The Centre for Internet and Society
http://editors.cis-india.org
These are the search results for the query, showing results 101 to 115.
IETF106
http://editors.cis-india.org/internet-governance/news/ietf106
<b>Gurshabad Grover participated at IETF106, which was held in Singapore 16-22 November, 2019.</b>
<p class="moz-quote-pre">In the meeting of the Human Rights Protocol Considerations (hrpc) research group, I presented an update to draft-irtf-hrpc-guidelines-03 (Guidelines for Human Rights Protocol and Architecture Considerations), which is an Internet Draft adopted by the hrpc rg that he is co-editing with Niels ten Oever. <a class="external-link" href="https://datatracker.ietf.org/doc/draft-irtf-hrpc-guidelines/">More info here</a>.</p>
<p class="moz-quote-pre" style="text-align: justify; ">Among other working/research group meetings, I participated theTransport Layer Security (tls) and the Privacy Enhancements and Assessments research group (pearg) sessions. I also participated inseveral side meetings, including the Public Interest Technology Group(pitg) meeting.</p>
<p class="moz-quote-pre" style="text-align: justify; ">Agenda for the IETF and the different WGs/RG can be found on the <a class="external-link" href="https://datatracker.ietf.org/meeting/106/agenda">IETF website</a>.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/ietf106'>http://editors.cis-india.org/internet-governance/news/ietf106</a>
</p>
No publisherAdminInternet GovernancePrivacy2019-12-15T06:14:02ZNews ItemStakeholder Consultation on Digital Assets for Women’s Economic Empowerment | UN Women + SEWA
http://editors.cis-india.org/internet-governance/news/stakeholder-consultation-on-digital-assets-for-women2019s-economic-empowerment-un-women-sewa
<b>On December 06, 2019, Ambika Tandon and Aayush Rathi participated in a "Stakeholder Consultation on Digital Assets for Women’s Economic Empowerment: Addressing Barriers and Enhancing Opportunities for Women in Informal Economy and in Agriculture".</b>
<p style="text-align: justify;">Aayush and Ambika participated upon the invite of UN Women and Self Employed Women's Association (SEWA), who were the organisers of the consultation. The consultation was from 9:30 am to 4:30 pm on 6th December, 2019 at the Claridges Hotel, New Delhi.</p>
<p style="text-align: justify;">Former UN Secretary-General Mr. Ban Ki Moon established the UN High-Level Panel on Women’s Economic Empowerment (UNHLP-WEE) to make action oriented recommendations on how to improve economic outcomes for women in the context of the Sustainable Development Agenda 2030.The panel submitted its final report to the UN Secretary General in 2017, identifying seven drivers for women’s economic empowerment and laying out concrete actions for accelerating progress towards women’s full and equal economic participation. <br /> <br />In February 2019, SEWA Bharat and UN Women had organized a National consultation on “Taking Action Towards Transformative Change for Women in the Informal Sector in India” in India with civil society organizations, researchers, philanthropists and international organizations to prioritize action on the drivers for women’s economic empowerment in the context of India. Four drivers, amongst seven, were prioritized through the consultative process. Driver 4 on Building Assets – Digital, Financial and Property is one of the critical drivers for Women’s Economic Empowerment in India and has been prioritized for the first stakeholder consultation in the roadmap development process to contextualize the recommendation of HLP in the Indian context. <br /> <br />The primary objectives, then, of this consultation were as follows:</p>
<ol>
<li style="text-align: justify;">To provide a platform for sharing of experiences in research, programming and policy to ensure digital assets for women in the informal economy and in agriculture;</li>
<li>To identify proven and promising practices in this regard; </li>
<li>To develop an action agenda including identification of areas for research, programming and policy to reduce the gender digital divide. </li></ol>
<p style="text-align: justify;"><br /><strong class="moz-txt-star">*Detailed agenda*</strong></p>
<div style="text-align: left;">Download the detailed agenda <a class="external-link" href="https://cis-india.org/raw/concept-note-and-agenda-for-stakeholder-consultation/">here</a>. </div>
<p style="text-align: justify;"> <br /><strong class="moz-txt-star">*Participation*</strong> <br /> <br />At the consultation, Aayush contributed to the breakout group on DBT while Ambika contributed to the one on employment. The consultation led to rich discussions as on-ground experiences and learning from implementation programs were shared widely to devise a roadmap and policy recommendations.</p>
<p style="text-align: justify;"> </p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/stakeholder-consultation-on-digital-assets-for-women2019s-economic-empowerment-un-women-sewa'>http://editors.cis-india.org/internet-governance/news/stakeholder-consultation-on-digital-assets-for-women2019s-economic-empowerment-un-women-sewa</a>
</p>
No publisherAdminGenderInternet Governance2020-04-07T13:14:40ZNews ItemPower over privacy: New Personal Data Protection Bill fails to really protect the citizen’s right to privacy
http://editors.cis-india.org/internet-governance/news/the-times-of-india-december-12-2019-power-over-privacy
<b>Nikhil Pahwa throws light on the new personal data protection bill.</b>
<p style="text-align: justify; ">The article by Nikhil Pahwa was <a class="external-link" href="https://timesofindia.indiatimes.com/blogs/toi-edit-page/power-over-privacy-new-personal-data-protection-bill-fails-to-really-protect-the-citizens-right-to-privacy/">published in the Times of India</a> on December 12, 2019. CIS report was mentioned.</p>
<hr />
<p style="text-align: justify; ">Earlier this year, in April, <a href="https://blog.trendmicro.com/trendlabs-security-intelligence/55m-registered-voters-risk-philippine-commission-elections-hacked/" rel="noopener noreferrer" target="_blank">a data breach</a> in the Election Commission of Philippines led to the leakage of personal information of over 55 million eligible voters on a searchable website: including names, addresses and date of birth. This was not the first data breach from the Election Commission. After the first, which took place in March 2016, where 340 GB of voter data was <a href="http://www.rappler.com/newsbreak/in-depth/127870-comelec-leak-identity-theft-scams-experts" rel="noopener noreferrer" target="_blank">published online by a group of hackers called LulzSec Pilipinas</a>, the National Privacy Commission of Philippines found that the Election Commission had violated the Data Privacy Act of 2012, and <a href="https://www.privacy.gov.ph/2017/01/privacy-commission-finds-bautista-criminally-liable-for-comeleak-data-breach/" rel="noopener noreferrer" target="_blank">recommended criminal prosecution of its chairman</a>, finding him liable when the agency failed to dispense its duty as a “personal information controller”.</p>
<p style="text-align: justify; ">It’s 2019, and that recommendation has still not been acted upon, because the National Privacy Commission of Philippines only has recommendatory powers for criminal prosecution. Meanwhile, data breaches continue at the Election Commission of Philippines.</p>
<p style="text-align: justify; ">Between 2017 and 2018, Aadhaar related personally identifiable data of several Indian citizens, including names, addresses, bank account numbers, in some cases pregnancy information and even religion and caste information of individuals, was published online by Indian government departments. The Centre for Internet and Society, in a report, estimated that <a href="https://www.medianama.com/2017/05/223-aadhaar-numbers-data-leak/" rel="noopener noreferrer" target="_blank">personally identifiable data for 130-135 million Indian citizens had been leaked</a>, thus putting them at risk. 210 government websites had made Aadhaar related data public, <a href="https://www.thehindu.com/news/national/210-govt-websites-made-aadhaar-details-public-uidai/article20555266.ece" rel="noopener noreferrer" target="_blank">UIDAI confirmed in response to an RTI in 2017</a>.</p>
<p style="text-align: justify; ">No one was held liable. There was no data protection law, no data protection authority, no criminal prosecution was recommended. Around that time, the Indian government was instead arguing in the Supreme Court that privacy isn’t a fundamental right under the Indian Constitution.</p>
<p style="text-align: justify; ">What we can learn from these two instances is that for the enforcement of a citizen’s right to privacy, and ensuring that no one takes the protection of data lightly, there needs to be a strong privacy law that holds even the government responsible, and above all, a strong data protection authority that is independent and has powers to penalise even government officials. On some of these counts, the Personal Data Protection Bill, 2019, disappoints.</p>
<p style="text-align: justify; ">First, members of the Data Protection Authority will no longer be appointed by independent entities from diverse backgrounds: where they were previously going to be appointed by a committee comprising the Chief Justice of India or a Supreme Court judge, the Cabinet secretary, and an independent expert, the power to appoint members to DPA now rests solely with government officials, including the appointment of adjudicating officers. In addition, the central government, in the interest of “national security, sovereignty, international relations and public order, can issue directions to DPA, which DPA will be bound by. Powers of DPA have also been reduced: while in the previous version of the bill, DPA had the sole power to categorise data as sensitive personal data, in the current version, the power rests with the central government, albeit in consultation with DPA. The central government will also notify any social media company as a significant data fiduciary, and not DPA. Only the central government can determine what critical personal data is, and not DPA.</p>
