Technology & National Security Reflection Series Paper 7: Use of Force in Modern Times: Sisyphus’ First World Boulder

Karan Vijay*

About the Author: The author is a 2021 graduate of the National Law University, Delhi. He is currently an Associate at Talwar Thakore & Associates, Mumbai. His interests lie in evolving landscapes of technology and their impact on international law and economics.

Editor’s note: This post is part of the Reflection Series showcasing exceptional student essays from CCG-NLUD’s Seminar Course on Technology & National Security Law.

INTRODUCTION 

In this post, we discuss a rather contentious point that whether in international law, a mere threat or use of force by a State against another State would give rise to a right of self-defense. 

For context Article 2(4) of the UN Charter provides for all member States to refrain from the threat of or the actual use of force which may threaten the territorial integrity or political independence of any other state. This provision is regarded to have a jus cogens character, i.e., binding on all States as a non-derogable one. Each Member State also has the positive duty to refrain from the use of force against other  States under international law.

Pursuant to Article 51 of the UN Charter, States which face a use of force at the level of an ‘armed attack’ have the right to exercise self-defense. An armed attack is when this force is used on a relatively large scale, is of sufficient gravity, and has a substantial effect. Dinstein states that armed attack presupposes a use of force producing serious consequences, epitomized by territorial intrusions, or human casualties or considerable destruction of critical infrastructure.

Photo by Kyle Glenn on Unsplash. Copyrighted under Unsplash license.

MEMBER STATE’S RIGHT TO SELF DEFENSE

We need to be aware that this right of self-defense does not manifest at every instance of use of force against another State. In certain instances victim States can instead exercise ‘countermeasures’ against the belligerent State. However, when this right of self-defense does manifest, it must abide by the doctrines of necessity and proportionality.

These doctrines were initially laid down in the aftermath of the Caroline incident of 1837, which has inadvertently governed the rules of use of force for nearly two centuries. Herein, the doctrine of necessity posits that an armed attack can only be responded to when there is no other alternative means to seeking viable redressal. Necessity requires that military action should be used only as a last resort. Then, the doctrine of proportionality provides that the size and scope of an armed attack shall determine the overall objective of the defensive responses. This leads to the conclusion that such action will only be towards self-defense and not retaliatory in nature or have a punitive outlook against the aggressor. The counter attack cannot be unreasonable or excessive and can only be carried out to repel or prevent an attack.

Thus, if we were to literally interpret the law, the answer would be that a mere threat or even a use of force that is not of a level of an armed attack does not give rise to the right of self-defense. However, a look at how State practice has shaped this understanding might lead to a different conclusion.

EMERGING FAULTLINES AND EXPANSION OF LEGAL INTERPRETATION OF RIGHT OF SELF-DEFENSE

The United States, with their invasion of Afghanistan for harboring terrorists in 2001 and the subsequent invasion of Iraq in 2003 for allegedly procuring weapons of mass destruction have posited a changed landscape to the  right of self-defense. American actions of ‘self-defense’ completely subvert the legal interpretation of the right being unavailable against threats and conventional use of force. Furthermore, it has led to the emergence of an anticipatory right to self-defense.

At the outset, it is observed that the opinion on the legality of such acts that anticipate armed attacks from threats or other information is divided. Some scholars (usually the ones who have a favorable outlook towards American and/or the Israeli Government actions) argue that the right to anticipatory self-defense is not only in consonance with customary international law but also with article 51 of the U.N Charter.

However, an anticipatory right of self-defense would actually be contrary to the wording of Article 51, since an armed attack must ‘occur’. In any case, Article 51 must be interpreted narrowly containing a prohibition of anticipatory self-defense as one of the purposes of the Charter was to reduce to a minimum the unilateral use of force. At the very least, States claiming the right will have to prove that they face an imminent attack.. It is ideal to have a ‘clear and convincing’ evidence of the same to avoid situations like that of the invasion of Iraq, which was initiated based on extremely faulty intelligence

There are checks and balances enshrined within Article 51 itself to ensure that this does not become a practice. Key mechanisms include the requirement or duty to report immediately to the Security Council when such an act is undertaken, which can act as a limitation on the exercise of self-defense. However, even this duty does not have the power to stop the states exercising such ‘rights’ as reporting to the Security Council is a mere procedural matter, and nonfeasance cannot technically deprive a state of the substantive right of self-defense or invalidate it.

Therefore, it can be said that the scope of the right to self-defense despite fair legal objections may have already expanded to practically include threats or even conventional uses of force not amounting to an ‘armed attack’. What becomes important now is to see how this right of a sovereign state will shape in the future. Towards this, there are two important questions that need to be answered. Firstly, whether this right can be exercised against non-state actors and secondly, can this right be exercised against a cyber-operation?

When the right of self-defense towards non-state actors is considered, the legal position seems pretty clear. The International Court of Justice itself has expressed that the inherent right of self-defense in the case of armed attack by one state is available only against another state.

The general understanding is that Article 51 of the Charter is an exception to the prohibition on the use of force as enshrined in Article 2(4). Given that Article 2(4) refers only to a ‘state’, its exception must also deal with the same. However, some do argue that while Article 2(4) of the Charter, in proscribing the use of force, refers solely to state actors on both sides.  On the other hand, Article 51 mentions a member only as the potential target of an armed attack. This means that the perpetrator of that armed attack is not identified necessarily as a state, especially during these times where it is not just State but non-State entities like terrorists that pose the significant threats to national security concerns of States.

Moreover, regardless of what the law states or what the law should be, the tacit acknowledgement of the Security Council, NATO and EU towards the American invasion of Afghanistan to attack Al Qaeda has given credence to the understanding that self-defense is available against non-State actors. Thus, contemporary state practice (of the first world countries) shows that non-State actors can be behind ‘armed attacks’ which can give rise to self-defense. The ‘pro-democracy’ opinion now states that self-defense against a non-State actor can be justified when the territorial State has manifestly and persistently been unwilling or unable to prevent such attacks in other States, like invasion of Afghanistan on the pretext that if they are harbouring terrorists, they are as liable as the terrorists themselves.

Coming to the second question of whether cyber-operations against a state can give a right to self-defense to that State, it is imperative to determine whether a cyber-operation is an armed attack (as per the prevailing legal view as there is no contrary contemporary state practice yet).

An ‘armed attack’ may not strictly require the use of kinetic weapons, but may, in principle, also be conducted by computers used by hackers. In order to reach this very threshold, the consequences and effects of the cyber-operation in question, must be compared to that of conventional use of force. These operations cannot be isolated or random acts of cyber-attacks and exercising the right against these one-off incidents are excluded from the scope of right to self-defense. Thus, the bar to classify a cyber-operation as an armed attack exists against which a right to self-defense will also exist. However, this bar must be considerably high and will not trigger when hypothetically Indian college students hack a Pakistani bank’s website as a one-off incident.

CONCLUSION

The high standard set is important to ensure that self-defense is not ‘exercised’ in a ubiquitous manner. However, the first world tells us that if the standard is too high and is creating an obstacle towards their political interests, the standard will be disregarded or modified accordingly making an effective set of laws a Sisyphean task. This is what happened to non-State actors, to threats and simple uses of force and will most likely happen to cyber-operations as well. 

Self-defense will be heavily exercised if doing so aligns with the political ideology of the State regardless of what the law states. The law understandably does not allow a State to exercise the right to self-defense against mere threats or even conventional uses of force. However, as we understand from a third-world vantage point of international law, the law is what the first world will allow it to be.


*Views expressed in the blog are personal and should not be attributed to the institution.

Technology and National Security Law Reflection Series Paper 6: The Legality of Lethal Autonomous Weapons Systems (“LAWS”)

Drishti Kaushik*

About the Author: The author is a final year student at the National Law University, Delhi. She has previously been associated with CCG as part of its summer school in March 2020 and has also worked with the Centre as a Research Assistant between September 2020 and March 2021. 

Editor’s note: This post is part of the Reflection Series showcasing exceptional student essays from CCG-NLUD’s Seminar Course on Technology & National Security Law.

Introduction

When a machine has the ability to perform certain tasks which typically require human intelligence it is known as Artificial Intelligence (AI). AI is currently used in a variety of fields and disciplines. One such field is the military where AI is viewed as a means to reduce human casualties.

One such use case is the development and use of Lethal Autonomous Weapons Systems (LAWS) or “killer robots” which can make life and death decisions without human intervention. Though the technology behind LAWS and its application remains foggy, LAWS have become a central point of debate globally. Several countries seek a complete preemptive ban on its use and development, by highlighting that technology to achieve such outcomes already exists. Other countries have expressed their preference for a moratorium on its development till there are universal standards regarding its production and usage. 

This piece examines whether LAWS are legal/lawful under International Humanitarian Law (IHL) as per the principles of distinction, proportionality and precautions. LAWS are understood as fully autonomous weapon systems that once activated, have the ability to select and engage targets without any human involvement. The author argues that it is premature to conclude LAWS as legal or illegal by hypothetically determining their compliance with extant humanitarian principles. Additionally, they pose ethical considerations and legal reviews under IHL that must be satisfied to determine the legality of LAWS. 

What are LAWS?

There is presently no universal definition of LAWS since the term ‘autonomous’ is ambiguous. ‘Autonomous’ in AI refers to the ability of a machine to make decisions without human intervention. The US’ Department of Defense issued a 2012 directive which defines LAWS as weapon systems that can autonomously or independently “select and engage targets without any human intervention” once activated. This means LAWS leave humans “out of the loop”. The “lack of human intervention” element is also present in definitions proposed by Human Rights Watch, the International Committee of the Red Cross (ICRC)  and the UK Defence Ministry. 

While weapon systems that are completely autonomous currently do not exist, the technology to develop the same does. There are near-autonomous weapons systems like Israel’s Iron Dome and the American Terminal High Altitude Area Defense that can identify and engage with incoming rockets. These are defensive in nature and protect sovereign nations from external attacks. Conversely, LAWS are weapon systems having offensive capabilities of pursuing targets. Some scholars recommend incentivizing defensive autonomous systems within the international humanitarian framework.

Even though there is no singular definition, LAWS can be identified as machines or weapon systems which once activated or switched on by humans have the autonomy to select and search for targets as well as engage or attack them without any human involvement in the entire selection and attacking process. The offensive nature of LAWS as opposed to the use of automated systems for defensive purposes is an important distinguishing factor for identifying LAWS. An open letter by Future of Life Institute calls for a ban on “offensive autonomous weapons beyond meaningful human control” instead of complete ban on AI in the military sector. This distinction between offensive and defensive weapons in the definition of LAWS was also raised in the Group of Governmental Experts on LAWS 2017 meet.

Autonomy and offensive characteristics are primary grounds behind demands for a complete ban on LAWS. Countries like Zimbabwe are uncomfortable with a machine making life and death decisions and others like Pakistan are worried about military disparities with technologically superior nations leading to an unfair balance of power.

There remains considerable uncertainty surrounding LAWS and its legality as weapons to be used in armed conflicts. Governance of these weapons, accountability, criminal liability and product liability are specific avenues of concern.

Autonomous anti-air unit by Pascal. Licensed under CC0.

Legal Issues under IHL

The legality of LAWS under IHL is observable at two levels: (a) development, and (b) deployment/use. 

Legal Review of New Weapons

The Geneva Convention provides for Legal Review of any new weapons or means of warfare under Article 36 of Additional Protocol I (“AP 1”) to determine whether the development of new weapons is in compliance with the Geneva Convention and customary international law. The weapon must not have an “indiscriminate effect” or cause “superfluous injury” or “unnecessary suffering” like chemical weapons.

The conduct of LAWS must have ‘predictability’ and ‘reliability’ for them to be legally deployed in armed conflicts. If not possible then the conduct of LAWS in the midst of conflict  may lead to “indiscriminate effect or superfluous injury or unnecessary suffering”. 

Principles of Distinction, Proportionality & Precautions 

LAWS must uphold the basic rule of distinction. LAWS should differentiate between civilians and military objects; and between those injured and those active in combat. Often even deployed troops are unable to successfully determine this and thus, programming LAWS to uphold the principle of distinction remains a challenge.

Second, LAWS must uphold the principle of proportionality. Civilian casualties, injury and destruction must not be excessive in comparison to the military advantage gained by the attack. Making such value judgments in the middle of intense battles is difficult. Programmers who develop LAWS may struggle to comprehend the complexities around these circumstances. Even when deploying deep learning, as machines recognise patterns, there might be situations when it first has to gain experience and those growing pains in technological refinement may lead to violations of the proportionality principle. 

Finally, LAWS must adhere to the principle of precaution. This is the ability to recall or suspend an act when it is not proportionate or harms civilians as opposed to military adversaries. The ability to deactivate or recall a weapon once deployed is tricky. There is general consensus that LAWS will fail to comply with these principles and violate the laws of armed conflict.

Conversely others argue that its autonomous characteristics are not enough to prove that LAWS violate IHL. Existing principles are enough to restrict the use of LAWS to situations where IHL is not violated. Furthermore, autonomous weapons might be able to wait till they are fired upon to determine whether a person is civilian or military as their sense of ‘self-preservation’ will not be as strong as that of human troops thereby complying with the principle of distinction. Moreover, they might be employed in the navy or other areas not open to civilians, thereby affording LAWS a lower threshold for compliance with IHL principles. Supporters contend that LAWS might calculate and make last minute decisions without any human subjective emotions allowing them to choose the best possible plan of action thereby respecting the principles of proportionality and precautions. 

