Centre for Internet and Society

Chair's Text

praskrishna — 2012-03-30T06:59:14Z

The Chair's text with comments of Member States is available here.

For more details visit http://editors.cis-india.org/accessibility/chairs-text.pdf

Certificates

praskrishna — 2016-04-02T06:31:41Z

Certificate Distribution

For more details visit http://editors.cis-india.org/home-images/CertificateDistributiontoParticipants.jpg

Certificate of Participation

praskrishna — 2013-07-30T05:30:43Z

Certificate of Participation

For more details visit http://editors.cis-india.org/home-images/Certificate.png

Certificate CC-BY-3.0 License

praskrishna — 2014-07-04T10:37:49Z

Certificate

For more details visit http://editors.cis-india.org/home-images/DSC06849.resized.JPG

CERT-In's Proactive Mandate - A Report on the Indian Computer Emergency Response Team’s Proactive Mandate in the Indian Cyber Security Ecosystem

praskrishna — 2016-11-19T04:03:58Z

For more details visit http://editors.cis-india.org/internet-governance/files/cert-ins-proactive-mandate.pdf

CEPT to Set up Centre to Research Role of Internet in Social Development

praskrishna — 2011-08-02T06:06:55Z

Nishant Shah, Director (Research) at the Centre for Internet and Society (CIS) in Bangalore who will assist the centre, said: "No one predicted the outcome of the Arab Spring, because everyone was looking at the way Internet was being used globally, not at the local level. We had the pink chaddi campaign, the anti-corruption calls of the Hazare camp, and those against sexual violence in New Delhi, but they were largely ad-hoc and temporary, and disappeared."

Cross-posted from the Indian Express

Pratyush Shankar, an associate professor of architecture at CEPT University in Ahmedabad had begun teaching a new course, “Cyber Culture” at the institute when news of the Jasmine Revolution began to filter out from Tunisia.

By the time the 35-day course was over, a new government was in place in Tunis and Sharkar is now thrilled that a full-fledged centre to research the role of Internet in social and academic developments will be established at CEPT this session.

"I thought to myself, 'This is going to be big! Just watch how the internet is going to make this different! and I was right," said Shankar.

The establishment of the "Centre for Internet and Digital Technologies" will be supplemented by a weeklong workshop in August - "Locating Internets: Histories of the Internets in India" for academics from various disciplines, an effort the organisers hope will propel thinking on how Internet is now part and parcel of academia.

"When we give students assignments, the first thing they do is go to Google-uncle," said Shankar, pointing out the Internet’s "knowledge-producing" role, a phenomenon academia is not entirely willing to accept as a formal part of the teaching process although teachers use it extensively as a tool.

Shankar calls himself a 'non-techie', though he uses Internet as part of his work profile: his students post their assignments on a server called "Sa-nity", where he also uploads and archives work from previous batches. The latest plan is to form a blog where students will comment on the classroom teaching or discuss topics - 'an after-class space'.

Shah said the reasons could be factors like caste, religion, language and region.

He added: "During the Independence movement, two things were going on at the same time; there were mass movements where foreign clothes were burnt, khadi promoted and the like, which was buoyed by a very active print media that spread the information and ideas."

Internet technology now is equivalent to the print technology of that time, he added.

This news was published in the Indian Express on June 18, 2011.

For more details visit http://editors.cis-india.org/raw/histories-of-the-internet/blogs/internet-society-and-space-in-indian-cities/cept-centre-for-role-of-internet

Centre to form panel to 'encrypt' MGNREGA-DBT database and prevent leaks

praskrishna — 2017-07-14T10:46:45Z

Around 5 crore bank accounts of active MGNREGA workers yet to be seeded with Aadhaar.

The article by Sanjeeb Mukherjee was published in the Business Standard on July 14, 2017.

Alarmed over reports of ‘public disclosure’ of sensitive Aadhaar data through various portals and payment gateways, the Centre is in the process of appointing a high-powered panel of almost 20 experts to suggest ways and means through which data, particularly one which can be accessed through the MGNREGA-DBT platform can be encrypted.

Encryption, officials believe, would prevent the Aadhaar data and other related information from falling into wrong hands.