<p style="text-align: justify; ">This dependence on the government for appointments, functions and definitions, will invariably impact the independence of DPA, and even though the 2019 version of the bill gives it the authority to fine the state a maximum of Rs 5-15 crore, depending on the offence, i’d be surprised if this ever happens.</p>
<p style="text-align: justify; ">The bill does create significant exceptions for the state to acquire and process data, and an opportunity to create a base for surveillance reform in the country has been lost. The previous version of the bill had brought some sense of safety against mass surveillance, when it included the condition that processing of data by the government must be “necessary and proportionate”, drawing from Supreme Court’s historic right to privacy judgment. This is particularly important given that the bill also gives power to the government to exempt any agency from the provisions of the bill for processing of personal data, which includes acquiring data from any public or private entity.</p>
<p style="text-align: justify; ">Effectively, this means that government agencies may be exempt from any scrutiny by DPA, and can even collect data from third parties (for example, fin-tech companies, health-tech startups) without the user even knowing. Forget recommending criminal prosecution for mass surveillance, India’s DPA won’t even be able to fine a government agency for such a violation of the fundamental right to privacy. The government also has vast exceptions for data processing: “for the performance of any function of the state authorised by law”.</p>
<p style="text-align: justify; ">This aside, one of the more curious clauses in the bill is around non-personal data. The government, a few months ago, constituted a committee led by Infosys co-founder Kris Gopalakrishnan to look into the governance of non-personal data. Non-personal data, as the term suggests, is any data that is not related to an individual. In the bill, the government has given itself the right to acquire this data, which is essentially a company’s intellectual property, to “promote framing of policies for digital economy”. Why non-personal data finds a mention in a Personal Data Protection Bill is beyond comprehension, and this move will not inspire much confidence in businesses operating in India, when the state claims eminent domain over intellectual property.</p>
<p style="text-align: justify; ">It’s unfortunate minister Ravi Shankar Prasad is sending the bill to a select committee, given the fact that such significant changes to the bill should have led to another public consultation.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/the-times-of-india-december-12-2019-power-over-privacy'>http://editors.cis-india.org/internet-governance/news/the-times-of-india-december-12-2019-power-over-privacy</a>
</p>
No publisherNikhil PahwaInternet GovernancePrivacy2019-12-15T05:57:31ZNews ItemIndia’s record on internet shutdown gets bleaker; now blocked in 2 NE states
http://editors.cis-india.org/internet-governance/news/hindustan-times-december-11-2019-indias-record-on-internet-shutdown-gets-bleaker
<b>India reported over 100 internet shutdown in 2018, according to an annual study of Freedom House, a US-based non-profit research organization.</b>
<p style="text-align: justify; ">The article was published in the <a class="external-link" href="https://www.hindustantimes.com/india-news/amid-anti-citizenship-bill-protests-internet-shutdown-in-tripura-arunachal/story-jqR4jxiJexKbKIivV6XZBP.html">Hindustan Times</a> on December 11, 2019. Pranesh Prakash was quoted.</p>
<hr style="text-align: justify; " />
<p style="text-align: justify; ">The internet shutdown on Tuesday in Arunachal Pradesh and Tripura amid spiraling protests against the <a href="https://www.hindustantimes.com/editorials/why-north-east-shouldn-t-be-wary-of-citizen-amendment-bill-opinion/story-JPYTnQROIi9cdXACK3k7KO.html" title="Citizenship (Amendment) Bill in the Northeast">Citizenship (Amendment) Bill in the Northeast</a> is the latest in a series of such shutdowns across India, which topped the list of countries that resorted to such measures in 2018.</p>
<p style="text-align: justify; ">India reported over 100 internet shutdown in 2018, according to an annual study of Freedom House, a US-based non-profit research organization. The study on the internet and digital media freedom was conducted in over 65 countries, which cover 87% of the world’s internet users</p>
<p style="text-align: justify; ">Police and administrative authorities have cited protests and other security reasons to routinely snap the internet in India.</p>
<p style="text-align: justify; ">The Centre promulgated the Temporary Suspension of Telecom Services (Public Emergency or Public Safety) Rules, 2017, under the Indian Telegraph Act, 1885, in August 2017 for legal sanction to the shutdowns.</p>
<p style="text-align: justify; ">As per the rules, Union home ministry secretary or secretaries of state home departments can order temporary suspension of the internet. An internet suspension order has to be taken up for review within five days.</p>
<p style="text-align: justify; ">Prior to 2017, authorities could shut down the internet under Section 144 of the Code of Criminal Procedure (CrPC), which empowers an executive magistrate to prohibit an assembly of over four people.</p>
<p style="text-align: justify; ">Section 5 (2) of the Telegraph Act, 1855, allowed the government to prevent transmission of any telegraphic message during a public emergency or in the interest of public safety.</p>
<p style="text-align: justify; ">The Kashmir Valley has remained under an internet shutdown since August 4. The shutdown was imposed hours ahead of the nullification of the Constitution’s Article 370 that gave Jammu and Kashmir special status.</p>
<p style="text-align: justify; ">Internet and phone lines were snapped ahead of Republic Day celebrations in 2010 in one of the first reported shutdowns in the Valley. Kashmir also holds the record for the longest shutdown when the internet was snapped for 133 days after the killing of Hizbul Mujahideen militant Burhan Wani in July 2016. The current shutdown, with 122 days and counting, is the second-longest.</p>
<p style="text-align: justify; ">The 100-day blackout in Darjeeling during the Gorkha agitation in 2016 is the third-longest internet shutdown in India.</p>
<p style="text-align: justify; ">Ahead of the verdict in the Ram Janmabhoomi-Babri Masjid title suit last month, the internet was shut down in parts of Maharashtra, Rajasthan, Haryana and Uttar Pradesh. The internet was shut down for three days in Gujarat during the agitation for a quota in jobs and educational institutes for the Patidar community in 2015.</p>
<p style="text-align: justify; ">As per the Software Freedom Law Centre, which provides free legal services to protect Free and Open Source Software, the total number of shutdowns in Indian since 2012 is more than 359. As per the tracker -- internetshutdowns.in -- which records such instances from newspaper clippings -- there have been 89 internet shutdowns in 2019, 134 in 2018, and 79 in 2017.</p>
<p style="text-align: justify; ">“As a part of this project, we track incidents of Internet shutdowns across India in an attempt to draw attention to the troubling trend of disconnecting access to Internet services, for reasons ranging from curbing unrest to preventing cheating in an examination,” it states as part of its purpose.</p>
<p style="text-align: justify; ">In September this year, the Kerala High Court held that access to the internet is a fundamental right. <span>According to Pranesh Prakash of the Centre for Internet Society, the shutdowns are largely unlawful.</span></p>
<p style="text-align: justify; ">“David Kaye, the UN special rapporteur on the right to freedom of opinion and expression, has condemned the shutdowns and noted that the principles of proportionality and necessity should be adhered to in case of shutdowns. Yet, there have been several instances where lives have been lost in Kashmir due to the lockdown,” he said.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/hindustan-times-december-11-2019-indias-record-on-internet-shutdown-gets-bleaker'>http://editors.cis-india.org/internet-governance/news/hindustan-times-december-11-2019-indias-record-on-internet-shutdown-gets-bleaker</a>
</p>
No publisherAdminFreedom of Speech and ExpressionInternet Governance2019-12-15T05:51:20ZNews ItemOutrage As Privileged IITians Use Tech To Spy On Sweepers
http://editors.cis-india.org/internet-governance/news/huffignton-post-december-13-2019-rachna-khaira-outrage-as-privileged-iit-ians-use-tech-to-spy-on-sweepers
<b>Some members of the housekeeping staff at IIT Ropar were put under round the clock surveillance during working hours for many days in February this year without their consent. IIT Ropar Director Prof S K Das has ordered a probe into the incident.</b>
<p style="text-align: justify; ">The article by Rachna Khaira was <a class="external-link" href="https://www.huffingtonpost.in/entry/outrage-as-privileged-iitians-use-tech-to-spy-on-sweepers_in_5df1bbc8e4b06a50a2e9e659">published in Huffington Post</a> on December 31, 2019. Aayush Rathi was quoted.</p>
<hr />
<p style="text-align: justify; ">The Indian Institute of Technology (IIT), Ropar is conducting a probe into the reported tagging and round the clock electronic surveillance of some housekeeping staff members as part of an experiment run by the Technology Business Incubation Foundation (TBIF) located at the IIT campus in February this year.</p>
<p style="text-align: justify; "><em>HuffPost India </em>has learnt that the TBIF, a tech incubator run within IIT Ropar, signed off on the “Sweepy” project in which housekeeping staff were given wristbands and brooms secretly embedded with tracking chips, without seeking the consent of the janitorial staff, or informing IIT Ropar management.</p>
<p style="text-align: justify; ">While the housekeeping staff were told the wristbands would record their pulse and heart beat, and that they should wear it while cleaning the campus, the tracking chips were used to track to assess if they were sweeping out hard-to-reach corners of the institute.</p>