Marten’s Clause 

Article 1 of AP I to the Geneva Conventions states that if certain cases are not covered under the Convention, then the civilians and the combatants are protected under “Customary International Law, principles of Humanity and Dictates of Public Conscience”. This has also been reiterated in the preamble of AP II of the Geneva Conventions. This is referred to as Marten’s Clause and provides the basis for ethical and moral aspects to the law of armed conflict. Since LAWS are not directly covered by the Geneva Convention, their development and use must be guided by Marten’s clause. Therefore, LAWS may be prohibited due to noncompliance with customary international law or principles of humanity or dictates of public conscience

LAWS cannot be declared illegal under customary international law since there is no defined state practice; as they are still being developed. The principles of humanity require us to examine questions about whether machines should have the ability to make life or death decisions regarding humans. Moreover, recent data suggests that dictates of public conscience may be skewed against the use of  LAWS. 

It might be early to term LAWS, which do not currently exist, as legal or illegal on the basis of compliance with the Geneva Convention. However, any discussion regarding the same must keep these legal and ethical IHL-related considerations in mind.

Present Policy Situation 

The legal issues relating to LAWS are recognised by the UN Office of Disarmament.  Under the Convention of Certain Conventional Weapons (CCW), a Group of Governmental Experts was asked to address the issues regarding LAWS. This group is yet to provide a singular definition of the term. However, it has recommended 11 guiding principles which were adopted by the High Contracting Parties to the CCW in 2019.

The first principle states that IHL shall apply to all autonomous weapons systems including LAWS. The second principle addresses accountability through “human responsibility” during decision making relating to the use of these systems. Further, any degree of human-machine interaction at any stage of development or activation must be in compliance with IHL. Accountability for development, deployment and use of these weapons must be as per IHL by ensuring there is a “chain of human command and control”. States’ obligation of ensuring a legal review for any new weapons is also reiterated.

The guidelines also state that cyber and physical risks, and the  risk of proliferation and acquisition by terrorists must be considered while developing and acquiring such weapons. Risk assessment and mitigation must also be made a part of the design and development of such weapons. Consideration must be given to compliance with IHL and other international obligations while using LAWS. While crafting policy measures, emerging technologies in LAWS must not be “anthropomorphized”. Discussions on LAWS should not hinder peaceful civilian innovations. The principles finally highlight the importance of balancing military needs and human factors under the CCW framework. 

The CCW also highlights the need for ensuring “meaningful human control” over weapon systems but does not define relevant criteria for the same. Additionally, there are different stages such as development, activation and deployment of autonomous weapons. Only a human can develop and activate the autonomous systems. However, deployment is determined by the  autonomous weapon on its own as per its human programming. 

Therefore, the question arises – will that level of human control over the LAWS’ programming be enough to qualify as meaningful human control? If not, will an override human command which may or may not be exercised allow for “meaningful human control”? These questions require further deliberation on what qualifies as “meaningful human control” and whether this control will even be enough given how rapidly AI is being developed. There is also a need to ensure that no bias is programmed into these weapons. 

While these guiding principles are the first step towards an international framework, there is still no universal/comprehensive legal framework to ensure accountability on LAWS.

 Conclusion

The legal, ethical and international concerns regarding LAWS must be addressed at a global level. A pre-emptive and premature ban might stifle helpful civilian innovation. Moreover, a ban will not be possible without the support of leading States like the US, Russia, UK. Conversely,  if the development of LAWS is left unregulated then it will make it easier for countries with LAWS to go to war. Moreover, development and deployment of LAWS will create a significant imbalance between the technologically advanced and technologically disadvantaged nations. Furthermore, no regulation may lead to the proliferation and acquisition of LAWS by bad actors for malicious, immoral and/or illegal purposes.

Since LAWS disarmament is not an option, control on LAWS is recommended. The issues with LAWS must be addressed at the international level by creating a binding treaty which incorporates a comprehensive definition of LAWS. The limits of autonomy must also be clearly demarcated along with other legal and ethical considerations. The principles of IHL including legal reviews must also be implemented. Till then, defense research centers around the world should incorporate AI in more “defensive” and “non-lethal” military machineries. Such applications could include disarming bombs or surveillance drones or smart borders instead of offensive and lethal autonomous weapons systems without any overriding human control.


*Views expressed in the blog are personal and should not be attributed to the institution.

Technology and National Security Law Reflection Series Paper 5: Legality of Cyber Weapons Under International Law

Siddharth Gautam*

About the Author: The author is a 2020 graduate of National Law University, Delhi. 

Editor’s note: This post is part of the Reflection Series showcasing exceptional student essays from CCG-NLUD’s Seminar Course on Technology & National Security Law. In the present essay, the author reflects upon the following question: 

What are cyber weapons? Are they cyber weapons subject to any regulation under contemporary rules of international law? Explain with examples.

Introducing Cyber Weapons

In simple terms weapons are tools that harm humans or aim to harm the human body. In ancient times nomads used pointing tools to hunt and prey. Today’s world is naturally more advanced than that. In conventional methods of warfare, modern tools of weapons include rifles, grenades, artillery, missiles, etc. But in recent years the definition of warfare has changed immeasurably after the advancement of the internet and wider information and communication technologies (“ICT”). In this realm methods and ways of warfare are undergoing change. As internet technology develops we observe the advent/use of cyber weapons to carry out cyber warfare.

Cyber warfare through weapons that are built using technological know-how are low cost tools. Prominent usage of these tools is buttressed by wide availability of computer resources. Growth in the information technology (“IT”) industry and relatively cheap human resource markets have a substantial effect on the cost of cyber weapons which are capable of infiltrating other territories with relative ease. The aim of cyber weapons is to cause physical or psychological harm either by threat or material damage using computer codes or malware.

2007 Estonia Cyber Attack

For example during the Estonia –Russia conflict the conflict arose after the Soldier memorial was being shifted to the outskirts of Estonia. There was an uproar in the Russian speaking population over this issue. On 26th and 27th April, 2007 the capital saw rioting, defacing of property and numerous arrests.

On the same Friday cyber attacks were carried out using low tech methods like Ping, Floods and simple Denial-of-Service (DoS) attacks. Soon thereafter on 30th April, 2007 the scale and scope of the cyber attack increased sharply. Actors used botnets and were able to deploy large scale distributed denial of service (D-DoS) attacks to compromise 85 thousand computer systems and severely compromised the entire Estonian cyber and computer landscape. The incident caused widespread concerns/panic across the country.

Other Types of Cyber Weapons

Another prominent type of cyber weapon is HARM i.e. High-speed Anti Radiation missiles. It is a tactical air-to-surface anti radiation missile which can target electronic transmissions emitted from surface-to-air radar systems. These weapons are able to recognise the pulse repetition of enemy frequencies and accordingly search for the suitable target radar. Once it is visible and identified as hostile it will reach its radar antenna or transmitter target, and cause significant damage to those highly important targets. A prominent example of its usage is in the Syrian–Israel context. Israel launched cyber attacks against the Syrian Air defence system by blinding it. It attacked their Radar station in order not to display any information of Airplanes reaching their operators. 

A third cyber weapon worth analysing can be contextualised via the Stuxnet worm that sabotaged Iran’s nuclear programme by slowing the speed of its uranium reactors via fake input signals. It is alleged that the US and Israel jointly conducted this act of cyber warfare to damage Iran’s Nuclear programme.

In all three of the aforementioned cases, potential cyber weapons were used to infiltrate and used their own technology to conduct cyber warfare. Other types of cyber risks emerge from semantic attacks which are otherwise known as social engineering attacks. In such attacks perpetrators amend the information stored in a computer system and produce errors without the user being aware of the same. It specifically pertains to human interaction with information generated by a computer system, and the way that information may be interpreted or perceived by the user. These tactics can be used to extract valuable or classified information like passwords, financial details, etc. 

HACKERS (PT. 2) by Ifrah Yousuf. Licensed under CC BY 4.0.From CyberVisuals.org, a project of the Hewlett Foundation Cyber Initiative.

Applicable Landscape Under International Law

Now the question that attracts attention is whether there are any laws to regulate, minimise or stop the aforementioned attacks by the use of cyber weapons in International law? To answer this question we can look at a specific branch of Public international law; namely International Humanitarian law (“IHL”). IHL deals with armed conflict situations and not cyber attacks (specifically). IHL “seeks to moderate the conduct of armed conflict and to mitigate the suffering which it causes”. This statement itself comprises two major principles used in the laws of war.

Jus ad Bellum – the principle which determines whether countries have a right to resort to war through an armed conflict,

Jus in bellothe principle which governs the conduct of the countries’ soldiers/States itself which are engaging in war or an armed conflict

Both principles are subjected to the Hague and Geneva Conventions with Additional Protocol-1 providing means and ways as to how the warfare shall be conducted. Nine other treaties help safeguard and protect victims of war in armed conflict. The protections envisaged in the Hague and Geneva conventions are for situations concerning injuries, death, or in some cases  damage and/or destruction of property. If we analyse logically, cyber warfare may result in armed conflict through certain weapons, tools and techniques like Stuxnet, Trojan horse, Bugs, DSOS, malware HARM etc. The use of such weapons may ultimately yield certain results. Although computers are not a traditional weapon its use can still fulfil conditions which attract the applicability of provisions under the IHL.

Another principle of importance is Martens Clause. This clause says that even if some cases are not covered within conventional principles like humanity; principles relating to public conscience will apply to the combatants and civilians as derived from the established customs of International law. Which means that attacks shall not see the effects but by how they were employed

The Clause found in the Preamble to the Hague Convention IV of 1907 asserts that “even in cases not explicitly covered by specific agreements, civilians and combatants remain under the protection and authority of principles of international law derived from established custom, principles of humanity, and from the dictates of public conscience.” In other words, attacks should essentially be judged on the basis of their effects, rather than the means employed in the attack being the primary factor.

Article 35 says that “In any armed conflict, the right of the Parties to the conflict to choose methods or means of warfare is not unlimited. It is prohibited to employ weapons, projectiles and material and methods of warfare of a nature to cause superfluous injury and unnecessary suffering

The above clause means that the action of armed forces should be proportionate to the actual military advantage sought to be achieved. In simple words “indiscriminate attacks” shall not be undertaken to cause loss of civilian life and damage to civilians’ property in relation to the advantage.

Conclusion

Even though the terms of engagement vis-a-vis kinetic warfare is changing, the prospect of the potential of harm from cyber weapons could match the same. Instead of guns there are computers and instead of bullets there is malware, bugs, D-DOS etc. Some of the replacement of one type of weapon with another is caused by the fact that there are no explicit provisions in law that outlaw cyber warfare, independently or in war.

The principles detailed in the previous section must necessarily apply to cyber warfare because it limits the attacker’s ability to cause excessive collateral damage. On the same note cyber weapons are sui generis like the nuclear weapons that upshot in the significance to that of traditional weapons

Another parallel is that in cyber attacks often there are unnecessary sufferings and discrimination in proportionality and the same goes for  traditional armed conflict. Therefore, both should be governed by the principles of IHL. 

In short, if the cyber attacks produce results in the same way as kinetic attacks do, they will be subject to IHL.


*The views expressed in the blog are personal and should not be attributed to the institution.

CCG’s Comments to the National Security Council Secretariat on the National Cyber Security Strategy 2020

The Centre for Communication Governance at the National Law University Delhi (CCG) is grateful to the National Security Council Secretariat for this opportunity to make meaningful contributions to its mandate of formulating a futuristic National Cyber Security Strategy 2020 (NCSS). In response to the Call for Comments CCG apart from the comments below, CCG has separately submitted detailed comments to the Office of the National Cyber Security Coordinator.

Our comments are a result of original and thorough legal and policy research which draws upon multiple primary sources of information, including applicable domestic and international law and precedents, and a comparative study of the cyber security strategy and policy documents of 16 other countries. Secondary sources such as news reports, statistics on cybercrime and malicious cyber activity compiled and released by various Government departments and agencies and data on budgetary allocations released by the Union Government have also been relied on.

This submission is presented in six parts, supplemented by three annexures that provide insight into our sources, analysis and research methodology.

Part I introduces the background in which this strategy is being formulated, and presents a principled approach to the formulation of cybersecurity policy, that is driven by a coherent strategic framework constructed under the NCSS to guide it.

Part II presents an analysis of the landscape of existing and emergent threats that pose a risk to the cybersecurity of the entire nation. We do so with the objective of identifying areas that need to be accorded a higher priority in the formulation of the NCSS.

Parts III, IV and V correspond to the three pillars of strategy identified in the Call for Comments. Part III deals with the horizontal dimension of strategy and unpacks the contents of the first pillar, i.e., “Secure”, wherein we present for the consideration of the Secretariat, an original three-tiered model of the ‘national cyberspace’ as a roadmap to cyber sovereignty. We submit for consideration for the Secretariat, the adoption of the principle of peaceful uses of cyberspace to align with the nation’s goals of sustainable economic development, while being mindful of the gradual militarization of cyberspace by both state and non-state actors.

