Logo

Defender of your Digital Freedom

All Posts | Jan 07,2019

Over 14000 Websites Blocked By MEITY

There has been considerable spike in the number of websites/URLs being blocked from public access. Concerns on internet censorship cover inadequate safeguards, disproportionate blocking and ambiguous blocking orders.

The Ministry of Electronics and Information Technology (MeitY), in its reply to an RTI application filed by SFLC.in has stated that the ministry has blocked 14221 websites/URLs between 2010 to 2018 under Section 69A of the IT Act, 2000. The Ministry refused to provide the names and URLs of websites blocked in 2018 and copies of blocking orders issued in 2018, taking refuge under Section 8(1)(a) of RTI Act read with Section 69A of the IT, Act and Rules under them.

Section 69A of the Information Technology Act, 2000 mentions that the Central Government or an officer authorized by it may, through a speaking order recorded in writing, block public access to information on a computer resource, by directing any agency of government or intermediary. Such public access is blocked when it is necessary ‘in the interest of sovereignty and integrity of India, defense of India, security of the State, friendly relations with foreign states or public order or for preventing incitement to the commission of any cognizable offence relating to above’.

The section also provides for establishing a procedure and safeguards subject to which such blocking of access is to be carried out. Pursuant to this, the Central Government notified ‘The Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009’.

A copy of RTI reply has been published below.

All Posts | Jul 24,2018

[RTI] Minutes of the third meeting of the Expert Committee on Data Protection

The minutes of the first and second meetings of the Committee of Experts on data protection framework held on September 11, 2017 and October 3, 2017 respectively were disclosed in February 2018 in response to an RTI request made by a private citizen. It informed us that the Committee had been divided into four working groups and each working group was tasked with specific issues related to the proposed framework.

We filed a similar RTI application to MeitY asking for the minutes of all the subsequent meetings held after October 3, 2017. However, we were only provided details of the third meeting. It was communicated to us that the third meeting took place on November 13, 2017 and a fourth meeting was scheduled to take place on December 28, 2017.

The agenda of the third meeting of the Group of Experts on Data Protection, as provided in the response was as follows:

1. Discussion of respective parts of the White Paper:

a. Presentation to be made by Working Group on Grounds of Processing;

b. Presentation to be made by Working Group on Regulation and Enforcement; and

c. Presentation to be made by Working Group on Scope and Exemptions

3. Discussion on standard-setting under the proposed bill

4. Discussion on Key Issues raised by Dr. Gulshan Rai on the Draft MeitY Bill

5. Strategy for Public Consultation / Stakeholder Consultation and timelines.

The minutes of the meeting revealed that Dr. Arghya Sengupta and his team from Vidhi Centre for Legal Policy gave a detailed presentation on the consolidated white paper. The committee members deliberated on the issues outlined in the white paper and some of the important discussion points made during the presentation are:

  • Right of the data subject and harm incurring to him due to personal data collection, use and disclosure needs to be kept at the core of the Act.

  • The definition of identified, identifiable or reasonably identifiable personal data needs to be explicitly provided.

  • The implicit / explicit consent for the purpose and its use needs to be amply clear, which is a major ground for lawful processing of personal data. A checkbox method is one such option.

  • Besides the Data controller, whether the category of data processor and others need to be defined separately?

  • For child consent, while considering two options-putting in place an age bar and obtaining parental consent for the purpose of making a valid contract through some mechanisms. It was stated that Indian Contract Act require age of 18 years or more for the ability to sign a valid contract. It was also deliberated that owing to variety of target audience, one single model of consent may not work.

  • Data Controller should be more responsible in case of child’s consent and data processing. Australian Privacy Act model may also be looked at.

  • Notice to be made comprehensible for data subject to understand the meaning and the consequences arising thereof.

  • The purpose specification, use limitation, storage limitation and data quality, automated data, processing on the automated data and right to be forgotten needs to be clearly defined for the individual participation rights. Dr. Gulshan Rai opined that the white paper may include a question like “Whether Right to be Forgotten should be there or not?” He further opined that this will also help Government to get more insight of how technology companies view this issue.