<p style="text-align: justify; ">Prof. Sarit Kumar Das, Director IIT Ropar told HuffPost India that a three member committee comprising of Prof. Bijoy H Barua, Prof. Javed Agrewala and Prof. Deepak Kashyap has been set up to look into the matter.</p>
<p style="text-align: justify; ">“We at the IIT Ropar respect privacy and condemn any such violation made by any of our student or staff member,” said Prof. Das. “Before conducting any experiment on human beings, an approval has to be sought from the human ethics team constituted in our institution and they present a case to me after seeking a written consent from the people who would undergo the experiment. Only, after getting my approval, such an experiment can be conducted at the campus.”</p>
<h3 style="text-align: justify; ">Sweeping surveillance</h3>
<p style="text-align: justify; ">J K Sharma, the Chief Operating Officer of TBIF, told <em>HuffPost India</em> that his tech incubator deliberately misled the housekeeping staff about the true purpose of the wristband as they felt the housekeeping staff wouldn’t agree to wear such a device.</p>
<p style="text-align: justify; ">While elaborating more on the ‘Sweepy’ project, Sharma said that the project was based on an idea that came to the hostellers who were upset over the housekeeping staff for not cleaning their rooms.</p>
<p style="text-align: justify; ">“The sweepers were not working properly and despite reporting the matter several times to the authorities, they were not taking any cognisance. Perturbed, the students developed this programme in which the location of the sweeper can be recorded and monitored in a control room by a gadget tied to the sweeper’s wrist,” said Sharma.</p>
<p style="text-align: justify; ">He further added that a beacon records the activity of the sensor pasted to the broom or mop held by the sweeper and can monitor the area and the time in which it was used. The report was produced digitally on the screen.</p>
<p style="text-align: justify; ">Was a consent sought from the sweepers before tagging them?</p>
<p style="text-align: justify; ">“The testing was done in a secret manner as the housekeeping staff may not have given their consent for the trial. We tried it on three sweepers and while two of them were found working dedicatedly, one was found to have missed cleaning from few areas assigned to him,” said Sharma.</p>
<p style="text-align: justify; ">The findings were shared with the housekeeping supervisor who later directed his staff to do their duty more diligently.</p>
<p style="text-align: justify; ">The team working on the project however told <em>HuffPost India</em> that they secured the privacy of the housekeeping staff by removing the microphone from the gadgets tied to their wrists.</p>
<p style="text-align: justify; ">This technology does not have video feature and only monitors location of a moving object and is quite cheap as compared to the radio-frequency identification (RFID) technology that uses electromagnetic fields to automatically identify and track tags attached to objects.</p>
<blockquote class="pull-quote content-list-component" style="text-align: justify; ">The testing was done in a secret manner as the housekeeping staff may not have given their consent for the trial. We tried it on three sweepers and while two of them were found working dedicatedly, one was found to have missed cleaning from few areas assigned to himJ K Sharma, Chief Executive Officer, Technology Business Incubation Foundation, IIT Ropar</blockquote>
<p style="text-align: justify; ">Calling this an increasingly commonplace trend of covert spying on domestic workers without their knowledge, Ayush Rathi, Programme Officer, Centre for Internet and Society, said that the housekeeping staff was made to wear the gadget under a false pretense is telling.</p>
<p style="text-align: justify; ">“This is a classic example of how the access to privacy is stratified along the axes of class, caste and gender. And ties in closely with a key purpose of surveillance — that of exerting control over people’s bodies to conform to the surveiller’s ideas of right and wrong,” said Rathi.</p>
<p style="text-align: justify; ">He further added that in many ways, this story captures the zeitgeist of the 21st century. The is the essence of so much of what qualifies as innovation today is that they seek to find technological solutions to problems that are structural in nature.</p>
<p style="text-align: justify; ">“So, in this instance it is very evident that the objective sought to be achieved was not to merely ‘fix’ the problem of the housekeeping staff performing its duties well, but to solely hold them guilty for failing to do so,” said Rathi.</p>
<p style="text-align: justify; ">An alternate, albeit more tedious, approach would have been to speak with the workers and iron out the struggles they were facing at the workplace that were preventing them from performing their job well. Any solution could only have been prepared thereafter — he added.</p>
<p style="text-align: justify; ">As per Prof. Das, a major problem with the engineering students is that unlike medical students, 90 percent of their experiments are based on machines and not human beings.</p>
<p style="text-align: justify; ">“There is too much deficiency of the understanding of human psychology amongst engineering students. To curb this, we at the IIT have started a mandatory course on human ethics which is being taught by some of the renowned human psychology experts. Still sometimes, the violations gets reported,” said Prof. Das.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/huffignton-post-december-13-2019-rachna-khaira-outrage-as-privileged-iit-ians-use-tech-to-spy-on-sweepers'>http://editors.cis-india.org/internet-governance/news/huffignton-post-december-13-2019-rachna-khaira-outrage-as-privileged-iit-ians-use-tech-to-spy-on-sweepers</a>
</p>
No publisherRachna KhairaInternet GovernancePrivacy2019-12-15T05:33:21ZNews ItemWhatsApp spy attack and after
http://editors.cis-india.org/internet-governance/news/deccan-herald-november-6-2019-theres-sudeep-whatsapp-spy-attack-and-after
<b>Bengaluru experts analyse the Pegasus snooping scandal, and provide advice on what you can do about the gaping holes in your mobile phone security.</b>
<p>The article by Theres Sudeep was published in <a class="external-link" href="https://www.deccanherald.com/metrolife/metrolife-your-bond-with-bengaluru/whatsapp-spy-attack-and-after-773955.html">Deccan Herald</a> on November 6, 2019. Aayush Rathi was quoted.</p>
<hr />
<p>Last week ended with a sensational piece of news: WhatsApp said spyware Pegasus was being used to hack into the phones of activists and journalists in India.</p>
<p style="text-align: justify; ">The software is the brainchild of the NSO Group, an Israeli company. WhatsApp has detected 1,400 instances of Pegasus being used in the latest wave of attacks between April 29 and May 10. WhatsApp has identified 100-plus cases targeting human rights defenders and journalists. About two dozen of these attacks were in India.</p>
<p style="text-align: justify; ">Among those whose security was reportedly compromised is Congress leader Priyanka Gandhi.The first question is who ordered this snooping. NSO claims they sell their technology only to government agencies for lawful investigation into crime and terrorism. Speculation is rife that there is government involvement in the snooping.</p>
<p style="text-align: justify; ">Vinay Srinivas, lawyer with Alternative Law Forum, Bengaluru, says,“The targets of the attack seem to be those who had critical things to say about the current government.”Referring to a tweet by journalist Arvind Gunasekar, Srinivas says there is clear proof that the government knew of the breach and its severity.The tweet includes a screenshot of a report from the CERT-IN (Indian Computer Emergency Response Team) website dated May 17.</p>
<p style="text-align: justify; ">It shows severity rating as “High”.WhatsApp says the vulnerability has now been patched and urged users to update the app. But a level of paranoia around smartphones and privacy has been created. Apar Gupta, executive director of the Internet Freedom Foundation, based in Delhi works towards internet freedom and privacy, says Pegasus,specially, is too expensive (it can cost up to eight million dollars a year to licence) to be used on ordinary citizens.</p>
<p style="text-align: justify; ">But not all spyware is expensive. “Multiple kinds are now commercially available and easy to procure. These can be used by an estranged lover or even a professional rival to find information about you,” he says. Jija Hari Singh, retired DGP and Karnataka’s first woman IPS officer, says Pegasus is one of the smaller players, and spyware akin to it has been around for three decades. “Monsters bigger than Pegasus are still snooping on us,” she says.</p>
<h3 style="text-align: justify; ">NOTHING TO HIDE?</h3>
<p style="text-align: justify; ">Many people fall back on the narrative of ‘I have nothing to hide, so I’m not worried’.Aayush Rathi, Programme Officer at the Centre for Internet and Society, says that this is a flawed premise: “It is like saying free speech is not important for you because you have nothing useful to say.”Gupta breaks down this rationale: “If a person has ‘nothing to hide’ then they should just unlock their phone and hand it over to any person who asks for it. But the minute such a demand is made they would feel uncomfortable.”This discomfort, he says, doesn’t come because they are doing something illegal but because they fear social judgement.“There is a level of intimacy in their conversations that they’d rather not share with anyone else,” he says.Many people believe only illegal activity leads to surveillance, but that is not the case.“Even the most inconsequential actions are being logged on digital devices, and much of this information can be monetised,” he says.The most tangible risks are financial fraud and identity theft, and spyware is also commonly used for corporate espionage.</p>
<h3 style="text-align: justify; ">UPDATE SECURITY</h3>
