN entities on June 9-13, 2014. It aimed to evaluate the progress on implementation of WSIS Outcomes from Geneva 2003 and Tunis 2005, and to envision a post-2015 Development Agenda. Geetha Hariharan attended the event on CIS' behalf.</b>
<p style="text-align: justify; "><span>The World Summit on Information Society (WSIS) +10 </span><a href="http://www.itu.int/wsis/implementation/2014/forum/">High Level Event</a><span> (HLE) was hosted at the ITU Headquarters in Geneva, from June 9-13, 2014. The HLE aimed to review the implementation and progress made on information and communication technology (ICT) across the globe, in light of WSIS outcomes (</span><a href="http://www.itu.int/wsis/index-p1.html">Geneva 2003</a><span> and </span><a href="http://www.itu.int/wsis/index-p2.html">Tunis 2005</a><span>). Organised in three parallel tracks, the HLE sought to take stock of progress in ICTs in the last decade (High Level track), initiate High Level Dialogues to formulate the post-2015 development agenda, as well as host thematic workshops for participants (Forum track).</span><span> </span></p>
<h3 style="text-align: justify; ">The High Level Track:</h3>
<p style="text-align: justify; "><img src="http://editors.cis-india.org/internet-governance/blog/copy2_of_HighLevelTrack.jpg/@@images/be5f993c-3553-4d63-bb66-7cd16f8407dc.jpeg" alt="High Level Track" class="image-inline" title="High Level Track" /></p>
<p style="text-align: justify; "><i>Opening Ceremony, WSIS+10 High Level Event </i>(<a class="external-link" href="https://twitter.com/ITU/status/334587247556960256/photo/1">Source</a>)</p>
<p style="text-align: justify; ">The High Level track opened officially on June 10, 2014, and culminated with the endorsement by acclamation (as is ITU tradition) of two <a href="http://www.itu.int/wsis/implementation/2014/forum/inc/doc/outcome/362828V2E.pdf">Outcome Documents</a>. These were: (1) WSIS+10 Statement on the Implementation of WSIS Outcomes, taking stock of ICT developments since the WSIS summits, (2) WSIS+10 Vision for WSIS Beyond 2015, aiming to develop a vision for the post-2015 global information society. These documents were the result of the WSIS+10 <a href="http://www.itu.int/wsis/review/mpp/">Multi-stakeholder Preparatory Platform</a> (MPP), which involved WSIS stakeholders (governments, private sector, civil society, international organizations and relevant regional organizations).</p>
<p style="text-align: justify; ">The <strong>MPP</strong> met in six phases, convened as an open, inclusive consultation among WSIS stakeholders. It was not without its misadventures. While ITU Secretary General Dr. Hamadoun I. Touré consistently lauded the multi-stakeholder process, and Ambassador Janis Karklins urged all parties, especially governments, to “<i>let the UN General Assembly know that the multi-stakeholder model works for Internet governance at all levels</i>”, participants in the process shared stories of discomfort, disagreement and discord amongst stakeholders on various IG issues, not least human rights on the Internet, surveillance and privacy, and multi-stakeholderism. Richard Hill of the Association for Proper Internet Governance (<a href="http://www.apig.ch/">APIG</a>) and the Just Net Coalition writes that like NETmundial, the MPP was rich in a diversity of views and knowledge exchange, but stakeholders <a href="http://www.ip-watch.org/2014/06/16/what-questions-did-the-wsis10-high-level-event-answer/">failed to reach consensus</a> on crucial issues. Indeed, Prof. Vlamidir Minkin, Chairman of the MPP, expressed his dismay at the lack of consensus over action line C9. A compromise was agreed upon in relation to C9 later.<span> </span></p>
<p style="text-align: justify; ">Some members of civil society expressed their satisfaction with the extensive references to human rights and rights-centred development in the Outcome Documents. While governmental opposition was seen as frustrating, they felt that the <strong><span style="text-decoration: underline;">MPP had sought and achieved a common understanding</span></strong>, a sentiment <a href="https://twitter.com/covertlight/status/476748168051580928">echoed</a> by the ITU Secretary General. Indeed, even Iran, a state that had expressed major reservations during the MPP and felt itself unable to agree with the text, <a href="https://twitter.com/covertlight/status/476748723750711297">agreed</a> that the MPP had worked hard to draft a document beneficial to all.</p>
<p style="text-align: justify; ">Concerns around the MPP did not affect the <strong><span style="text-decoration: underline;">review of ICT developments</span></strong> over the last decade. High Level Panels with Ministers of ICT from states such as Uganda, Bangladesh, Sweden, Nigeria, Saudi Arabia and others, heads of the UN Development Programme, UNCTAD, Food and Agriculture Organisation, UN-WOMEN and others spoke at length of rapid advances in ICTs. The focus was largely on ICT access and affordability in developing states. John E. Davies of Intel repeatedly drew attention to innovative uses of ICTs in Africa and Asia, which have helped bridge divides of affordability, gender, education and capacity-building. Public-private partnerships were the best solution, he said, to affordability and access. At a ceremony evaluating implementation of WSIS action-lines, the Centre for Development of Advanced Computing (C-DAC), India, <a href="https://twitter.com/covertlight/status/476748723750711297">won an award</a> for its e-health application MOTHER.</p>
<p style="text-align: justify; "><span>The Outcome Documents themselves shall be analysed in a separate post. But in sum, the dialogue around Internet governance at the HLE centred around the success of the MPP. Most participants on panels and in the audience felt this was a crucial achievement within the realm of the UN, where the Tunis Summit had delineated strict roles for stakeholders in paragraph 35 of the </span><a href="http://www.itu.int/wsis/docs2/tunis/off/6rev1.html">Tunis Agenda</a><span>. Indeed, there was palpable relief in Conference Room 1 at the </span><a href="http://www.cicg.ch/en/">CICG</a><span>, Geneva, when on June 11, Dr. Touré announced that the Outcome Documents would be adopted without a vote, in keeping with ITU tradition, even if consensus was achieved by compromise.</span></p>
<h3 style="text-align: justify; ">The High Level Dialogues:</h3>
<p style="text-align: justify; "><img src="http://editors.cis-india.org/internet-governance/blog/HighLevelDialogues.jpg/@@images/3c30d94f-7a65-4912-bb42-2ccd3b85a18d.jpeg" alt="High Level Dialogues" class="image-inline" title="High Level Dialogues" /></p>
<p style="text-align: justify; "><i>Prof. Vladimir Minkin delivers a statement.</i> (<a class="external-link" href="https://twitter.com/JaroslawPONDER/status/476288845013843968/photo/1">Source</a>)</p>
<p style="text-align: justify; ">The High Level Dialogues on developing a post-2015 Development Agenda, based on WSIS action lines, were active on June 12. Introducing the Dialogue, Dr. Touré lamented the Millennium Development Goals as a “<i>lost opportunity</i>”, emphasizing the need to alert the UN General Assembly and its committees as to the importance of ICTs for development.</p>
<p style="text-align: justify; ">As on previous panels, there was <strong><span style="text-decoration: underline;">intense focus on access, affordability and reach in developing countries</span></strong>, with Rwanda and Bangladesh expounding upon their successes in implementing ICT innovations domestically. The world is more connected than it was in 2005, and the ITU in 2014 is no longer what it was in 2003, said speakers. But we lack data on ICT deployment across the globe, said Minister Knutssen of Sweden, recalling the gathering to the need to engage all stakeholders in this task. Speakers on multiple panels, including the Rwandan Minister for CIT, Marilyn Cade of ICANN and Petra Lantz of the UNDP, emphasized the need for ‘smart engagement’ and capacity-building for ICT development and deployment.</p>
<p style="text-align: justify; ">A crucial session on cybersecurity saw Dr. Touré envision a global peace treaty accommodating multiple stakeholders. On the panel were Minister Omobola Johnson of Nigeria, Prof. Udo Helmbrecht of the European Union Agency for Network and Information Security (ENISA), Prof. A.A. Wahab of Cybersecurity Malaysia and Simon Muller of Facebook. The focus was primarily on building laws and regulations for secure communication and business, while child protection was equally considered.<span> </span></p>