  • Liability on data controller and processor connected to dealing with data.

  • Data Protection Authority and its functional rights similar to SEBI or IRDA may be explored. Data Protection body should be an independent body.

  • Strategy to adopt when imposing a penalty- percentage of global turnover or fixed optimum rupee limit.

  • The possibility of including class action suits and provisions of other Acts for compensation/offences.

  • The problem of enforceability of law against foreign entities dealing with the data of Indian subjects.

  • The concept of co-regulation or self regulation for he data controller needs to be examined.

  • The data audit of data controller to be done internally as well as externally.

  • Definitions of journalistic, artistic, literary exemptions to be reviewed or expanded.

  • Data Localization concept needs to be clarified in the context of globalization of data and its impact on the digital economy.

  • In the adjudicating mechanism, expenditure incurred can be of very high value due to high infrastructure requirements. The judicial impact assessment of this legislation can also be part of the white paper.

  • Every chapter of the white paper should include an open ended question in respect of suggesting “Any other alternative”.

  • Provisions for security standards which can be incorporated through subordinate legislation.

All Posts | Oct 09,2017

[RTI] 23030 websites/URLs currently blocked in India

According to the Cyber Laws and E-Security Group under Ministry of Electronics and Information Technology Group (MeitY), as many as 23,030 websites /URLs are currently blocked in India.

This information was received as a reply to a Right to Information application filed by us on August 28, 2017.

The following information was sought in the RTI application:

1) Number of websites / URLs currently blocked in India.

2) Names and URLs of the websites that are blocked.

3) Copies of blocking orders issued by the Department of Telecommunications, Ministry of Communications to block such websites.

The reply to the RTI application was received by us on Oct 6, 2017, wherein only the specific number of blocked websites / URLs was provided with. The rest of the information was denied on the basis of Rule 16 of the Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009 which says that strict confidentiality shall be maintained regarding all the blocking requests and complaints received and actions taken thereof.

The response to the RTI application is provided below.

All Posts | Jul 02,2012

When Copyright Tramples on the Right to Freedom of Expression

Vimeo, Pastebin, Piratebay and many other sites were blocked for over a month in India. There was lot of clamour in the twitterverse and social networking sites against the Internet Service Providers (ISPs) and the Department of Telecommunications (DOT) on this large scale website blocking. However, areply that SFLC.in has received from MTNL in response to an application under the RTI Act reveals the real picture. The reply shows how agents of copyright owners have misrepresented the Court order and forced ISPs to block these websites.

MTNL has furnished acopy of the letter that they received from Copyright Labs, the agents for M/s Creative Commercials Media & Entertainment Limited who are the the producers of the movie "Dammu". Copyright Labs have in the letter demanded that the ISPs block a long list of 272 websites including vimeo.com, pastebin.com and xmarks.com citing the Chennai High Court order. This is a clear misrepresentation of the court order as the order does not require blocking of websites. Earlier, areply that SFLC.in receivedfrom DOT showed that DOT had not issued any order to block websites.

 

A reply that SFLC.in has received from MTNL in response to an application under the RTI Act reveals the real picture.

The order in the suit filed by M/s Creative Commercials Media & Entertainment Limited restrains 38 Internet Service Providers (ISP) including MTNL, BSNL and Airtel and unknown persons named as "Ashok Kumar" from infringing the copyright by copying or communicating or allowing others to communicate or copying the movie. The orders with directions to unknown persons are often termed as John Doe orders or as Ashok Kumar orders in India. Such orders are issued when suspected offenders are unknown. This ensures that the copyright owner is not forced to approach the court to obtain an injunction every time the identity of an offender is known.

