Centre for Internet and Society

Privacy and Surveillance Roundtable

praskrishna — 2014-06-29T14:50:20Z

The Centre for Internet and Society and the Cellular Operators Association of India invite you to a roundtable at the India International Centre, New Delhi on July 4, 2014.

Background and Context to the Roundtables

In India, lawful interception of communications may be conducted by the state in three ways: firstly, intercepting telephone calls and other telecommunications may take place under powers listed in the Telegraph Act, 1885 and procedure set out in the Telegraph Rules, 1951; secondly, intercepting written communications transmitted through the postal service or by private couriers may occur under the Post Office Act, 1898; and, thirdly, intercepting, de-crypting, and monitoring email messages and other electronic communications may take place under the Information Technology Act, 1950 and two sets of Rules issued in 2008.

The government’s intention to create a Central Monitoring System to automate the existing process of telephone tapping is significant for a number of reasons. It will bypass private telephone service providers; currently the active cooperation of TSPs is required and compelled in order to intercept and monitor a telephone conversation. This creates an extra layer of compliance activity for TSPs which is cumbersome and expensive. Interception orders from the state often do not comply with the procedure required by law. This uncertainty is compounded by the lack of an indemnity for TSPs.

However, while the CMS will release TSPs from legal liability, it will leave the government free to conduct telephone interceptions in absolute secrecy and without a credible system of oversight and checks and balances. Amongst the world’s major democratic countries, India is alone in refusing to overhaul its telephone tapping regime. The legal requirements of probable cause, judicial sanction, and warrant-based interception – which are followed with exceptions in democracies around the world – are not adequately protected in India. The same principles also apply to the interception of postal and electronic communications.

There are several intelligence and police agencies in India that conduct interceptions of communications without central coordination. Previous cases in the Supreme Court of India and a few Indian High Courts reveal many cases of improper and even illegal surveillance. The sheer number of interested state agencies, the concerns of inadequate oversight, the lack of a credible legal regime, the constant leaks of private communications, and the poor legal protection given to TSPs and ISPs must be legally addressed.

Information about the Roundtables

The Privacy and Surveillance Roundtables are a CIS initiative, in partnership with the Cellular Operators Association of India (COAI). From June 2014 – November 2014, CIS and COAI will host seven Privacy and Surveillance Roundtable discussions across multiple cities in India. The Roundtables will be closed-door deliberations involving multiple stakeholders. Through the course of these discussions we aim to deliberate upon the current legal framework for surveillance in India, and discuss possible frameworks for surveillance in India. The provisions of the draft CIS Privacy Bill 2013, the International Principles on the Application of Human Rights to Communication Surveillance, and the Report of the Group of Experts on Privacy will be used as background material and entry points into the discussion. The recommendations and dialogue from each roundtable will be compiled and submitted to the Department of Personnel and training.

The Report of the Group of Experts on Privacy

In January 2012 Justice A.P. Shah formed a committee to create a report of recommendations for privacy legislation in India. The committee met seven times from January 2012 to September 2012. The Report is made up of six chapters and begins by reviewing the international best practices around privacy and the relevant Indian jurisprudence. The Report then recommends nine National Privacy Principles to be adopted by each sector in India. The Nine National Privacy Principles reflect international standards, as well as taking into consideration the Indian context. Along with the National Privacy Principles, the Report lays out a regulatory framework for privacy including privacy commissioners at the regional and national level, self regulating organizations at the industry level, and a system of complaints. Finally the report demonstrates how the National Privacy Principles could be used to harmonize existing legislation and practices.

The Draft CIS Citizens Privacy (Protection) Bill 2013

The Centre for Internet and Society has been researching privacy in India since 2010 with the objective of raising public awareness, completing in depth research, and driving a privacy legislation in India. As part of this work, the Centre for Internet and Society has drafted the Privacy (Protection) Bill 2013. The Citizens Privacy Protection Bill contains provisions that speak to data protection, interception, and surveillance. The Bill also establishes the powers and functions of the privacy commissioner, and lays out offenses and penalties for contravention of the Act. The Bill represents a citizens’ version of a privacy legislation, and will be shared with civil society, industry, and government. It is hoped that the review and revision of the Bill will be a participatory process, and thus comments and feedback to it’s’ provisions will be included as annex’s to the Bill.

The International Principles on the Application of Human Rights to Communication Surveillance

These principles were defined in 2013 in response to rapidly changing technologies and surveillance practices. The principles are the outcome of a global consultation with civil society groups, industry and international experts in communications surveillance law, policy and technology, spearheaded by the Electronic Frontier Foundation US and Privacy International UK. As technologies that facilitate State surveillance of communications advance, States are failing to ensure that laws and regulations related to communications surveillance adhere to international human rights and adequately protect the rights to privacy and freedom of expression. These principles attempt to explain how international human rights law applies in the current digital environment, particularly in light of the increase in and changes to communications surveillance technologies and techniques. These principles can provide civil society groups, industry, States and others with a framework to evaluate whether current or proposed surveillance laws and practices are consistent with human rights.