<p style="text-align: justify; ">The lack of laws/regulations for cybersecurity (child pornography and jurisdictional issues, for instance), or other legal protections (privacy, data protection, freedom of speech) in rapidly connecting developing states was noted. But the <strong><span style="text-decoration: underline;">question of cross-border surveillance and wanton violations of privacy went unaddressed</span></strong> except for the customary, unavoidable mention. This was expected. Debates in Internet governance have, in the past year, been silently and invisibly driven by the Snowden revelations. So too, at WSIS+10 Cybersecurity, speakers emphasized open data, information exchange, data ownership and control (the <a href="http://editors.cis-india.org/internet-governance/blog/ecj-rules-internet-search-engine-operator-responsible-for-processing-personal-data-published-by-third-parties">right to be forgotten</a>), but did not openly address surveillance. Indeed, Simon Muller of Facebook called upon governments to publish their own transparency reports: A laudable suggestion, even accounting for Facebook’s own undetailed and truncated reports.</p>
<p style="text-align: justify; ">In a nutshell, the post-2015 Development Agenda dialogues repeatedly emphasized the importance of ICTs in global connectivity, and their impact on GDP growth and socio-cultural change and progress. The focus was on taking this message to the UN General Assembly, engaging all stakeholders and creating an achievable set of action lines post-2015.</p>
<h3 style="text-align: justify; ">The Forum Track:</h3>
<p><img src="http://editors.cis-india.org/internet-governance/blog/copy_of_ForumTrack.jpg/@@images/dfcce68a-18d7-4f1e-897b-7208bb60abc9.jpeg" alt="Forum Track" class="image-inline" title="Forum Track" /></p>
<p><i>Participants at the UNESCO session on its Comprehensive Study on Internet-related Issues</i> (<a class="external-link" href="https://twitter.com/leakaspar/status/476690921644646400/photo/1">Source</a>)</p>
<p style="text-align: justify; ">The HLE was organized as an extended version of the WSIS Forum, which hosts thematic workshops and networking opportunities, much like any other conference. Running in parallel sessions over 5 days, the WSIS Forum hosted sessions by the ITU, UNESCO, UNDP, ICANN, ISOC, APIG, etc., on issues as diverse as the WSIS Action Lines, the future of Internet governance, the successes and failures of <a href="http://www.internetgovernance.org/2012/12/18/itu-phobia-why-wcit-was-derailed/">WCIT-2012</a>, UNESCO’s <a href="http://www.unesco.org/new/internetstudy">Comprehensive Study on Internet-related Issues</a>, spam and a taxonomy of Internet governance.<span> </span></p>
<p style="text-align: justify; ">Detailed explanation of each session I attended is beyond the scope of this report, so I will limit myself to the interesting issues raised.<span> </span></p>
<p style="text-align: justify; ">At ICANN’s session on its own future (June 9), Ms. Marilyn Cade emphasized the <strong><span style="text-decoration: underline;">importance of national and regional IGFs</span></strong> for both issue-awareness and capacity-building. Mr. Nigel Hickson spoke of engagement at multiple Internet governance fora: “<i>Internet governance is not shaped by individual events</i>”. In light of <a href="http://www.internetgovernance.org/2014/04/16/icann-anything-that-doesnt-give-iana-to-me-is-out-of-scope/">criticism</a> of ICANN’s apparent monopoly over IANA stewardship transition, this has been ICANN’s continual <a href="https://www.icann.org/resources/pages/process-next-steps-2014-06-06-en">response</a> (often repeated at the HLE itself). Also widely discussed was the <strong><span style="text-decoration: underline;">role of stakeholders in Internet governance</span></strong>, given the delineation of roles and responsibilities in the Tunis Agenda, and governments’ preference for policy-monopoly (At WSIS+10, Indian Ambassador Dilip Sinha seemed wistful that multilateralism is a “<i>distant dream</i>”).<span> </span></p>
<p style="text-align: justify; ">This discussion bore greater fruit in a session on Internet governance ‘taxonomy’. The session saw <a href="https://www.icann.org/profiles/george-sadowsky">Mr. George Sadowsky</a>, <a href="http://www.diplomacy.edu/courses/faculty/kurbalija">Dr. Jovan Kurbalija</a>, <a href="http://www.williamdrake.org/">Mr. William Drake</a> and <a href="http://www.itu.int/wsis/implementation/2014/forum/agenda/session_docs/170/ThoughtsOnIG.pdf">Mr. Eliot Lear</a> (there is surprisingly no official profile-page on Mr. Lear) expound on dense structures of Internet governance, involving multiple methods of classification of Internet infrastructure, CIRs, public policy issues, etc. across a spectrum of ‘baskets’ – socio-cultural, economic, legal, technical. Such studies, though each attempting clarity in Internet governance studies, indicate that the closer you get to IG, the more diverse and interconnected the eco-system gets. David Souter’s diagrams almost capture the flux of dynamic debate in this area (please see pages 9 and 22 of <a href="http://www.internetsociety.org/sites/default/files/ISOC%20framework%20for%20IG%20assessments%20-%20D%20Souter%20-%20final_0.pdf">this ISOC study</a>).</p>
<p style="text-align: justify; ">There were, for most part, insightful interventions from session participants. Mr. Sadowsky questioned the effectiveness of the Tunis Agenda delineation of stakeholder-roles, while Mr. Lear pleaded that techies be let to do their jobs without interference. <a href="http://internetdemocracy.in/">Ms. Anja Kovacs</a> raised pertinent concerns about <strong><span style="text-decoration: underline;">including voiceless minorities in a ‘rough consensus’ model</span></strong>. Across sessions, <strong><span style="text-decoration: underline;">questions of mass surveillance, privacy and data ownership rose</span></strong> from participants. The protection of human rights on the Internet – especially freedom of expression and privacy – made continual appearance, across issues like spam (<a href="http://www.itu.int/ITU-D/CDS/sg/rgqlist.asp?lg=1&sp=2010&rgq=D10-RGQ22.1.1&stg=1">Question 22-1/1</a> of ITU-D Study Group 1) and cybersecurity.</p>
<h3 style="text-align: justify; ">Conclusion:</h3>
<p style="text-align: justify; ">The HLE was widely attended by participants across WSIS stakeholder-groups. At the event, a great many relevant questions such as the future of ICTs, inclusions in the post-2015 Development Agenda, the value of muti-stakeholder models, and human rights such as free speech and privacy were raised across the board. Not only were these raised, but cognizance was taken of them by Ministers, members of the ITU and other collaborative UN bodies, private sector entities such as ICANN, technical community such as the ISOC and IETF, as well as (obviously) civil society.<span> </span></p>
<p style="text-align: justify; ">Substantively, the HLE did not address mass surveillance and privacy, nor of expanding roles of WSIS stakeholders and beyond. Processually, the MPP failed to reach consensus on several issues comfortably, and a compromise had to be brokered.</p>
<p style="text-align: justify; "><span>But perhaps a big change at the HLE was the positive attitude to multi-stakeholder models from many quarters, not least the ITU Secretary General Dr. Hamadoun Touré. His repeated calls for acceptance of multi-stakeholderism left many members of civil society surprised and tentatively pleased. Going forward, it will be interesting to track the ITU and the rest of UN’s (and of course, member states’) stances on multi-stakeholderism at the ITU Plenipot, the WSIS+10 Review and the UN General Assembly session, at the least.</span></p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/wsis-10-high-level-event-a-birds-eye-report'>http://editors.cis-india.org/internet-governance/blog/wsis-10-high-level-event-a-birds-eye-report</a>
</p>
No publishergeethaWSIS+10PrivacyCybersecurityHuman Rights OnlineSurveillanceFreedom of Speech and ExpressionInternet GovernanceFacebookData ProtectionMulti-stakeholderICANNInternet AccessITUInternet StudiesE-GovernanceICT2014-06-20T15:57:32ZBlog EntryInternet Privacy in India
http://editors.cis-india.org/telecom/knowledge-repository-on-internet-access/internet-privacy-in-india
<b>Internet privacy encompasses a wide range of issues and topics. It can be understood as privacy rights that an individual has online with respect to their data, and violations of the same that take place online. Given the dynamic nature of the online sphere, privacy concerns and issues are rapidly changing. </b>
<h3 style="text-align: justify; ">The Changing Nature of Information</h3>