Part IV deals with the “Strengthen” pillar in which CCG examines the existing architecture for cybersecurity to analyse the vertical dimensions of strategy. Herein, we propose measures to strengthen institutions, process and capabilities relevant for cyber security.

Part V deals with the third pillar, namely, “Synergise”, which explains how the horizontal and vertical dimensions of the strategy can be integrated in order to optimize levels of inherent friction that could hinder the achievement of strategic and policy goals. We propose that synergies need to be identified and/or created at three levels. First, at the inter-ministerial level, among the government departments and agencies. Second, at the national level, for enhanced cooperation and strategic partnerships between the public and private sectors. Third, at the international level for enhanced cooperation and strategic partnerships with like-minded nations, geared towards building stronger national defences in cyberspace. In this part, we take the Government’s inclination to treat data a “public good” or “societal commons” to its logical conclusion and accordingly, propose a principled, common-but-differentiated-responsibility model between multiple stakeholders in the cybersecurity ecosystem for grounding public private partnerships and pooling of financial resources.

Part VI concludes this submission and presents the major findings, suggestions and recommendations of this submission.

The full text of the comments is available here.

The Pegasus Hack: A Hark Back to the Wassenaar Arrangement

By Sharngan Aravindakshan

The world’s most popular messaging application, Whatsapp, recently revealed that a significant number of Indians were among the targets of Pegasus, a sophisticated spyware that operates by exploiting a vulnerability in Whatsapp’s video-calling feature. It has also come to light that Whatsapp, working with the University of Toronto’s Citizen Lab, an academic research organization with a focus on digital threats to civil society, has traced the source of the spyware to NSO Group, an Israeli company well known both for developing and selling hacking and surveillance technology to governments with a questionable record in human rights. Whatsapp’s lawsuit against NSO Group in a federal court in California also specifically alludes to NSO Group’s clients “which include but are not limited to government agencies in the Kingdom of Bahrain, the United Arab Emirates, and Mexico as well as private entities.” The complaint filed by Whatsapp against NSO Group can be accessed here.

In this context, we examine the shortcomings of international efforts in limiting or regulating the transfers or sale of advanced and sophisticated technology to governments that often use it to violate human rights, as well as highlight the often complex and blurred lines between the military and civil use of these technologies by the government.

The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies (WA) exists for this precise reason. Established in 1996 and voluntary / non-binding in nature[I], its stated mission is “to contribute to regional and international security and stability, by promoting transparency and greater responsibility in transfers of conventional arms and dual-use goods and technologies, thus preventing destabilizing accumulations.”[ii] Military advancements across the globe, significant among which were the Indian and Pakistani nuclear tests, rocket tests by India and South Korea and the use of chemical warfare during the Iran-Iraq war, were all catalysts in the formulation of this multilateral attempt to regulate the transfer of advanced technologies capable of being weaponized.[iii] With more and more incidents coming to light of authoritarian regimes utilizing advanced western technology to violate human rights, the WA was amended to bring within its ambit “intrusion software” and “IP network surveillance systems” as well. 

Wassenaar: A General Outline

With a current membership of 42 countries (India being the latest to join in late 2017), the WA is the successor to the cold war-era Coordinating Committee for Multilateral Export Controls (COCOM) which had been established by the Western Bloc in order to prevent weapons and technology exports to the Eastern Bloc or what was then known as the Soviet Union.[iv] However, unlike its predecessor, the WA does not target any nation-state, and its members cannot exercise any veto power over other member’s export decisions.[v] Notably, while Russia is a member, Israel and China are not.

The WA lists out the different technologies in the form of “Control Lists” primarily consisting of the “List of Dual-Use Goods and Technologies” or the Basic List, and the “Munitions List”.[vi] The term “dual-use technology” typically refers to technology that can be used for both civilian and military purposes.[vii] The Basic List consists of ten categories[viii]

  • Special Materials and Related Equipment (Category 1); 
  • Materials Processing (Category 2); 
  • Electronics (Category 3); 
  • Computers (Category 4); 
  • Telecommunications (Category 5, Part 1); 
  • Information Security (Category 5, Part 2); 
  • Sensors and Lasers (Category 6); 
  • Navigation and Avionics (Category 7); 
  • Marine (Category 8); 
  • Aerospace and Propulsion (Category 9). 

Additionally, the Basic List also has the Sensitive and Very Sensitive Lists which include technologies covering radiation, submarine technology, advanced radar, etc. 

An outline of the WA’s principles is provided in its Guidelines & Procedures, including the Initial Elements. Typically, participating countries enforce controls on transfer of the listed items by enacting domestic legislation requiring licenses for export of these items and are also expected to ensure that the exports “do not contribute to the development or enhancement of military capabilities which undermine these goals, and are not diverted to support such capabilities.[ix]

While the Guidelines & Procedures document does not expressly proscribe the export of the specified items to non-WA countries, members are expected to notify other participants twice a year if a license under the Dual List is denied for export to any non-WA country.[x]

Amid concerns of violation of civil liberties

Unlike conventional weapons, cyberspace and information technology is one of those sectors where the government does not yet have a monopoly in expertise. In what can only be termed a “cyber-arms race”, it would be fair to say that most governments are even now busily acquiring technology from private companies to enhance their cyber-capacity, which includes surveillance technology for intelligence-gathering efforts. This, by itself, is plain real-politik.

However, amid this weaponization of the cyberspace, there were growing concerns that this technology was being purchased by authoritarian or repressive governments for use against their citizens. For instance, Eagle, monitoring technology owned by Amesys (a unit of the French firm Bull SA), Boeing Co.’s internet-filtering Narus, and China’s ZTE Corp. all contributed to the surveillance efforts by Col. Gaddafi’s regime in Libya. Surveillance technology equipment sold by Siemens AG and maintained by Nokia Siemens Networks were used against human rights activists in Bahrain. These instances, as part of a wider pattern that came to the spotlight, galvanized the WA countries in 2013 to include “intrusion software” and “IP network surveillance systems” in the Control List to attempt to limit the transfer of these technologies to known repressive regimes. 

Unexpected Consequences

The 2013 Amendment to the Control Lists was the subject of severe criticism by tech companies and civil society groups across the board. While the intention behind it was recognized as laudable, the terms “intrusion software” and “IP network surveillance system” were widely viewed as over-broad and having the unintended consequence of looping in both legitimate as well as illegitimate use of technology. The problems pointed out by cybersecurity experts are manifold and are a result of a misunderstanding of how cybersecurity works.

The inclusion of these terms, which was meant to regulate surveillance based on computer codes / programmes, also has the consequence of bringing within its ambit legitimate and often beneficial uses of these technologies, including even antivirus technology according to one view. Cybersecurity research and development often involves making use of “zero-day exploits” or vulnerabilities in the developed software, which when discovered and reported by any “bounty hunter”, is typically bought by the company owning the software. This helps the company immediately develop a “patch” for the reported vulnerability. These transactions are often necessarily cross-border. Experts complained that if directly transposed to domestic law, the changes would have a chilling effect on the vital exchange of information and research in this area, which was a major hurdle for advances in cybersecurity, making cyberspace globally less safer. A prime example is HewlettPackard’s (HP)  withdrawal from Pwn2Own—a computer hacking contest held annually at the PacSecWest security conference where contestants are challenged to hack into / exploit vulnerabilities on widely used software. HP, which sponsored the event, was forced to withdraw in 2015 citing the “complexity in obtaining real-time import /export licenses in countries that participate in the Wassenaar Arrangement”, among others. The member nation in this case was Japan.

After facing fierce opposition on its home soil, the United States decided to not implement the WA amendment and instead, decided to argue for a reversal at the next Plenary session of the WA, which failed. Other nations, including the EU and Japan have implemented the WA amendment export controls with varying degrees of success.

The Pegasus Hack, India and the Wassenaar

Considering many of the Indians identified as victims of the Pegasus hack were either journalists or human rights activists, with many of them being associated with the highly-contentious Bhima-Koregaon case, speculation is rife that the Indian government is among those purchasing and utilizing this kind of advanced surveillance technology to spy on its own citizens. Adding this to the NSO Group’s public statement that its “sole purpose” is to “provide technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime”, it appears there are credible allegations that the Indian government was involved in the hack. The government’s evasiveness in responding and insistence on so-called “standard operating procedures” having been followed are less than reassuring.

While India’s entry to the WA as its 42nd member in 2018 has certainly elevated its status in the international arms control regime by granting it access to three of the world’s four main arms-control regimes (the others being the Nuclear Suppliers’ Group / NSG, the Missile Technology Control Group / MTCR and the Australia Group), the Pegasus Hack incident and the apparent connection to the Indian government shows us that its commitment to the principles underlying the WA is doubtful. The purpose of the inclusion of “intrusion software” and “IP network surveillance system” in the WA’s Control Lists by way of the 2013 Amendment, no matter their unintended consequences for legitimate uses of such technology, was to prevent governmental purchases exactly like this one. Hence, even though the WA does not prohibit the purchase of any surveillance technology from a non-member, the Pegasus incident arguably, is still a serious detraction from India’s commitment to the WA, even if not an explicit violation.

Military Cyber-Capability Vs Law Enforcement Cyber-Capability

Given what we know so far, it appears that highly sophisticated surveillance technology has also come into the hands of local law enforcement agencies. Had it been disclosed that the Pegasus software was being utilized by a military wing against external enemies, by, say, even the newly created Defence Cyber Agency, it would have probably caused fewer ripples. In fact, it might even have come off as reassuring evidence of the country’s advanced cyber-capabilities. However, the idea of such advanced, sophisticated technologies at the easy disposal of local law enforcement agencies is cause for worry. This is because while traditionally the domain of the military is external, the domain of law enforcement agencies is internal, i.e., the citizenry. There is tremendous scope for misuse by such authorities, including increased targeting of minorities. The recent incident of police officials in Hyderabad randomly collecting biometric data including their fingerprints and clicking people’s pictures only exacerbates this point. Even abroad, there already exist on-going efforts to limit the use of surveillance technologies by local law enforcement such as the police.

The conflation of technology use by both military and civil agencies  is a problem that is created in part at least, by the complex and often dual-use nature of technology. While dual use technology is recognized by the WA, this problem is not one that it is able to solve. As explained above, dual use technology is technology that can be used for both civil and military purposes. The demands of real-politik, increase in cyber-terrorism and the manifold ways in which a nation’s security can be compromised in cyberspace necessitate any government in today’s world to increase and improve its cyber-military-capacity by acquiring such technology. After all, a government that acquires surveillance technology undoubtedly increases the effectiveness of its intelligence gathering and ergo, its security efforts. But at the same time, the government also acquires the power to simultaneously spy on its own citizens, which can easily cascade into more targeted violations. 

Governments must resist the impulse to turn such technology on its own citizens. In the Indian scenario, citizens have been granted a ring of protection by way of the Puttaswamy judgement, which explicitly recognizes their right to privacy as a fundamental right. Interception and surveillance by the government while currently limited by laid-down protocols, are not regulated by any dedicated law. While there are calls for urgent legislation on the subject, few deal with the technology procurement processes involved. It has also now emerged that Chhattisgarh’s State Government has set up a panel to look into allegations that that NSO officials had a meeting with the state police a few years ago. This raises questions of oversight in the relevant authorities’ public procurement processes, apart from their legal authority to actually carry out domestic surveillance by exploiting zero-day vulnerabilities.  It is now becoming evident that any law dealing with surveillance will need to ensure transparency and accountability in the procurement of and use of the different kinds of invasive technology adopted by Central or State authorities to carry out such surveillance. 


[i]A Guide to the Wassenaar Arrangement, Daryl Kimball, Arms Control Association, December 9, 2013, https://www.armscontrol.org/factsheets/wassenaar, last accessed on November 27, 2019.

[ii]Ibid.

[iii]Data, Interrupted: Regulating Digital Surveillance Exports, Tim Maurerand Jonathan Diamond, November 24, 2015, World Politics Review.

[iv]Wassenaar Arrangement: The Case of India’s Membership, Rajeswari P. Rajagopalan and Arka Biswas, , ORF Occasional Paper #92 p.3, OBSERVER RESEARCH FOUNDATION, May 5, 2016, http://www.orfonline.org/wp-content/uploads/2016/05/ORF-Occasional-Paper_92.pdf, last accessed on November 27, 2019.

[v]Ibid, p. 3

[vi]“List of Dual-Use Goods and Technologies And Munitions List,” The Wassenaar Arrangement, available at https://www.wassenaar.org/public-documents/, last accessed on November 27, 2019. 

[vii]Article 2(1), Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL setting up a Union regime for the control of exports, transfer, brokering, technical assistance and transit of dual-use items (recast), European Commission, September 28th, 2016, http://trade.ec.europa.eu/doclib/docs/2016/september/tradoc_154976.pdf, last accessed on November 27, 2019. 

[viii]supra note vi.

[ix]Guidelines & Procedures, including the Initial Elements, The Wassenaar Arrangement, December, 2016, http://www.wassenaar.org/wp- content/uploads/2016/12/Guidelines-and-procedures-including-the-Initial-Elements-2016.pdf, last accessed on November 27, 2019.