Tentative Agenda

Time	Detail
10.00 11.00	Introduction
11.00 11.30	Tea
11.30 13.00	Discussion
13.00 14.00	Lunch
14.00 16.00	Discussion
16.00 16.15	Tea

Resources

For more details visit http://editors.cis-india.org/internet-governance/events/privacy-and-surveillance-roundtable-new-delhi

Privacy and Surveillance Roundtable

praskrishna — 2014-06-20T05:26:10Z

The Centre for Internet and Society and the Cellular Operators Association of India in collaboration with the Council for Fair Business Practices invite you to a "Privacy Roundtable" at IMC Building, IMC Marg, Churchgate, Mumbai on June 28, 2014, 10.00 a.m. to 4.00 p.m.

Time	Details
10:00 – 11:00	Introduction
11:00 - 11:30	Tea
11:30 - 13:00	Discussion
13:00 - 14:00	Lunch
14.00 - 16.00	Discussion
16.00 - 16.15	Tea

Background and Context to the Roundtables

Information about the Roundtables

The Report of the Group of Experts on Privacy

The Draft CIS Citizens Privacy (Protection) Bill 2013

The International Principles on the Application of Human Rights to Communication Surveillance

Tentative schedule for the Roundtables:

Mumbai – June 28th
New Delhi – July 4th
Ahmedabad/Hyderabad – August 1st
Bangalore – September 5th
New Delhi – October 3rd
Chennai – October 24th
New Delhi – November 7th

Resources

For more details visit http://editors.cis-india.org/events/privacy-surveillance-roundtable

Privacy and Surveillance in India

praskrishna — 2013-09-13T09:49:25Z

Sunil Abraham, Executive Director from the Centre for Internet and Society will give a talk on privacy and surveillance in India at this event organised by the Centre for Culture, Media and Governance, Jamia Millia Islamia on September 18, 2013. The talk will be held at Network Governance Lab, CCMG, Jamia Millia Islamia in New Delhi at 11.30 a.m.

Click to read the brochure

Abstract

The talk will cover the development of privacy policy in India over the last 3 years, particularly in relation to projects such as NATGRID, CMS and UID. Special attention will be paid to the Justice A.P. Shah committee report, the last leak of the privacy bill from the DoPT and also the citizen draft of the privacy bill developed by the Centre for Internet and Society. International experiences such as Snowden's disclosures and the development of communication surveillance principles developed by EFF and others will be compared and contrasted with the Indian context.

About the Speaker

Sunil is the executive director of the Centre for Internet and Society (CIS), Bangalore. CIS is a 4 year old policy and academic research organisation that focuses on accessibility by the disabled, intellectual property rights policy reform, openness [Free/Open Source Software, Open Standards, Open Content, Open Access and Open Educational Resources], internet governance, telecom, digital natives and digital humanities.

He is also the founder of Mahiti, a social enterprise aiming to reduce the cost and complexity of information and communication technology for the voluntary sector by using free software. Sunil continues to serve on the board of Mahiti. He is an Ashoka fellow and was elected for a Sarai FLOSS Fellowship. For three years, Sunil also managed the International Open Source Network, a project of United Nations Development Programme's Asia-Pacific Development Information Programme, serving 42 countries in the Asia-Pacific region.

Sunil currently serves on the advisory boards of Open Society Foundations - Information Programme, Mahiti, Samvada and International Centre for Free/Open Source Software.

For more details visit http://editors.cis-india.org/news/jamia-millia-islamia-new-delhi-september-18-2013-privacy-and-surveillance-in-india

Privacy and Security Implications of Public Wi-Fi - A Case Study

praskrishna — 2016-12-09T14:01:44Z

For more details visit http://editors.cis-india.org/internet-governance/files/privacy-and-security-implications-of-public-wi-fi-a-case-study

Privacy and IT Act (PDF)

praskrishna — 2011-08-21T16:17:47Z

pdf

For more details visit http://editors.cis-india.org/internet-governance/publications/privacy-it.pdf

Privacy and IT Act (ODT)

praskrishna — 2011-08-21T13:52:15Z

open office

For more details visit http://editors.cis-india.org/internet-governance/publications/privacy-it-act.odt

Privacy after Big Data

praskrishna — 2017-01-27T00:08:39Z

For more details visit http://editors.cis-india.org/internet-governance/files/privacy-after-big-data

Privacy Act should not circumscribe RTI: expert group

praskrishna — 2012-10-22T09:36:49Z

An expert group to draw the framework of a law to protect privacy of individuals has suggested that issues of personal privacy must not be used to dilute the provisions of or block information under the Right to Information Act, and used a language that almost directly contradicts the sentiments expressed by the Prime Minister in this regard just a few days ago.

