Defender of your Digital Freedom

All Posts | May 07,2020

Internet Governance in Times of a Pandemic

Internet Governance in Times of a Pandemic

By Rahul De’ and Neena Pandey

With the almost 2-month lockdown mandated by the Indian government, the activities of many institutions have moved to the online space. Employees of all organisations are being asked to work from home, which means they log in to their office systems remotely and use file servers, video conferencing, social media and other telecommunication services even more than before. This is coupled with the increase in demand for hedonic uses of the internet - for watching movies, playing games, and video chatting with friends and family. This has led to an unprecedented rise in the demand for bandwidth, with cities like Bangalore registering 100% increases.

India still ranks low in the world with regard to internet penetration and access, and bandwidth availability. Though its access parameters have improved in absolute numbers in the last few years, it is still in the third quartile among all countries in the world. In times of crisis, such as the current one, where demand has spiked, it is the have-lesses and have-nots of internet access who are suffering the most.

It is with these two conditions in mind - spike in demand for internet resources, and low access of most people to the internet, that we raise the issue of governing the internet in these times.

Internet governance is a strange problem that has both international and national components. The international components, of assigning unique addresses and domain names, of resolving contentions over domain names, and many others, can only be resolved through international fora like the Internet Corporation for Assigned Names and Numbers (ICANN). The national components, though, are settled through policy in India and through Indian agencies. These consist of issues such as telecommunication policies for Internet Service Providers, ordering internet shutdowns, regulating content providers, and many others.

For the better management of COVID-19, which has been declared as a pandemic, the internet has become crucial for almost all activities of coordination and communication. Be it testing of afflicted persons, recording of details of location, planning for logistics of quarantines, or providing food and shelter to those affected - every bit of information crucial for managing these tasks is now carried by data packets on internet devices.

One fundamental principle of the Internet, and a basis for its governance, is that of maintaining network neutrality. This means that no packet on the internet is given a higher priority over another packet. Which means that an email from the Prime Minister has as much priority as an email from any of us. This principle has been challenged in many public debates and in court cases. As almost all physical services, such as moving packages or people or goods, have priority and category differentiation, think of first class and economy class passengers, it is difficult for most to understand why there cannot be such a differentiation for packets on the internet.

Debates aside, and there is considerable academic writing on this, the issue is - for developing countries like India, and for extreme situations like the one we are experiencing now, should we still adhere to the old rules of governing the internet, or should we seek new priorities. We have a few concrete suggestions, based on our research, we would like the Indian government to consider and, possibly, implement.

One, do not have internet shutdowns in any region, for any reason whatsoever. The internet and data connectivity has become a lifeline for many - citizens and administrators - and shutting it down through administrative fiat should be a strict no. Services such as healthcare, education, civil administration, along with most industrial organisations, are relying heavily on the internet. Many school, colleges and universities, for example, have moved their exams and interviews to the online mode. Further, doctors and hospitals are offering video conferencing modes for consultations. In such a situation, we cannot afford to have any part of the country cut off from internet access.

Two, encourage purely hedonic content providers, like movie and gaming sites, to throttle their streaming data volumes. Many, like Facebook, Netflix and Instagram, have already done so voluntarily. Other sites that provide gaming, particularly 3D gaming, consume high bandwidth and may be encouraged and advised to restrict their timings and data usage. The government distinguishes between essential and non-essential services in the physical world, and it may do the same for the online world also. Essential services, like supply chain coordination, medical consultation, may be given higher priority and bandwidth, than non-essential content, like TikTok videos.

Three, actively encourage sites that provide authentic news and verifiable information. With the COVID-19 spread, society is also witnessing a fake news pandemic. There are many sites on the internet that are propagating dubious news and advice on how to deal with the coronavirus. In one recent event, a fake remedy (of drinking alcohol) floating on social media led to 300 people being killed and more than 1000 falling sick in Iran. It is near impossible to find and restrict such sites, it is easier to promote reliable sites, along with information on how to spot and stop fake news. This requires working with major social media providers, while respecting the intermediary liability guidelines already a part of Indian law.

