Defender of your Digital Freedom

All Posts | Apr 12,2014

RTI reveals expenditure/organizational details of the 3rd Annual IGF Meeting held at Hyderabad

The Tunis Agenda envisaged convening the Internet Governance Forum (IGF) as a multi-stakeholder platform to discuss public policy issues related to key elements of Internet governance. To understand more about the processes related to hosting of the event SFLC.IN filed an application under the Right to Information Act, 2005 requesting for the Host Country agreement and details regarding the expenditure of the third annual meeting of the Internet Governance Forum that was held at Hyderabad from 3rd to 6th December, 2008.

We received a response dated March 28, 2014 from the Department of Electronics & Information Technology (DeitY) providing the requested information. The documents revealed the following facts:

The Meeting was hosted by the Government of India (represented by the Department of Information Technology) at a total expenditure of Rs. 5,40,15,197. Of this, Rs. 2,32,71,000 ($ 517,128) was paid to the UN as reimbursement of actual additional costs incurred by the UN towards holding the Meeting in India rather than Geneva, where the IGF is headquartered. This includes costs of travel and staff entitlements of UN officials assigned to plan/attend the Meeting, as well as the costs of shipping any necessary equipment and supplies. Of the remaining amount:-

  • Rs. 35,00,000 was paid to the National Internet Exchange towards meeting Daily Subsistence Allowance and Terminal Expenses of 50 members including UN officials
  • Rs. 2,72,44,197 was paid to M/s Cyberabad Convention Centre Pvt. Ltd. as booking charges for the Hyderabad International Convention Centre, and hotel accommodation for UN Staff and organizing team.

As per the Host Country Agreement entered into between the UN and the Government of India, the UN was responsible for invitation and selection of international participants, planning/running of the Meeting and preparation of appropriate documentation, substantive support before, during and after the meeting, and the official IGF website. The Government on the other hand, was responsible for:

  • Venue, facilities and technical requirements for the meeting

  • Providing local counterpart staff to assist with the planning and preparations for the Meeting

  • Office supplies and equipment for UN staff

  • Providing support to UN participants and officials in securing hotel accommodation

  • Other necessary logistic and organizational services as requested by the UN

  • Administrative arrangements, and costs relating to issuance of airline tickets and DSA for officials of the UN Secretariat
  • Host Country website

All Posts | Mar 26,2014

DEITY provides list of sites blocked in 2013, but withholds orders!

Sri.Kapil Sibal, Hon'ble Minister of Communications & Information Technology informed the Lok Sabha on Dec 11, 2013 that the Government has asked social networking sites to block 1208 web addresses or URLs in 2013 to comply with court orders. SFLC.IN filed an application under the Right To Information Act, 2005 to the Department of Telecommunications (DOT), requesting the lists of URLs blocked in 2013, copies of orders directing blocking of the URLs as well as copies of court orders. We approached the DOT as the blocking orders are often issued by DOT and not DEITY as mandated by the law.

The DOT transferred the application to Department of Electronics & Information Technology (DEITY). The Additional Director & Central Public Information Officer of E-Security and Cyber Laws from DEITY responded by providing the 1208 Blocked URLs. However the copies of the orders as well as the court orders were denied citing the confidentiality clause under Rule 16 of the Information Technology (Procedures and Safeguards for blocking for Access of Information by Public) Rules, 2009 notified under Section 69A of the Information Technology Act.

Rule 16 of these Rules provides that strict confidentiality shall be maintained regarding all requests and complaints received and actions taken thereof. However, the non-obstante clause in Section 22 of the RTI Act will override this rule. As per Section 22 of the RTI Act, 2005 the provisions of this Act shall have effect notwithstanding anything inconsistent therewith contained in the Official Secrets Act, 1923, and any other law for the time being in force or in any instrument having effect by virtue of any law other than this Act. The Central Information Commission has held in R.S.Misra v CPIO, (CIC/SM/A/2011/000237/SG/12351) that where there is any inconsistency in a law as regards furnishing of information, such law shall be superseded by the RTI Act.

