Centre for Internet and Society

Cyber Security Summit 2015

praskrishna — 2015-12-16T02:10:24Z

The Government of Karnataka in association with Biz Wingz Production House organized this Summit on November 27, 2015 at JW Marriott, Bangalore from 10.30 a.m. to 5.30 p.m. Sunil Abraham was a panelist.

Cloud-based applications are often the darling of the CFO and the nemesis of the CISO & CIOs. How can an organization migrate to the cloud, thus relinquishing control, but still maintain security? Are we sacrificing security and robustness in exchange for other priorities? How do ‘Snowden’ disclosures change the legal and risk nature of cloud decision making and governance? What can proactive cloud providers do to capture the opportunity in the disruption? The panel explored these topics and more to provide the cutting edge thinking and perspectives you need to shape your own cloud strategies in ways that balance multiple priorities.

Panelists

Parag Deodhar, Chief Risk Officer, Bharti AXA General Insurance & Chief Operational Risk Officer India
Sunil Abraham, Executive Director, Centre for Internet and Society
Atul kumar, GM IT, Syndicate Bank
Lopa Mudra Basu, AVP & Head of Enterprise Security & Risk Governance, SLK Global
Sagar Karan, Chief Information Security Officer, Fullerton India Credit Co. Ltd.
R Vijay, CISO –Technology, Mahindra & Mahindra Financial Services Limited
Sanjivan S Shirke, Senior Vice President-Information Technology, Head -Information Security, UTI Asset Management Company Limited.
Sanjay Sahay, IPS, ADGP, Grievances & Human Rights, Police Dept, Govt of Karnataka (moderator).

More information about this event

For more details visit http://editors.cis-india.org/internet-governance/news/cyber-security-summit-2015

Cyber Security Policy Research

praskrishna — 2015-10-16T16:47:12Z

Tim Maurer will give a presentation on cybersecurity policy research at the Centre for Internet & Society's New Delhi office on October 18, 2015, from 2 p.m. to 5 p.m. Geetha Hariharan and Sunil Abraham will participate in this event.

Tim Maurer's talk will give an outline of the definitional issues involved, the various threats to the confidentiality, integrity, and availability of information and underlying infrastructure, the actors involved and international efforts to address cybersecurity. The talk will also provide an overview of existing and ongoing cyber security policy research.

Tim Maurer

Tim Maurer is an associate at the Carnegie Endowment for International Peace. His work focuses on cyberspace and international affairs, with a concentration on global cybersecurity norms, human rights online, Internet governance, and their interlinkages. He is writing a book on cybersecurity and proxy actors.

Maurer serves as a member of the Research Advisory Network of the Global Commission on Internet Governance, the Freedom Online Coalition’s cybersecurity working group “An Internet Free and Secure,” and co-chaired the Civil Society Advisory Board of the Global Conference on CyberSpace. In 2014, he developed the Global Cyber Definitions Database for the chair of the OSCE to support the implementation of the OSCE’s cyber confidence-building measures. In 2013 and 2014, Maurer spoke about cybersecurity at the United Nations in New York and Geneva and co-authored “Tipping the Scale: An Analysis of Global Swing States in the Internet Governance Debate,” published by the Global Commission on Internet Governance. His work has also been published by Jane’s Intelligence Review, TIME, Foreign Policy, CNN, Slate, and other academic and media venues.

Prior to joining Carnegie, Maurer was the director of the Global Cybersecurity Norms and Resilience Project at New America and head of research of New America’s Cybersecurity Initiative. He also gained experience with the United Nations in Rwanda, Geneva, and New York focusing on humanitarian assistance and the coordination of the UN system.

For more details visit http://editors.cis-india.org/internet-governance/events/cyber-security-policy-research

Cyber Security Newsletter (September 2016 - June 2017)

praskrishna — 2017-07-20T13:45:18Z

For more details visit http://editors.cis-india.org/internet-governance/files/cyber-security-newsletter-september-16.pdf

Cyber experts suggest using open source software to protect privacy

praskrishna — 2013-07-03T04:32:48Z

Big Brother is watching. With the Central Monitoring System (CMS) at home and PRISM from the US, millions of users worldwide have become vulnerable to online surveillance by state agencies without even realizing it. No surprise, several cyber security experts feel that building one's own personal firewall is a good way of fortifying online privacy.