<p style="text-align: justify; ">For example – the way in which the internet allows data to be produced, collected, combined, shared, stored, and analyzed is constantly changing and re-defining personal data and what type of protections personal data deserves and can be given. For example, seemingly harmless data such IP address, key words used in searches, websites visited, can now be combined and analysed to identify individuals and learn personal information about an individual. From information shared on social media sites, to cookies collecting user browser history, to individuals transacting online, to mobile phones registering location data – information about an individual is generated through each use of the internet. In some cases the individual is aware that they are generating information and that it is being collected, but in many cases, the individual is unaware of the information trail that they are leaving online, do not know who is accessing the information, and do not have control over how their information is being handled, and for what purposes it is being used. For example, law enforcement routinely troll social media sites for information that might be useful in an investigation.</p>
<h3 style="text-align: justify; ">The Blurry Line between the Public and Private Sphere</h3>
<p style="text-align: justify; ">The above example also highlights how the “sphere” of information on the internet is unclear i.e. is information posted on social media public information – free for use by any individual or entity including law enforcement, employees, data mining companies etc. or is information posted on social media – private, and thus requires authorization for further use. For example, in India, in 2013 the Mumbai police established a “social media lab” for the purposes of monitoring and tracking user behavior and activities.<a href="#fn1" name="fr1">[1] </a></p>
<p style="text-align: justify; ">Authorization is not required for the lab to monitor individuals and their behavior, and individuals are not made aware of the same, as the project claims to analyze only publicly available information. Similar dilemmas have been dealt with by other countries. For example, in the U.S, individuals have contested the use of their tweets without permission,<a href="#fn2" name="fr2">[2]</a> while courts in the US have ruled that tweets, private and public, can be obtained by law enforcement with only a subpoena, as technically the information has been shared with another entity, and is therefore no longer private.<a href="#fn3" name="fr3">[3] </a>Indian Courts have yet to deal directly with the question of social media content being public or private information.</p>
<h3 style="text-align: justify; ">The Complication of Jurisdiction</h3>
<p style="text-align: justify; ">The borderless nature of information flows over the Internet complicates online privacy, as individual's data is subjected to different levels of protection depending on which jurisdiction it is residing in. Thus, for example an Indian using Gmail, will be subject to the laws of the United States. On one hand this could be seen as a positive, if one country has stronger privacy protections than another, but could also be damaging to privacy in the reverse situation – where one company has lower privacy standards and safeguards. In addition to the dilemma of different levels of protection being provided over data as it flows through different jurisdictions, access by law enforcement to data stored in a different jurisdiction, or data from one country accessible to law enforcement because it is being processed in their jurisdiction, are two other complications that arise. These complications cannot be emphasized more than with the case of the NSA Leaks. Because Indian data was residing in US servers, the US government could access and use the data with no obligation to the individual.<a href="#fn4" name="fr4">[4] </a>In response to the NSA leaks, the government of India has stated that all facts need to be known before any action is taken, while citizens initially sought to hold the companies who disclosed the data to US security agencies such as Google, Facebook etc. accountable.<a href="#fn5" name="fr5">[5] </a></p>
<p style="text-align: justify; ">Despite this, because the companies were acting within the legal limits of the United States where they were incorporated, they could not be held liable. In response to the dilemma, many actors in India, including government and industry are asking for the establishment of 'domestic servers'. For example, Dr. Kamlesh Bajaj, CEO of Data Security Council of India was quoted in Forbes magazine promoting the establishment of India centric social media platforms.<a href="#fn6" name="fr6">[6] </a>Similarly, after the PRISM scandal became public, the National Security Advisor requested the Telecom Department to only route traffic data through Indian servers.<a href="#fn7" name="fr7">[7] </a></p>
<p style="text-align: justify; ">In these contexts, the internet is a driving force behind a growing privacy debate and awareness in India.</p>
<h3 style="text-align: justify; ">Current Policy for Internet Privacy in India</h3>
<p style="text-align: justify; ">Currently, India's most comprehensive legal provisions that speak to privacy on the internet can be found in the Information Technology Act (ITA) 2000. The ITA contains a number of provisions that can, in some cases, safeguard online privacy, or in other cases, dilute online privacy. Provisions that clearly protect user privacy include: penalizing child pornography,<a href="#fn8" name="fr8">[8]</a>penalizing, hacking and fraud<a href="#fn9" name="fr9">[9] </a>and defining data protection standards for body corporate.<a href="#fn10" name="fr10">[10] </a></p>
<p style="text-align: justify; ">Provisions that serve to dilute user privacy speak to access by law enforcement to user's personal information stored by body corporate<a href="#fn11" name="fr11">[11]</a> collection and monitoring of internet traffic data<a href="#fn12" name="fr12">[12] </a>and real time monitoring, interception, and decryption of online communications.<a href="#fn13" name="fr13">[13]</a> Additionally, legislative gaps in the ITA serve to weaken the privacy of online users. For example, the ITA does not address questions and circumstances like the evidentiary status of social media content in India, merging and sharing of data across databases, whether individuals can transmit images of their own “private areas” across the internet, if users have the right to be notified of the presence of cookies and do-not track options, the use of electronic personal identifiers across data bases, and if individuals have the right to request service providers to take down and delete their personal content.</p>
<h3 style="text-align: justify; ">Online Data Protection</h3>
<p style="text-align: justify; ">Since 2010, there has been an increasing recognition by both the government and the public that India needs privacy legislation, specifically one that addresses the collection, processing, and use of personal data. The push for adequate data protection standards in India has come both from industry and industrial bodies like DSCI – who regard strong data protection standards as an integral part of business, and from the public, who has voiced increasing concerns that governmental projects, such as the UID, involved with collecting, processing, and using personal data are presently not adequately regulated and are collecting and processing data in such a way that abuses individual privacy. As mentioned above, India's most comprehensive data protection standards are found in the ITA and are known as the Information Technology “Reasonable security practices and procedures and sensitive personal data or information” Rules 2011.<a href="#fn14" name="fr14">[14] </a></p>
<p style="text-align: justify; ">The Rules seek to provide rights to the individual with regards to their information and obligate body corporate to take steps towards protecting the privacy of consumer's information. Among other things, the Rules define “sensitive personal information' and require that any corporate body must publish an online privacy policy, provide individuals with the right to access and correct their information, obtain consent before disclosing sensitive personal information ' except in the case of law enforcement, provide individuals the ability to withdraw consent, establish a grievance officer, require companies to ensure equivalent levels of protection when transferring information, and put in place reasonable security practices. Though the Rules are the strongest form of data protection in India, they have not been recognized by the European Union as meeting the EU standards of “data secure”<a href="#fn15" name="fr15">[15] </a>and many gaps still exist. For example, the Rules apply only to:</p>