[x]Articles V(1) & (2), Guidelines & Procedures, including the Initial Elements, The Wassenaar Arrangement, December, 2016, https://www.wassenaar.org/public-documents/, last accessed on November 27, 2019.

Fork in the Road? UN General Assembly passes Russia-backed Resolution to fight Cybercrime

By Sharngan Aravindakshan

On 19 November 2019, the Third Committee of the United Nations General Assembly passed a Russia-backed resolution. The resolution called for the establishment of an ad-hoc intergovernmental committee of experts “to elaborate a comprehensive international convention countering the use of information and communications technologies for criminal purposes” (A/C.3/74/L.11/Rev.1). China, Iran, Myanmar, North Korea and Syria were also some of the countries that sponsored the resolution. Notably, countries such as Russia, China and North Korea are all proponents of the internet-restrictive “cyber-sovereignty” model, as opposed to the free, open and global internet advocated by the Western bloc. Equally notably, India voted in favour of the resolution. The draft resolution, which was passed by a majority of 88-58 with 34 abstentions, can be accessed here.

The resolution was strongly opposed by most of the Western bloc, with the United States leading the fight against what they believe is a divisive attempt by Russia and China to create UN norms and standards permitting unrestricted state control of the internet. This is the second successful attempt by Russia and China, traditionally seen as outliers in cyberspace for their authoritarian internet regimes, to counter cybernorm leadership by the West. The resolution, to the extent it calls for the establishment of an open-ended ad hoc intergovernmental committee of experts “to elaborate a comprehensive international convention” on cybercrime, is also apparently a Russian proposal for an alternative to the Council of Europe’s Budapest Convention.

Similarly, last year, Russia and China successfully pushed for and established the Open-Ended Working Group (OEWG), also under the aegis of the United Nations, as an alternative to the US-led UN Group of Governmental Experts (GGE) in the attempt at making norms for responsible state behaviour in cyberspace. Hence, we now have two parallel UN based processes working on essentially the same issues in cyberspace. The Russians claim that both these processes  are complementary to each other, while others have stated that it was actually an attempt to delay consensus-building in cyberspace. In terms of outcome, scholars have noted the likelihood of either both processes succeeding or both failing, or what Dennis Broeders termed “Mutually Assured Diplomacy”.

Criticism

The Russia-backed cyber-crime resolution, while innocuously worded, has been widely criticized by civil society groups for its vagueness and for potentially opening the door to widespread human rights violations. In an open letter to the UN General Assembly, various civil society and academic groups have expressed the worry that “it could lead to criminalizing ordinary online behaviour protected under human rights law” and assailed the resolution for the following reasons:

  • The resolution fails to define “use of information and communication technologies for criminal purposes.” It is not clear whether this is meant to cover cyber-dependent crimes (i.e. crimes that can only be committed by using ICTs, like breaking into computer systems to commit a crime or DDoS attacks) or cyber-enabled crimes (i.e. using ICTs to assist in committing “offline” crimes, like child sexual exploitation). The broad wording of the text includes most crimes and this lack of specificity opens the door to criminalising even ordinary online behaviour;
  • The single reference to human rights in the resolution, i.e., “Reaffirming the importance of respect for human rights and fundamental freedoms” is not strong enough to counter the growing trend among countries to use cybercrime legislation to violate human rights, nor does it recognize any positive obligation on the state to protect human rights.
  • It is essentially a move to negotiate a cybercrime convention or treaty, which will duplicate efforts. The Council of Europe’s Budapest Convention already has the acceptance of 64 countries that have ratified it. Also, there are already other significant international efforts underway in combating cybercrime including the UN Office on Drugs and Crime working on various related issues such as challenges faced by national laws in combating cybercrime (Cybercrime Depository) and the Open Ended Intergovernmental Expert Group Meeting on Cybercrime, which is due to release its report with its findings in 2021.

Wolves in the hen-house?

Russia’s record in human rights protection in the use of information and communications technology has been controversial. Conspicuously, this resolution comes just a few months after it passed its “sovereign-internet law”. The law grants the Kremlin the power to completely cut-off the Russian internet from the rest of the world. According to Human Rights Watch, the law obliges internet service providers to install special equipment that can track, filter, and reroute internet traffic, allowing the Russian government to spy, censor and independently block access to internet content ranging from a single message to cutting off Russia from the global internet or shutting down internet within Russia. While some experts have doubted the technical feasibility of isolating the Russian internet no matter what the government wants, the law has already come into force from 1 November 2019 and it definitely seems like Russia is going to try.

Apart from this, there have also been credible claims attributing various cyberattacks to Russia, including the 2007 attacks on Estonia, the 2008 attacks on Georgia and even the recent hacking of the Democratic National Committee (DNC) in the US. More recently, in a rare incident of collective public attribution, the US, the UK and the Netherlands called out Russia for targeting the Organization for the Prohibition of Chemical Weapons’ (OPCW) investigation into the chemical attack on a former Russian spy in the U.K., and anti-doping organizations through cyberattacks in 2018.

China, another sponsor of the resolution, is also not far behind. According to the RAND Corporation, the most number of cyber-incidents including cyber theft from 2005- 2017 was attributed to China. Also, China’s Great Firewall is famous for allowing internet censorship in the country. A Russo-China led effort in international cybernorm making is now widely feared as portending stricter state control over the internet leading to more restrictions on civil liberties.

However, as a victim of growing cyber-attacks and as a country whose current public stance is against “data monopoly” by the West, India is going to need a lot more convincing by the Western bloc to bring it over to the “free, open and global” internet camp, as its vote in favour of this resolution shows. An analysis of the voting pattern for last year’s UNGA resolution on countering the use of ICT for criminal purposes and what it means for international cyber norm making can be accessed here.

Fractured Norm-making

This latest development only further splinters the already fractured global norm-making process in cyberspace. Countries such as the United States are also taking the approach of negotiating separate bilateral cyberspace treaties with “like-minded nations” to advance its “cyber freedom” doctrine and China is similarly advancing its own “cyber-sovereignty” doctrine alongside Russia.

Add to this mix the private sector’s efforts like Microsoft’s Cybersecurity Tech Accord (2018) and the Paris Call for Trust and Security in Cyberspace (2018), and it becomes clear that any unified multilateral approach to cybernorm making now seems extremely difficult, if not impossible. With each initiative paving its own way, it now remains to be seen whether these roads all lead to cyberspace stability.

[September 30-October 7] CCG’s Week in Review Curated News in Information Law and Policy

Huawei finds support from Indian telcos in the 5G rollout as PayPal withdrew from Facebook’s Libra cryptocurrency project; Foreign Portfolio Investors moved MeitY against in the Data Protection Bill; the CJEU rules against Facebook in case relating to takedown of content globally; and Karnataka joins list of states considering implementing NRC to remove illegal immigrants – presenting this week’s most important developments in law, tech and national security.

Digital India

  • [Sep 30] Why the imminent global economic slowdown is a growth opportunity for Indian IT services firms, Tech Circle report.
  • [Sep 30] Norms tightened for IT items procurement for schools, The Hindu report.
  • [Oct 1] Govt runs full throttle towards AI, but tech giants want to upskill bureaucrats first, Analytics India Magazine report.
  • [Oct 3] – presenting this week’s most important developments in law, tech and national security. MeitY launches smart-board for effective monitoring of the key programmes, The Economic Times report.
  • [Oct 3] “Use human not artificial intelligence…” to keep a tab on illegal constructions: Court to Mumbai civic body, NDTV report.
  • [Oct 3] India took 3 big productivity leaps: Nilekani, Livemint report.
  • [Oct 4] MeitY to push for more sops to lure electronic makers, The Economic Times report; Inc42 report.
  • [Oct 4] Core philosophy of Digital India embedded in Gandhian values: Ravi Shankar Prasad, Financial Express report.
  • [Oct 4] How can India leverage its data footprint? Experts weigh in at the India Economic Summit, Quartz report.
  • [Oct 4] Indians think jobs would be easy to find despite automation: WEF, Tech Circle report.
  • [Oct 4] Telangana govt adopts new framework to use drones for last-mile delivery, The Economic Times report.
  • [Oct 5] Want to see ‘Assembled in India’ on an iPhone: Ravi Shankar Prasad, The Economic Times report.
  • [Oct 6] Home market gets attractive for India’s IT giants, The Economic Times report.

Internet Governance

  • [Oct 2] India Govt requests maximum social media content takedowns in the world, Inc42 report; Tech Circle report.
  • [Oct 3] Facebook can be forced to delete defamatory content worldwide, top EU court rules, Politico EU report.
  • [Oct 4] EU ruling may spell trouble for Facebook in India, The Economic Times report.
  • [Oct 4] TikTok, TikTok… the clock is ticking on the question whether ByteDance pays its content creators, ET Tech report.
  • [Oct 6] Why data localization triggers a heated debate, The Economic Times report.
  • [Oct 7] Sensitive Indian govt data must be stored locally, Outlook report.

Data Protection and Privacy

  • [Sep 30] FPIs move MeitY against data bill, seek exemption, ET markets report, Inc42 report; Financial Express report.
  • [Oct 1] United States: CCPA exception approved by California legislature, Mondaq.com report.
  • [Oct 1] Privacy is gone, what we need is regulation, says Infosys Kris Gopalakrishnana, News18 report.
  • [Oct 1] Europe’s top court says active consent is needed for tracking cookies, Tech Crunch report.
  • [Oct 3] Turkey fines Facebook $282,000 over data privacy breach, Deccan Herald report.

Free Speech

  • [Oct 1] Singapore’s ‘fake news’ law to come into force Wednesday, but rights group worry it could stifle free speech, The Japan Times report.
  • [Oct 2] Minister says Singapore’s fake news law is about ‘enabling’ free speech, CNBC report.
  • [Oct 3] Hong Kong protests: Authorities to announce face mask ban, BBC News report.
  • [Oct 3] ECHR: Holocaust denial is not protected free speech, ASIL brief.
  • [Oct 4] FIR against Mani Ratnam, Adoor and 47 others who wrote to Modi on communal violence, The News Minute report; Times Now report.
  • [Oct 5] UN asks Malaysia to repeal laws curbing freedom of speech, The New Indian Express report.
  • [Oct 6] When will our varsities get freedom of expression: PC, Deccan Herald report.
  • [Oct 6] UK Government to make university students sign contracts limiting speech and behavior, The Times report.
  • [Oct 7] FIR on Adoor and others condemned, The Telegraph report.

Aadhaar, Digital IDs

  • [Sep 30] Plea in SC seeking linking of social media accounts with Aadhaar to check fake news, The Economic Times report.
  • [Oct 1] Why another omnibus national ID card?, The Hindu Business Line report.
  • [Oct 2] ‘Kenyan court process better than SC’s approach to Aadhaar challenge’: V Anand, who testified against biometric project, LiveLaw report.
  • [Oct 3] Why Aadhaar is a stumbling block in Modi govt’s flagship maternity scheme, The Print report.
  • [Oct 4] Parliament panel to review Aadhaar authority functioning, data security, NDTV report.
  • [Oct 5] Could Aahdaar linking stop GST frauds?, Financial Express report.
  • [Oct 6] Call for liquor sale-Aadhaar linking, The New Indian Express report.

Digital Payments, Fintech

  • [Oct 7] Vision cash-lite: A billion UPI transactions is not enough, Financial Express report.

Cryptocurrencies

  • [Oct 1] US SEC fines crypto company Block.one for unregistered ICO, Medianama report.
  • [Oct 1] South Korean Court issues landmark decision on crypto exchange hacking, Coin Desk report.
  • [Oct 2] The world’s most used cryptocurrency isn’t bitcoin, ET Markets report.
  • [Oct 2] Offline transactions: the final frontier for global crypto adoption, Coin Telegraph report.
  • [Oct 3] Betting on bitcoin prices may soon be deemed illegal gambling, The Economist report.
  • [Oct 3] Japan’s financial regulator issues draft guidelines for funds investing in crypto, Coin Desk report.
  • [Oct 3] Hackers launch widespread botnet attack on crypto wallets using cheap Russian malware, Coin Desk report.
  • [Oct 4] State-backed crypto exchange in Venezuela launches new crypto debit cards, Decrypt report.
  • [Oct 4] PayPal withdraws from Facebook-led Libra crypto project, Coin Desk report.
  • [Oct 5] Russia regulates digital rights, advances other crypto-related bills, Bitcoin.com report.
  • [Oct 5] Hong Kong regulates crypto funds, Decrypt report.

Cybersecurity and Cybercrime

  • [Sep 30] Legit-looking iPhone lightening cables that hack you will be mass produced and sold, Vice report.
  • [Sep 30] Blackberry launches new cybersecurity development labs, Infosecurity Mgazine report.
  • [Oct 1] Cybersecurity experts warn that these 7 emerging technologies will make it easier for hackers to do their jobs, Business Insider report.
  • [Oct 1] US government confirms new aircraft cybersecurity move amid terrorism fears, Forbes report.
  • [Oct 2] ASEAN unites to fight back on cyber crime, GovInsider report; Asia One report.
  • [Oct 2] Adopting AI: the new cybersecurity playbook, TechRadar Pro report.
  • [Oct 4] US-UK Data Access Agreement, signed on Oct 3, is an executive agreement under the CLOUD Act, Medianama report.
  • [Oct 4] The lack of cybersecurity talent is ‘a  national security threat,’ says DHS official, Tech Crunch report.
  • [Oct 4] Millions of Android phones are vulnerable to Israeli surveillance dealer attack, Forbes report; NDTV report.
  • [Oct 4] IoT devices, cloud solutions soft target for cybercriminals: Symantec, Tech Circle report.
  • [Oct 6] 7 cybersecurity threats that can sneak up on you, Wired report.
  • [Oct 6] No one could prevent another ‘WannaCry-style’ attack, says DHS official, Tech Crunch report.
  • [Oct 7] Indian firms rely more on automation for cybersecurity: Report, ET Tech report.