The need for proper encryption of Aadhaar data rose after the government made it mandatory for availing almost all benefits - be it school scholarships, payments of MGNREGA wages, identification of beneficiaries under mid-day meal scheme and even public distribution system along with others.

Ensuring cyber security has become all the more necessary as the Central government, in a notification issued last month, has made it mandatory for all bank accounts to be seeded with Aadhaar numbers by December 31, 2017, or else they would cease to be operational until the time the account holder furnishes his Aadhaar number.

This could seriously hamper payment of wages to MGNREGA workers because as per available information almost 5 crore active workers don’t have their bank accounts seeded with Aadhaar.

To complete the process before December 2017, the ministry of rural development has planned special Aadhaar camps to be held in villages from July 20 to September 2017.

Recently, a website published all confidential details of customers of a private telecom company including Aadhaar numbers and other information.

The breach was another instance of secure confidential information falling into public domain.

Officials of the panel, which would be headed by former NASSCOM head Kiran Karnik are expected to submit their report on the same within the next few months.

Other members of the panel include Director General of National Institute of Smart Governance (NISG), officials from Indian Computer Emergency Response Team (ICERT) and others.

However, cyber security experts believe that encrypting Aadhaar-DBT details mainly for those schemes and programmes which have a direct linkage with the public at this later stage has its own challenges as the entire ecosystem around Aadhaar has grown manifold ever since it was made mandatory for a variety of programmes.

Also, in the absence of a national encryption policy, such a move will have its own legal and regulatory challenges.

“Ever since the government made Aadhaar mandatory for many things, the entire ecosystem around it including the Central Identities Data Repository (the agency which stores Aadhaar data is exposed to leaks,” noted cyber law expert Pawan Duggal told Business Standard.

He said that without a proper national encryption law, it would be extremely challenging to provide legal and regulatory backing to encrypt all Aadhaar- DBT data details for MGNREGA. “Also now that the ‘cat is out of the bag,’ encryption of Aadhaar details will be hugely challenging,” Duggal said.

Already, civil society activists said that after some concern, the central government has removed all Aadhaar numbers and bank details from MGNREGA website, which has made tracking payments difficult.

A recent study by Amber Sinha and Srinivas Kodali from the Centre for Internet and Society (CIS) found that granular details about individuals including sensitive personally identifiable information such as Aadhaar number, caste, religion, address, photographs and financial information are only a few clicks away through government schemes dashboard and portals.

“While initiatives such as the government open data portals may be laudable for providing easy access to government data condensed for easy digestion, however in the absence of proper controls exercised by the government departments the results can be disastrous by divulging sensitive and adversely actionable information about the individuals who are responding units of such databases,” the report said.

It specifically studied two major schemes of the ministry of rural development; the National National Social Assistance Programme and MGNREGA along with some state schemes.

Pointers

a) Centre to form a panel to encrypt all MGNREGA-DBT database to prevent leaks.

b) The panel might also suggest ways and means in which such ‘encryption’ could be applied in other platforms.

c) The panel is expected to be headed by former NASSCOM head Kiran Karnik.

d) The encryption is essential as from January 2018 all non-Aadhaar seeded bank accounts will cease to be operational unless the holders seed them.

e) A recent study found that vivid details about individuals can be easily accessed from government platforms and databases.

f) The MGNREGA database was one such publicly available platform which formed part of the study.

For more details visit http://editors.cis-india.org/internet-governance/news/business-standard-sanjeeb-mukherjee-july-14-2017-centre-to-form-panel-to-encrypt-mgnrega-dbt-database-and-prevent-leaks

Centre should partner local communities in 'Digital India': Expert

praskrishna — 2015-01-16T02:34:54Z

The central government needs to partner communities at the grassroots level and integrate the country's vernacular component to make the Digital India initiative a success, an expert said here Friday.

The blog entry originally published by IANS was mirrored in Zee News on January 9, 2015. T.Vishnu Vardhan was quoted.

"Whatever money it (Centre) is spending on culture, heritage conservation and preservation etc., it is always a very centralised activity.

"It is very, very essential to partner local communities," T. Vishnu Vardhan, programme director (Access to Knowledge), The Centre For Internet and Society, Bengaluru, told IANS here.