The article by Kim Arora was published in the Times of India on June 22, 2013. Sunil Abraham is quoted.

One enterprising netizen has compiled a list of services, from social networks to email clients, and even web browsers, that offer better protection from surveillance. They are listed on a web page called prism-break.org.

When asked about steps that a digital native can take to protect his privacy and online data, Sunil Abraham, executive director of Bangalore-based non-profit Center for Internet and Society said, "Stop using proprietary software, shift to free/open source software for your operating system and applications on your computer and phone. Android is not sufficiently free; shift to CyanogenMod. Encrypt all sensitive Internet traffic and email using software like TOR and GNU Privacy Guard. Use community based infrastructure such as Open Street Maps and Wikipedia. Opt for alternatives to mainstream services. For example, replace Google Search with DuckDuckGo."

Use of licensed or proprietary software, which bind users legally when it comes to use and distribution, seems to be losing favour among an informed niche. While alternative software cannot offer absolute protection, it is being seen as a "better-than-nothing" option. Anonymisers like TOR, though also not entirely foolproof, are also a popular option among those who wish to keep their web usage untraceable. Once installed on a browser, anonymisers can hide the route that digital traffic takes when sent from your computer over a network before emerging at an end node.

There is one caveat, though. Some websites can deny service to users operating on certain anonymising networks. Also, anonymisers are known to reduce browsing speeds. In India, where broadband speeds are already abysmally low, anything that slows one down even further would find popularity hard to come by.

Computer and network security expert Aseem Jakhar too recommends open source software since they offer the convenience of customization to suit one's encryption needs and are able to verify the source code. For laypersons, there are other tools. "One can use anonymisers like TOR which encrypt your communication and hide your identity. With these it becomes very difficult to exactly locate the source. For email clients, it is best to use ones that offer end-to-end strong encryption," he says. Jakhar, co-founder of open security community "null", also recommends the use of customized and Linux systems for more advanced users. Default Linux distributions, he points out, may have free online services which can again be analysed by the governments.

The home-bred CMS programme seeks to directly procure data pertaining to call records and internet usage for intelligence purposes without going through telecom service providers. There were fears of abuse when information about the programme, kept under strict wraps by the government, trickled in. Department of Telecom and Ministry of IT and Communication have been reticent about the state of implementation of the 400-crore rupees programme.

PRISM, a similar, international monitoring programme mounted by the US and revealed to the world by the US National Security Authority whistleblower Edward Snowden, has raised concerns of safeguarding digital information the world over.

For more details visit http://editors.cis-india.org/news/times-of-india-june-22-2013-kim-arora-cyber-experts-suggest-open-source-software-to-protect-privacy

Cyber Dialogue Conference 2014

praskrishna — 2014-04-08T05:09:54Z

The Cyber Dialogue conference, presented by the Canada Centre for Global Security Studies at the Munk School of Global Affairs, University of Toronto, will convene an influential mix of global leaders from government, civil society, academia and private enterprise to participate in a series of facilitated public plenary conversations and working groups around cyberspace security and governance.

Malavika Jayaram is participating in this event being held on March 30 and 31, 2014. Full event details here.

After Snowden, Whither Internet Freedom?

A recent stream of documents leaked by former NSA contractor Edward Snowden has shed light on an otherwise highly secretive world of cyber surveillance. Among the revelations — which include details on mass domestic intercepts and covert efforts to shape and weaken global encryption standards — perhaps the most important for the future of global cyberspace are those concerning the way the U.S. government compelled the secret cooperation of American telecommunications, Internet, and social media companies with signals intelligence programs.