<p style="text-align: justify; ">So what must one do if one’s phone is spied on? In the case of Pegasus, Rathi says, “You would have received a communication from WhatsApp if you were targeted. Irrespective, you should update the application immediately as the latest update fixes the vulnerability.”Srinivas says legally the recourse available is the fundamental right to privacy. “Since the government doesn’t have any regulation in place to deal with this, the National Human Rights Commission will have to take it up,” he says.</p>
<p style="text-align: justify; ">Gupta advises precautions against preventable hacks. He advises a reading of online guides on surveillance self-defence, especially those by Electronic Frontier Foundation.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/deccan-herald-november-6-2019-theres-sudeep-whatsapp-spy-attack-and-after'>http://editors.cis-india.org/internet-governance/news/deccan-herald-november-6-2019-theres-sudeep-whatsapp-spy-attack-and-after</a>
</p>
No publisherTheres SudeepInternet GovernancePrivacy2019-12-15T05:06:27ZNews ItemIn Twitter India’s Arbitrary Suspensions, a Question of What Constitutes a Public Space
http://editors.cis-india.org/internet-governance/blog/the-wire-torsha-sarkar-december-7-2019-twitter-arbitrary-suspension-public-space
<b>A discussion is underway about the way social media platforms may have to operate within the tenets of constitutional protections of free speech.</b>
<p style="text-align: justify; ">The article by Torsha Sarkar was <a class="external-link" href="https://thewire.in/tech/twitter-arbitrary-suspension-public-space">published in the Wire</a> on December 7, 2019.</p>
<hr />
<p style="text-align: justify; ">On October, 26 2019, Twitter suspended the account of senior advocate Sanjay Hegde. The reason? He had previously put up the famous photo of August Landmesser refusing to do the Nazi salute in a sea of crowd in the Blohm Voss shipyard.</p>
<p style="text-align: justify; ">According to the social media platform, the image violated Twitter’s ‘hateful imagery’ guidelines, despite the photo being around for decades and usually being recognised as a sign of resistance against blind authoritarianism.</p>
<p style="text-align: justify; "><img src="http://editors.cis-india.org/home-images/AugustLandmesser.png/@@images/bf841f6d-fd25-4bd8-b421-8e55d81c021b.png" alt="August Landmasser" class="image-inline" title="August Landmasser" /></p>
<p style="text-align: justify; "><i>August Landmesser. Photo: Public Domain</i></p>
<p style="text-align: justify; ">Twitter briefly revoked the suspension on October 27, but promptly suspended Hegde’s account again. This time, the action was prompted by Hegde quote-tweeting parts of a poem by Gorakh Pandey, titled ‘Hang him’, which was written in protest of the first death penalties given to two peasant revolutionaries in an independent India. This time, Hegde was informed that his account would not be restored.</p>
<p style="text-align: justify; ">Spurred by what he believed was Twitter’s arbitrary exercise of power, he proceeded to file a legal notice with Twitter, and <a href="https://www.livelaw.in/news-updates/sr-adv-sanjay-hegde-serves-legal-notice-on-twitter-for-restoration-of-account-149579">asked</a> the Ministry of Electronics and Information Technology (MeitY) to intervene in the matter. It is the subject matter of this ask that becomes of interest.</p>
<p style="text-align: justify; ">In his complaint, Hegde first outlines how the content shared by him did not violate any of Twitter’s community guidelines. He then goes on to highlight how his fundamental right of dissemination and receipt of information under Article 19(1)(a) were obstructed by the action of Twitter. Here, he places reliance to several key decisions of the Indian and the US Supreme court on media freedom, which provided thrust to his argument that a citizen’s right to free speech is meaningless if control was concentrated in the hands of a few private parties.</p>
<h3 style="text-align: justify; ">Vertical or horizontal?</h3>
<p style="text-align: justify; ">One of the first things we learn about fundamental rights is that they are enforceable against the government, and that they allow the individual to have a remedy against the excesses of the all-powerful state. This understanding of fundamental rights is usually called the ‘vertical’ approach – where the state, or the allied public authority is at the top and the individual, a non-public entity is at the bottom.</p>
<p style="text-align: justify; ">However, there is another, albeit underdeveloped, thread of constitutional jurisprudence that argues that in certain circumstances these rights can be claimed against another private entity. This is called the ‘horizontal’ application of fundamental rights.</p>
<p style="text-align: justify; ">In that note, Hegde’s contention essentially becomes this – claiming an enforceable remedy against the private entity for supposedly violating his fundamental right. This is clearly an ask for the Centre to consider a horizontal application of Article 19(1)(a) against large social media companies.</p>
<h3 style="text-align: justify; ">What could this mean?</h3>
<p style="text-align: justify; ">Lawyer Gautam Bhatia has <a href="https://indconlawphil.wordpress.com/2015/05/24/horizontality-under-the-indian-constitution-a-schema/">argued</a> that there are several ways in which a fundamental right can be enforced against another private entity. It must be noted that he derives this classification on the touchstone of existing judicial decisions, which is different from seeking an executive intervention. Nevertheless, it is interesting to consider the logic of his arguments as a thought exercise. Bhatia points out that one of the ways in which fundamental rights can be applied to a private entity is by assimilating the concerned entity as a ‘state’ as per Article 12.</p>
<p style="text-align: justify; ">There is a considerable amount of jurisprudence on the nature of the test to determine whether the assailed entity is state. In 2002, the Supreme Court <a href="https://indiankanoon.org/doc/471272/">held</a> that for an entity to be deemed state, it must be ‘functionally, financially and administratively dominated by or under the control of the Government’. If we go by this test, then a social media platform would most probably not come within the ambit of Article 12.</p>
<p style="text-align: justify; ">However, there is a thread of recent developments that might be interesting to consider. Earlier this year, a federal court of appeals in the US <a href="https://int.nyt.com/data/documenthelper/1365-trump-twitter-second-circuit-r/c0f4e0701b087dab9b43/optimized/full.pdf#page=1">ruled</a> that the First Amendment prohibits President Donald Trump, who used his Twitter for government purposes, from blocking his critics. The court further held that when a public official uses their account for official purposes, then the account ceases to be a mere private account. This judgment has a sharp bearing in the current discussion, and the way social media platforms may have to operate within the tenets of constitutional protections of free speech.</p>
<p style="text-align: justify; ">Although the opinion of the federal court clearly noted that they did not concern themselves with the application of the First Amendment rights to the social media platforms, one cannot help but wonder – if the court rules that certain spaces in a social media account are ‘public’ by default, and that politicians cannot exclude critiques from those spaces, then <a href="https://www.forbes.com/sites/kalevleetaru/2017/08/01/is-social-media-really-a-public-space/#2ca9795b2b80">can</a> the company itself block or impede certain messages? If the company does it, can an enforceable remedy then be made against them?</p>
<p style="text-align: justify; "><img src="http://editors.cis-india.org/home-images/Trump.png/@@images/9bd98eba-124f-4be0-b60c-13482b76ae80.png" alt="Trump" class="image-inline" title="Trump" /></p>
<p style="text-align: justify; "><span style="text-align: center; "><i>A US court ruled that Donald Trump cannot block people on his Twitter account. Photo: Reuters</i></span></p>
<h3 style="text-align: justify; ">What can be done?</h3>
<p style="text-align: justify; ">Of course, there is no straight answer to this question. On one hand, social media platforms, owing to the enormous concentration of power and opaque moderating policies, have become gatekeepers of online speech to a large extent. If such power is left unchecked, then, as Hegde’s request demonstrates, a citizen’s free speech rights are meaningless.</p>
<p class="_yeti_done" style="text-align: justify; ">On the other hand, if we definitively agree that in certain circumstances, citizens should be allowed to claim remedies against these companies’ arbitrary exercise of power, then are we setting ourselves for a slippery slope? Would we make exceptions to the nature of spaces in the social media based on who is using it? If we do, then what would be the extent to which we would limit the company’s power of regulating speech in such space? How would such limitation work in consonance with the company’s need to protect public officials from targeted harassment?</p>
<p style="text-align: justify; ">At this juncture, given the novelty of the situation, our decisions should also be measured. One way of addressing this obvious paradigm shift is by considering the idea of oversight structures more seriously.</p>
<p style="text-align: justify; ">I have previously <a href="https://cyberbrics.info/rethinking-the-intermediary-liability-regime-in-india/">written</a> about the possibility of having an independent regulator as a compromise between overtly stern government regulation and allowing social media companies to have free reign over the things that go on their platforms. In light of the recent events, this might be a useful alternative to consider.</p>
<p style="text-align: justify; ">Hegde had also asked the MeitY to issue guidelines to ensure that any censorship of speech in these social media platforms is to be done in accordance with the principles of Article 19.</p>