The Chennai High Court had also issued temporary injunctions in a suit filed by RK Productions, the producers of the movie "3". It is ironical that the movie "3" which derived maximum publicity from its song "kolaver di" having gone viral on social media and content sharing networks has now become the reason for blocking those very websites which ensured the wide distribution of the song and made it a roaring success. MTNL has stated in the reply that they received a letter from RK Productions, but they have enclosed the letter sent by Copyright Labs on behalf of Creative Commercials Media & Entertainment Limited.

Now, the question to be asked is whether such indiscriminate blocking of websites is mandated by the order of the Chennai High Court. The order restrains the ISPs as well as unknown persons from infringing the copyright or allowing others to infringe. The order does not have any direction on blocking of websites. SFLC.in contacted Mr.Harish Ram, CEO of Copyright Labs and he assured us that they have only asked the ISPs to block specific URLs that are infringing on their copyright. However, we filed this RTI request to verify this and the copy of the letter that they have sent to ISPs shows that what he said is not true. Their action in asking for blocking of entire websites is a mis-representation of a judicial order to cause indiscriminate blocking of these web-services through out the country.

The ISPs have chosen not to take a risk and have over-complied with the High Court order by blocking entire websites instead of taking down only the infringing content. The uncertainty that is prevailing about the safe harbour provisions, thanks to the problematic Information Technology (Intermediaries Guidelines) Rules, 2011 and the pending cases against Google and Facebook could have prompted them to take the safer option than to stand up for the rights of their users. This does not bode well for Internet freedom in India and is an ominous sign of things to come.

The Chennai High Court by a subsequent order dated June 15, 2012 clarified that the John Doe order issued to the producers of the movie "Dammu" is "only in respect of the particular URL where the infringing movie is kept and not in respect of the entire website". We hope that this clarification would stop further instances of indiscriminate blocking of websites. However, we find that the Piratebay is blocked even now in most networks.

The Supreme Court has held the right to receive information to be an ingredient of the fundamental right of freedom of speech and expression. When this right of the citizens are violated by such indiscriminate blocking of websites, it does not augur well for the largest democracy in the world.

This instance of blocking underlines the need for the law to prescribe penalties for sending such inappropriate blocking requests. This could be considered when the Government reviews the Information Technology (Intermediaries Guidelines) Rules, 2011 as promised by Kapil Sibal, the Minister for Communications & Information Technology in the Parliament.

Copyright owners need to understand the importance of the medium in popularising and monetising their work and should not take such ill advised action that affects this dynamic medium which is on an exponential growth path in India.

All Posts | Dec 10,2011

Thank You Mr Sibal!

We at SFLC.in , have been crying ourselves hoarse, on the Government Of India's clamp down on Freedom of Speech and Expression since April 2011 . Why April? In April, the Central Government notified the new Information Technology ( Intermediaries Guidelines) Rules . These Rules cast an obligation upon an intermediary to remove any content which may be unlawful, blasphemous, libellous, grossly harmful, harassing or disparaging. This removal of content was to be done on receiving a complaint by an affected party.

It bothers us. In our view, it is unconstitutional , arbitrary, and downright Orwellian. We think the right to freedom of expression is under threat. Sounds like a conspiracy theory, doesn't it? But as a bunch of professionals working in the area of electronic civil liberties, we don't think so. We also realize that most internet users could not grasp the significance of these Rules owing to the legalese involved.

Along comes the Union Minister ( and we swear we did not bribe him). He does in one press conference what we have been trying to do for the past nine months : Bring the issue of the Big Brother censoring the internet, into public cognizance.