For American citizens, the NSA story has touched off soul-searching discussions about the legality of mass surveillance programs, whether they violate the Fourth and Fifth Amendments of the U.S. Constitution, and whether proper oversight and accountability exist to protect American citizens' rights. But for the rest of the world, they lay bare an enormous “homefield advantage” enjoyed by the United States — a function of the fact that AT&T, Verizon, Google, Facebook, Twitter, Yahoo!, and many other brand name giants are headquartered in the United States.

Prior to the Snowden revelations, global governance of cyberspace was already at a breaking point. The vast majority of Internet users — now and into the future — are coming from the world’s global South, from regions like Africa, Asia, Latin America, and the Middle East. Of the six billion mobile phones on the planet, four billion of them are already located in the developing world. Notably, many of the fastest rates of connectivity to cyberspace are among the world’s most fragile states and/or autocratic regimes, or in countries where religion plays a major role in public life. Meanwhile, countries like Russia, China, Saudi Arabia, Indonesia, India, and others have been pushing for greater sovereign controls in cyberspace. While a US-led alliance of countries, known as the Freedom Online Coalition, was able to resist these pressures at the Dubai ITU summit and other forums like it, the Snowden revelations will certainly call into question the sincerity of this coalition. Already some world leaders, such as Brazil’s President Rousseff, have argued for a reordering of governance of global cyberspace away from U.S. controls.

For the fourth annual Cyber Dialogue, we are inviting a selected group of participants to address the question, “After Snowden, Whither Internet Freedom?” What are the likely reactions to the Snowden revelations going to be among countries of the global South? How will the Freedom Online Coalition respond? What is the future of the “multi-stakeholder” model of Internet governance? Does the “Internet Freedom” agenda still carry any legitimacy? What do we know about “other NSA’s” out there? What are the likely implications for rights, security, and openness in cyberspace of post-Snowden nationalization efforts, like those of Brazil’s?

As in previous Cyber Dialogues, participants will be drawn from a cross-section of government (including law enforcement, defence, and intelligence), the private sector, and civil society. In order to canvass worldwide reaction to the Snowden revelations, this year’s Cyber Dialogue will include an emphasis on thought leaders from the global South, including Africa, Asia, Latin America, and the Middle East.

For more details visit http://editors.cis-india.org/news/cyber-dialogue-conference-2014

Cyber crimes shoot up 52% in India over last year

praskrishna — 2014-07-03T10:14:26Z

There has been a sharp increase in the incidence of cyber crime in the country. The number of cases registered in 2013 under the IT Act has gone up by 52 per cent to 4,192 as against 2,761 in the previous year.

The article by K.V.Kurmanath was published in the Hindu Businessline on July 2, 2014. Bhairav Acharya gave his inputs.

If you add the cases registered under the IPC, the total number of cyber crime cases crosses the 5,500-mark. Police across the country arrested 3,301 persons in connection with these cases.

Maharashtra and Andhra Pradesh (undivided) have topped the list with 681 and 635 cases respectively under the IT Act, both showing an almost 50 per cent growth in cyber crimes over the previous year. In the previous year, Maharashtra had registered 471 and Andhra Pradesh 429.

Cyber security experts have been cautioning people to be careful while using the Internet. Besides increasing the security of the networks they are using, users must be careful while engaging with strangers.

A recent Microsoft report said many customer infections involve users tricked to install secondary offers, indicating a shift in malware proliferation. According to the latest data provided by the National Crime Records Bureau, the official chronicler of crime in the country, cyber crime registered under the Indian Penal Code (IPC) has shown a much higher growth rate of 122 per cent in 2013 over the previous year’s figure. IPC cases went up to 1,316 in 2013 from 595 in the previous year. Maharashtra topped the list here too with the cops booking 226 cases in this category.

Wrong nomenclature?

Bhairav Acharya of the Centre for Internet and Society feels that the term cyber crime has not been defined well. “It is time we do away with the practice of calling any crime a ‘cyber crime’ just because the person who does it uses a computer,” he said.

“Instead, I think the term ‘cyber crime’ should only be used in relation to offences that can only be committed by using information and communications technology (ICT) such as the internet (which is comprised of the world wide web, email protocols, file transfer protocols, and more) as well as network infrastructure that is not the internet,” he said.