<p style="text-align: justify; ">If we presume that certain social media platforms are large and powerful enough to be treated akin to public spaces, then having an oversight authority to arbitrate and ensure the enforcement of constitutional principles for future disputes may just be the first step towards more evidence-based policymaking.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/the-wire-torsha-sarkar-december-7-2019-twitter-arbitrary-suspension-public-space'>http://editors.cis-india.org/internet-governance/blog/the-wire-torsha-sarkar-december-7-2019-twitter-arbitrary-suspension-public-space</a>
</p>
No publishertorshaFreedom of Speech and ExpressionInternet Governance2019-12-12T16:54:05ZBlog EntryCyber security tips for small businesses
http://editors.cis-india.org/internet-governance/news/deccan-herald-december-1-2019-theres-sudeep-cyber-security-tips-for-small-businesses
<b>It is important to have good cyber security practices, experts recommend.</b>
<p><span style="text-align: justify; ">The article by Theres Sudeep was published in the </span><a class="external-link" href="https://www.deccanherald.com/metrolife/metrolife-your-bond-with-bengaluru/cyber-security-tips-for-small-businesses-781533.html" style="text-align: justify; ">Deccan Herald</a><span style="text-align: justify; "> on December 1, 2019. Arindrajit Basu was quoted.</span></p>
<hr />
<p style="text-align: justify; ">Many times small businesses don’t allocate any of their budgets to cybersecurity. This is due to the common misconception that it’s only larger companies and governments that need to worry about attacks by hackers and the like.</p>
<p style="text-align: justify; ">This is not the case as Arindrajit Basu of The Centre for Internet and Society explains, “The kind of risks that smaller players are vulnerable to may not be on the scale of threats that larger companies encounter, but it is equally important for them to have good cybersecurity practices,” he says.</p>
<p style="text-align: justify; ">Phishing, an attempt to obtain sensitive information by disguising oneself as a trustworthy entity, and ransomware, a type of malware that threatens to publish the victim’s data or block access to it unless a ransom is paid, are the two most common kinds of attacks on small business according to Basu.</p>
<p style="text-align: justify; ">He adds that many hackers see small businesses as an easy way into a larger network. Once the smaller nodes are breached, they can easily get to the bigger players on the network.</p>
<p style="text-align: justify; ">Bengaluru, the startup capital of the country, has many such small businesses that need to better their cybersecurity practices.</p>
<p style="text-align: justify; ">The first and foremost step recommended by Basu is to create a strategy within your business plan and revise it periodically. This must include employee training and guidelines on what to if there is a breach.</p>
<p style="text-align: justify; ">Apart from this owners and employees are advised to routinely change passwords and back up their data on a device that doesn’t connect to the internet.</p>
<p style="text-align: justify; ">Owners are also advised to monitor access to admin accounts.</p>
<p style="text-align: justify; ">Many small businesses and startups don’t have offices of their own, which means employees end up working at a cafe or the like.</p>
<p style="text-align: justify; ">When working at these venues, make sure to carry your own WiFi or use the hotspot from your phone. Open WiFi networks are vulnerable to attacks.</p>
<p style="text-align: justify; ">Basu concludes by saying that small businesses must be periodically audited by an independent cybersecurity firm.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/deccan-herald-december-1-2019-theres-sudeep-cyber-security-tips-for-small-businesses'>http://editors.cis-india.org/internet-governance/news/deccan-herald-december-1-2019-theres-sudeep-cyber-security-tips-for-small-businesses</a>
</p>
No publisherTheres SudeepInternet Governance2019-12-05T23:35:59ZNews ItemWhy having more CCTV cameras does not translate to crime prevention
http://editors.cis-india.org/internet-governance/news/why-having-more-cctv-cameras-does-not-translate-to-crime-prevention
<b>Can technology substitute addressing social, psychological, economic and other individual factors that largely lead to criminality? And what are the perils of over-reliance on technology to fight crime?</b>
<p dir="ltr" style="text-align: justify; ">The article by Manasa Rao was <a class="external-link" href="https://www.thenewsminute.com/article/why-having-more-cctv-cameras-does-not-translate-crime-prevention-108276">published the News Minute</a> on September 3, 2019. Pranav M. Bidare was quoted.</p>
<hr />
<p dir="ltr" style="text-align: justify; ">In August, a couple from Tamil Nadu’s Tirunelveli district made national headlines for their bravery. True to the Tamil adage ‘vallavanukku pullum aayudham’ (for the strong man, even a blade of grass is a weapon), when thieves entered their home, they fought them with chairs, slippers and even a bucket. Despite being armed with sickles, the masked miscreants fled the scene unable to match the counter-attack mounted by 70-year-old Shanmugavel and 65-year-old Senthamarai. The incident was caught on CCTV camera and the couple, whose video quickly went viral, was<a href="https://www.thenewsminute.com/article/video-elderly-tn-couple-bravely-fends-armed-robbers-plastic-chairs-107105"> celebrated</a> for their valour and made for the perfect social media feel-good story. However, as the news cycle was focused on them, senior police officers from the state and many commentators pointed to the importance of the CCTV camera footage. After all, the whole world watched their courage thanks to the CCTV camera affixed on the couple's front yard.</p>
<p dir="ltr" style="text-align: justify; ">Since 2017, the Tamil Nadu Police has been aggressively<a href="https://www.youtube.com/watch?v=fphSW8SBCh8"> pushing</a> for citizens to install CCTV cameras. A techno-futuristic awareness campaign<a href="https://www.youtube.com/watch?v=iPYzXSLbYYQ"> video</a> released last year even roped in popular Kollywood star Vikram to help the police force. “If there are CCTV cameras, crimes are prevented, evidenced and importantly, it provides evidence in court. So, each of us will compulsorily fix a CCTV camera wherever we are,” says Vikram. In a bold declaration, the motto of the campaign affirms, “With CCTV everywhere, Tamil Nadu has become a place without crime.” At the end of the video Vikram suggests Big Brother is watching, stating, “Everything. Everywhere. We're watching.”</p>
<p class="_yeti_done" dir="ltr" style="text-align: justify; ">But do more CCTV cameras necessarily translate to crime prevention and deterrence? Can technology substitute addressing social, psychological, economic and other individual factors that largely lead to criminality? And what are the perils of over-reliance on technology to fight crime?</p>
<p dir="ltr" style="text-align: justify; "><strong>What the numbers say</strong></p>
<p dir="ltr" style="text-align: justify; ">A<a href="https://www.comparitech.com/vpn-privacy/the-worlds-most-surveilled-cities/"> study</a> released in August by tech research group Comparitech ranked Chennai as 32nd out of 50 of the most surveilled cities in the world. The research group, with the use of government reports, police websites and news articles, puts the total number of cameras in the city at 50,000. With a 2016 estimated population of 1.07 crore in Chennai, that is 4.67 cameras per 1,000 people.</p>
<p dir="ltr" style="text-align: justify; ">With the help of <a href="https://www.numbeo.com/crime/rankings_current.jsp">Numbeo</a>, a crowd-sourced database of perceived crime rates, the study puts Chennai’s crime index at 40.39. On a scale of 0 to 100, this is an estimation of overall level of crime in a given city. This score means Chennai’s crime index is ranked ‘moderate’. Similarly, on a 100 point scale, the city's safety index— quite the opposite of crime index— is at 59.61. The higher the safety index, the safer a city is considered to be.</p>
<p dir="ltr" style="text-align: justify; ">The two other Indian cities on the list of 50 are New Delhi ranked No. 20 with 1,79,000 cameras for 1.86 crore people (9.62 cameras per 1,000 people) and Lucknow ranked at No. 40 with 9,300 cameras for 35.89 lakh people (2.59 cameras per 1,000 people). The capital's crime index is at 58.77 while its safety index is 41.23. The UP city on the other hand has a crime index of 45.30 and a safety index of 54.70.</p>
<p dir="ltr" style="text-align: justify; ">Stating that the higher number of cameras ‘just barely correlates’ with a higher safety index and lower crime index, the study concludes, “Broadly speaking, more cameras doesn’t necessarily result in people feeling safer.” While the presence of CCTV cameras may not inherently be bad, experts say that they cannot become a substitute for tackling crime and its causes which transcend the realm of technology. These involve tailored and specific approaches which stem from community building.</p>
<p dir="ltr" style="text-align: justify; "><strong>The infallible CCTV myth</strong></p>
<p dir="ltr" style="text-align: justify; ">Pranav MB, policy officer at the Centre for Internet and Society in Bengaluru observes that in the long run, over-reliance on CCTV cameras would merely propel criminals to innovate, as opposed to helping deter the crime from taking place. He says, “While it seems intuitive that the presence of a CCTV camera will have a deterring effect on criminal activity, numerous studies over the past decade have concluded that this is not really the case. The idea of a deterring effect also relies on the assumption that the actors are making educated intelligent choices about their future, which is often not the case with persons that commit criminal acts. So the deterring effect of CCTV cameras is not likely to be much more than the already deterring effect that exists because of criminal law and law enforcement.”</p>