Mr Sibal as reported in "The Hindu" ( 6 , December 2011) met senior functionaries of You Tube, Facebook, Google and Yahoo and a few others ( but the media reports completely ignored to cover other invited parties)asked them to evolve a mechanism to filter "disparaging" content related to politicians and religious figures. Though, in all honesty what the Hon'ble Minister has proposed is beyond the Rules itself. Although the deamnd is very different from the already allowed backdoor censorship through IT rules promulgated in April 2011, Yet, in a way, it illuminates the issue of pre-censorship on vague grounds. Thankful as we are to Mr Sibal, we would still like to know more about his meeting. In order to obtain this information we sent an RTI Application on the 6thof December,2011, itself, asking for :

  1. Copy of the minutes of this meeting;

  2. Details of the steps suggested by the Government to these websites on screening and filtering such content;

  3. File notes if any, prepared in connection with this meeting.

This RTI application has been sent to Department of Information Technology and Department of Telecommunication. Why have we sent it to two departments? No, we are not jobless. It has been our experience that Ministries in the Government are RTI dodgers par excellence. So, its best to seek information from all concerned departments to uncover more about this meeting. Watch this space for further information.

All Posts | Oct 10,2011

Curtailing the Right to Information

Freedom to have access to information, as a right, is essential for the functioning of a transparent and accountable democracy. The Right To Information Act 2005 ( RTI Act) in India was enacted to fulfill this goal. Under the RTI Act, the Government of India is duty bound to provide information to its citizens within a specified time. This is however subject to Section 8 of The RTI Act which lays down the grounds for the exemptions from disclosure of information by the Government.

The recentGlobal Right to Information rating by the Centre for Law and Democracyranks India in the third place, as far as the overall strength of the legal framework for RTI is concerned. While the intent and the framework for right to information seem to be present, yet the Government is, sometimes, seen as being reluctant to embrace this right of its citizens. Recently the Department of Personnel and Training, issues a circular dated 16.9.2011 whereby it was stated that " ...Only such information can be supplied under the Act which already exists and is held by a public authority or held under the control of a public authority. The Public Information Officer is not supposed to create information or interpret information..." The circular went on to quote the Supreme Court of India in the matter of Central Board of Secondary Education and Another Vs. Aditya Bandopadhyay and Others(Civil Appeal No. 6454 of 2011) wherein it was held that " Where the information sought is not a part of the record of a public authority, and where such information is not required to be maintained under any law or the rules or regulations of the public authority, the Act does not cast an obligation upon the public authority, to collect or collate such non-available information and then furnish it to an applicant..."

With the Government, as it is, being bestowed with wide range of exemptions under Section 8 of the RTI Act , this judgment and the following circular further curtail the right to information. With a population as large as India:the idea of information which readily available in an antiquated system of bureaucracy such as ours is a farcical notion. Government records in India are not as yet fully computerized and Public Information Officer in reality have to collate and collect information sought under RTI Act

SFLC has for over the last few months as a part of its CTAG ( Citizens for Accountable and Transparent governance) Project filed a large number of RTI Applications. These RTI applications have been filed for the purposes of obtaining information from various departments of the Government of India on its policies and orders on varied matter especially those that affect the digital freedom. We have found that the Government freely utilizes Section 8 of the RTI Act when information is sought about issues that affect digital freedom. The issues raised by these RTI Applications filed by SFLC have dealt with the violation of basic human rights of the digital citizens of the country. Whether it is the working and authority of the National Intelligence Grid (NATGRID); or the monitoring of social networks; or internet based financial transactions by the Intelligence Bureau; or even the barring of mobile phone companies from launching Nokia's popular push mail and power mail messaging services , the information is denied. The denial of information is under Section 8 (1) ( a), or 8 (1) (g), or 8 (1)( h) being put forth as the reason. There is no justification provided how these sections of the RTI Act may be applicable to the information sought. No reason as to why the information sought falls under the ambit of Section 8 of the RTI Act is put forth by the Public Information Officer in any of its replies.

With the Government further vide the above quoted circular advising its Public Information Officer to not create collate or interpret information, the effectiveness of the RTI Act is bound to be diluted further.