Cyberwarfare

  • [Oct 2] New ASEAN committee to implement norms for countries behaviour in cyberspace, CNA report.

Tech and National Security

  • [Sep 30] IAF ready for Balakot-type strike, says new chief Bhadauria, The Hindu report; Times of India report.
  • [Sep 30] Naval variant of LCA Tejas achieves another milestone during its test flight, Livemint report.
  • [Sep 30] SAAB wants to offer Gripen at half of Rafale cost, full tech transfer, The Print report.
  • [Sep 30] Rajnath harps on ‘second strike capability’, The Shillong Times report.
  • [Oct 1] EAM Jaishankar defends India’s S-400 missile system purchase from Russia as US sanctions threat, International Business Times report.
  • [Oct 1] SC for balance between liberty, national security, Hindustan Times report.
  • [Oct 2] Startups have it easy for defence deals up to Rs. 150 cr, ET Rise report, Swarajya Magazine report.
  • [Oct 3] Huawei-wary US puts more pressure on India, offers alternatives to data localization, The Economic Times report.
  • [Oct 4] India-Russia missile deal: What is CAATSA law and its implications?, Jagran Josh report.
  • [Oct 4] Army inducts Israeli ‘tank killers’ till DRDO develops new ones, Defence Aviation post report.
  • [Oct 4] China, Russia deepen technological ties, Defense One report.
  • [Oct 4] Will not be afraid of taking decisions for fear of attracting corruption complaints: Rajnath Singh, New Indian Express report.
  • [Oct 4] At conclave with naval chiefs of 10 countries, NSA Ajit Doval floats an idea, Hindustan Times report.
  • [Oct 6] Pathankot airbase to finally get enhanced security, The Economic Times report.
  • [Oct 6] rafale with Meteor and Scalp missiles will give India unrivalled combat capability: MBDA, The Economic Times report.
  • [Oct 7] India, Bangladesh sign MoU for setting up a coastal surveillance radar in Bangladesh, The Economic Times report; Decaan Herald report.
  • [Oct 7] Indian operated T-90 tanks to become Russian army’s main battle tank, EurAsian Times report.
  • [Oct 7] IAF’s Sukhois to get more advanced avionics, radar, Defence Aviation post report.

Tech and Law Enforcement

  • [Sep 30] TMC MP Mahua Mitra wants to be impleaded in the WhatsApp traceability case, Medianama report; The Economic Times report.
  • [Oct 1] Role of GIS and emerging technologies in crime detection and prevention, Geospatial World.net report.
  • [Oct 2] TRAI to take more time on OTT norms; lawful interception, security issue now in focus, The Economic Times report.
  • [Oct 2[ China invents super surveillance camera that can spot someone from a crowd of thousands, The Independent report.
  • [Oct 4] ‘Don’t introduce end-to-end encryption,’ UK, US and Australia ask Facebook in an open letter, Medianama report.
  • [Oct 4] Battling new-age cyber threats: Kerala Police leads the way, The Week report.
  • [Oct 7] India govt bid to WhatsApp decryption gets push as UK,US, Australia rally support, Entrackr report.

Tech and Elections

  • [Oct 1] WhatsApp was extensively exploited during 2019 elections in India: Report, Firstpost report.
  • [Oct 3] A national security problem without a parallel in American democracy, Defense One report.

Internal Security: J&K

  • [Sep 30] BDC polls across Jammu, Kashmir, Ladakh on Oct 24, The Economic Times report.
  • [Sep 30] India ‘invaded and occupied Kashmir, says Malaysian PM at UN General Assembly, The Hindu report.
  • [Sep 30] J&K police stations to have CCTV camera surveillance, News18 report.
  • [Oct 1] 5 judge Supreme court bench to hear multiple pleas on Article 370, Kashmir lockdown today, India Today report.
  • [Oct 1] India’s stand clear on Kashmir: won’t accept third-party mediation, India Today report.
  • [Oct 1] J&K directs officials to ensure all schools reopen by Thursday, NDTV report.
  • [Oct 2]] ‘Depressed, frightened’: Minors held in Kashmir crackdown, Al Jazeera report.
  • [Oct 3] J&K: When the counting of the dead came to a halt, The Hindu report.
  • [Oct 3] High schools open in Kashmir, students missing, The Economic Times report.
  • [Oct 3] Jaishanakar reiterates India’s claim over Pakistan-occupied Kashmir, The Hindu report.
  • [Oct 3] Normalcy prevails in Jammu and Kashmir, DD News report.
  • [Oct 3] Kashmiri leaders will be released one by one, India Today report.
  • [Oct 4] India slams Turkey, Malaysia remarks on J&K, The Hindu report.
  • [Oct 5] India’s clampdown hits Kashmir’s Silicon Valley, The Economic Times report.
  • [Oct 5] Traffic cop among 14 injured in grenade attack in South Kashmir, NDTV report; The Economic Times report.
  • [Oct 6] Kashmir situation normal, people happy with Article 370 abrogation: Prkash Javadekar, Times of India report.
  • [Oct 7] Kashmir residents say police forcibly taking over their homes for CRPF troops, Huffpost India report.

Internal Security: Northeast/ NRC

  • [Sep 30] Giving total control of Assam Rifles to MHA will adversely impact vigil: Army to Govt, The Economic Times report.
  • [Sep 30] NRC list impact: Assam’s foreigner tribunals to have 1,600 on contract, The Economic Times report.
  • [Sep 30] Assam NRC: Case against Wipro for rule violation, The Hindu report; News18 report; Scroll.in report.
  • [Sep 30] Hindu outfits demand NRC in Karnataka, Deccan Chronicle report; The Hindustan Times report.
  • [Oct 1] Centre extends AFPSA in three districts of Arunachal Pradesh for six months, ANI News report.
  • [Oct 1] Assam’s NRC: law schools launch legal aid clinic for excluded people, The Hindu report; Times of India report; The Wire report.
  • [Oct 1] Amit Shah in Kolkata: NRC to be implemented in West Bengal, infiltrators will be evicted, The Economic Times report.
  • [Oct 1] US Congress panel to focus on Kashmir, Assam, NRC in hearing on human rights in South Asia, News18 report.
  • [Oct 1] NRC must for national security; will be implemented: Amit Shah, The Hindu Business Line report.
  • [Oct 2] Bengali Hindu women not on NRC pin their hope on promise of another list, citizenship bill, The Print report.
  • [Oct 3] Citizenship Amendment Bill has become necessity for those left out of NRC: Assam BJP president Ranjeet Das, The Economic Times report.
  • [Oct 3] BJP govt in Karnataka mulling NRC to identify illegal migrants, The Economic Times report.
  • [Oct 3] Explained: Why Amit Shah wants to amend the Citizenship Act before undertaking countrywide NRC, The Indian Express report.
  • [Oct 4] Duplicating NPR, NRC to sharpen polarization: CPM, Deccan Herald report.
  • [Oct 5] We were told NRC India’s internal issue: Bangladesh, Livemint report.
  • [Oct 6] Prasanna calls NRC ‘unjust law’, The New Indian Express report.

National Security Institutions

  • [Sep 30] CRPF ‘denied’ ration cash: Govt must stop ‘second-class’ treatment. The Quint report.
  • [Oct 1] Army calls out ‘prejudiced’ foreign report on ‘torture’, refutes claim, Republic World report.
  • [Oct 2] India has no extraterritorial ambition, will fulfill regional and global security obligations: Bipin Rawat, The Economic Times report.

More on Huawei, 5G

  • [Sep 30] Norway open to Huawei supplying 5G equipment, Forbes report.
  • [Sep 30] Airtel deploys 100 hops of Huawei’s 5G technology, The Economic Times report.
  • [Oct 1] America’s answer to Huawei, Foreign Policy report; Tech Circle report.
  • [Oct 1] Huawei buys access to UK innovation with Oxford stake, Financial Times report.
  • [Oct 3] India to take bilateral approach on issues faced by other countries with China: Jaishankar, The Hindu report.
  • [Oct 4] Bharti Chairman Sunil Mittal says India should allow Huawei in 5G, The Economic Times report
  • [Oct 6] 5G rollout: Huawei finds support from telecom industry, Financial Express report.

Emerging Tech: AI, Facial Recognition

  • [Sep 30] Bengaluru set to roll out AI-based traffic solution at all signals, Entrackr report.
  • [Sep 1] AI is being used to diagnose disease and design new drugs, Forbes report.
  • [Oct 1] Only 10 jobs created for every 100 jobs taken away by AI, The Economic Times report.
  • [Oct 2]Emerging tech is helping companies grow revenues 2x: report, ET Tech report.
  • [Oct 2] Google using dubious tactics to target people with ‘darker skin’ in facial recognition project: sources, Daily News report.
  • [Oct 2] Three problems posed by deepfakes that technology won’t solve, MIT Technology Review report.
  • [Oct 3] Getting a new mobile number in China will involve a facial recognition test, Quartz report.
  • [Oct 4] Google contractors targeting homeless people, college students to collect their facial recognition data: Report, Medianama report.
  • [Oct 4] More jobs will be created than are lost from the IA revolution: WEF AI Head, Livemint report.
  • [Oct 6] IIT-Guwahati develops AI-based tool for electric vehicle motor, Livemint report.
  • [Oct 7] Even if China misuses AI tech, Satya Nadella thinks blocking China’s AI research is a bad idea, India Times report.

Big Tech

  • [Oct 3] Dial P for privacy: Google has three new features for users, Times of India report.

Opinions and Analyses

  • [Sep 26] Richard Stengel, Time, We’re in the middle of a global disinformation war. Here’s what we need to do to win.
  • [Sep 29] Ilker Koksal, Forbes, The shift toward decentralized finance: Why are financial firms turning to crypto?
  • [Sep 30] Nistula Hebbar, The Hindu, Govt. views grassroots development in Kashmir as biggest hope for peace.
  • [Sep 30] Simone McCarthy, South China Morning Post, Could China’s strict cyber controls gain international acceptance?
  • [Sep 30] Nele Achten, Lawfare blog, New UN Debate on cybersecurity in the context of international security.
  • [Sep 30[ Dexter Fergie, Defense One, How ‘national security’ took over America.
  • [Sep 30] Bonnie Girard, The Diplomat, A firsrhand account of Huawei’s PR drive.
  • [Oct 1] The Economic Times, Rafale: Past tense but furture perfect.
  • [Oct 1] Simon Chandler, Forbes, AI has become a tool for classifying and ranking people.
  • [Oct 2] Ajay Batra, Business World, Rethink India! – MMRCA, ESDM & Data Privacy Policy.
  • [Oct 2] Carisa Nietsche, National Interest, Why Europe won’t combat Huawei’s Trojan tech.
  • [Oct 3] Aruna Sharma, Financial Express, The digital way: growth with welfare.
  • [Oct 3] Alok Prasanna Kumar, Medianama, When it comes to Netflix, the Government of India has no chill.
  • [Oct 3] Fredrik Bussler, Forbes, Why we need crypto for good.
  • [Oct 3] Panos Mourdoukoutas, Forbes, India changed the game in Kashmir – Now what?
  • [Oct 3] Grant Wyeth, The Diplomat, The NRC and India’s unfinished partition.
  • [Oct 3] Zak Doffman, Forbes, Is Huawei’s worst Google nightmare coming true?
  • [Oct 4] Oren Yunger, Tech Crunch, Cybersecurity is a bubble, but it’s not ready to burst.
  • [Oct 4] Minakshi Buragohain, Indian Express, NRS: Supporters and opposers must engage each other with empathy.
  • [Oct 4] Frank Ready, Law.com, 27 countries agreed on ‘acceptable’ cyberspace behavior. Now comes the hard part.
  • [Oct 4] Samir Saran, World economic Forum (blog), 3 reasons why data is not the new oil and why this matters to India.
  • [Oct 4] Andrew Marantz, The New York Times, Free Speech is killing us.
  • [Oct 4] Financial Times editorial, ECJ ruling risks for freedom of speech online.
  • [Oct 4] George Kamis, GCN, Digital transformation requires a modern approach to cybersecurity.
  • [Oct 4] Naomi Xu Elegant and Grady McGregor, Fortune, Hong King’s mask ban pits anonymity against the surveillance state.
  • [Oct 4] Prashanth Parameswaran, The Diplomat, What’s behind the new US-ASEAN cyber dialogue?
  • [Oct 5] Huong Le Thu, The Strategist, Cybersecurity and geopolitics: why Southeast Asia is wary of a Huawei ban.
  • [Oct 5] Hannah Devlin, The Guardian, We are hurtling towards a surveillance state: the rise of facial recognition technology.
  • [Oct 5] PV Navaneethakrishnan, The Hindu Why no takers? (for ME/M.Tech programmes).
  • [Oct 6] Aakar Patel, Times of India blog, Cases against PC, letter-writing celebs show liberties are at risk.
  • [Oct 6] Suhasini Haidar, The Hindu, Explained: How ill purchases from Russia affect India-US ties?
  • [Oct 6] Sumit Chakraberty, Livemint, Evolution of business models in the era of privacy by design.
  • [Oct 6] Spy’s Eye, Outlook, Insider threat management.
  • [Oct 6] Roger Marshall, Deccan Herald, Big oil, Big Data and the shape of water.
  • [Oct 6] Neil Chatterjee, Fortune, The power grid is evolving. Cybersecurity  must too.
  • [Oct 7] Scott W Pink, Modaq.com, EU: What is GDPR and CCPA and how does it impact blockchain?
  • [Oct 7] GN Devy, The Telegraph, Has India slid into an irreversible Talibanization of the mind?
  • [Oct 7] Susan Ariel Aaronson, South China Morning Post, The Trump administration’s approach to AI is not that smart: it’s about cooperation, not domination.