<p dir="ltr" style="text-align: justify; ">Busting the myth that CCTV cameras are foolproof, Pranav adds that public infrastructure as simple as a streetlight could aid in safer neighbourhoods. “The fact remains, however, that if you are not using advanced technology, a simple mask will render you unidentifiable by most basic CCTV cameras. As more advanced and more expensive technology is used, you are only necessitating the need for innovation among criminals to identify new loopholes that they can exploit in the technology. This is not an argument that generally holds against the use of technology, but in the case of CCTV cameras, it has been seen that simple street lights much better serve the goal of deterrence of crimes,” he says.</p>
<p dir="ltr" style="text-align: justify; ">However, cops disagree with the findings. One IPS officer who works with the police’s Law and Order department in Chennai tells TNM that the presence of CCTV cameras has helped them nab a range of criminals from chain-snatchers to stalkers who have hacked women to death. Praising the use of facial recognition software like FaceTagr that was introduced a few years ago, the officer says, “CCTV cameras have a dissuading effect on criminals. At the very least they serve as a warning but in most cases, we can easily match them to criminals on our existing local, station-wise database. Especially when it comes to areas like T Nagar, Purasawalkam or other crime-prone suburbs, CCTV cameras are an invaluable tool for law enforcement.”</p>
<p dir="ltr" style="text-align: justify; ">“Even in cases of sexual abuse, street harassment or trafficking, private CCTV cameras have been helpful. Shop owners or residents have come forward with the footage in public interest,” he says, admitting that the Centre’s release of the long-pending National Crime Records Bureau (NCRB) statistics could show a correlation between the push to install CCTVs and crime rates.</p>
<p dir="ltr" style="text-align: justify; ">With a lack of NCRB data, there are no statistical answers to whether indeed installation of CCTV cameras has helped lowering of crime rates. However, as per one report in <a href="https://www.thehindu.com/news/national/tamil-nadu/cctv-cameras-crime-fighter-or-big-brother/article26226129.ece">The Hindu</a>, the police report a 30% drop in the crime rate in the city following the installation of CCTV cameras. According to their estimate for chain snatching alone, the city police claims that the number of cases have dropped from 792 in 2012 to 538 following the installation of CCTV cameras in 2018.</p>
<p style="text-align: justify; "><strong>Over-reliance on technology</strong></p>
<p dir="ltr" style="text-align: justify; ">Agreeing that law enforcement must be cautious while employing technology to solve crimes, Dr M Priyamvadha, associate professor at the Department of Criminology, University of Madras says her detailed interviews with over 200 incarcerated burglars across Tamil Nadu reveal that they are always on the lookout for a CCTV camera. “They simply use a jammer worth Rs 2,000 (a handy device that disrupts the signal range of a camera) to skirt the presence of a CCTV camera,” she reports. However, the professor cautions that one must not over-sell the capabilities of a CCTV camera in crime prevention.</p>
<p dir="ltr" style="text-align: justify; ">“We must remember that CCTV cameras don't deter all crimes. If there is family or domestic violence, there won't be a CCTV camera inside the four walls of a house to reveal it. For burglaries, robberies and such offences, you can rely on CCTV cameras. How far it helps is a question mark. You can neither completely say it prevents crime nor that it is a waste,” she says.</p>
<p dir="ltr" style="text-align: justify; ">The professor points out that even when deploying CCTV cameras across the city, law enforcement does not account for wear and tear and maintenance which forms an important part of monitoring security.</p>
<p dir="ltr" style="text-align: justify; ">Echoing the sentiment, Pranav says that CCTV cameras primarily serve as sources of electronic evidence in criminal cases. “Their deterring effect has repeatedly been observed to not balance out the costs of installing and running them.”</p>
<p dir="ltr" style="text-align: justify; "><strong>Privacy, data protection concerns</strong></p>
<p dir="ltr" style="text-align: justify; ">Chennai-based independent tech researcher Srikanth points to the inherent surveillance dangers thanks to the centralised way in which the city police collects the CCTV data. “There is something concerning especially about Chennai City Traffic Police and other various city police’s approach to CCTV. The fundamental shift is that, at least in the city, these cameras are connected to the police control room. So data gets centrally collated. When centralization kicks in, power abuse isn't far away. This way it is far easier for police to destroy evidence,” he alleges.</p>
<p dir="ltr" style="text-align: justify; ">Srikanth also points out, “CCTVs (especially connected ones) are usually funded by residents and/or merchants who spend their money in putting up the infrastructure, but freely give away the data to the police (often in good faith). There is no oversight on usage, storage, retention of this data and by sheer monopoly on law and order, the police is able to connect a vast number of private CCTVs on to its network.”</p>
<p dir="ltr" style="text-align: justify; ">Significantly, he expresses concerns about there being no laws that govern the usage of CCTV footage by the police. “Even if one gives into the legitimate state aim to control crime, even if one can argue violation of privacy is proportional, there is no law around use of CCTV by police, let alone using them in investigations. That the state engages with private vendors (such as FaceTagr) and many others also provides these service providers access to data,” he explains.</p>
<p dir="ltr" style="text-align: justify; ">Pranav also warns, “Furthermore, CCTV cameras also result in compromising the privacy of individuals, and if implemented by the state (as in the case of law enforcement), creates added surveillance risks. Compounding on this is the issue of the recorded video footage, which if stored/transmitted/managed in an non-secure manner creates data protection risks as well. This is especially true in India, where it is difficult to obtain the required infrastructure and expertise in running an effective and secure CCTV camera system.”</p>
<p dir="ltr" style="text-align: justify; "><strong>'Technology cannot replace interpersonal relationships'</strong></p>
<p dir="ltr" style="text-align: justify; ">Advising pragmatic thinking when it comes to crime prevention, professor Priyamvadha says that technology should complement what she calls the ‘human touch'. Junking the ‘holistic’ one-size-fits-all approach that is often paraded as a solution, the criminologist says that each crime requires a tailored method of tackling it. “For each and every crime, there is a different strategy. There maybe crimes committed by juveniles, crimes committed against women. For example, if female foeticide is rampant in a village, it is important to understand the village, the preferences of the people there and the caste practices present among them,” she observes.</p>
<p dir="ltr" style="text-align: justify; ">While technology often allows law enforcement to cover more ground in cases of limited manpower, there’s also a chance the cameras could be seen as a substitute for forging interpersonal relationships between police and the people they seek to protect. “With quick transferring of cops nowadays, the local police station doesn’t have an understanding of the ongoings. Interpersonal relationships are more important than technological advances,” she notes.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/why-having-more-cctv-cameras-does-not-translate-to-crime-prevention'>http://editors.cis-india.org/internet-governance/news/why-having-more-cctv-cameras-does-not-translate-to-crime-prevention</a>
</p>
No publisherManasa RaoInternet Governance2019-12-05T23:26:25ZNews ItemA Deep Dive into Content Takedown Timeframes
http://editors.cis-india.org/internet-governance/blog/torsha-sarkar-november-30-2019-a-deep-dive-into-content-takedown-timeframes
<b>Since the 1990s, internet usage has seen a massive growth, facilitated in part, by growing importance of intermediaries, that act as gateways to the internet. Intermediaries such as Internet Service Providers (ISPs), web-hosting providers, social-media platforms and search engines provide key services which propel social, economic and political development. However, these developments are also offset by instances of users engaging with the platforms in an unlawful manner. The scale and openness of the internet makes regulating such behaviour challenging, and in turn pose several interrelated policy questions.</b>
<p style="text-align: justify;">In this report, we will consider one such question by examining the appropriate time frame for an intermediary to respond to a government content removal request. The way legislations around the world choose to frame this answer has wider ramifications on issues of free speech and ease of carrying out operations for intermediaries. Through the course of our research, we found, for instance:</p>
<ol>
<li style="text-align: justify;">An one-size-fits-all model for illegal content may not be productive. The issue of regulating liability online contain several nuances, which must be considered for more holistic law-making. If regulation is made with only the tech incumbents in mind, then the ramifications of the same would become incredibly burdensome for the smaller companies in the market. </li>
<li style="text-align: justify;">Determining an appropriate turnaround time for an intermediary must also consider the nature and impact of the content in question. For instance, the Impact Assessment on the Proposal for a Regulation of the European Parliament and of the Council on preventing the dissemination of terrorist content online cites research that shows that one-third of all links to Daesh propaganda were disseminated within the first one-hour of its appearance, and three-fourths of these links were shared within four hours of their release. This was the basic rationale for the subsequent enactment of the EU Terrorism Regulation, which proposed an one-hour time-frame for intermediaries to remove terrorist content.</li>