Hence, only if there is a direct causal link between the crime and ICT and network technology should a crime be called a cyber crime, Acharya says.

Other States with a high number of cases booked under the IT Act include Karnataka (513), Kerala (349), Madhya Pradesh (282) and Rajasthan (239). Gujarat showed a decline with the number coming down to 61 from 68 in the previous year.

For more details visit http://editors.cis-india.org/news/the-hindu-business-line-july-2-2014-kv-kurmanath-cyber-crimes-shoot-up-in-india-over-last-year

Cyber bullying is a crime, but open to interpretation: Expert

praskrishna — 2014-12-07T10:54:32Z

The social media attack on a Doordarshan anchor who made a series of gaffes at the recent Goa film festival would qualify as cyber bullying, experts say, but hasten to add there is not much that can be done to prevent such behaviour online, given the humungous size of the virtual universe.

The article by Neha Alawadhi was published in the Times of India on December 2, 2014. Pranesh Prakash gave his inputs.

The anchor reportedly shut down all her online accounts following the slew of unflattering and personal comments that she was bombarded with after the video of the event went viral and was shared across Facebook, Twitter and YouTube, among other such platforms.

Under Section 66 (A) of the IT Act, 2000, cyber bullying is a bailable offence, punishable with three years of imprisonment and fine. However, the complainant and police can interpret what constitutes offensive behaviour, said cyber law expert Pavan Duggal.

"Just as we don't regulate jeering and taunting of adults when it happens in person, as opposed to a threat of violence, unless there is a special case made out for the harm of online taunting, I don't think there is a case for a legislative response," said Pranesh Prakash, policy director at Bengaluru-based Centre for Internet and Society.

According to a recent report by McAfee, part of Intel Security, half of Indian youths have had some experience with cyber bullying and of these over a third (36%) have been bullied themselves online.

IT and cybersecurity expert Rakshit Tandon recalled the trauma a young professor at one of the top colleges underwent when an old picture of her, from one of her social media accounts, went viral and became the butt of unflattering comments by students. "Once it goes viral, you can't track who is sharing or sending it," he said.

"We don't have one personality anymore," said Adhvith Dhuddu, founder and CEO of digital marketing agency Alive-Now, which handles social and digital for brands online. "We have an offline personality and we have an online personality, and this is true for anyone —whether you are a brand, person, book or a movie," he added.

Several schools, NGOs and individuals are working towards educating children and young people about the dangers of sharing information online, but often find themselves at a loss when confronted with real situations every day.

The approach AliveNow's Dhuddu takes is to "engage first and ban later". He said, "We try to reason with people. We always take any grievance offline, we don't try to solve a grievance online."

For individuals, however, the offline route may be impractical or infeasible. Tandon believes the only way is to "sensitise people", while CIS's Prakash says a person can "block abusive users, set one's account in private mode and just get off such social networks for a while till the situation cools off".

For more details visit http://editors.cis-india.org/internet-governance/news/economic-times-december-2-2014-neha-alawadhi-cyber-bullying-is-a-crime-but-open-to-interpretation

Cyber Appellate Tribunal in Bengaluru

praskrishna — 2012-05-30T05:47:48Z

Bengaluru will be home to the southern chapter of the Cyber Appellate Tribunal (CAT), which will reach out to victims of cyber crime, the state government announced at the Cyber Security Summit here on Tuesday.

Pranesh Prakash is quoted in this article published in the Deccan Herald on May 9, 2012.

But on the other hand, the IT Secretary, who is the state adjudicator, has held in all the cases that he has no jurisdiction to pass orders against the banks and that no complaint can be admitted under Section 43 of the IT Act against any corporate entity.

"The state IT secretary has passed more than 80 orders. They include both cases of phishing and orders against cyber cafes for not adhering to rules under the IT Act. The Adjudicator has held that ‘section 43 of IT Act is not applicable to a body or Corporate’, after the amended IT Act came into force in 2008," said Pranesh Prakash of the Centre for Internet Society "I feel Section 43 has been mis used . The definition given in this section cannot be understood either by lawyers or technical people. If there is a genuine case of phishing and a user has suffered losses over the internet then there should be no ambiguity in passing the order," he said.