Vardhan was attending the 10th anniversary celebrations of Athe Bengali Wikimedia community at the Jadavpur University here.

Aiming to turn the country into a digitally empowered society and knowledge economy, the Narendra Modi government has envisaged the Rs.1 lakh crore Digital India project.

Global IT giant Microsoft and Google have offered to help with the programme.

Vardhan said that while going forward with the project, the Centre must integrate the vernacular components. Else it will be restricted to Delhi and metro cities. Access to culture on digitised platforms should not be limited, he observed.

"The current government talks about Digital India. But when you talk about digital India, the key thing that one needs to take into consideration is not the India but the Bharat -- the vernacular imagination of India, the regional imagination of India.

"Otherwise whatever grand plans they have will only be limited to Delhi and other metropolitan cities," said Vardhan.

He suggested that the central government take note of examples like Wikipedia's regional language domains to further the Digital India project.

"Wikipedia or wikisource where you put up the original prints source in digitised form and make it searchable... these are the examples that the government should look at because these are done with the help of local volunteers who come from the remotest regions," said Vardhan.

For more details visit http://editors.cis-india.org/openness/news/zee-news-january-9-2015-centre-should-partner-local-communities-in-digital-india

Centre for the Study of Culture and Society, Bangalore seeks Programme Associate

praskrishna — 2011-05-06T11:26:00Z

The Higher Education Cell, Centre for the Study of Culture and Society, Bangalore, is looking for a Programme Associate under its Social Justice initiative.

The job profile is as follows:

Working closely with colleges in three states, helping to organize and conduct workshops for undergraduate students and teachers;
Facilitating development of innovative student projects addressing issues of social justice/diversity;
Undertaking content management for the project website, newsletter and blogs;
Building and sustaining online communities using creative and user-friendly web-based platforms and documenting processes of growth.

The candidate should be under 35 years of age and have good knowledge of computer applications and multimedia technologies. Ability to communicate effectively with undergraduate students is a pre-requisite. The job is based in Bangalore but involves a fair amount of travel within the country. Experience in teaching/research in the higher education sector and with media organisations would be additional qualifications.

Consolidated honorarium will be in the range of 18,000-20,000 per month commensurate with experience. Send in applications in soft copy and hard copy along with an updated CV to:

Dr. Tejaswini Niranjana
Higher Education Cell
CSCS
827, 29th Main
Poornaprajna Layout
Uttarahalli
Bangalore - 560061

Deadline: May 31, 2011. Shortlisted candidates will be interviewed in person. Those who have applied earlier need not apply. For detailed job description click here.

For more details visit http://editors.cis-india.org/notices/programme-associate-4-cscs

Centre for Study of Culture and Society seeks Programme Associate

praskrishna — 2010-04-26T06:22:35Z

The Higher Education Cell, Centre for Study of Culture and Society is looking for a Programme Associate to help develop e-content and conduct training programmes for projects under its Social Justice and Networked Higher Education Initiatives.

The job profile is as follows:

Coordinating activities for the generation of e-content ( in the form of digital course modules) to be offered at the Master’s level;
Liaising with partner institutions, universities and/or research centres to set up structures for e-tutoring and dissemination of courseware;
Working closely with colleges in three states, helping to conduct training workshops in web and multimedia technologies for undergraduate students and teachers;
Building and sustaining e-learning communities.

The candidate should be under 35 years of age and have good knowledge of computer applications and web technologies. Ability to communicate effectively with undergraduate students is a pre-requisite. The job is based in Bangalore but involves a fair amount of travel within the country. Experience in teaching/research in the higher education sector would be an additional qualification.

Consolidated honorarium will be in the range of 18,000-20,000 per month commensurate with experience. Send in applications in soft copy and hard copy along with an updated CV to:

Dr. Tejaswini Niranjana
Higher Education Cell
CSCS
827, 29th Main
Poornaprajna Layout
Uttarahalli
Bangalore 560061

Deadline: April 30, 2010. Shortlisted candidates will be interviewed in person. Those who have applied earlier need not apply

For more details visit http://editors.cis-india.org/news/position-announcement

Centre brings in new safeguards following cases of Aadhaar data leaks on government websites

praskrishna — 2017-06-06T15:41:16Z

The Centre has put in new safeguards following a number of cases of Aadhaar data leaks on government websites. All ministries are being asked to encrypt all Aadhaar data and personal financial details. Also, officials are being "sensitised" about legal consequences of data breach. And every government department is to now have one official responsible for Aadhaar data protection.