This article by Amitabh Sinha was published in the Indian Express on October 19, 2012.

The group headed by Justice (retd) A P Shah has argued that the RTI Act already has provisions that protect the privacy, and such types of information are exempt from public disclosure. “When applied, the (proposed) Privacy Act should not circumscribe the Right to Information Act,” the report of the expert group, which was made public on Thursday, said.

“Section 8 of the (RTI) Act lists specific types of information that are exempted from public disclosure in order to protect privacy. In this way, privacy is the narrow exception to the Right to Information,” the report said.

Interestingly, just earlier this week, while inaugurating an annual convention of information commissioners, Prime Minister Manmohan Singh had made the opposite argument. “There is a fine balance required to be maintained between the Right to Information and the right to privacy, which stems out of the Fundamental Right to Life and Liberty,” he had said.

“The citizens’ right to know should definitely be circumscribed if disclosure of information encroaches upon someone’s personal privacy. But where to draw the line is a complicated question,” he had said.

Sibngh’s remarks had come at a time when questions were being asked about whether government money had been spent on foreign trips and medical treatment of UPA chairperson Sonia Gandhi. The government had clarified that no public money had been spent on either of the two.

The expert group under Justice Shah was constituted at the initiative of Minister of State for Planning Ashwani Kumar after an attempt by the Department of Personnel and Training (DoPT) last year to draft a privacy bill ended in a disaster. The expert group was only asked to draw up the broad contours of what a privacy law must comprise of. It has drawn from international experiences and presented nine ‘principles’ that must be accommodated in any future privacy law.

The group also recognises that the constitutional basis of privacy as “a fundamental right deriving from Article 21 of the Constitution of India”.

The report deals mainly with how the extensive collection of personal data — through government institutions like Census, NATGRID, UID, or through private agencies like banks, credit card companies or phone operators — must be stored, managed and eventually destroyed, if possible, without infringing on the privacy rights of an individual.

The report would now be referred to the DoPT which will then begin further consultation processes to make a fresh start at drafting a privacy law.

Suggestions on Tapping

The expert group has said that the system of telephone and other communication interception for security reasons has an “unclear regulatory regime that is inconsistent, non-transparent, prone to misuse, and that does not provide remedy or compensation to aggrieved individuals”. It has suggested the following:

All orders of interceptions must be reported to a court within 15 days, disclosing the reason for interception.
All interceptions must only be in force for 60 days, renewable up to a period of 180 days.
Reasons for interception order must be specified and recorded in writing by competent authority.
Records of interception must be destroyed by security agencies after six months, or nine months, and service providers must destroy records after two months, or six months.
All interception orders must be sent for review by a designated committee.
Officers to whom information relating to interception can be disclosed must be specified.
Intermediaries (like telephone operators) must ensure security, confidentiality and privacy of intercepted material, and must be held legally responsible for any unauthorized access or disclosure of intercepted material.

Note: The Centre for Internet & Society was part of the expert committee even though it is not explicitly mentioned here.

For more details visit http://editors.cis-india.org/news/indianexpress-amitabh-sinha-october-19-2012-privacy-act-should-not-circumscribe-rti-expert-group

Privacy Act and IT

praskrishna — 2011-08-21T16:19:51Z

word file

For more details visit http://editors.cis-india.org/internet-governance/publications/privacy-it-act.docx

Privacy (Protection) Bill, 2013

praskrishna — 2013-07-03T09:39:11Z

For more details visit http://editors.cis-india.org/internet-governance/blog/privacy-protection-bill-2013-amendments.pdf

Privacy

praskrishna — 2016-04-05T15:47:08Z

For more details visit http://editors.cis-india.org/home-images/copy_of_PrivacyLaw.jpg

Privacy

praskrishna — 2016-04-05T15:45:37Z

For more details visit http://editors.cis-india.org/home-images/PrivacyLaw.jpg

Privacy

praskrishna — 2016-04-05T15:48:20Z

Privacy

For more details visit http://editors.cis-india.org/home-images/copy2_of_PrivacyLaw.jpg

Press coverage about Punjab edit-a-thon & Telugu Wikipedia success

praskrishna — 2016-08-26T16:16:43Z

Andhra Jyothi, one of the leading news papers in Telugu covered Punjab edit-a-thon & Telugu wikipedia success in national level with the angle of Pranaraj involvement in it.

Here is the news clipping.

For more details visit http://editors.cis-india.org/a2k/news/press-coverage-about-punjab-edit-a-thon-telugu-wikipedia-success

Press Coverage

praskrishna — 2013-09-23T07:19:31Z

For more details visit http://editors.cis-india.org/openness/blog-old/press-coverage.pdf