Logo

Defender of your Digital Freedom

All Posts | Oct 25,2017

“Privacy Bytes” launched by SFLC.in as a one-stop destination for resources on online privacy in India

New Delhi, October 24, 2017: Delhi-based not-for-profit legal services organization SFLC.in today launched “Privacy Bytes”, a new website to provide policy makers, academics, media persons and the public at large with resources on online privacy-related issues, matters and cases in India. Accessible at privacy.sflc.in; the website has compiled notes on the Right to Privacy; FAQs and information about the existing legal situation regarding privacy in India as well as information about the efforts underway to shape the future of privacy in India. SFLC.in also launched a twitter presence @privacybytes that will provide the latest updates and resources on privacy. The website will also feature extensive resources on privacy laws around the world, Indian and international reports on privacy and judicial pronouncements on citizens’ right to privacy.

Mishi Choudhary, President at SFLC.in said, “Guaranteeing the citizens’ right to privacy is a fundamental step towards realizing the vision of a digitally empowered society in India. As the contours of privacy and data protection laws for Indian citizens are being drawn up, we believe this is the right time to produce a comprehensive repository on all matters related to privacy to spread awareness as well as support an informed analysis and discussion among all stakeholders involved.”

The right to privacy has been a matter of public debate in India in the recent months. In August 2017, a nine-judge bench of India’s Supreme Court unanimously ruled that Right to Privacy is an integral part of Right to Life and Personal Liberty guaranteed in Article 21 of the Constitution of India. It added that the right to privacy is intrinsic to the entire fundamental rights chapter of the Constitution. Earlier in July, the Ministry of Electronics and Information Technology (MeitY) constituted a Committee of Experts to study and identify key data protection issues and suggest a draft Data Protection Bill.

SFLC.in also said that it will soon publish simple infographics that will explain how to protect and safeguard privacy in the age of smartphones; and will continually add new resources and content on the issue on ‘Privacy Bytes’ website.

About SFLC.in:
SFLC.IN is a donor supported legal services organisation that brings together lawyers, policy analysts, technologists, and students to protect freedom in the digital world. SFLC.IN promotes innovation and open access to knowledge by helping developers make great Free and Open Source Software, protect privacy and civil liberties for citizens in the digital world by educating and providing free legal advice and help policy makers make informed and just decisions with the use and adoption of technology. You can support their work by making tax-deductible donations and providing feedback.

All Posts | May 02,2016

Don’t listen to the IT giants: Eben Moglen

The Indian government has rightly rested its Digital India initiative on a series of measures to liberalise the economy. One of those measures of free-market wisdom, however, the usual government-cheering section suddenly seems to be irrationally against. The PMO will be receiving from the Department of Industrial Policy and Promotion (DIPP) on April 30 a report on the Patent Office’s Computer-Related Inventions Guidelines (CRI), in which parties who usually applaud free-market measures are horrified to discover that Section 3(k) of the Patent Act really does prohibit government-awarded monopolies in software, and that the controller of patents is implementing the statutory command.

Software patenting is not a requirement of TRIPs, or of any current international trade law. The controller’s new CRI guidelines actually implement a test for software per se — unpatentable owing to Section 3(k) — which is close to the "machine or transformation" test all-but-imposed by the US Supreme Court in a series of cases over the last five years, in all of which we were amici curiae, urging the court in its current direction.

Software patenting is not in the Indian national economic interest. "Software," as Bill Gates used to say, "is an IQ business". When non-Indian firms can get software patents in India, the effect is to hobble the Indian IQ advantage, by making what many talented Indian programmers could otherwise use to make new innovations in software the property of the non-Indian patenting company. As our organisation, SFLC.in, has shown in its research report on the subject, more than 90 per cent of software patents awarded in India, before the rectification imposed by the new guidelines, were issued to foreign corporates.

Indian software companies can and do patent their inventions abroad, thus actively competing in the market for government monopolies maintained in other countries. But as the US Supreme Court has moved the US patent system away from patenting pure software claims and software-enabled business method claims, permitting such claims to be perfected in India awards the US and other non-Indian companies an unfair advantage here. The persistent US unfairness found in the Super 301 designation, alleging supposed inadequacy in Indian "protection" of "intellectual property", is also clearly expressed in current demands by US industrial parties — softly but unmistakably backed by their government — that India reverse a course converging with the US’s own.

In the Regional Comprehensive Economic Partnership (RCEP) negotiations, too, Indian efforts to implement its own longstanding patent law, preventing foreign parties from using the patent system to hobble Indian advantages in software-making, have come under direct fire. Language proposed by the Japanese government would require India to repeal the CRI guidelines and modify or abandon Section 3(k), which makes algorithms and software per se unpatentable.

Software industry incumbents, including TCS and a sprinkling of other Indian firms among the phalanx of US giants, have been forecasting doom if the Patent Act is actually observed. Along with patent lawyers — to whom no limits on the applicability of patent law are ever welcome — they have been announcing the death of Digital India, unless they are instantly allowed to own it. But as many IIT luminaries and dozens of start-up entrepreneurs have publicly indicated to the Indian government in refutation of this chatter, the most important barrier to the growth of the burgeoning internet economy’s dynamic, inventive small firms is the uncertainty for potential investors caused by the possibility of patent attacks by incumbents against new market entrants.

Patent law is supposed to provide a limited-term commercial monopoly in return for the disclosure of inventions that would, in the absence of patent availability, be kept secret. This "bargain" has never made analytic sense for inventions made entirely of computer software. The idea of "free software", made by massive collaboration under rules allowing everyone to learn, understand, improve and share, has transformed the global software industry. Disclosure is now an inherent part of the process by which progress occurs, as it is in fundamental research in physics, chemistry or any other natural science.