The article by Nidhi Sharma was published in the Economic Times on June 2, 2017.

The ministry of electronics and information technology has written to all departments on better data security. ET has reviewed the new guidelines. Aadhaar, a 12-digit unique identity number issued on the basis of biometric data, is linked to a person's bank account and used by government agencies to directly transfer benefits of several social welfare schemes.

Senior officials, who spoke off record, told ET all departments have been asked to immediately review their website content to check if personal data is on display.

A set of 27 dos and 9 don'ts has been circulated on data handling. This includes instructions on masking Aadhaar data and bank details as well as encrypting data. The government has mandated regular audits to check safety of personal data.

The ministry letter says, "It has come to notice there have been instances wherein personal identity or information of residents, along with Aadhaar numbers and demographic information, and other sensitive personal data ... have been published online."

The letter also spells out legal consequences of such data breach and warns the government departments to check future leaks. "Publishing identity information, i.e. Aadhaar number along with demographic information is in clear contravention of the provisions of the Aadhaar Act 2016 and constitutes an offence punishable with imprisonment up to 3 years. Further, publishing of financial information including bank details, being sensitive personal data, is also in contravention of provision under IT Act 2000 with violations liable to pay damages by way of compensation to persons affected."

The move to protect personal data comes after reports that data of 130 million Aadhaar cardholders has been leaked from four government websites. Reports, based on a study conducted by the Centre for Internet and Society (CIS) said Aadhaar numbers and details have been leaked.

For more details visit http://editors.cis-india.org/internet-governance/news/economic-times-june-2-2017-nidhi-sharma-centre-brings-in-new-safeguards-following-cases-of-aadhaar-data-leaks-on-government-websites

Centre blocks 32 websites for security reasons, restores some later

praskrishna — 2015-01-02T14:13:03Z

The Centre on Wednesday asked Internet Service Providers (ISP) to block 32 websites citing national security concerns, especially from terror group ISIS.

The article by S. Ronendra Singh was published in the Hindu Businessline on December 31, 2014. Pranesh Prakash gave his inputs.

The move created a flutter on social networking sites, as most of the Web sites, such as archive.org, vimeo.com, github.com, pastebin.com, codepad.org and paste2.org, were being used by global communities like application developers for free movies and books, coders and text sharing.

By late evening, some sites were restored.

Sources in the Ministry of Telecommunications and Information Technology confirmed the development and told BusinessLine: “It was based on some national security issues, and we cannot compromise with our nation’s security….”

A senior official from the Department of Telecommunications (DoT) said the directive had come from a Mumbai court after the Maharashtra Anti-Terrorism Squad (ATS) had approached it to block some Web sites carrying anti-India content.

The matter came to light after a circular, purportedly sent by DoT to ISPs, showed up on social networking sites, listing the sites, along with some screen shots. Incidentally, the said circular had edited out the letter head, date and the signature below. The ruling Bharatiya Janata Party’s IT cell head, Arvind Gupta, tweeted saying ‘the Web sites that have been blocked were based on an advisory by the Anti-Terrorism Squad, and were carrying anti-India content from ISIS’.

However, later in the evening, Gupta, in his tweet said, some of the Web sites such as vimeo.com have been restored because they have removed ‘objectionable content and/or cooperated with the on going investigations’.

However, the blocked Web sites raised a furore in the social media wherein people said the Government should amend the laws than do such things.

“The problem isn’t just about the specific sites that are blocked; the problem is always about the bad law + process relating to #GoIBlocks,” Pranesh Prakash, Policy Director at Centre for Internet and Society tweeted. He said the 69A Rules (of the IT Act 2000) does not allow for transparency, accountability and time-limits on blocks, so it is easily misused by the Government, the courts and individuals.