Four, encourage and promote data privacy regulations. Much data is now being collected on citizens regarding their travel histories and their contacts with others. This data is needed for controlling the spread of the virus, however, it is also being used for 'naming and shaming.' Some sites are releasing names of all those who have traveled, to what destinations and when, without permission of the citizens concerned. This is a direct violation of privacy and the Supreme Court guidelines and rulings on the fundamental rights of a citizen. This data may be used only for disease control and spread, and not for any other purpose.

Finally, it is important to remember that the internet has spawned a ‘gig-economy’ with a large number of workers employed informally. These services, such as ride-hailing or skill-contracting, are under lockdown also, and yet there is no provision for providing these workers lockdown compensation or any sort of benefits. The government may consider extending benefits to them also.

The internet is possibly the most powerful infrastructure humanity has ever invented. It holds the potential to both assist with situations of crisis and become a tool of mass surveillance and state control. We urge that governments use all the facilities, while at the same time upholding the fundamental rights of privacy and freedom of expression of citizens.

image of Prof Rahul De
Prof. Rahul De’ and Neena Pandey are professors of Information Systems at IIM Bangalore and IIM Visakhapatnam respectively. Prof. Rahul De' is also a Governing Body member of SFLC.in

Disclaimer: The opinions expressed within this article are the personal opinions of the author. The opinions appearing in the article do not reflect the views of SFLC.in and SFLC.in does not assume any responsibility or liability for the same.

All Posts | Oct 02,2019

Distributed Decentralized Technology for empowering people is still a dream!

Distributed Decentralized Technology for empowering people is still a dream!

By Dr. Nagarjuna G

Socio-political problems cannot be fixed by technology, however technology can facilitate and expedite the distribution of justice or disruption of social fabric. Copyleft cannot fix freedom of expression, but it will make it easy and accessible. Copyleft cannot fix abuse of media, such as distribution of indecent content or trolls. However, technology can help detect them through transparent collaborative models, and fix it faster than a centralised model where we appeal for justice through a hierarchical judicial system. Copyleft is a paradigm case of how justice can be made inherent as a protocol. Technology cannot grant RTI (right to information), but it can make RTI redundant by making information always accessible. Who will need to file an RTI on Wikipedia? Technology cannot inform us that freedom to whisper is a political necessity and so must be protected. However, technology can help us create means of efficient whispering. The idea that personal data should be protected by the state does not come from technology, but mismanagement of technology can make the personal data leak without notice is a technical lesson.

Technology that we use not only determines but also expands the action field of human beings, individually or together as a group. And so, it can transform the existing fabric of society, and often this transformation could be disruptive. Whether the action is ethical or not, is part of continuing social mediation and negotiation. Though we cannot fix this through technology, if the technology we use is proprietary, we cannot know what is being done to us in our own action space. That is why, we should never allow opaque technology to enter our lives. Public audit of all technology used in public space for a public goal must be made as a mandatory protocol by the state. Computer Hardware without open drivers should be treated as Trojan horses.

Technology grants an extended action space, which become power to those who have access to technology. In turn, this power could be used by forcing a person or even a country to become subservient or fight. Negotiating this space is the story of human history!

Human actions facilitated by technology can create resources that have exchange value. Multiple forms of currencies/coins are emerging, several of them digital, e.g. Bitcoin. The technology to mint or participate in an exchange of those coins does not seem to be accessible to commons. All of our enthusiasm to distribute justice could collapse, when a new form of currency gets into our life, while we are caught napping, which could take over all our negotiation space. On the one hand, we may feel good that corrupt governments do not have a hold of this space, but on the other hand neither does the commons. This does not seem to be a game for equity. These are also serious issues that we need to negotiate in the space of media politics.

The bottomline is: the human action space, without technology, is unimaginable. We are what we are because of our ability to create and use technology. Politics without technology, digital or not, is non-negotiable. What is negotiable is which actions are justifiable.