All Posts | Jul 08,2011

Unravelling NATGRID

National Intelligence Grid(NATGRID), established under Ministry of Home Affairs of the Government of India, aims to consolidate data gathered by various agencies, both private and public, and to make the same available to law enforcement agencies of India. NATGRID functions with a budget of Rs. 2,800 crores and a staff of 300. It has been conceived by the Ministry of Home Affairs in order to'improve'national security. The CTAG project of SFLC aims to ensure that Government agencies function in a transparent way, especially where civil liberties of citizens are concerned and there was a genuine concern regarding how NATGRID could affect the civil liberties of the citizens. The concern regarding NATGRID is with respect to the safeguards adopted to protect the privacy of citizens and ensuring that arbitrary surveillance does not happen.

Once the NATGRID is fully functional, security agencies of the Government will merely have to feed the name of a person and information will be available at the click of the button. It is Government's surveillance of the citizens of this country at its best. The Supreme Court in the People's Union For Civil Liberties V/s State of India [ 1999(9) SCALE ] has ruled against arbitrary surveillance.

Concerned with the Cabinet Committee on Security's approval for the NATGRID , a number of Right to Information( RTI) applications were filed by SFLC under the CTAG project.

The first RTI application was filed on the 11thMay 2011 asking for the following information and the reply to the application, dated 9.6.2011, is as follows:

 

S. No Information Sought Response
1

What is the legal framework under which the NATGRID is functioning. Is NATGRID duly constituted as an 'Authority' under the Government of India, if so, under which provision of law has NATGRID been constituted. Please provide a copy of the same.

NATGRID is established as an attached office of the Ministry of Home Affairs as per the decision of the Cabinet Committee on Security.
2

Has the approval of the Cabinet Committee on Security been granted? If yes , Kindly provide a copy of the same.

Yes, NATGRID has been constituted with the approval of Cabinet Committee on Security. Minutes of the Cabinet meeting being a secret document, it cannot be provided.
3

What is the designation of the Officer In charge of the NATGRID Project and who does the said Officer In charge report to?

The Chief Executive Officer In-charge of the Project.
4

What is the budgetary allocations for the NATGRID project.

An amount of Rs. 13 crore was utilized during the financial year 2010-2011.
5

What government and private databases will be linked to the NATGRID. If so under what order or rules. Please provide a copy of the same.

Security agencies can seek the details from NATGRID database. Data from Airline companies, Telecom Companies, etc. would be uploaded to NATGRID database.
6

What are the measures in place to prevent the misuse of NATGRID? If yes, please provide a photocopy of these guidelines/circulars

All possible measures are being taken to prevent misuse of NATGRID . For security reasons we are unable to provide the details/ orders.
7

What are the various Governmental agencies that will have an access to NATGRID?

All the Security agencies will have an access to NATGRID
8

Does this project have any policy favouring Free and Open Source Software(FOSS)?

' NO'
 

Concerned about the replies provided, SFLC, in view of its social objective of ensuring digital freedom and privacy of citizens, filed a second RTI application , dated 11.06.2011. Wherein the information sought was as follows:

 

  1. The name and qualification of CEO of NATGRID.

  2. The process for appointment of CEO.

  3. The details that is names and headquarters of the companies and Government entities from which the data would be uploaded in the NATGRID.

  4. The names of the various Government agencies which would have an access with NATGRID database.
  5. Whether NATGRID would be run of FOSS.

In response to this, the reply was received on 30.06.2011 stating that "NATGRID/MHA is out of purview of RTI Act, 2005 under Gazette Notification No. 306 dated 9.6.2011".

The underlying concern with the NATGRID is its privacy issues. Added with that is the threat of the Information leakage from the porous offices and systems of the Government.. This threat becomes even more serious in the case of the NATGRID being operated on proprietary software.

SFLC has filed another application dated 7.7.2011 asking for the following information:

  1. Kindly provide a copy of the Notification No. 306 dated 9.6.2011 by which NATGRID /MHA is out of purview of RTI Act, 2005.
  2. Under Section 24 (3) of the RTI Act, 2005, the said Notification should be laid before each House of Parliament. Hence information on when this Notification No. 306 dated 9.6.20011 is being laid before each House of Parliament.