For more details visit http://editors.cis-india.org/internet-governance/news/the-hindu-businessline-december-31-2015-s-ronendra-singh-

Central Monitoring System to make government privy to phone calls, text messages and social media conversations

praskrishna — 2013-06-05T09:17:42Z

The government last month quietly began rolling out a project that gives it access to everything that happens over India's telecommunications network—online activities, phone calls, text messages and even social media conversations. Called the Central Monitoring System, it will be the single window from where government arms such as the National Investigation Agency or the tax authorities will be able to monitor every byte of communication.

This article by Indu Nandakumar was published in the Times of India on May 7, 2013. Pranesh Prakash is quoted.

But privacy and Internet freedom advocates are worried that in the name of security, the government could end up snooping on people, possibly abusing a system that does not have enough safeguards to protect ordinary citizens.

"In the absence of a strong privacy law that promotes transparency about surveillance and thus allows us to judge the utility of the surveillance, this kind of development is very worrisome," warned Pranesh Prakash, director of policy at the Centre for Internet and Society. "Further, this has been done with neither public nor parliamentary dialogue, making the government unaccountable to its citizens."

After the Mumbai blasts in November 2008, the government has been arming itself with powers and technology to help it eavesdrop on digital communications. The information technology law, enacted in 2000 and amended twice in 2008 and 2011, gives designated government officials the authority to listen in on phone calls, read SMSes, emails, and monitor websites.

Such access is allowed for purposes of "reasonable security practices and procedures".

However, Pavan Duggal, a Supreme Court advocate specialising in cyber law, said the government has given itself unprecedented powers to monitor private Internet records of citizens. "This system is capable of tremendous abuse," he said. The Central Monitoring System, being set up by the Centre for Development of Telematics, plugs into telecom gear and gives central and state investigative agencies a single point of access to call records, text messages and emails as well as the geographical location of individuals.

Duggal, who closely follows New Delhi's battle with Internet firms, said there hasn't been much details from the government on what exactly the system intends to monitor and under what conditions.

In December 2012, the then information technology minister Milind Deora told Parliament that the monitoring system, on which the government is spending Rs 400 crore, will "lawfully intercept Internet and telephone services".

Work on the system has been kept under wraps for nearly two years. Several government agencies have issued tenders seeking specialised equipment and systems for such monitoring.

As part of modernisation, the home ministry is updating all its offices in state capitals with such gear. C-DOT group head Shikha Srivastava declined comment. Information technology ministry spokeswoman Mamta Verma redirected the queries to Gulshan Rai, director of India's Cyber Emergency Response Team, but Rai declined comment.

With over 100 million users, India is one of the fastest-growing Internet markets in the world. The government has come under criticism from activists for increased censorship and tracking of user records. Internet activist group Anonymous has started raising the pitch against the monitoring system, claiming that security is just a pretext for spying on citizens.

Disclosures by Google show that the number of requests from the government seeking personal information has been on the rise. In the second half of 2012, the government made nearly 2,500 requests, Google said.

"Even legitimate conversations could end up being tracked," cautioned Duggal, the Supreme Court lawyer.

For more details visit http://editors.cis-india.org/news/times-of-india-indu-nandakumar-may-7-2013-cms-to-make-govt-privy-to-phone-calls-text-messages-and-social-media-conversations

Centaur website reveals guests' personal info

praskrishna — 2011-06-20T07:35:57Z

The Centaur Hotels' website, centaurhotels.com, appears to have compromised personal information of its hotel guests, in what seems to be a case of poor internet security protocols implemented by the site. This allowed website visitors on Saturday to obtain and view details of passports, driving licences, pan numbers, credit cards, and other forms of personal identification provided by its guests.

Centaur Hotels, a unit of the Hotel Corporation of India (HCI), is a wholly-owned subsidiary of the National Aviation Company of India that runs national carrier Air India. It runs a hotel near the Delhi international airport and another in Srinagar.

Around 52 scanned copies of passports of people of different nationalities, pan card details of Indian guests and driving licences were visible on the site. The page was taken down when the issue was brought to their notice. Various online facilities such as reservation are not available now. But TOI has screen shots of some of the documents. When contacted, Centaur marketing head Pradeep Garg said, "We will look into the matter. Please lodge a formal complaint. We don't have an online payment system, hence we don't collect any identification proof."