Rule 16 of the above rules providing for strict confidentiality is inconsistent with the provisions of the RTI Act, 2005. A matter of concern is that the confidentiality clause is incorporated by a rule issued by the Government and is not envisaged by the legislature in the Information Technology Act, 2000. The PIL filed by PUCL challenging Section 66 A of the Information Technology Act, 2000 before the Hon'ble Supreme Court also calls for greater transparency in orders issued for website blocking and for the publication of the orders in the Gazette and in the website of DEITY.

The legal arguments aside, the Government, in the interest of transparency, should strive towards providing reasons and informing the public about any instance of website blocking. The list has a range of URLs including Facebook pages and Twitter handles to Wordpress blogs and many websites. SFLC.IN will be coming out with a detailed analysis soon on the URLs blocked.

SFLC.IN will be maintaining a list of blocked URLs and take-down notices received by websites in the interest of transparency and accountability. We request anyone who has information on blocked URLs or has received a take-down notice to share the information with us by writing to help@sflc.in

All Posts | Mar 05,2012

Look Who’s Watching

Do you think someone is looking over your shoulder as you type an email, buy grocery or fill a simple raffle for that fair you visited with your child? As you give information to medical health providers or banks or airlines, do you get the feeling you are being monitored? Sounds like the conspiracy theory to beat all urban legends. Read on...

In India the right to privacy debate on monitoring of communications was addressed by the Hon'ble Supreme Court of India in the PUCL case. This case dealt with the issues of telephone tapping and guidelines were prescribed on the procedure for issuing telephone tapping orders. These guidelines were adhered to while substituting Rule 419 A of the Indian Telegraph Rules, 1951 in March 2007. Thereafter, these guidelines were incorporated by the Government in the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 that prescribed the procedure to be followed while issuing orders for monitoring information on the Internet.

However, we see attempts being made by the Government to bye-pass these safeguards by means of a loop-hole in the Information Technology Act, 2000 (IT Act) and the rules notified in 2011 under the IT Act. To unravel this Gordian knot we need to refer to Section 28 of the IT Act. Under this section, the Controller of Certifying Authority (CCA) is empowered to investigate contraventions of the provisions of the IT Act. This power becomes potent when seen in the light of the Information Technology (Reasonable security practises and procedures and sensitive personal data or information) Rules 2011. When Section 28 is read with the proviso of Rule 6 of the aforementioned Rules: it essentially translates into the CCA having the power to obtain information, including sensitive personal information, from any company or body corporate, albeit at the request of government agencies. This power to obtain information from intermediaries is again explicitly provided under sub-rule (7) of Rule 3 of the the Information Technology (Intermediaries guidelines) Rules, 2011.

A reasonable reading of the title of Chapter VI of the IT Act (under which the subject of the Regulation of the CCA is dealt with ) seems to convey that this is an authority that deals with the Licensing of Certifying authorities that grant Electronic Signature Certificates. Until, of course, you read Section 28. Even then it does not amount to much until you dig further into the various rules that have been passed under the IT Act. So the question that comes up is: how can the government seek to deprive us of our right to privacy as simply as this. We have been asking this over and over again. These rules are made by the executive. They are made to help in the smoother functioning of any act of the parliament. However, at least, in the case of the IT Act they definitively override the mandate provided by the legislature. And so today the government agencies can seek any information regarding any person from a body corporate by sending a request to the CCA . The body has to oblige the CCA or face a stiff penalty. This incidentally is in violation of the law laid down by the Supreme Court of India on the right to privacy. It means any data belonging to you and me can be accessed by the CCA and in turn the government agencies.

So what happens if the body corporates refuse? Under Section 44 ( A) of the IT Act they can be slapped with asteep fine just as Yahoo India was. At the time of writing this blog, the case is sub-judice and hence it will be difficult to comment, but we at sflc.in wanted to find out more.