For more details visit http://editors.cis-india.org/news/cyber-appellate-tribunal-bengaluru

Cyber 360 Agenda

praskrishna — 2015-10-02T15:41:54Z

For more details visit http://editors.cis-india.org/internet-governance/blog/cyber-360-agenda

Cyber 360

praskrishna — 2015-10-14T02:22:27Z

Synergy Foundation organized the Cyber 360 conference in Bangalore on September 29 and 30, 2015. Sunil Abraham participated in the event.

As part of Cyber 360 Degree, a two-day conference on cyber security continuing Wednesday in Bangalore, experts from around the world gathered to discuss global threats to information security, particularly focusing on open wifi, which poses a huge threat to information security. The conference aimed to bring together strategic security practitioners, policymakers, media and business enterprises on a single platform to obtain a 360o perspective on cybersecurity. It was an endeavour to create a holistic security strategy that will help to achieve resilience against modern cyber-threats. A range of keynote presentations and panel discussions will give participants a rare chance to interact and learn from leading cyber security experts and solution providers from around the world.

The Participants

 CEOs, Members of Board and CIOs of more than 60 companies
 Security practitioners
 Policy-makers
 Leading Academia
 International think tanks & media

Download the agenda

For more details visit http://editors.cis-india.org/internet-governance/news/cyber-360

CV Booklet

praskrishna — 2013-11-20T04:34:46Z

For more details visit http://editors.cis-india.org/internet-governance/blog/cv-booklet.pdf

CUSAT Workshop: "Rethinking IPR: Fourth Annual National Workshop for Law Students"

praskrishna — 2017-03-29T10:59:29Z

The workshop was organized by the Inter University Centre for IPR Studies in association with Cochin University of Science and Technology from February 8 to 10, 2017 in Cochin. Pranesh Prakash was the resource person for a copyright workshop for LL.M. students.

Pranesh led and guided student discussion on:

P2P File Sharing - Based on analysis of the Copyright Act I haven't yet written about.
Technological Protection Measures: http://cis-india.org/a2k/blogs/tpm-copyright-amendment
Benefits of Piracy: http://idl-bnc.idrc.ca/dspace/handle/10625/46491
Misrepresentations of copyright industry: http://cis-india.org/a2k/blogs/fallacies-lies-and-video-pirates + http://cis-india.org/a2k/blogs/calling-out-the-bsa-on-bs + http://cis-india.org/a2k/blogs/2010-special-301
John Doe orders: http://cis-india.org/a2k/blogs/john-doe-orders-isp-blocking-websites-copyright-1 (3-part series) + http://cis-india.org/internet-governance/blog/delhi-high-court-orders-blocking-of-websites-after-sony-complains-infringement-of-2014-fifa-world-cup-telecast-rights

See the event brochure
See the programme agenda

For more details visit http://editors.cis-india.org/a2k/news/rethinking-ipr-fourth-annual-national-workshop-for-law-students

CUSAT - Report and response to RTI 5.2.15.pdf

praskrishna — 2016-02-21T15:26:44Z

For more details visit http://editors.cis-india.org/a2k/blogs/CUSAT%20-%20Report%20and%20response%20to%20RTI%205.2.15.pdf

Cultural knowledge needs to be more open

praskrishna — 2015-03-12T16:41:05Z

Subhashish Panigrahi is an educator and open source activist based in Bangalore, India. He is currently working at the Centre for Internet and Society's Access To Knowledge program where he builds partnership with universities, language researchers, and GLAM organizations.

The blog post by Jen Wike Huger was published on the website of OpenSource.com. It can be read here.

Their goal is to bring more scholarly and encyclopedic content under free licenses. During his work at the Wikimedia Foundation's India Program, Subha was involved in designing community sustaining and new contributor cultivation models.

For his effort to share and spread open source far and wide, this year he was awarded a 2015 Opensource.com People's Choice Award.