Centaurhotels.com shows the site manager as Capt Samarth Singh, who is the chief executive of a consultancy firm called Hybrid Content. But Singh said that for the past one year, the site was under the jurisdiction of a website developer in Mumbai, S Naidu. "We will, however, clarify to both the parties - Naidu and Centaur Hotels," Singh said.

He said he had sent requests to Centaur Hotels to remove his name from the hotel portal as his contract had ended. Hybrid held the contract from December 2008-April 2010. It has won the mandate to manage the site from June 1. "But the domain is not within my reach. It is still with the old registrar," Singh said.

Sunil Abraham, executive director of Centre for Internet and Society, said personal information leaked online is a breach of privacy. "Anybody collecting passport and credit card details has to follow security policies. According to Sec 43 of the IT Act 2000, the hotel shall be liable to pay damages not exceeding Rs 1 crore to every individual so affected."

This article by Shilpa Phadnis was published in the Times of India on June 20, 2011. Read the original here

For more details visit http://editors.cis-india.org/news/centaur-reveals-personal-info

Censorship makes India fall two places on global internet freedom chart

praskrishna — 2012-09-27T10:37:47Z

A recently released global report on the internet freedom rated India 39th in 2012, a slip from two places last year.

The article by Dilnaz Boga was published in DNA on September 27, 2012.

The report titled, Freedom on the net 2012 (FOTN): A global assessment of internet and digital media by Freedom House, a Washington-based monitoring group conducted a comprehensive study of internet freedom in 47 countries.

Quoting Bangalore-based Centre for Internet and Society, the report said 309 specific items (URLs, Twitter accounts, img tags, blog posts, blogs, and a handful of websites) have been blocked by the government. But officially, the government has admitted to blocking 245 web pages for inflammatory content hosting of provocative content.

Ketan Tanna, India analyst for Freedom House told DNA, “A reflection of the downward spiral in the freedom on the net that Indians enjoy is evident in the upward revision of scores for India in the FOTN 2012 report. India was one of the only 4 of the 20 countries that “recently experienced declines” and are democracies. The other three are Mexico, Turkey and South Korea.”

Internet usage in India continues to increase, with tens of millions of new users getting online each year. According to the International Telecommunications Union, internet penetration was 10% — or about 120 million people at the end of 2011. Among internet users, 90 million were ‘active,’ accessing it at least once a month (70 million urban and 20 million rural).

The report has mentioned that in India, “amid several court cases regarding intermediaries’ responsibility for hosting illegal content, much evidence has surfaced that intermediaries are taking down content without fully evaluating or challenging the legality of the request”.

Citing an example, Tanna said in December 2011, the website Cartoons against Corruption was suspended by its hosting company after a complaint filed with the Mumbai police alleged that the site’s cartoons ridiculed parliament and national emblems. “As a result of such dynamics, large swaths of online content are disappearing, and the losses are far more difficult to reverse than the mere blocking of a website,” he added.

More common than website blocking is the removal of content based on judicial orders, government directives, and citizen complaints. This phenomenon that has increased in recent years and in some cases, targeted content on political, social, and religious topics, the report said.

The Indian authorities had submitted 68 removal requests covering 358 items between January and June 2011. According to Google, 255 items related to what it categorised as “government criticism,” while 39 involved defamation and 8 pertained to hate speech.

In January, responding to a freedom of information request, the home ministry reported that the government orders 7,500 to 9,000 phone interceptions per month, the report disclosed. Criticising this practice and the government’s disregard for the Constitution, the data revealed, “Established guidelines regulate the ability of state officials to intercept communications, but India lacks an appropriate legal framework and procedures to ensure proper oversight of Intelligence agencies’ growing surveillance and interception capabilities, opening the possibility of misuse and unconstitutional invasion of citizens’ privacy.”

As another method of controlling speech and activism online, governments have imposed temporary shutdowns of the internet or mobile phone networks during protests or other sensitive times. Localised internet shutdowns and mobile phone shutdowns occurred in India due to security concerns, the report said.

For more details visit http://editors.cis-india.org/news/dna-india-sep-27-2012-dilnaz-boga-censorship-makes-india-fall-two-places-on-global-internet-freedom-chart