Read more from https://x.metastudio.org/t/distributing-justice-in-a-digital-society/160



Dr. Nagarjuna G

Dr. Nagarjuna G is a Governing body member of SFLC.in

All Posts | Sep 06,2019

Towards a Progressive Cryptocurrency Policy for India

Towards a Progressive Cryptocurrency Policy for India

By Satish Babu


1. Introduction

One of the most revolutionary developments in computing in the last decade has been the emergence of an entirely new family of computing artifacts, Cryptocurrencies. This domain has potentially deep implications in monetary policy, privacy, surveillance, Surveillance Capitalism, data protection, anonymity and financial inclusion, particularly in emerging economies.

The rapid development of cryptocurrencies has meant that regulatory frameworks have not been able to keep pace, and cryptocurrencies operate in far-from-clear policy and regulatory environments that vary from country to country. 


2. The relevance of Cryptocurrencies

Cryptocurrencies differentiate themselves from the traditional fiat currencies in that they are decentralized, free of entry barriers, not susceptible to controls by national governments, globally usable and intermediary-free. In many situations, cryptocurrencies provide efficient means of storage and transfer of value across the globe. 

Cryptocurrencies are used, just like fiat currencies, to store and to transfer value.  Cryptocurrencies have several advantages as well as risks:

  1. Ease of use for Transactions: Cryptocurrencies can be easy, quick and cheap to use in transactions such as payments and transfers.

  2. Financial Inclusion: Given that any end-user with a mobile phone and Internet can make transactions, cryptocurrency may be a feasible platform to enable universal financial inclusion. 

  3. Security: The core protocols of most cryptocurrencies are secured by cryptographic algorithms, even when there are malicious actors in the ecosystem (unless they are in the majority). 

  4. Value-added services: There are several crypto-based financial services that have become available, from loans to insurance to escrow. In Sri Lanka, Oxfam has implemented crop insurance on the Ethereum platform while the UN WFP used Ethereum to make grant transfer to refugees in Jordan with considerable time and cost savings


Some of the risks of cryptocurrencies include:

  1. Volatility: Many cryptocurrencies have high volatility in the short-run, which may impact speculative investors. Notably, there are now several “stablecoins” that are pegged to a currency, thus removing the speculative aspect.

  2. Money Laundering and related issues: Given that parties in a crypto transaction can be anonymous, Governments are very concerned about money laundering. Anti-Money Laundering (AML)  laws have been created in many countries. Governments implement also implement KYC norms in Crypto Exchanges where conversion fiat-cryptocurrencies (and vice versa) take place.

  3. Lack of Government Oversight: Many governments are concerned about the overall lack of governmental oversight over the crypto economy. However, given that the crypto economy is based on community-based, transparent, algorithmic processes, and also that the size of the economy is a minute fraction of the size of national economies, this criticism is considered addressable. 

  4. Collateral Security risks: While the core cryptocurrency protocols can resist malicious actors (Byzantine Fault Tolerance), there are associated tasks (such as handling of private keys) that are non-intuitive for the lay-person and there have been crypto lost on account of fraud, social engineering, cyber intrusion, malware attack, hardware crashes and human error. 


3. Need for a Progressive Cryptocurrency Policy for India

The position of the Government of India on cryptocurrencies appears to be based on deep distrust, right from the initial response around 2015. This position, perhaps erring on the side of caution in order to protect citizens’ interests, appears to consider cryptocurrencies as a scam or a Ponzi scheme. Subsequent responses from the RBI as well as the Garg Committee in 2019 indicate an apparent hardening of the same position, with stiff jail terms proposed for anyone dealing with cryptocurrencies. 