<ul style="text-align: justify; ">
<li>Body corporate and not to the government</li>
<li>Electronically generated and transmitted information </li>
<li>A limited scope of sensitive personal information.</li>
<li>A body corporate when a contractual agreement is not already in place.</li>
</ul>
<p style="text-align: justify; ">These gaps leave a number of bodies unregulated and types of information unprotected, and limits the scope of the Rules. It is also unclear to what extent companies are adhering to these Rules, and if they are applying the Rules only to the use of their website or if they are also applying the Rules to their core business practices.</p>
<h3 style="text-align: justify; ">Cyber Cafés</h3>
<p style="text-align: justify; ">In 2011 the Guidelines for Cyber Café Rules were notified under the Information Technology Act. These Rules, among other things, require Cyber Café’s to retain the following details for every user for a period of one year: details of identification, name, address, contact number, gender, date, computer terminal identification, log in time, and log out time. These details must be submitted to the same agency as directed, on a monthly basis.<a href="#fn16" name="fr16">[16]</a> Cyber Cafes must also retain the history of websites accessed and logs of proxy servers installed at the cyber café for a period of one year.<a href="#fn17" name="fr17">[17] </a>Furthermore, Cyber Café’s must ensure that the partitions between cubicles do not exceed four and half feet in height from floor level.<a href="#fn18" name="fr18">[18]</a> Lastly, the cyber café owner is required to provide every related document, register, and information to any officer authorized by the registration agency on demand.<a href="#fn19" name="fr19">[19] </a>In effect, the identification and retention requirements of these rules both impact privacy and freedom of expression, as cyber cafes users cannot use the facility anonymously and all their information, including browser history, is stored on an a-priori basis. The disclosure provisions in these rules also impact privacy and demonstrate a dilution of access standards for law enforcement to users internet communications as the provision does not define:</p>
<ul style="text-align: justify; ">
<li>An authorization process by which the registration agency follows to authorize individuals to conduct inspections.</li>
<li>Circumstances on which inspection of a Cyber Café by an authorized officer is necessary and permissible.</li>
<li>The process for which information can be requested, and instead vaguely requires cyber café owners to disclose information “on demand”.</li>
</ul>
<h3 style="text-align: justify; ">Online Surveillance and Access</h3>
<p style="text-align: justify; ">The ITA also allows for the interference of user privacy online by defining broad standards of access to law enforcement and security agencies, and providing the government with the power to determine what tools individuals can use to protect their privacy. This is most clearly demonstrated by provisions that permit the interception, monitoring, and decryption of digital communications<a href="#fn20" name="fr20">[20]</a> provide for the collection and monitoring of traffic data<a href="#fn21" name="fr21">[21]</a> and allow the government to set the national encryption standard.<a href="#fn22" name="fr22">[22] </a>In particular, the structure of these provisions and the lack of safeguards incorporated, serve as a dilution to user privacy. For example, though these provisions create a framework for interception they are missing a number of internationally recognized safeguards and practices, such as notice to the individual, judicial oversight, and transparency requirements. Furthermore, the provisions place extensive security and technical obligations on the service provider – as they are required to extend all facilities necessary to security agencies for interception and decryption, and hold the service provider liable for imprisonment up to seven years for non-compliance. This creates an environment where it is unlikely that the service provider would challenge any request for access or interception from law enforcement. Interception is also regulated through provisions and rules under the Indian Telegraph Act 1885 and subsequent ISP and UAS licenses.</p>
<h3 style="text-align: justify; ">Scope of Surveillance and Access</h3>
<p style="text-align: justify; ">The extent to which the Government of India lawfully intercepts communications is not entirely clear, but in 2011 news items quoted that in the month of July 8,736 phones and e-mail accounts were under lawful surveillance.<a href="#fn23" name="fr23">[23]</a></p>
<p style="text-align: justify; ">Though this number is representative of authorized interception, there have been a number of instances of unauthorized interceptions that have taken place as well. For example, in 2013 it was found that in Himachel Pradesh 1371 phones were tapped based on verbal approval, while the Home Ministry had only authorized interception of 170.<a href="#fn24" name="fr24">[24] </a>This demonstrates that there are instances of when existing safeguards for interception and surveillance are undermined and highlights the challenge of enforcement for even existing safeguards.</p>
<p style="text-align: justify; ">Demonstrating the tensions between right to privacy and governmental access to communications, and at the same time highlighting the issue of jurisdiction was the standoff between RIM/BlackBerry and the Indian Government. For several years, the Indian Government has requested that RIM provide access to the company’s communication traffic, both BIS and BES, as Indian security agencies have been unable to decrypt the data. Solutions that the Indian Government has proposed include: RIM providing the decryption keys to the government, RIM establishing a local server, local ISPs and telcos developing an indigenous monitoring solution. In 2012, RIM finally established a server in Mumbai and in 2013 provided a lawful interception solution that satisfied the Indian Government.<a href="#fn25" name="fr25">[25]</a></p>
<p style="text-align: justify; ">The implementation of the Central Monitoring System by the Indian Government is another example of the Government seeking greater access to communications. The system will allow security agencies to bypass service providers and directly intercept communications. It is unclear if the system will provide for the interception of only telephonic communications or if it will also allow for the interception of digital communications and internet traffic. It is also unclear what checks and balances exist in the system. By removing the service provider from the equation the government is not only taking away a potential check, as service providers can resist unauthorized requests, but it is also taking away the possibility for companies to be transparent about the interception requests that they comply with.</p>
<h2 style="text-align: justify; ">Future frameworks for privacy in India: The Report of the Group of Experts on Privacy</h2>
<p style="text-align: justify; ">In October 2012 the Report of the Group of Experts on Privacy was published by a committee of experts chaired by Justice A.P. Shah.<a href="#fn26" name="fr26">[26] </a>The report creates a set of recommendations for a privacy framework and legislation in India. Most importantly, the Report recognizes privacy as a fundamental right and defines nine National Privacy Principles that would apply to all data controllers both in the private sector and the public sector. This would work to ensure that businesses and governments are held accountable to protecting privacy and that legislation and practices found across sectors, states/governments, organizations, and governmental bodies are harmonized. The privacy principles are in line with global standards including the EU, OECD, and APEC principles on privacy, and include: notice, choice & consent, collection limitation, purpose limitation, access and correction, accountability, openness, disclosure of information, security.</p>
<p style="text-align: justify; ">The Report also envisions a system of co-regulation, in which the National Privacy Principles will be binding for every data controller, but Self Regulatory Organizations at the industry level will have the option of developing principles for that specific sector. The principles developed by industry must be approved by the privacy commissioner and be in compliance with the National Privacy Principles. In addition to defining principles, the Report recommends the establishment of a privacy commissioner for overseeing the implementation of the right to privacy in India and specifies that aggrieved individuals can seek redress either through issuing a complaint the privacy commissioner or going before a court.</p>