<li style="text-align: justify;">Understanding the impact of specific turnaround times on intermediaries requires the law to introduce in-built transparency reporting mechanisms. Such an exercise, performed periodically, generates useful feedback, which can be, in turn used to improve the system.</li></ol>
<div style="text-align: justify;"> </div>
<div style="text-align: justify;"><strong>Corrigendum: </strong>Please note that in the section concerning 'Regulation on Preventing the Dissemination of Terrorist Content Online', the report mentions that the Regulation has been 'passed in 2019'. At the time of writing the report, the Regulation had only been passed in the European Parliament, and as of May 2020, is currently in the process of a trilogue. </div>
<div style="text-align: justify;"> </div>
<div style="text-align: justify;"><strong>Disclosure</strong>: CIS is a recipient of research grants from Facebook India. </div>
<div style="text-align: justify;"> </div>
<hr />
<p style="text-align: justify;"><a class="external-link" href="http://cis-india.org/internet-governance/files/a-deep-dive-into-content-takedown-frames">Click to download the research paper</a> by Torsha Sarkar (with research assistance from Keying Geng and Merrin Muhammed Ashraf; edited by Elonnai Hickok, Akriti Bopanna, and Gurshabad Grover; inputs from Tanaya Rajwade)</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/torsha-sarkar-november-30-2019-a-deep-dive-into-content-takedown-timeframes'>http://editors.cis-india.org/internet-governance/blog/torsha-sarkar-november-30-2019-a-deep-dive-into-content-takedown-timeframes</a>
</p>
No publishertorshaFreedom of Speech and ExpressionInternet GovernanceIntermediary Liability2020-06-26T11:59:06ZBlog EntryProposals to regulate social media run into multiple roadblocks
http://editors.cis-india.org/internet-governance/news/livemint-november-27-2019-saumya-tewari-and-abhijit-ahaskar-proposals-to-regulate-social-media-run-into-multiple-roadblocks
<b>The Cambridge Analytica scandal, the Pegasus spyware attack on WhatsApp and the growing misuse of social media platforms to spread misinformation have made governments world over, including in India, realise the limitations of existing laws in dealing with the misuse of these platforms.</b>
<p>The article by Saumya Tewari and Abhijit Ahaskar was <a class="external-link" href="https://www.livemint.com/politics/policy/proposals-to-regulate-social-media-run-into-multiple-roadblocks-11574814789168.html">published by Livemint</a> on November 27, 2019. Gurshabad Grover was quoted.</p>
<hr />
<p style="text-align: justify; ">“The draft guidelines are already in place and we have invited comments from all stakeholders across the country for the same. We have already conducted nationwide discussion with social activists, platforms and states and committed to the court that we will submit the intermediary guidelines by 15 January," said N.N. Kaul, media adviser to electronics and information technology minister Ravi Shankar Prasad.</p>
<p style="text-align: justify; ">The need for greater regulation of social media companies stems from the growing feeling that they are not doing enough to curb the misuse of their platforms. In recent times, many of them have been involved in brushes with the government and courts. For instance, short-video app TikTok was accused of promoting pornography among teens and temporarily banned from app stores following a Madras high court order; WhatsApp was slammed for not being able to curb fake messages which led to several cases of mob lynchings in 2018 and, more recently, for the Pegasus spyware attack. Twitter too has been criticised for failing to curb hate speech.</p>
<p style="text-align: justify; ">While the draft talks about intermediaries as a whole and doesn’t specify any particular segment, the proposals that apply to social media companies include setting up an India office and having a nodal officer for liaising with the government, furnishing information within 24 hours and tracing the source of a post or information. While forcing companies to have a nodal officer in the country can make these platforms more accountable to legal requests, it also makes them vulnerable to government pressure.</p>
<p style="text-align: justify; ">“Having offices in India allows the government to exert extralegal pressure on the company officials by forcing them to comply with informal requests. It is only useful if the intermediaries are willing to push back on the pressure and not entertain any informal request from the government," said Gurshabad Grover, research manager at the Centre for Internet and Society.</p>
<p style="text-align: justify; ">China-based TikTok, in a statement, emphasised that it is committed to respecting local laws and actively coordinates with law enforcement agencies through an India-based grievance officer. TikTok claims to have removed six million videos between July 2018 and April 2019 for violation of its guidelines.</p>
<p style="text-align: justify; "><img src="http://editors.cis-india.org/home-images/Mint.jpg" alt="Mint" class="image-inline" title="Mint" /></p>
<p style="text-align: justify; ">Some of these proposals have been flagged on grounds of privacy. For instance, the traceability clause is going to have a huge impact on specific platforms such as WhatsApp and Telegram that encrypt all messages and calls. Enforcing traceability and deploying technology-based automated tools to proactively identify and disable public access to malicious content will force them to break or lower the encryption as has been pointed out by industry in the past.</p>
<p style="text-align: justify; ">WhatsApp maintained its official stance from February and reiterated that what is contemplated by the rules is not possible today given the end-to-end encryption that it provides. The rules would require the company to re-architect WhatsApp, which would lead to a different product, one that would not be fundamentally private.</p>
<p style="text-align: justify; ">“The fact that India doesn’t have an encryption law per say also complicates the scenario. In fact, section 84A (introduced after an amendment in 2008) of IT Act 2000 has specific provisions authorizing central government for coming up with a policy on encryption. It has been 11 years but there is still no law on it," said Pavan Duggal, a cyberlaw expert.</p>
<p style="text-align: justify; ">Further, to ensure that companies abide by the proposed rules and furnish information within 24 hours, the government will have to address hurdles in mutual legal assistance treaty between India and the US, which is why many of these requests take a lot of time to process. “The target of the government should be having an executive agreement with the US under the Cloud Act. The US has significant stakes in the data localization debate as many of the companies are based in the US, and that can be used as leverage to negotiate such an agreement. That will allow law enforcement agencies in India to have expedited access to information held by platforms which are based outside the country," Grover said.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/livemint-november-27-2019-saumya-tewari-and-abhijit-ahaskar-proposals-to-regulate-social-media-run-into-multiple-roadblocks'>http://editors.cis-india.org/internet-governance/news/livemint-november-27-2019-saumya-tewari-and-abhijit-ahaskar-proposals-to-regulate-social-media-run-into-multiple-roadblocks</a>
</p>
No publisherSaumya Tewari and Abhijit AhaskarInternet Governance2019-11-28T14:16:25ZNews ItemProject on Gender, Health Communications and Online Activism with City University
http://editors.cis-india.org/internet-governance/blog/project-on-gender-health-communications-and-online-activism-with-city-university
<b>CIS is a partner on the project 'Gender, Health Communications and Online Activism in the Digital Age'. The project is lead by Dr. Carolina Matos, Senior Lecturer in Sociology and Media in the Department of Sociology at City University.</b>
<p style="text-align: justify;" class="moz-quote-pre">It is funded by the Global Challenges Research Fund. Ambika Tandon, Policy Officer at CIS, conducted fieldwork for the project in May and June 2019 as a research assistant.</p>
<p style="text-align: justify;" class="moz-quote-pre">The goal of the project is to advance research on how new communication technologies (ICTs) can be used to create awareness of gender equality and sexual and reproductive rights. It aims to assess how the use of technologies, by women's groups and feminist NGOs can empower women in developing countries to advance citizen and human rights with the intent to influence policy at the global and local level. More information on the preliminary findings of the project can be found in the downloadable presentation."</p>
<hr />
<p style="text-align: justify;" class="moz-quote-pre">You may find Dr. Carolina Matos's presentation <a href="http://editors.cis-india.org/internet-governance/presentation-gender-health-communications-and-online-activism-in-the-digital-age-pdf" class="internal-link" title="Presentation: Gender, Health Communications, and Online Activism in the Digital Age (PDF)">here</a>.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/project-on-gender-health-communications-and-online-activism-with-city-university'>http://editors.cis-india.org/internet-governance/blog/project-on-gender-health-communications-and-online-activism-with-city-university</a>
</p>
No publisherambikaGenderInternet Governance2019-12-02T09:38:21ZBlog EntryCybersecurity Visuals Media Handbook: Launch Event
http://editors.cis-india.org/internet-governance/blog/cybersecurity-visuals-media-handbook-launch-event
<b>6th December | 6 pm | Centre for Internet and Society, Bangalore</b>
<p> </p>
<p>The existing cybersecurity imagery in media publications has been observed to be limited in its communication of the discourse prevailing in cybersecurity policy circles, relying heavily on stereotypes such as hooded men, padlocks, and binary codes.</p>