On January 10 2012 we sent an RTI to the Office of the Controller of Certifying Authority. We specifically requested for the following information:

  1. Number of requests received in the last three years, by the CCA from government agencies like the Intelligence Bureau , Ministry Of Home Affairs etc.

  2. Number of notices issued by the CCA under Section 28 of the IT Act in the last 3 years.

  3. Names of the recipients of notices under Section 28.

  4. Names of body corporates on whom a fine under Section 44 (A) has been imposed.
  5. Information on the methodology of scrutiny of requests from government agencies. Any rules or guidelines regarding the same.
We received areply to this RTI vide a letter dated February 8, 2012. We were told in this reply that as far as questions 1, 2 and 3 were concerned the CCA needed permission from the concerned government agencies to disclose this information . Further the response of the government agencies concerned was awaited. In response to question no. 4 we have been informed that only Yahoo India has been fined under Section 44 (A) of the IT Act. Question no.5 has elicited the response that matter concerning our query is in a confidential file and hence cannot be disclosed.

Further on March 2, 2012we received another reply to our RTI application whereby we were informed that as the CCA had sought approval from the concerned agency they could give us further information. This reply revealed that 73 ( seventy three ) notices were issued by the CCA under section 28 of the I.T. Act, in the last three years. This reply also informed us that notices have been issued to Yahoo India, Google, AOL, Facebook, Orkut and Hotmail.

While we at sflc.in shall follow the procedures provided by the Right to Information Act to find out more and dig a little deeper, it does surprise us that the CCA does not think that it is bound even by the Right to Information Act to disclose or refuse disclosure of information. Either that or our questions have made them uncomfortable and they have replied in the vaguest possible manner.

But if names like Yahoo, Google, Facebook, Orkut , Hotmail or AOL sounds familiar then we suggest you reread what is said above.

All Posts | Dec 10,2011

Thank You Mr Sibal!

We at SFLC.in , have been crying ourselves hoarse, on the Government Of India's clamp down on Freedom of Speech and Expression since April 2011 . Why April? In April, the Central Government notified the new Information Technology ( Intermediaries Guidelines) Rules . These Rules cast an obligation upon an intermediary to remove any content which may be unlawful, blasphemous, libellous, grossly harmful, harassing or disparaging. This removal of content was to be done on receiving a complaint by an affected party.

It bothers us. In our view, it is unconstitutional , arbitrary, and downright Orwellian. We think the right to freedom of expression is under threat. Sounds like a conspiracy theory, doesn't it? But as a bunch of professionals working in the area of electronic civil liberties, we don't think so. We also realize that most internet users could not grasp the significance of these Rules owing to the legalese involved.

Along comes the Union Minister ( and we swear we did not bribe him). He does in one press conference what we have been trying to do for the past nine months : Bring the issue of the Big Brother censoring the internet, into public cognizance.

Mr Sibal as reported in "The Hindu" ( 6 , December 2011) met senior functionaries of You Tube, Facebook, Google and Yahoo and a few others ( but the media reports completely ignored to cover other invited parties)asked them to evolve a mechanism to filter "disparaging" content related to politicians and religious figures. Though, in all honesty what the Hon'ble Minister has proposed is beyond the Rules itself. Although the deamnd is very different from the already allowed backdoor censorship through IT rules promulgated in April 2011, Yet, in a way, it illuminates the issue of pre-censorship on vague grounds. Thankful as we are to Mr Sibal, we would still like to know more about his meeting. In order to obtain this information we sent an RTI Application on the 6thof December,2011, itself, asking for :

  1. Copy of the minutes of this meeting;

  2. Details of the steps suggested by the Government to these websites on screening and filtering such content;

  3. File notes if any, prepared in connection with this meeting.

This RTI application has been sent to Department of Information Technology and Department of Telecommunication. Why have we sent it to two departments? No, we are not jobless. It has been our experience that Ministries in the Government are RTI dodgers par excellence. So, its best to seek information from all concerned departments to uncover more about this meeting. Watch this space for further information.