[September 23-30] CCG’s Week in Review: Curated News in Information Law and Policy

The deadline to link PAN cards with Aadhaar was extended to December 31 this week; the Election Commission ruled that voting rights of those excluded in the NRC process remain unaffected; the Home Minister proposed a digital census with multipurpose ID cards for 2021; and 27 nations including the US, UK and Canada issued joint statement urging for a rules-based order in cyberspace – presenting this week’s most important developments in law, technology and national security.

Aadhaar and Digital IDs

  • [Sep 23] Home Minister announces digital census in 2021, proposed multipurpose ID card, Entrackr report; Business Today report.
  • [Sep 24] NRIs can now apply for Aadhaar on arrival without 182-day wait, The Economic Times report.
  • [Sep 24] Aadhaar will be linked to driving license to avoid forgery: Ravi Shankar Prasad, The Indian Express report.
  • [Sep 24] One nation, one card? Amit Shah floats idea of all-in-one ID; here are all the problems with that idea, Medianama report; Money Control report.
  • [Sep 24] Explained: Is India likely to have a multipurpose national ID card? The Indian Express report.
  • [Sep 24] UIDAI nod to ‘voluntary’ use of Aadhaar for National Population Register rollout, The Economic Times report.
  • [Sep 24] Govt must decide on Aadhaar-social media linkage:SC, Deccan Herald report.
  • [Sep 25] New law needed for Aadhaar-social media linkage: UIDAI, The Economic Times report; Inc42 report.
  • [Sep 26] NPR process to include passport, voter ID, Aadhaar and other details, Business Standard report.
  • [Sep 27] Gang involved in making fake Aadhaar cards busted, The Tribune report.
  • [Sep 27] What will happen if you don’t link your PAN card with Aadhaar by Sep 20, The Quint report.
  • [Sep 27] Explained: The National Population Register, and the controversy around it, The Indian Express report.
  • [Sep 27] Aadhaar to weed out bogus social security beneficiaries in Karnataka, Deccan Herald report.
  • [Sep 29] Bajrang Dal wants Aadhaar mandatory at dandiya to keep ‘non-Hindus’ out, The Hindustan Times report; The Wire report.
  • [Sep 30] Kerala urges Centre to extend deadline to link ration cards with Aadhaar, The News Minute report.
  • [Sep 30] PAN-Aadhaar linking deadline extended to December 31, The Economic Times report.

Digital India 

  • [Sep 25] India’s regulatory approach should focus on the regulation of the ‘core’: IAMAI, Livemint report.
  • [Sep 27] India may have to offer sops to boost electronic manufacturing, ET Tech report; Inc42 report.
  • [Sep 27] Digital India, start-ups are priorities for $5 trillion economy: PM Modi, Medianama report.
  • [Sep 29] Tech giants aim to skill Indian govt officials in AI, cloud, ET CIO report.
  • [Sep 29] India’s share in IT, R&D biz up in 2 years: report, The Economic Times report.

Internet Governance

  • [Sep 24] Supreme Court to MeitY: What’s the status of intermediary guidelines? Tell us by Oct 15, Medianama report.
  • [Sep 26] Will not be ‘excessive’ with social media rules, ay Govt officials, Inc42 report.
  • [Sep 26] Government trying to balance privacy and security in draft IT intermediary norms, The Economic Times report.
  • [Sep 27] Citizens, tech companies served better with some regulation: Facebook India MD Ajit Mohan, ET Tech report; Inc42 report.
  • [Sep 27] Balance benefits of internet, data security: Google CEO Sundar Pichai, ET Tech report; Business Today report.

Free Speech

  • [Sep 25] Jadavpur University calls upon ‘stakeholders’ to ensure free speech on campus, The New Indian Express report.
  • [Sep 28] RSS raises objections to uncensored content of Maoj Bajpayee’s “The Family Man”, The Hindu report; Outlook report.

Privacy and Data Protection

  • [Sep 23] A landmark decision on Tuesday could radically reshape how Google’s search results work, Business Insider report.
  • [Sep 23] Google tightens its voice assistant rules amidst privacy backlash, Wired report.
  • [Sep 24] Dell rolls out new data protection storage appliances and capabilities, ZDNet report.
  • [Sep 24] ‘Right to be forgotten’ privacy rule is limited by Europe’s top court, The New York Times report; Live Law report.
  • [Sep 27] Nigeria launches investigation into Truecaller for potential breach of privacy, Medianama report.
  • [Sep 29] Right to be forgotten will be arduous as India frames data protection law, Business Standard report.
  • [Sep 30] FPIs move against data bill, seek exemption, ET Telecom report; Entrackr report.

Data Localisation

  • [Sep 26] Reconsider imposition of data localisation: IAMAI report, The Economic Times report.
  • [Sep 27] Why data is not oil: Here’s how India’s data localisation norms will hurt the economy, Inc42 report.

Digital Payments and Fintech

  • [Sep 23] RBI rider on credit bureau data access has Fintech in a quandary, ET Tech report.

Cryptocurrencies

  • [Sep 23] Facebook reveals Libra currency basket breakdown, Coin Desk report.
  • [Sep 23] The face of India’s crypto lobby readies for a clash, Ozy report.
  • [Sep 23] Why has Brazil’s Central Bank included crypto assets in trade balance? Coin Telegraph report.
  • [Sep 24] French retailers widening crypto acceptance, Tech Xplore report.
  • [Sep 26] Why crypto hoaxes are so successful, Quartz report.
  • [Sep 26] South Africa: the net frontier for crypto exchanges, Coin Telegraph report
  • [Sep 27] The crypto wars’ strange bedfellows, Forbes report.
  • [Sep 28] Crypto industry is already preparing for Google’s ‘quantum supremacy’, Decrypt report.
  • [Sep 29] How crypto gambling is regulated around the world, Coin Telegraph report.

Tech and Law Enforcement

  • [Sep 29] New WhatsApp and Facebook Encryption ‘Backdoors’ – What’s really going on, Forbes report.
  • [Sep 28] Facebook, WhatsApp will have to share messages with UK Government, Bloomberg report.
  • [Sep 23] Secret FBI subpoenas scoop up personal data from scores of companies, The New York Times report.
  • [Sep 23] ‘Don’t transfer the WhatsApp traceability case’, Internet Freedom Foundation asks Supreme Court, Medianama report.
  • [Sep 24] China offers free subway rides to citizens who register their face with surveillance system, The Independent report.
  • [Sep 24] Facial recognition technology in public housing prompts backlash, The New York Times report.
  • [Sep 24] Facebook-Aadhaar linkage and WhatsApp traceability: Supreme Court says government must frame rules, CNBC TV18 report.
  • [ep 27] Fashion that counters surveillance cameras, Business Times report.
  • [Sep 27] Unnao rape case: Delhi court directs Apple to give Sengar’s location details on day of alleged rape, Medianama report.
  • [Sep 27] Face masks to decoy t-shirts: the rise of anti-surveillance fashion, Times of India report.
  • [Sep 30] Battle for privacy and encryption: WhatsApp and government head for a showdown on access to messages, ET Prime report.
  • [Sep 29] Improving digital evidence sharing, Scottish Government news report; Public technology report.

Internal Security: J&K

  • [Sep 23] Government launches internet facilitation centre in Pulwama for students, Times of India report; Business Standard report.
  • [Sep 23] Army chief rejects ‘clampdown’ in Jammu and Kashmir, Times of India report.
  • [Sep 24] Rising power: Why India has faced muted criticism over its Kashmir policy, Business Standard report.
  • [Sep 24] ‘Restore Article 370, 35A in Jammu and Kashmir, withdraw army, paramilitary forces’: 5-member women’s group will submit demands to Amit Shah, Firstpost report.
  • [Sep 24] No normalcy in Kashmir, says fact finding team, The Hindu report.
  • [Sep 25] End clampdown: Kashmir media, The Telegraph report.
  • [Sep 25] Resolve Kashmir issue through dialogue and not through collision: Erdogan, The Economic Times report.
  • [Sep 25] Rajya Sabha deputy chair thwarts Pakistan’s attempt at Kashmir at Eurasian Conference, The Economic Times report.
  • [Sep 25] Pakistan leader will urge UN intervention in Kashmir, The New York Times report.
  • [Sep 25] NSA Ajit Doval back in Srinagar to review security situation, The Hindustan Times report.
  • [Sep 27] Communication curbs add fresh challenge to Kashmir counter-insurgency operations, News18 report.
  • [Sep 27] Fresh restrictions in parts of Kashmir, The Hindu report.
  • [Sep 27] US wants ‘rapid’ easing of Kashmir restrictions, Times of India report.
  • [Sep 27] Kashmir issue: Rescind action on Art. 370, OIC tells India, The Hindu report.
  • [Sep 28] India objects to China’s reference to J&K and Ladakh at UNGA, The Economic Times report; The Hindu report.
  • [Sep 29] Surveillance, area domination operations intensified in Kashmir, The Economic Times report; Financial Express report.
  • [Sep 29] Police impose restrictions in J&K after Imran Khan’s speech at UNGA, India Today report.

Internal Security: NRC and the North-East

  • [Sep 23] Assam framing cyber security policy to secure data related to NRC, police, services, The Economic Times report; Money Control report.
  • [Sep 24] BJP will tell SC that we reject this NRC, says Himanta Biswa Sarma, Business Standard report.
  • [Sep 24] Amit Shah to speak on NRC, Citizenship Amendment Bill in Kolkata on Oct 1, The Economic Times report.
  • [Sep 26] ‘Expensive’ legal battle for those rejected in Assam NRC final list, The Economic Times report.
  • [Sep 27] Scared of NRC? Come back in 2022, The Telegraph report.
  • [Sep 27] Voters left out of NRC will have right to vote, rules Election Commission, India Today report; The Wire report.
  • [Sep 27] NRC: Assam government announces 200 Foreigners Tribunals in 33 districts, Times Now report; Times of India report.
  • [Sep 28] Judge urges new FT members to examine NRC claims with utmost care, Times of India report.

National Security Legislation

  • [Sep 23] Centre will reintroduce Citizenship Bill in Parliament: Himanta Biswa Sarma, The Hindu report.
  • [Sep 26] National Security Guard: History, Functions and Operations, Jagran Josh report.
  • [Sep 28] Left parties seek revocation of decision on Article 370, The Tribune India report.

Tech and National Security

  • [Sep 25] Army to start using Artificial Intelligence in 2-3 years: South Western Army commander, The Print report; India Today report; The New Indian Express report; Financial Express report.
  • [Sep 23] Modi, Trump set new course on terrorism, border security, The Hindu report.
  • [Sep 23] PM Modi in the US” Trump promises more defence deals with India, military trade to go up, Financial Express report.
  • [Sep 23] Punjab police bust terror module supplied with weapons by drones from Pak, NDTV report.
  • [Sep 26] Lockheed Martin to begin supplying F-16 wings from Hyderabad plant in 2020, Livemint report.
  • [Sep 26] Drones used for cross-border arms infiltration in Punjab a national security issues, says Randhawa, The Hindu report.
  • [Sep 27] UK MoD sets up cyber team for secure innovation, UK Authority report.
  • [Sep 29] New tri-services special ops division, meant for surgical strikes, finishes first exercise today, The Print report.
  • [Sep 30] After Saudi attacks, India developing anti-drone technology to counter drone menace, Eurasian Times report.

Tech and Elections

  • [Sep 20] Microsoft will offer free Windows 7 support for US election officials through 2020, Cyber Scoop report.
  • [Sep 26] Social media platforms to follow ‘code of ethics’ in all future elections: EC, The Economic Times report.
  • [Sep 28] Why is EC not making ‘authentic’ 2019 Lok Sabha results public? The Quint report.