This is an unfortunate over-reaction, perhaps based on faulty understanding of the pros and cons of cryptocurrencies. What India requires is a more nuanced position that allows Governmental regulatory control over specific aspects of the operations of cryptocurrencies, but allowing individuals and institutions to operate them, with full disclosure to the Government. The following are the reasons why we need a better policy approach:

To begin with, cryptocurrencies represent a wave of innovation in FinTech that India cannot afford to miss. Apart from the $280+ billion market cap of cryptocurrencies, about $1.6 billion of investments have been made in 2018/2019 alone to support innovations in crypto. Banning crypto will cause the Indian Developer and Fintech communities to be completely isolated from the rest of the world, reducing India’s global competitiveness in IT in general and Fintech in particular. 

Second, Libra, created by the Libra Association led by Facebook, dispels the notion that cryptocurrencies are Ponzi schemes. Admittedly, Facebook has a dismal record on privacy and data protection, but the Libra Association has a number of well-known global corporations as members, who are collectively staking their reputations on Libra (the privacy concerns, of course, need to be clarified and resolved).

Third, the experiences of other countries, including in South Asia, in financial inclusion on cryptocurrency platforms should be recognized by India, and explored for application (even if on a pilot basis).

Finally, India has prided itself in continuously improving the ease of doing business within the country, but the recommendations of the Garg Panel, which appear to be draconian and disproportionate, will be a set-back for the country’s global image as a progressive nation.

Given these factors, India needs to carefully calibrate its response to cryptocurrencies instead of expressing what appears to be a preconceived position apparently based on incomplete information, and at odds with the rest of the world, which has responded with more open--even if skeptical--responses.


picture of satish babu   


      Satish Babu is a Governing body member of SFLC.in

All Posts | Aug 15,2019

Youth and Privacy: It does matter

Youth and Privacy: It does matter

By Faisal Farooqui


Imagine a busy highway. A small child of four or five years old is running into the traffic. His/her parents nowhere to be seen. Who do you think should be blamed if there’s an accident?

Now imagine that the highway is social media, and the toddler is one of the many young users. The parents are the internet entrepreneurs and lawmakers, and the cars on this highway are the various data protection and privacy laws. Now who do you think should be blamed if the young user’s privacy is not protected?


In a world swarming with the new generation, we have all found the need to blame them when the question of privacy comes up. Statements like - ‘kids these days share everything on social media. There’s no concept of privacy for them.’ - are being used more and more.

Here’s my question - if the youth really doesn’t believe in privacy, why do their phones have maximum security codes to prevent anyone from using their device?


The younger generation, although innocent and comparatively naive, is still worried about their data privacy. Their notions about what data is important and what is not, is different from the older generation, but they also feel the need to protect who they are. More and more younger children, when clicking photos, choose to angle their phones in a way that it blocks their faces. The youth might share their every meal online and what goes on in their minds, but they choose to strategically conceal their faces.


Exactly like every young teenager, they have a private life. Our generation preferred to keep it hidden in a diary, their world lives on the internet. Similarly, when we grew up, we chose to discard our old diaries. We either stuffed them away in some corner, or discarded it altogether. The younger generation needs that option on the internet. If a photo clicked at 15 years of age is not protected, and can haunt you when you’re a part of the workforce, who do you blame? The internet? Or the naive child to clicked on agree before using a social media app?


I firmly believe that whatever may be the age, people want their privacy. Their data might differ based on interests and age, but their need for privacy will always remain. Right from a young age of 12, when they first create their social media accounts, to the ripe old age of 90, when they are just looking to renew old connections, people prefer a certain level of assurance that their sensitive data is protected, even from companies, because like we cannot blame an unknowing toddler for running into traffic, we cannot blame a young teenager for clicking on agree to ‘terms and condition's when they hardly understand it.

As internet entrepreneurs, law makers, and policy makers, it is our duty, nay responsibility, to make more stringent guidelines in terms of data protection and privacy. The mass audience might not be aware, but as the people with access to this knowledge, it is our job to protect them in the best way we can. The youth might not realise the implications of using certain apps, but as creator of apps, we must adhere to our responsibility of protecting their data, and letting them decide a suitable course of action in the future, when they understand the laws deeper.


picture of faisal


     Faisal Farooqui is the founder of MouthShut.com and a governing body member of SFLC.in