Patenting software makes no more sense than patenting mathematics, which is why the Patent Act Section 3(k) says what it does. Patenting software is no more a part of the Digital India future than is patenting arithmetic. The government will wisely pay no heed to the blandishments of the incumbents.

This article was written by Prof. Eben Moglen for The Indian Express, published on April 30, 2016.

All Posts | Mar 21,2016

Without rules, Sahibs may own your data

Now that the inevitable death of Free Basics by Facebook has happened and the dust has settled, the real outlines of the government of India’s Internet and Digital India policies are coming into focus.

The four pillars of the government’s intentions have been declared and are already under construction: a policy to prefer free and open source software in all egovernance software solutions; new guidelines on patenting ‘computer-related inventions’, which will adhere strictly to the prohibition on patenting computer programs; comprehensive reliance on Aadhaar to provide a biometrically-backed digital identity for every Indian citizen; and the ‘India Stack’, a set of software designs that build atop the Aadhaar unified digital identity to provide cashless payment systems available to all Indians, electronic government services and a ‘consent layer’ for transactions exchanging Indians’ personal information in the private market.

This is an immensely ambitious agenda, but how this agenda is fulfilled, and, in particular, what the consequences are for freedom in the world’s largest democracy, will depend on the fifth pillar of the new Digital India. This pillar is protection of all citizens’ right of privacy.

About the role of privacy in the future Digital India, the government is plainly ambivalent. Having announced it would seek a definitive Supreme Court ruling in the ongoing Aadhaar litigation, the government last week chose instead to rush Aadhaar legislation through Parliament under the contentious claim that it represented a money bill insulated from Rajya Sabha consideration, thus avoiding any significant form of public policy debate.

The Aadhaar legislation ensures that there will be a single database, at CIDR, holding fingerprint, retinal scan and, eventually, full genomic information on every Indian, along with name, address, phone number and — in a continuing reminder that every Indian woman is treated as some man’s property—the name of each woman’s husband or father. From this data, the ordinary conduct of the simplified statistics, we call data science, can infer other pieces of sensitive information with almost flawless reliability.

The rules concerning access to and operations on this data — which will be determined by future subordinate legislation — whether the surveillance and control of will be enormously facilitated; whether each Indian’s purchases, savings, gifts and receipts will be trackable, controllable and preventable by anyone with sufficient political power or a stolen set of digital keys.

The Bill accords the government an unrestricted right to access and use CIDR’s database for purposes of "national security", a term nowhere defined in this legislation, or anywhere else in Indian law. Given that this database can be used to identify, locate and control people — and the likelihood that any uses made for "national security" will be kept secret and outside the scope of judicial review —only the declaration by the Supreme Court of the broadest and most powerful individual constitutional right of citizen privacy can prevent the inevitable misuse of this power by some future government.

Ministers of the present government who were jailed under the Emergency declared by a government without such tools, or whose phones were surveilled by a more recent past government with lesser tools, should be among those most concerned by the possible consequences The government’s concern with acquiring free and open-source software and its decision to resist the blandishments and threats of the multinational IT companies speak to the strongly nationalistic quality of the Digital India vision.

But without an equally clear and determined set of policy commitments to protect the privacy of Indian citizens comprehensively, the digitisation of identity and payment threatens to replace foreign "white" owners of Indians’ lives with domestic "brown" ones. Because information is power, such an oligopoly of data, if it is not imperialism, would be tyranny.

This article was written by Eben Moglen and Mishi Choudhary for The Economic Times Blog published on March 21, 2016.

All Posts | Dec 03,2015

How Have Internet Shutdowns Impacted Your Life? – The Huffington Post

With the advent of the internet, the global communications landscape has undergone a number of dramatic changes. Not only has the internet made communications technology more universal and affordable, it has also provided a whole new platform for self-expression bundled with elements of decentralisation and anonymity, making it one of the most powerful tools for political discourse in the 21st century. This also means that the internet has been increasingly targeted for control, and complete regional shutdowns of the public internet are frequently resorted to in parts of the world.

Between 2013 and 2015, access to the public internet has been blocked nine times across four Indian states. Annual instances of shutdowns climbed from one in 2013 to two in 2014 and six in 2015. Jammu & Kashmir saw the highest number of shutdowns with four instances over 2013, 2014 and 2015, followed by Gujarat with three internet clampdowns over 2014 and 2015. Nagaland and Manipur had internet shutdowns enforced once each in 2015.

While most shutdowns were instituted in the interest of maintaining law and order under the threat of widespread violence, the process followed remains shrouded in uncertainty. Despite there being a detailed procedure laid down by India's Information Technology Act to block public access to online content under specified circumstances, this is often discarded in favour of blanket shutdowns, which may be easier to implement in the short term, but come with collateral damage in terms of non-access to essential services that depend on the internet for their functioning. In 2011, the Organisation for Economic Co-operation and Development (OECD) estimated that a complete five-day internet shutdown in Egypt resulted in direct costs of at least USD 90 million. A 2015 study by the Germany-based Centre of Internet and Human Rights on "The Impact of Mobile Network Shutdowns in Pakistan" stresses how "Network shutdowns are a fundamental risk, not just to freedom of expression, national or personal security or business operations, but also to the most fundamental of sustainable development challenges faced by all state.

We invite readers to narrate their stories of how the shutdowns impact their day to day lives and business. A record of such shutdowns can be found at the website of the Software Freedom Law Centre.

This article first appeared on The Huffington Post (India Edition) on 2nd November 2015.

Photo byStahlkocher / CC BY-SA 3.0 EDIT: And updated version of the Infographic is available here. [19/02/2016]