Cybersecurity

  • [Sep 24] Androids and iPhones hacked with just one WhatsApp click – and Tibetans are under attack, Forbes report.
  • [Sep 25] Sharp questions can help board oversee cybersecurity, The Wall Street Journal report.
  • [Sep 25] What we know about CrowdStrike, the cybersecurity firm trump mentioned in Ukraine call, and its billionaire CEO, Forbes report.
  • [Sep 25] 36% smaller firms witnessed data breaches in 2019 globally, ET Rise report.
  • [Sep 28] Defence Construction Canada hit by cyber attack – corporation’s team trying to restore full IT capability, Ottawa Citizen report.
  • [Sep 29] Experts call for collective efforts to counter cyber threats, The New Indian Express report.
  • [Sep 29] Microsoft spots malware that turns PCs into zombie proxies, ET Telecom report
  • [Sep 29] US steps up scrutiny of airplane cybersecurity, The Wall Street Journal report.

Cyberwarfare

  • [Sep 24] 27 countries sign cybersecurity pledge urging rules-based control over cyberspace in Joint Statement, with digs at China and Russia, CNN report; IT world Canada report; Meri Talk report.
  • [Sep 26] Cyber Peace Institute fills a critical need for cyber attack victims, Microsoft blog.
  • [Sep 29] Britain is ‘at war every day’ due to constant cyber attacks, Chief of the Defence Staff says, The Telegraph report.

Telecom and 5G

  • [Sep 27] Telcos’ IT investments intact, auto companies may slow pace: IBM exec, ET Tech report.
  • [Sep 29] Telecom players to lead digital transformation in India, BW Businessworld report.

More on Huawei

  • [Sep 22] Huawei confirms another nasty surprise for Mate 30 buyers, Forbes report.
  • [Sep 23] We’re on the same page with government on security: Huawei, The Economic Times report.
  • [Sep 24] The debate around 5G’s safety is getting in the way of science, Quartz report (paywall).
  • [Sep 24] Govt will take call on Huawei with national interest in mind: Telecom Secy, Business Standard report.
  • [Sep 24] Huawei enables 5G smart travel system at Beijing airport, Tech Radar report.
  • [Sep 25] Huawei 5G backdoor entry unproven, The Economic Times report.
  • [Sep 25] US prepares $1 bn fund to replace Huawei ban kit, Tech Radar report.
  • [Sep 26] Google releases large dataset of deepfakes for researchers, Medianama report.
  • [Sep 26] Huawei willing to license 5G technology to a US firm, The Hindu Business Line report; Business Standard report.
  • [Sep 26] Southeast Asia’s top phone carrier still open to Huawei 5G, Bloomberg report.
  • [Sep 29] Russia rolls out the red carpet for Huawei over 5G, The Economic Times report.

Emerging Tech and AI

  • [Sep 20] Google researchers have reportedly achieved “Quantum Supremacy”, Financial Times report; MIT Technology Review report
  • [Sep 23] Artificial Intelligence revolution in healthcare in India: All we need to know, The Hindustan Times report.
  • [Sep 23] A new joystick for the brain-controlled vehicles of the future, Defense One report.
  • [Sep 24] Computing and AI: Humanistic Perspectives from MIT, MIT News report.
  • [Sep 24] Emerging technologies such as AI, 5G posing threats to privacy, says report, China Daily report.
  • [Sep 25] Alibaba unveils chip developed for artificial intelligence era, Financial Times report.
  • [Sep 26] Pentagon wants AI to interpret ‘strategic activity around the globe, Defense One report.
  • [Sep 27] Only 10 jobs created for every 100 jobs taken away by AI, ET Tech report.
  • [Sep 27] Experts say these emerging technologies should concern us, Business Insider report.
  • [Sep 27] What is on the horizon for export controls on ‘emerging technologies’? Industry comments may hold a clue, Modaq.com report.
  • [Sep 27] India can become world leader in artificial intelligence: Vishal Sikka, Money Control report.
  • [Sep 27] Elon Musk issues a terrifying prediction of ‘AI robot swarms’ and huge threat to mankind, The Daily Express (UK) report
  • [Sep 27] Russia’s national AI Centre is taking shape, Defense One report.
  • [Sep 29] Explained: What is ‘quantum supremacy’, The Hindu report.
  • [Sep 29] Why are scientists so excited about a new quantum computing milestone?, Scroll.in report.
  • [Sep 29] Artificial Intelligence has a gender bias problem – just ask Siri, The Wire report.
  • [Sep 29] How AI is changing the landscape of digital marketing, Inc42 report.

Opinions and Analyses

  • [Sep 21] Wim Zijnenburg, Defense One, Time to Harden International Norms on Armed Drones.
  • [Sep 23] David Sanger and Julian Barnes, The New York Times, The urgent search for a cyber silver bullet against Iran.
  • [Sep 23] Neven Ahmad, PRIO Blog, The EU’s response to the drone age: A united sky.
  • [Sep 23] Bisajit Dhar and KS Chalapati Rao, The Wire, Why an India-US Free Trade Agreement would require New Delhi to reorient key policies.
  • [Sep 23] Filip Cotfas, Money Control, Five reasons why data loss prevention has to be taken seriously.
  • [Sep 23] NF Mendoza, Tech Republic, 10 policy principles needed for artificial intelligence.
  • [Sep 24] Ali Ahmed, News Click, Are Indian armed forces turning partisan? : The changing civil-military relationship needs monitoring.
  • [Sep 24] Editorial, Deccan Herald, A polity drunk on Aadhaar.
  • [Sep 24] Mike Loukides, Quartz, The biggest problem with social media has nothing to do with free speech.
  • [Sep 24] Ananth Padmanabhan, Medianama, Civilian Drones: Privacy challenges and potential resolution. 
  • [Sep 24] Celine Herwijer and Dominic Kailash Nath Waughray, World Economic Forum, How technology can fast-track the global goals.
  • [Sep 24] S. Jaishankar, Financial Times, Changing the status of Jammu and Kashmir will benefit all of India.
  • [Sep 24] Editorial, Livemint, Aadhaar Mark 2.
  • [Sep 24] Vishal Chawla, Analytics India Magazine, AI in Defence: How Indi compares to US, China, Russia and South Korea.
  • [Sep 25] Craig Borysowich, IT Toolbox, Origin of Markets for Artificial Intelligence.
  • [Sep 25] Sudeep Chakravarti, Livemint, After Assam, NRC troubles may visit ‘sister’ Tripura.
  • [Sep 25] DH Kass, MSSP Blog, Cyber Warfare: New Rules of Engagement?
  • [Sep 25] Chris Roberts, Observer, How artificial intelligence could make nuclear war more likely.
  • [Sep 25] Ken Tola, Forbes, What is cybersecurity?
  • [Sep 25] William Dixon and  Jamil Farshchi, World Economic Forum, AI is transforming cybercrime. Here’s how we can fight back.
  • [Sep 25] Patrick Tucker, Defense One, Big Tech bulks up its anti-extremism group. But will it do more than talk?
  • [Sep 26] Udbhav Tiwari, Huffpost India, Despite last year’s Aadhaar judgement, Indians have less privacy than ever.
  • [Sep 26] Sylvia Mishra, Medianama, India and the United States: The time has come to collaborate on commercial drones.
  • [Sep 26] Subimal Bhattacharjee, The Hindu Business Line, Data flows and our national security interests.
  • [Sep 26] Ram Sagar, Analytics India Magazine, Top countries that are betting big on AI-based surveillance.
  • [Sep 26] Patrick Tucker, Defense One, AI will tell future medics who lives and who dies on the battlefield.
  • [Sep 26] Karen Hao, MIT Technology Review, This is how AI bias really happens – and why it’s so hard to fix.
  • [Sep 27] AG Noorani, Frontline, Kashmir dispute: Domestic or world issue?
  • [Sep 27] Sishanta Talukdar, Frontline, Final NRC list: List of exclusion.
  • [Sep 27] Freddie Stuart, Open Democracy, How facial recognition technology is bringing surveillance capitalism to our streets.
  • [Sep 27] Paul de Havilland, Crypto Briefing, Did Bitcoin crash or dip? Crypto’s trajectory moving forward.
  • [Sep 28] John Naughton, The Guardian, Will advances in quantum computing affect internet security?
  • [Sep 28] Suhrith Parthasarathy, The Hindu, The top court and a grave of freedom.
  • [Sep 28] Kazim Rizvi, YourStory, Data Protection Authority: the cornerstone to implement data privacy.
  • [Sep 28] Shekhar Gupta, The Print, Modi has convinced the world that Kashmir is India’s internal affair – but they’re still watching.
  • [Sep 29] Indrani Bagchi, The Economic Times, Why india needs to tread carefully on Kashmir.
  • [Sep 29] Medha Dutta Yadav, The New Indian Express, Data: Brave new frontier.
  • [Sep 29] Jon Markman, Forbes, New cybersecurity companies have their heads in the cloud.
  • [Sep 29] Editorial, The New York Times, On cybersecurity: Two scoops of perspective.
  • [Sep 30] Kuldip Singh, The Quint, New IAF Chief’s appointment: Why RKS Bhadauria must tread lightly.
  • [Sep 30] Karishma Koshal, The Caravan, With the data-protection bill in limbo, these policies contravene the right to privacy.

[September 16-23] CCG’s Week in Review: Curated News in Information Law and Policy

Cybersecurity experts warned of a new ‘SIM jacking’ threat, the Kerala High Court recognizes a right to access internet as the internet shutdown in Kashmir entered its 50th day; more updates on the linkage of Aadhaar with voter IDs and social media as the Indian Army braces itself to adopt AI – presenting this week’s most important developments in law, tech and national security.

Aadhaar

  • [Sep 16] Here are the amendments the Election Commission wants to the Representation of the People Act for Aadhaar-Voter ID linkage, Medianama report.
  • [Sep 18] Why Maj. Gen. Vombatkere has challenged Aadhaar Amendment Act in the Supreme Court; On WhatsApp and traceability, Medianama report.
  • [Sep 19] Drop in Aadhaar enrolments in J&K, The Economic Times report.
  • [Sep 20] In-principle decision to link Aadhaar with GST registration, The Economic Times report.
  • [Sep 23] Aadhaar card is now mandatory for nominees of your EPF account, Livemint report.

Digital India

  • [Sep 18] Indo-US ICT working group to meet on Sept 30, Oct 1, Medianama report.
  • [Sep 17] NITI Aayog frames guidelines for automated inspection of vehicles, ET Auto report.
  • [Sep 17] What TikTok told MEITY about its intermediary status, data collection, and policies for children, Medianama report.
  • [Sep 18] Soon, lands will have Aadhaar-like unique numbers, The Economic Times report; Business Today report.
  • [Sep 18] Drones to be used to digitally map India: report, Medianama report.
  • [Sep 18] PMO panel to release policy to boost handset manufacturing in India: report, Medianama report.
  • [Sep 19] Karnataka to set up exclusive body to boost innovation, The Hindu report.
  • [Sep 20] ‘Right To Access Internet Is Part Of Right To Privacy And Right To Education’: Kerala HC, Live Law report; Hindu report; NDTV report.

Data Protection and Privacy

  • [Sep 15] Privacy debate between govt, Facebook continues; no winner yet, Money Control report.
  • [Sep 16] Singapore, Philippines sign MoU on personal data protection, The Manila Times report.
  • [Sep 16] Industry wants careful drafting of regulations on non-personal data, The Economic Times report.
  • [Sep 16] Here are the top three reasons why data protection is required in every business, Firstpost report.
  • [Sep 20] Sensitive, super-sensitive data must be stored locally in india: RS PRasad, Business Standard report.
  • [Sep 20] Yet another data leak in Indian government database, exoposes multiple citizen IDs, Inc42 report.
  • [Sep 22] Infosys co-founder Kris Gopalakrishnan to lead panel on protection of non-personal data, Financial Express report.

E-Commerce

  • [Sep 16] Odisha government makes e-marketplace mandatory for procurements, The New Indian Express report.
  • [Sep 16] US antitrust officials investigate Amazon’s marketplace practices, Medianama report.
  • [Sep 17] Ministry of COnsumer Affairs extends deadline for comments on draft E-Commerce Guidelines 2019 to October 31, Medianama report.

FinTech and Digital Payments

  • [Sep 16] WhatsApp to roll out its payment services by end of this year: report, Medianama report; The Economic Times report.
  • [Sep 18] RBI proposes norms to regulate payment gateways and payment aggregators, Entrackr report.
  • [Sep 19] Regulatory shock for fintech firms: RBI blocks unregulated access to consumer credit history, Entrackr report.
  • [Sep 19] DSCI, MeitY and Google India join hands for ‘Digital Payment Abhiyan’, The Economic Times report.

Cryptocurrencies

  • [Sep 16] The toss of a Bitcoin: How crypto ban will hurt 5 mn Indians, 20k Blockchain developers, The Economic Times report.
  • [Sep 16] US Sanctions three alleged crypto hacking groups from North Korea, Coin Desk report.
  • [Sep 16] Crypto firms assess how to comply with anti-money laundering standards, The Wall Street Journal report.
  • [Sep 19] Bitcoin and crypto wallets are now being targeted by malware, Forbes report.
  • [Sep 21] Weekends are for Altcoins when it comes to crypto market gains, ET Markets report.
  • [Sep 21] Chinese officials surprisingly chill on crypto, Decrypt report.