<p style="text-align: justify; ">The nine national privacy principles include:</p>
<p style="text-align: justify; ">Notice: Principle 1: Notice</p>
<p style="text-align: justify; ">A data controller shall give simple to understand notice of its information practices to all individuals, in clear and concise language, before any personal information is collected from them. Such notices should include:</p>
<p style="text-align: justify; "><b>During Collection </b></p>
<ul>
<li>What personal information is being collected; </li>
<li>Purposes for which personal information is being collected; </li>
<li>Uses of collected personal information; </li>
<li>Whether or not personal information may be disclosed to third persons; </li>
<li>Security safeguards established by the data controller in relation to the personal information; </li>
<li>Processes available to data subjects to access and correct their own personal information; </li>
<li>Contact details of the privacy officers and SRO ombudsmen for filing complaints. </li>
</ul>
<p style="text-align: justify; "><b>Other Notices</b><br />Data breaches must be notified to affected individuals and the commissioner when applicable. Individuals must be notified of any legal access to their personal information after the purposes of the access have been met. Service providers would have to explain how the information would be used and if it may be disclosed to third persons such as advertisers, processing Individuals must be notified of changes in the data controller’s privacy policy. Any other information deemed necessary by the appropriate authority in the interest of the privacy of data subjects.</p>
<p style="text-align: justify; "><b>Example of Implementation</b>: A telecom service provider must make available to individuals a privacy policy before any personal information is collected by the company. The notice must include all categories of information as identified in the principle of notice. For example, the service provider must identify the types of personal information that will be collected from the individual from the initial start of the service and during the course of the consumer using the service. For a telecom service provider this could range from name and address to location data. The notice must identify if information will be disclosed to third parties such as advertisers, processers, or other telecom companies. If a data breach that was the responsibility of the company takes place, the company must notify all affected customers. If individuals have their personal data accessed or intercepted by Indian law enforcement or for other legal purposes, they have the right to be notified of the access after the case or other purpose for the data has been met.</p>
<h3 style="text-align: justify; ">Principle 2: Choice and Consent</h3>
<p style="text-align: justify; ">A data controller shall give individuals choices (opt-in/opt-out) with regard to providing their personal information, and take individual consent only after providing notice of its information practices. Only after consent has been taken will the data controller collect, process, use, or disclose such information to third parties, except in the case of authorized agencies. When provision of information is mandated by law, it should be in compliance with all other National Privacy Principles. Information collected on a mandatory basis should be anonymized within a reasonable timeframe if published in public databases. As long as the additional transactions are performed within the purpose limitation, fresh consent will not be required. The data subject shall, at any time while availing the services or otherwise, also have an option to withdraw his/her consent given earlier to the data controller. In such cases the data controller shall have the option not to provide goods or services for which the said information was sought if such information is necessary for providing the goods or services. In exceptional cases, where it is not possible to provide the service with choice and consent, then choice and consent should not be required.</p>
<p style="text-align: justify; "><b>Example of implementation</b>: If an individual is signing up to a service, a company can only begin collecting, processing, using and disclosing their data after consent has been taken. If the provision of information is mandated by law, as is the case for the census, this information must be anonymized after a certain amount of time if it is published in public databases. If there is a case where consent is not possible, such as in a medical emergency, consent before processing information, does not need to be taken.</p>
<h3 style="text-align: justify; ">Principle 3: Collection Limitation</h3>
<p>A data controller shall only collect personal information from data subjects as is necessary for the purposes identified for such collection, regarding which notice has been provided and consent of the individual taken. Such collection shall be through lawful and fair means.</p>
<p style="text-align: justify; "><b>Example of Implementation</b>: If a bank is collecting information to open an account for a potential customer, they must collect only that information which is absolutely necessary for the purpose of opening the account, after they have taken the consent of the individual.</p>
<h3 style="text-align: justify; ">Principle 4: Purpose Limitation</h3>
<p style="text-align: justify; ">Personal data collected and processed by data controllers should be adequate and relevant to the purposes for which they are processed. A data controller shall collect, process, disclose, make available, or otherwise use personal information only for the purposes as stated in the notice after taking consent of individuals. If there is a change of purpose, this must be notified to the individual. After personal information has been used in accordance with the identified purpose it should be destroyed as per the identified procedures. Data retention mandates by the government should be in compliance with the National Privacy Principles.</p>
<p style="text-align: justify; "><b>Example of Implementation</b>: If a bank is collecting information from a customer for opening a bank account, the bank can only use that information for the purpose of opening the account and any other reasons consented to. After a bank has used the information to open an account, it must be destroyed. If the information is retained by the bank, it must be done so with consent, for a specific purpose, with the ability of the individual to access and correct the stored information, and in a secure fashion.</p>
<h3 style="text-align: justify; ">Principle 5: Access and Correction</h3>
<p style="text-align: justify; ">Individuals shall have access to personal information about them held by a data controller; shall be able to seek correction, amendments, or deletion such information where it is inaccurate; be able to confirm that a data controller holds or is processing information about them; be able to obtain from the data controller a copy of the personal data. Access and correction to personal information may not be given by the data controller if it is not, despite best efforts, possible to do so without affecting the privacy rights of another person, unless that person has explicitly consented to disclosure.</p>
<p style="text-align: justify; "><b>Example of Implementation</b>: An individual who has opened a bank account, has the right to access the information that was initially provided and subsequently generated. If there is a mistake, the individual has the right to correct the mistake. If the individual requests information related to him that is stored on a family member from the bank, the bank cannot disclose this information without explicit consent from the family member as it would impact the privacy of another.</p>
<h3 style="text-align: justify; ">Principle 6: Disclosure of Information</h3>
<p style="text-align: justify; ">A data controller shall only disclose personal information to third parties after providing notice and seeking informed consent from the individual for such disclosure. Third parties are bound to adhere to relevant and applicable privacy principles. Disclosure for law enforcement purposes must be in accordance with the laws in force. Data controllers shall not publish or in any other way make public personal information, including personal sensitive information.</p>