His most recent articles include: Digitize any book in the public domain, on his work to with Indian poetry important to the culture. Books and more are relicensed to Creative Commons, about news from the Wikimedia Foundation. Mozilla brings Indian communities together, about the Indic FirefoxOS L10n Sprint 2014. And, Open access platform to save the Odia Indian language, on his work to preserve his native culture.

The Basics

Name: Subhashish Panigrahi ("Subha")
Opensource.com username: psubhashish
Location: India (Bengaluru and Odisha)
Occupation/Employer/Position: Programme Officer, Centre for Internet and Society
Favorite open source tool or application: Audacity
Favorite Opensource.com channel: Education

Open up to us

I was away from home for my studies and was longing to read and write more in my native language of Odia. That led me to co-found eOdissa.com, a portal to tell stories to the rest of the world about my language, history, and cultural heritage. I was a sporadic editor on Wikipedia; anonymously since 2006. Then, in 2011, I was introduced to editing for Odia Wikipedia by my mentor Shiju Alex and friend Asutosh Kar.

That was my entry point to the free software movement. And it was a trap I could never get out of!

I thankfully began a full-time job with the Wikimedia Foundation in 2012 for its India Program. The program is now housed with their Indian movement partner, Centre for Internet and Society, under the Access To Knowledge program. I work in the Bengaluru office but mostly travel to work with the communities. I work on building capacity for the Indian language Wikimedia communities, building institutional partnerships for long term outreach engagement, negotiating with publishers and copyright holders to bring more content relicensed under Creative Commons licenses, and taking part in policy level discourses around open access and enforcing free software for governance.

What open tools and data help you get things done?

For my day job, I solely rely on Wikimedia Stats to collate data related to Wikimedia projects. I use some Python programming, jQery.ime, and JavaScript for other data-related work. But, I am a people's man and my interaction is mostly with humans rather than tools.

What do you wish were more open?

GLAM (galleries, libraries, archives and museums) and many other cultural institutions have historically been the keepers of cultural knowledge. But I see possessiveness in not opening up their archival for public consumption. I wish more policy level negotiations and open collaborations were happening to open up cultural data.

What are the biggest challenges to openness that you encounter, either at work or in your life?

Community and its growth. Working in a developing nation with historical, cultural, economic, and political hindrances pulls volunteerism down. It's is a huge challenge for me. Tapping into many existing networks and communities, and leveraging ongoing activities for the betterment for the free and open source movement, is something I am struggling for.

Why choose the open source way?

I would like to quote a good friend and activist Michelle Thorne who says, "Human civilization has everything free and open from the beginning, but slowly the problems of restriction start beginning." Furthermore filmmaker Nina Paley says, "Knowledge is not created by us, rather shared by us."

If we are here to share knowledge, why to restrict its free flow?

For more details visit http://editors.cis-india.org/openness/news/opensource-feburary-18-2015-jen-wike-huger-cultural-knowledge-needs-to-be-more-open

Cultural institution AKA GLAM for more OER

praskrishna — 2016-06-09T12:51:46Z

The OER conference was held in Edinburgh, Scotland on April 19 and 20, 2016. Subhashish Panigrahi gave a talk at the event organised by the University of Edinburg.

The vision for the conference was to focus on the value proposition of embedding open culture in the context of institutional strategies for learning, teaching and research. The conference was chaired by Melissa Highton, Director of Learning, Teaching and Web Services at the University of Edinburgh, and Lorna Campbell, OER Liaison at the University of Edinburgh and EDINA Digital Education Manager. The OER 16 conference primarily focused on:

The strategic advantage of open and creating a culture of openness.
Converging and competing cultures of open knowledge, open source, open content, open practice, open data and open access.
Hacking, making and sharing.
The reputational challenges of openwashing.
Openness and public engagement.
Innovative approaches to opening up cultural heritage collections for education.

Subhashish Panigrahi - Cultural Institution aka GLAM for More OER (OER16, 19-20.04.2016) from The Centre for Internet and Society

Resources

For more details visit http://editors.cis-india.org/a2k/news/cultural-institution-aka-glam-for-more-oer