<p><br />In order to enable a clearer, more nuanced representation of cybersecurity concepts, we, at CIS, along with <a class="external-link" href="http://designbeku.in/">Design Beku</a> are launching the Cybersecurity Visuals Media Handbook. This handbook has been conceived to be a concise guide for media publications to understand the specific concepts within cybersecurity and use it as a reference to create visuals that are more informative, relevant, and look beyond stereotypes.</p>
<p>We will be launching the interactive digital handbook on 6th December, 2019, at the Centre for Internet and Society, Bangalore, at 6 pm. The event would include a discussion on the purpose, process, and concepts behind this illustrated guide by CIS researchers and Design Beku.</p>
<p>The launch will be followed by a panel discussion on Digital Media Illustrations & the Politics of Technology. We will be joined by Padmini Ray Murray, Paulanthony George, and Kruthika N S in the panel. It will be moderated by Saumyaa Naidu.</p>
<p dir="ltr"><strong>Padmini Ray Murray</strong></p>
<p dir="ltr">Padmini founded the Design Beku collective in 2018 to help not-for-profit organisations explore their potential through research-led design and digital development. Trained as an academic researcher, Padmini currently as the head of communications at Obvious, a design studio. She regularly gives talks and publishes on the necessity of technology and design to be decolonial, local, and ethical. <strong><br /></strong></p>
<p dir="ltr"><strong>Paulanthony George</strong></p>
<p dir="ltr">Paulanthony hates writing bios in the third person.<br />My research focuses on the relationships between made objects, the maker and the behaviour of making, in the context of spreadable digital media (and behaviours stemming from it). I study internet memes inside and outside of India and phenomenon such as dissent, satire, free expression and ambivalent behaviour fostered by them. The research is at the intersection of digital ethnography, culture studies, human-computer interaction, humour studies and critical theory. I spend my time watching people. I draw them, the way they are, the way some people want to be and sometimes I have interesting conversations with them.</p>
<p><span id="gmail-docs-internal-guid-5cb9e515-7fff-777e-6b99-8a216379ee39">
</span></p>
<p dir="ltr"><strong>Kruthika N S</strong></p>
<p dir="ltr">Kruthika NS is a lawyer at LawNK and researcher at the Sports Law & Policy Centre, Bengaluru. She uses art as a medium to explore the intersections of the law and society, with gender justice featuring as the central theme of her work. Her art has included subjects such as the #MeToo movement in India, and the feminist principles of the internet, among several other doodles.</p>
<p dir="ltr"><strong>Saumyaa Naidu</strong></p>
<p dir="ltr">Saumyaa is a designer and researcher at the Centre for Internet and Society. <strong> </strong></p>
<p> </p>
<p><br /><strong>Agenda</strong><br />6:00 - 6:15 pm - Introduction <br />6:15 - 6:45 pm - Presentation on the Media Handbook by Paulanthony George<br />6:45 - 7:00 pm - Tea/ Coffee <br />7:00 - 8:00 pm - Panel discussion on Digital Media Illustrations & the Politics of Technology<br />8:00 - 8:30 pm - Tea/ Coffee and Snacks</p>
<p>The interactive version of handbook can be accessed <a class="external-link" href="http://cis-india.github.io/cybersecurityvisuals/index">here</a>. The print versions of the handbook can be accessed at: <a class="external-link" href="https://drive.google.com/file/d/13Llq1vD5Eb-yo2YE3X6dRPaZ_WsMYhfa/view?usp=sharing">Single Scroll Printing</a>, <a class="external-link" href="https://drive.google.com/file/d/1mK_lxA0Eeb7GWxqZk4IM3cBxKdWakKS9/view?usp=sharing">Tiled-Paste Printing</a>.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/cybersecurity-visuals-media-handbook-launch-event'>http://editors.cis-india.org/internet-governance/blog/cybersecurity-visuals-media-handbook-launch-event</a>
</p>
No publishersaumyaaCybersecurityCyber SecurityEventInternet Governance2019-12-06T09:27:37ZEventBlockchain: A primer for India
http://editors.cis-india.org/internet-governance/blog/blockchain-a-primer-for-india
<b>This report is presently being updated.</b>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/blockchain-a-primer-for-india'>http://editors.cis-india.org/internet-governance/blog/blockchain-a-primer-for-india</a>
</p>
No publisherAnusha MadhusudhanBlockchainInternet GovernanceCryptocurrencies2020-03-30T13:32:58ZBlog EntryActivists demand judicial probe into WhatsApp snooping
http://editors.cis-india.org/internet-governance/news/hindu-businessline-november-1-2019-kv-kurmanath-activists-demand-judicial-probe-into-whatsapp-snooping
<b>Calls for Parliamentary supervision over Government interception, legal hacking.</b>
<p style="text-align: justify; ">The article by K.V. Kurmanath was <a class="external-link" href="https://www.thehindubusinessline.com/info-tech/social-media/activists-demand-judicial-probe-into-whatsapp-snooping/article29851296.ece">published in the Hindu Businessline</a> on November 1, 2019. Sunil Abraham was quoted.</p>
<hr />
<p style="text-align: justify; ">With reports of Israeli spyware being used to snoop on scores of WhatsApp subscribers, cyber security activists have appealed to the Supreme Court to take up the issue suo moto and order an inquiry. Kiran Chandra, a leader of the Free Software Movement of India, has said that the Government should rein in WhatsApp and mandate it to submit the source code, stating that the privacy of individuals is at stake.</p>
<p style="text-align: justify; ">Though reports of a breach of the WhatsApp network hit the headlines in the US six months ago, it is only in the last few days that the impact in India has become a burning issue.</p>
<p style="text-align: justify; ">“We, for long, have been arguing that the privacy of individuals on the Internet is at risk. The Government should have enough safeguards to ensure their safety,” said Chandra.</p>
<p style="text-align: justify; ">Sunil Abraham, Executive Director of the Centre for Internet and Society, has called for a dedicated law to ensure Parliamentary supervision for all Government interception and legal hacking programmes. "The data protection law which is being contemplated by the current administration will not address the surveillance policy question in totality," he pointed out.</p>
<p style="text-align: justify; ">"It is a truly worrying development that members of civil society are being targeted using sophisticated surveillance technologies without proper legal basis and without any oversight," he said.</p>
<p style="text-align: justify; ">Cyber security and privacy experts took to social media to express concern about the vulnerabilities that expose people to potential risks.</p>
<p style="text-align: justify; ">Srinivas Kodali, a privacy activist, said the use of Israeli firm NSO Group’s Pegasus spyware to monitor human rights defenders and academics is a clear violation of their fundamental rights. “The Supreme Court judgement on right to privacy has been very loud and clear that Indians’ fundamental rights can’t be exempted under national security without defining it,” he said, responding to a query on the breach of WhatsApp subscribers’ privacy.</p>
<p style="text-align: justify; ">“The operations of national security agencies are completely hidden and are not subjected to any legislative or judicial oversight. This cannot continue as they misuse the powers bestowed on themselves without any law on surveillance from Parliament,” he said.</p>
<p style="text-align: justify; ">The Internet Freedom Foundation has expressed concerns about the breaches. It wanted the Government to explain on how this spyware was used in India to hack citizens.</p>
<p style="text-align: justify; ">“The Government must issue an official public statement providing complete information. It must also clarify which law empowers it to install such spyware,” it said in a statement.</p>
<p style="text-align: justify; ">The US-based social media platform has started sending messages to subscribers whose accounts may have been compromised. It contains information about the breach and a link with a to-do list to stay safe.</p>
<p style="text-align: justify; ">The victims of the attack, which purportedly took place in April-May 2019, included human rights activists, journalists and Dalit activists.</p>
<p style="text-align: justify; ">At least two victims of the spyware attack confirmed receipt of alert messages from WhatsApp. “I received a call (from abroad) in the first week of October. But I ignored it as it was from an unknown number. I received a message from WhatsApp, alerting me about a probable intrusion,” a civil rights lawyer said.</p>
<h2 style="text-align: justify; "><strong>How it happened</strong></h2>
<p style="text-align: justify; ">“In May, we stopped an attack where an advanced cyber actor exploited our video calling to install malware on user devices. There’s a possibility this phone number was impacted, and we want to make sure you know how to keep your mobile phone secure,” the message received by the victim said.</p>
<p style="text-align: justify; ">WhatsApp, a Facebook arm, sent these special messages to about 1,400 users who may have been impacted by the spyware attack. It is working with The Citizen Lab, a research group with the University of Toronto’s Munk School, to assess the impact of the attack on civil society.</p>
<p style="text-align: justify; ">In a statement, WhatsApp said: “We provide end-to-end encryption for all messages and calls by default. (But) This attack was developed to access messages after they were decrypted on an infected device, abusing in-app vulnerabilities and the operating systems that power our mobile phones.”</p>
<p style="text-align: justify; ">WhatsApp moved a US court against the Israeli company NSO Group, and its parent company Q Cyber Technologies, alleging that they violated both US and California laws and WhatsApp’s Terms of Service, which prohibited such intrusions.</p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/news/hindu-businessline-november-1-2019-kv-kurmanath-activists-demand-judicial-probe-into-whatsapp-snooping'>http://editors.cis-india.org/internet-governance/news/hindu-businessline-november-1-2019-kv-kurmanath-activists-demand-judicial-probe-into-whatsapp-snooping</a>
</p>
No publisherKV KurmanathInternet Governance2019-11-15T00:53:02ZNews Item