<p style="text-align: justify; "><b>Example of Implementation</b>: If a website, like a social media site, collects information about how a consumer uses its website, this information cannot be sold or shared with other websites or partners, unless notice of such sharing has been given to the individual and consent has been taken from the individual. If websites provide information to law enforcement, this must be done in accordance with laws in force, and cannot be done through informal means. The social media site would be prohibited from publishing, sharing, or making public the personal information in any way without obtaining informed consent.</p>
<h3 style="text-align: justify; ">Principle 7: Security</h3>
<p style="text-align: justify; ">A data controller shall secure personal information that they have either collected or have in their custody, by reasonable security safeguards against loss, unauthorised access, destruction, use, processing, storage, modification, deanonymization, unauthorized disclosure [either accidental or incidental] or other reasonably foreseeable risks.</p>
<p style="text-align: justify; "><b>Example of Implementation</b>: If a company is a telecommunication company, it must have security measures in place to protect customers communications data from loss, unauthorized access, destruction, use, processing, storage, modification, denanonmyization, unauthorized disclosure, or other forseeable risk. This could include encrypting communications data, having in place strong access controls, and establishing clear chain of custody for the handling and processing communications data.</p>
<h3 style="text-align: justify; ">Principle 8: Openness</h3>
<p style="text-align: justify; ">A data controller shall take all necessary steps to implement practices, procedures, policies and systems in a manner proportional to the scale, scope, and sensitivity to the data they collect, in order to ensure compliance with the privacy principles, information regarding which shall be made in an intelligible form, using clear and plain language, available to all individuals.</p>
<p style="text-align: justify; "><b>Example of Implementation</b>: If a hospital is collecting and processing personal information of, for example, 1,000 patients, their policies and practices must reflect and be applicable to the amount, sensitivity, and nature of information that they are collecting. The policies about the same must be made available to all individuals – this includes individuals of different intelligence, skill, and developmental levels.</p>
<h3 style="text-align: justify; ">Principle 9: Accountability</h3>
<p style="text-align: justify; ">The data controller shall be accountable for complying with measures which give effect to the privacy principles. Such measures should include mechanisms to implement privacy policies; including tools, training, and education; external and internal audits, and requiring organizations or overseeing bodies extend all necessary support to the Privacy Commissioner and comply with the specific and general orders of the Privacy Commissioner.</p>
<p style="text-align: justify; "><b>Example of Implementation</b>: To ensure that a hospital is in compliance with the national privacy principles, it must undertake activities like running trainings and providing educational information to employees on how to handle patient related information, conducting audits, and establishing an officer or body for overseeing the implementation of privacy.</p>
<h3 style="text-align: justify; ">Public Discourses on Privacy</h3>
<p style="text-align: justify; ">In India, there have been a number of important discourses related to privacy around various projects and topics. These discourses have been driving public awareness about privacy in India, and represent an important indication of public perception of privacy and privacy concerns.</p>
<h3 style="text-align: justify; ">The Unique Identification Project</h3>
<p style="text-align: justify; ">One of these discourses is a public dialogue and debate on the Unique Identification Project. Since 2009 the Government of India has been rolling out an identity scheme known as UID or Aadhaar. The scheme is applicable to all residents in India, and seeks to provide individuals with an identity based on their fingerprints, iris scans, and photograph. The project has been heavily supported by some, and at the same time, heavily critiqued by others. Of those critiquing the project, which included a Parliamentary Standing Committee on Finance,<a href="#fn27" name="fr27">[27] </a>privacy has been a driving force behind the concerns about the project. Arguing that not only does the UID Bill not have sufficient privacy safeguards in its provisions<a href="#fn28" name="fr28">[28] </a>but the design of the project and the technology of the project places individual privacy at risk. For example, the project relies on centralized storage of biometrics collected under the scheme; it does not account for or address how transaction data that is generated each time an individual identifies himself/herself with the UID will be stored, processed, and shared; and does not provide adequate security measures to protect sensitive information like biometrics.</p>
<h3 style="text-align: justify; ">The Human DNA Profiling Bill</h3>
<p style="text-align: justify; ">In 2006 the Department of Biotechnology piloted a draft human DNA Profiling Bill with the objective of creating DNA databases at the national and regional levels, and enabling the creation and storage of DNA profiles for forensic purposes. Since 2006 there have been two more drafts of the bill released to the public, and an expert committee has been created to finalize the text of the bill. Individuals, including the Centre for Internet and Society, publicly raising concern about the bill, cite a lack of privacy safeguards in the provisions, and expansive circumstances and reasons that the bill permits the creation and storage of DNA profiles.<a href="#fn29" name="fr29">[29]</a></p>
<h3 style="text-align: justify; ">Surveillance</h3>
<p style="text-align: justify; ">For many years there has been running public discourse about the surveillance that the Indian government has been undertaking. This discourse is growing and is now being linked to privacy and the need for India to enact a privacy legislation. As discussed above, the current surveillance regime is lacking on many fronts, while at the same time the government continues to seek greater interception powers and more access to larger sets of information in more granularity. Projects like the Central Monitoring System, NATGRID, and Lawful Interception Solutions have caused individuals to question the government on the proportionality of State surveillance and ask for a comprehensive privacy legislation that also regulates surveillance.</p>
<p style="text-align: justify; ">The need for strong and enforceable surveillance provisions is not unique to India, and in 2013 the International Principles on the Application of Human Rights to the Surveillance of Communications were drafted. The principles lay out standards that ensure that surveillance is in compliance with international human rights law and serve as safeguards that countries can incorporate into their regimes to ensure the same. The principles include: legality, legitimate aim, necessity, adequacy, proportionality, competent judicial authority, due process, user notification, transparency, public oversight, integrity of communications and systems, safeguards for international cooperation, safeguards against illegitimate access. Along with defining safeguards, the principles highlight the challenge of rapidly changing technology and how it is constantly changing how information can be surveilled by governments and what information surveilled by governments, and how information can be combined and analysed to draw conclusions about individuals.</p>
<h3 style="text-align: justify; ">A Privacy Legislation for India</h3>
<p style="text-align: justify; ">Since 2010, there has been a strong public discourse around the need for a privacy legislation in India. In November 2010, a “Privacy Approach” paper was released to the public which envisioned the creation of a data protection legislation. In 2011, the Department of Personnel and Training released a draft privacy bill that defined a privacy regime that encompassed data protection, surveillance, and mass marketing, and recognized privacy as a fundamental right.<a href="#fn31" name="fr31">[31] </a>In 2012 the Report of the Group of Experts on Privacy, as discussed above, was published.<a href="#fn32" name="fr32">[32] </a>Presently, the Department of Personnel and Training is drafting the text of the Governments Privacy Bill. In 2013, the Centre for Internet and Society drafted the Citizen’s Privacy Protection Bill – a citizen’s version of a privacy legislation for India.<a href="#fn33" name="fr33">[33]</a> From April 2013 – October 2013, the Centre for Internet and Society, in collaboration with the Federation of Indian Chambers of Commerce and Industry and the Data Security Council of India, held a series of seven Privacy Roundtables across India. The objective of the Roundtables was to gain public feedback to a privacy framework in India. Topics discussed during the meetings included, how to define sensitive personal information vs. Personal information, if co-regulation should be a model adopted as a regulatory framework, and what should be the legal exceptions to the right to privacy.<a href="#fn34" name="fr34">[34]</a></p>
<h3 style="text-align: justify; ">Conclusion</h3>
<p style="text-align: justify; ">Clearly, privacy is an emerging and increasingly important field in India’s internet society. As companies collect greater amounts of information from and about online users, and as the government continues to seek greater access and surveillance capabilities, it is critical that India prioritizes privacy and puts in place strong safeguards to protect the privacy of both Indians and foreigners whose data resides temporarily or permanently in India. The first step towards this is the enactment of a comprehensive privacy legislation recognizing privacy as a fundamental right. The Report of the Group of Experts on Privacy and the government considering a draft privacy bill are all steps in the right direction.</p>
<hr />
<p style="text-align: justify; ">[<a href="#fr1" name="fn1">1</a>]. http://www.zdnet.com/in/india-sets-up-social-media-monitoring-lab-7000012758/</p>
<p style="text-align: justify; ">[<a href="#fr2" name="fn2">2</a>]. http://www.techdirt.com/articles/20130203/18510621869/investigative-journalist-claims-her-public-tweets-arent-publishable-threatens-to-sue-blogger-who-does-exactly-that.shtml</p>
<p style="text-align: justify; ">[<a href="#fr3" name="fn3">3</a>]. http://www.npr.org/blogs/alltechconsidered/2013/10/02/228134269/your-digital-trail-does-the-fourth-amendment-protect-us</p>
<p style="text-align: justify; ">[<a href="#fr4" name="fn4">4</a>]. http://www.bbc.co.uk/news/technology-24744695</p>
<p style="text-align: justify; ">[<a href="#fr5" name="fn5">5</a>]. http://www.thehindu.com/news/national/sc-to-hear-pil-on-us-surveillance-of-internet-data/article4829549.ece</p>
<p style="text-align: justify; ">[<a href="#fr6" name="fn6">6</a>]. http://forbesindia.com/article/checkin/indias-internet-privacy-woes/35971/1</p>
<p style="text-align: justify; ">[<a href="#fr7" name="fn7">7</a>]. http://www.thehindubusinessline.com/industry-and-economy/info-tech/route-domestic-net-traffic-via-india-servers-nsa-tells-operators/article5022791.ece</p>
<p style="text-align: justify; ">[<a href="#fr8" name="fn8">8</a>]. ITA section 67</p>
<p style="text-align: justify; ">[<a href="#fr9" name="fn9">9</a>]. ITA section 43, 66, and 66F</p>
<p style="text-align: justify; ">[<a href="#fr10" name="fn10">10</a>]. Information Technology (Reasonable security practices and procedures and Sensitive personal data or information) Rules, 2011.</p>
<p style="text-align: justify; ">[<a href="#fr11" name="fn11">11</a>]. Information Technology (Reasonable security practices and procedures and Sensitive personal data or information) Rules, 2011. section 6(1)</p>
<p style="text-align: justify; ">[<a href="#fr12" name="fn12">12</a>]. Information Technology (Procedure and Safeguards for monitoring and collection of Traffic Data or other information) Rules 2009</p>
<p style="text-align: justify; ">[<a href="#fr13" name="fn1">13</a>]. Information Technology (Procedure and Safeguards for intercepting, monitoring, and decryption) Rules 2009</p>
<p style="text-align: justify; "> </p>
<p style="text-align: justify; ">[<a href="#fr14" name="fn14">14</a>]. Ibid footnote 6</p>
<p style="text-align: justify; ">[<a href="#fr15" name="fn15">15</a>]. Business Standard. Data secure status for India is vital: Sharma on the FTA with EU. September 3rd 2013. Available at: http://www.business-standard.com/article/economy-policy/data-secure-status-for-india-is-vital-sharma-on-fta-with-eu-113090300889_1.html</p>
<p style="text-align: justify; ">[<a href="#fr16" name="fn16">16</a>]. Guidelines for Cyber Cafe Rules 5(2) & 5(3). Available at: http://deity.gov.in/sites/upload_files/dit/files/GSR315E_10511(1).pdf</p>
<p style="text-align: justify; ">[<a href="#fr17" name="fn17">17</a>]. Guidelines for Cyber Cafe Rules 5(4)</p>
<p style="text-align: justify; ">[<a href="#fr18" name="fn18">18</a>]. Guidelines for Cyber Cafe Rules 5(6)</p>
<p style="text-align: justify; ">[<a href="#fr18" name="fn18">18</a>]. Guidelines for Cyber Café Rules 5(6)</p>
<p style="text-align: justify; ">[<a href="#fr19" name="fn19">19</a>]. Guidelines for Cyber Café Rules 7(1)</p>
<p style="text-align: justify; ">[<a href="#fr20" name="fn20">20</a>]. Ibid footnote 9</p>
<p style="text-align: justify; ">[<a href="#fr21" name="fn21">21</a>]. Ibid footnote 8</p>
<p style="text-align: justify; ">[<a href="#fr22" name="fn22">22</a>]. ITA section 84A</p>
<p style="text-align: justify; ">[<a href="#fr23" name="fn23">23</a>]. Jain, B. 8,736 phone and e-mail accounts tapped by different government agencies in July. September 17th 2011. Available at: http://articles.economictimes.indiatimes.com/2011-09-17/news/30169231_1_phone-tap-e-mail-accounts-indian-telegraph-act</p>
<p style="text-align: justify; ">[<a href="#fr24" name="fn24">24</a>]. The Economic Times. Action to be taken in ‘phone tapping’ during BJP rule: Virbhadra Singh. March 6th 2013. Available at: http://articles.economictimes.indiatimes.com/2013-03-06/news/37500338_1_illegal-phone-virbhadra-singh-previous-bjp-regime</p>
<p style="text-align: justify; ">[<a href="#fr25" name="fn25">25</a>]. Chaudhary, A. BlackBerry’s Tussle with Indian Govt. Finally Ends; BB Provides Interception System. http://www.medianama.com/2013/07/223-blackberrys-tussle-with-indian-govt-finally-ends-bb-provides-interception-system/</p>
<p style="text-align: justify; ">[<a href="#fr26" name="fn26">26</a>]. Report of the Group of Experts on Privacy. Available at: http://planningcommission.nic.in/reports/genrep/rep_privacy.pdf</p>
<p style="text-align: justify; ">[<a href="#fr27" name="fn27">27</a>]. http://164.100.47.134/lsscommittee/Finance/42%20Report.pdf</p>
<p style="text-align: justify; ">[<a href="#fr28" name="fn28">28</a>]. http://www.indianexpress.com/news/uid-bill-skips-vital-privacy-issues/688614/</p>
<p style="text-align: justify; ">[<a href="#fr29" name="fn29">29</a>]. http://www.epw.in/authors/elonnai-hickok</p>
<p style="text-align: justify; ">[<a href="#fr30" name="fn30">30</a>]. http://ccis.nic.in/WriteReadData/CircularPortal/D2/D02rti/aproach_paper.pdf</p>
<p style="text-align: justify; ">[<a href="#fr31" name="fn31">31</a>]. http://www.iltb.net/2011/06/analysis-of-the-privacy-bill-2011/</p>
<p style="text-align: justify; ">[<a href="#fr32" name="fn32">32</a>]. http://planningcommission.nic.in/reports/genrep/rep_privacy.pdf</p>
<p style="text-align: justify; ">[<a href="#fr33" name="fn33">33</a>]. http://cis-india.org/internet-governance/blog/privacy-protection-bill-2013-updated-third-draft</p>
<p style="text-align: justify; ">[<a href="#fr34" name="fn34">34</a>]. http://cis-india.org/internet-governance/blog/national-privacy-roundtable-meetings</p>
<p>
For more details visit <a href='http://editors.cis-india.org/telecom/knowledge-repository-on-internet-access/internet-privacy-in-india'>http://editors.cis-india.org/telecom/knowledge-repository-on-internet-access/internet-privacy-in-india</a>
</p>
No publisherelonnaiInternet Access2014-01-08T13:51:06ZPageTRAI Consultation on Differential Pricing for Data Services - Post-Open House Discussion Submission
http://editors.cis-india.org/telecom/blog/trai-consultation-on-differential-pricing-for-data-services
<b>The Centre for Internet and Society sent this submission to the Telecom Regulatory Authority of India (TRAI) following the Open House Discussion on Differential Pricing of Data Services, held in Delhi on February 21, 2016.</b>
<p> </p>
<h4>Download the submission document: <a href="https://github.com/cis-india/website/raw/master/docs/CIS_TRAI-Differential-Pricing_Submission_2015.01.25.pdf">PDF</a>.</h4>
<p> </p>
<h3>Post-Open House Discussion Submission to TRAI</h3>
<p> </p>
<p style="text-align: justify;">Dear Ms. Kotwal,</p>
<p style="text-align: justify;">This is to heartily congratulate TRAI once again for taking several steps, including the Open House Discussion, to ensure that various opinions about the topic of ‘differential pricing for data services’ are presented and are responded to - and are all in full public view.</p>
<p style="text-align: justify;">This brief note is to <strong>a)</strong> add to the positions and arguments submitted previously by the Centre for Internet and Society (CIS), India, <strong>b)</strong> put in writing our comments during the Open House Discussion (January 21, 2016), and <strong>c)</strong> respond to other comments shared at the same event. We have six points to share in this note:<br /><br /></p>
<ol style="text-align: justify;">
<li><strong>Forbearance is not an option</strong>: We are of the opinion that though the data services market has thus far been kept un-monitored and unregulated, and there are several reasons why this situation should not continue any more. Although the reality of differential pricing (that is data packets originating from different sources being priced differently by ISPs) was highlighted with the recent offering of zero rated packs, it is a general practice in the sector, as illustrated by widely available special/curated content packs for the user to consume data from a specified web-based source. It is not surprising that most such special/curated content packs involve an arrangement between the ISP and a prominent leader in the web-content/platform sector, such as Facebook and Twitter. Serious market distorting impacts of such arrangements are imminent if they are allowed to continue without any monitoring, enforced public disclosure, and regulatory actions by a public authority.<br /><br /></li>
<li><strong>Address differential treatment of data, and not only differential pricing</strong>: Pricing is only of the three ways in which data services can be treated differently by the ISPs depending upon the source of the data packets concerned. The other two ways are: a) differential speed, or throttling of some data packets and prioritisation of the others, and b) differential treatment of data protocols, for example, the blocking of peer-to-peer or voice-over-IP traffic by an ISP. If the public authority decides to only regulate differential pricing of data service, it is highly probable that ISPs may shift to other forms of discrimination between data packets - either in terms of prioritising some data packets over others based upon their origin, or blocking of specific protocols such as voice-over-IP to prevent the functioning of certain web-based services - and continue the market distorting impacts through these other means.<br /><br /></li>
<li><strong>Allow and define reasonable network management practices</strong>: Reasonable network management has to be allowed to enable the ISPs to manage performance on their network. However, ISPs may not indulge in acts that are harmful to users in the name of reasonable network management. Below is a set of potential guidelines to identify cases when discrimination against classes of data traffic in the name of reasonable network management can be considered justified and permissible:<br />
<ul><li>there is an intelligible differentia between the classes which are to be treated differently,</li>
<li>there is a rational nexus between the differential treatment and the aim of such differentiation,</li>
<li>the aim sought to be furthered is legitimate, and is related to the security, stability, or efficient functioning of the network, or is a technical limitation outside the control of the ISP, and</li>
<li>the network management practice is the least harmful technical means that is reasonably available to achieve the aim.</li><br /></ul>
</li>
<li><strong>Establish an effective enforcement mechanism</strong>: TRAI must establish an enforcement mechanism that is open to users [and groups of users] and private sector actors as current forums are insufficient. Clear and simple rules must be established ex-ante, if they are violated - ex-post regulation must be undertaken on the basis of principles listed in the TRAI consultation paper, that is “non-discrimination, transparency, affordable internet access, competition and market entry, and innovation” <a name="fr1">[1]</a><br /><br /></li>
<li><strong>Take regulatory decisions now, but also conduct and commission further research to review and refine the decisions over a defined period of time</strong><br /><br /></li>
<li><strong>Need for better collection and proactive disclosure of statistics</strong>: TRAI publishes quarterly performance indicators statistics collected from the telecom companies about telephone, mobile, and internet sectors in India <a name="fr2">[2]</a>. It will be very useful for researchers and analysts, and allow for a much more informed public debate on the matter, if the content and form of such data are improved in the following ways:<br />
<br /><strong>Content:</strong>
<ul>
<li>
<div style="text-align: justify;">Please start collection (unless already done) and publication of not only data of average incoming and outgoing MOUs, average of total outgoing SMSs, Average Revenue Per User, and average data usage per GSM and CDMA subscriber, but distributions of the same in terms of user deciles (that is in terms of representative figures for each 10% section of users in ascending order of usage),</div>
</li>
<li>
<div style="text-align: justify;">Provide granular data about data usage across service areas and service providers (the numbers on ‘average data usage’ and total ‘revenue from data usage’ provided at present are very insufficient for the state of public debate),</div>
</li>
<li>
<div style="text-align: justify;">Provide data about internet subscriber base according to network technologies (for both wired and wireless) and the service providers concerned,</div>
</li>
<li>
<div style="text-align: justify;">Provide data about IP-based telephony across service areas and service providers,</div>
</li>
<li>
<div style="text-align: justify;">Provide data separately for the North Eastern states, and</div>
</li>
<li>
<div style="text-align: justify;">Provide granular data (separated from the corresponding state data) for all tier-1 cities.</div>
</li></ul>
<br />
<p style="text-align: justify;"><strong>Form:</strong></p>
<ul>
<li>
<div style="text-align: justify;">Please do not publish the data only as part of the quarterly reports available in PDF format, but also as independent machine-readable spreadsheet file (preferably in CSV format),</div>
</li>
<li>
<div style="text-align: justify;">Do not only publish quarterly data in separate files, but also provide a combined (all quarters together) dataset that would make it much easier for researchers and analysts to use the data,</div>
</li>
<li>
<div style="text-align: justify;">In some exceptional cases, the data is not provided in the report directly but a diagram containing the data is published <a name="fr3">[3]</a>, which should be kindly avoided, and</div>
</li>
<li>
<div style="text-align: justify;">Please publish these statistics as open data, that is in open standards and under open licenses.<br /><br /></div>
</li></ul>
</li></ol>
<p style="text-align: justify;">Further, we request TRAI to explore possibilities of distributed sourcing of data, perhaps from the users themselves, about the actual network usage experiences, including but not limited to signal strength, data transfer speed (incoming and outgoing), frequency of switches between mobile (GSM and CDMA) and wi-fi connectivity, etc.</p>
<p> </p>
<h3>References</h3>
<p> </p>
<p style="text-align: justify;">[<a name="fn1">1</a>]. http://trai.gov.in/WriteReaddata/ConsultationPaper/Document/CP-Differential-Pricing-09122015.pdf.</p>
<p style="text-align: justify;">[<a name="fn2">2</a>]. http://www.trai.gov.in/Content/PerformanceIndicatorsReports/1_1_PerformanceIndicatorsReports.aspx.</p>
<p style="text-align: justify;">[<a name="fn3">3</a>]. http://www.trai.gov.in/WriteReadData/PIRReport/Documents/Performance_Indicator_Report_Jun_2015.pdf , sections 1.43 and 1.44 (pp. 31-32).</p>
<p> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/telecom/blog/trai-consultation-on-differential-pricing-for-data-services'>http://editors.cis-india.org/telecom/blog/trai-consultation-on-differential-pricing-for-data-services</a>
</p>
No publishersumandroInternet AccessTRAINet NeutralityTelecomTRAI, OTTInternet Governance2016-03-30T13:13:30ZBlog EntryInternet Shutdown Stories
http://editors.cis-india.org/internet-shutdown-stories
<b>A collection of stories of the impact of internet shutdowns on the lives of Indian citizens.</b>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-shutdown-stories'>http://editors.cis-india.org/internet-shutdown-stories</a>
</p>
No publisherAmbika TandonInternet AccessInternet ShutdownDigital Rights2018-05-17T10:45:20ZFile