Cybersecurity

  • [Sep 13] Ransomware has a new target, Defense One report.
  • [Sep 16] Deep learning and machine learning to transform cybersecurity, Tech Wire Asia report.
  • [Sep 16] America needs a whole-of-society approach to cybersecurity. ‘Grand Challenges’ can help, Defense One report.
  • [Sep 17] Financial asset firm PCI ordered to pay $1.5 million for poor cybersecurity practices, ZD Net report.
  • [Sep 20] Current Act outdated, need to include cyber security in IT legal framework: DCA chief, The Indian Express report.
  • [Sep 20] 10% of IT budget should be used for cybersecurity: Rear Admiral Mohit Gupta, ET Times report.
  • [Sep 20] Once hacked, twice shy: How auto supplier Harman learned to fight cyber car jackers, ET Auto report.
  • [Sep 21] Cybersecurity a big opportunity for telcos, says IBM executive, The Economic Times report.
  • [Sep 23] Cybersecurity experts raise alarm over new SIM jacking threat, The New Indian Express report.
  • [Sep 23] Cybersecurity: Tackling the menace of phishing, Financial Express report.

Tech and Law Enforcement; Surveillance

  • [Sep 15] Facebook moots ‘prospective’ solution to WhatsApp issue; India stands firm on traceability, Business Today report; Livemint report.
  • [Sep 18] Chinese firms are driving the rise of AI surveillance across Africa, Quartz report.
  • [Sep 18] Documents reveal how Russia taps phone companies for surveillance, Tech Crunch report.
  • [Sep 20] WhatsApp traceability case petitioner asks court to remove Aadhaar from the plea, consider only ‘authorised govt proofs’, Medianama report; Inc42 report; Bar & Bench report.
  • [Sep 20] Chennai-based KPost says traceability is possible, wants to be impleaded in WhatsApp case, Medianama report.

Tech and National Security

  • [Sep 13] Pentagon’s former top hacker wants to inject some Silicon Valley into the defense industry, Defense One report.
  • [Sep 16] Here’s how startups are helping the Defence Ministry up its game, Money Control report.
  • [Sep 16] After 6 years in exile, Edward Snowden explains himself, Wired report.
  • [Sep 17] US tells Saudi Arabia oil attacks were launched from Iran, The Wall Street Journal report.
  • [Sep 17] Why Rafale jets may be inducted into IAF by next summer only, Livemint report.
  • [Sep 17] US Air Force to shift billions of dollars to network its weapons, Defense One report.
  • [Sep 18] India to achieve US$26 billion defence industry by 2025: Defence Minister, Business Standard report.
  • [Sep 18] Mitigating security risks from emerging technologies, Army Technology analysis.
  • [Sep 18] Revised draft defence procurement norms to be ready by November end, The Hindu report.
  • [Sep 20] The NSA is running a satellite hacking experiment, Defense One report.
  • [Sep 20] Army to host seminar on artificial intelligence next week; seeks to enhance lethality, The Economic Times report; India Today report; The New Indian Express report.
  • [Sep 20] Defence Procurement: Not a level playing field for private sector, PSUs still rule, Bharat Shakti report.
  • [Sep 20] Indian Air Force ‘accepts’ Rafale, formal hand over on Dussehra, Livemint report.
  • [Sep 22] Amid US-India blooming ties, Washington prepares to take down Indian air defence systems, EurAsian Times report.
  • [Sep 23] Government likely to order 36 more Rafale fighter jets, The Economic Times report.

Tech and Elections

  • [Sep 20] Social media companies raise concerns over Election Commission’s voluntary code of ethics, Medianama report.

Internal Security: J&K

  • [Sep 16] Supreme Court says normalcy to return to Kashmir but with national security in mind, India Today report.
  • [Sep 16] Farooq Abdullah booked under Public Safety Act, committee to decide duration of arrest: report, Financial Express report.
  • [Sep 17] Amnesty’s report on the (mis)use of Public Safety Act in J&K counters the govt’s narrative, Youth ki Awaaz report.
  • [Sep 18] China says Kashmir issue may not be a ‘major topic’ during Modi-Xi meet, Livemint report.
  • [Sep 19] In Pakistan-held Kashmir, growing calls for independence, The New York Times report.
  • [Sep 20] Kashmir residents say they are being charged by telcos despite no service, The Hindu report.
  • [Sep 20] UN Chief could discuss Kashmir issues at UNGA: UN spokesman, The Economic Times report.
  • [Sep 20] How military drones are becoming deadly weapons across the globe, The Economic Times report.
  • [Sep 22] Modi’s Digital India comes crashing down in Kashmir’s longest ever internet gag, The Wire report; The Hindu report.
  • [Sep 23] No clampdown in Kashmir, only communication line of terrorists stopped: Army Chief Bipin Rawat, India Today report.

Internal Security: NRC

  • [Sep 16] Those declared foreigners cannot file NRC appeal, say Assam govt, Hindustan Times report.
  • [Sep 18] NRC in Haryana, The Tribune report.
  • [Sep 18] NRC is an internal exercise, sovereign right of a country: EAM Jaishankar, Outlook report.
  • [Sep 18] Government will implement NRC across the country: Amit Shah, The Economic Times report.; Times of India report.
  • [Sep 21] NRC Officials issue public advisory against collection of identification documents, Guwahati Plus report.
  • [Sep 22] NRC-exluded Gurkhas not to approach foreigners’ Tribunals, seek empowered panel, The Hindu report; Times of India report.
  • [Sep 14] Final Assam NRC list, with 1.9 million exclusions, published online, Hindustan Times report.

National Security Law

  • [Sep 17] Pulwama to Aug 5: Delhi HC indicted govt for PSA arrests – in 80 pc cases, Financial Express report.
  • [Sep 16] What is the Public Safety Act under which Farooq Abdullah has been detained? News Nation report.
  • [Sep 16] 52 years on, still no sign of national defence university, The Times of India report.
  • [Sep 16] NSA Doval gets national security, foreign policy as PMO defines roles of top officials, The Asian Age report.

Big Tech

  • [Sep 15] Facebook VP Nick Clegg says India’s policies will decide the fate of the internet, Financial Express report.
  • [Sep 17] Facebook Establishes Structure and Governance for an Independent Oversight Board, Facebook Newsroom announcement; Medianama report.
  • [Sep 19] Facebook expands definition of terrorist organization to limit extremism, The New York Times report.
  • [Sep 22] Facebook is experimenting ith AI that lets you digitally get dressed, The Source report.
  • [Sep 23] Google braces for landmark global privacy ruling, Bloomberg report.

Telecom/5G

  • [Sep 16] 5G spectrum auction this year or in early 2020: Telecom Minister RS Prasad, Medianama report.
  • [Sep 20] TRAI opens consultation process for mergers and transfers in telecom sector, Medianama report.
  • [Sep 23] Indian masses have to wait 5-6 years to get true 5G experience, ET Telecom report.

More on Huawei

  • [Sep 17] Facing US ban, Huawei emerging as stronger tech competitor, The Hindu Business Line report, The Diplomat report.
  • [Sep 18] Huawei’s big test will be trying to sell a device with no Google apps outside China, Quartz report.
  • [Sep 18] Huawei users at risk as US blacklist cuts access to shared data on new cyber threats, Forbes report.
  • [Sep 20] Huawei makes sizeable 5G progress, bags 60 contracts: Ken Hu, The Economic Times report.
  • [Sep 21] Huawei unveils 5G training center in UK, ET Telecom report.

AI and Emerging Tech

  • [Sep 14] Artificial intelligence only goes so far in today’s economy, says MIT study, Forbes report.
  • [Sep 16] The US Govt will spend $1 bn on AI next year – not counting the Pentagon, Defense One report.
  • [Sep 18] Facial recognition systems to debut at Pune airport by 2020: report, Medianama report.
  • [Sep 18] AI stats news: AI is actively watching you in 75 countries, Forbes report.
  • [Sep 18] The Intel community ants to identify people from hundreds of yards away, Defense One report.
  • [Sep 19] Google setting up AI lab ‘Google Research India’ in Bengaluru, Entrackr report.
  • [Sep 20] India is planning a huge China-style facial recognition program, The Economic Times report.

Opinions and Analyses

  • [Sep 15] Nitin Pai, Livemint, The geopolitical profile of India tracks the economy’s trajectory.
  • [Sep 16] Paul Ravindranath, Tech Circle, Inclusion in technology is a compelling economic and business case.
  • [Sep 16] Markandey Katju, The Hindu, The litmus test for free speech.
  • [Sep 16] Vishal Chawla, Analytics India Magazine, What India can take away from Google’s settlement on employees’ freedom of expression.
  • [Sep 16] Editorial, Times of India, All talk: Fate of national defence university shows apathy towards defence modernisation.
  • [Sep 16] Jeff Hussey, Forbes, The gap between strong cybersecurity and demands for connectivity is getting massive.
  • [Sep 16] Kai Sedgwick, Bitcoin.com, How crypto became a gamblers paradise.
  • [Sep 17] Ajai Shukla, Business Standard, In picking strategic partners, the defence ministry isn’t spoilt for choice.
  • [Sep 17] Anthony Pfaff, Defense One, The Saudi-Oil attacks aren’t game changing. The Show how the Game has changed.
  • [Sep 17] Kayla Matthews, Security Boulevard, Who’s financially responsible for cybersecurity breaches?
  • [Sep 17] Anirudh Gotety, ET Markets, Check crypto trade, ban won’t help.
  • [Sep 17] PS Ahluwalia, Livemint, Rafale will add heft to IAF’s deterrence capabilities.
  • [Sep 17] Lorand Laksai, Privacy International, How China is supplying surveillance technology and training around the world.
  • [Sep 18] Tabish Khair, The Hindu, In Kashmir, shaking the apple tree.
  • [Sep 18] Catrin Nye, BBC News, Live facial recognition surveillance ‘must stop’ .
  • [Sep 18] Privacy International, the EU funds surveillance around the world: here’s what must be done about it.
  • [Sep 18] Joshua P Meltzer and Cameron F. Kerry, Brookings Institution, Cybersecurity and digital trade: Getting it right.
  • [Sep 19] Lt Gen HS Panag, The Print, Amit Shah’s political aim to recover PoK is not backed by India’s military capacity.
  • [Sep 20] Rifat Fareed, Al Jazeera, Farooq Abdullah’s arrest leaves India with few allies in Kashmir.
  • [Sep 22] Air Marshal (retd) M Matheswaran, Deccan Herald, Time for structural reforms, modernisation.

CCG’s Week in Review: Curated News in Information Law and Policy [August 26-September 2]

MeitY sought views on ‘non-personal data’; India and France announce joint research consortium on AI and digital partnership after NSA-level talks; Section 144 CrPC imposed in areas of Assam anticipating unrest after the publication of the NRC list as the MHA holds a high-level security meet on Kashmir; and the tussle between MeitY and the Niti Aayog for control over the Rs. 7000 cr AI project continues – presenting this week’s most important developments at the intersection of law and tech.

Aadhaar

  • [Aug 27] Aadhaar integration can weed out fake voters: UIDAI’s Ajay Bhushan Pandey, Business Standard report.
  • [Aug 27] Government to intensify Aadhaar enrolment in J&K after Oct 31: Report, Medianama report; Times Now report; The Quint report
  • [Aug 27] Interview: Why I filed a case to link Aadhaar and Social Media Accounts, The Quint report.
  • [Aug 27] Aadhaar database cannot be hacked even after a billion attempts: Ravi shankar Prasad, Money Control report.
  • [Aug 27] Most dangerous situation: Justice Srikrishna on EC-Aadhaar linking, The Quint report.
  • [Aug 28] Aadhaar ads to women’s problems in India. Here’s why. The Wire report.
  • [Aug 28] What Centre will tell Supreme Court on Aadhaar and social media account linkage, The Hindustan Time report.
  • [Aug 28] All residents of an MP village have the same date of birth on their Aadhaar, Business Standard report.
  • [Aug 29] Blood banks advised to ask for donors’ Aadhaar cards, Times of India report.
  • [Aug 29] Aadhaar continues to evolve and grow as India issues biometric seafarers’ ID, Biometric Update report.
  • [Aug 31] Aadhaar mandatory for farmers to avail crop loan in Odisha, Odisha Sun Times report.
  • [Sep 1] NRIs to get Aadhaar sans 180-day wait in 3 months, The Hindu report.
  • [Sep 1] Aadhaar-liquor link to check bottle littering? Deccan Herald report.
  • [Sep 1] Linking Aadhaar with social media can lead to insidious profiling of people, says Apar Gupta, Times of India report.

Digital India

  • [Aug 27] NASSCOM-DSCI on National Health Stack: separate regulatory body for health, siloed registries, usage of single ID, Medianama report.
  • [Aug 27] Govt looks to develop electronics component manufacturing base in India: MeitY Secretary, YourStory report; Money Control report.
  • [Aug 30] India is encouraging foreign firms to shift biz from China: report, Medianama report; Reuters report.
  • [Aug 30] Wipro, Google to speed up digital shift of enterprises, ET Telecom report.
  • [Aug 30] Government committed to reach public via technology, Times of India report.
  • [Aug 31] MeitY and Google tie up to Build for Digital India, Livemint report; India TV report; ANI report; The Statesman report; Inc42 report.
  • [Sep 1] Govt is setting up high-tech R&D facilities for India Inc to encourage big-bang projects, ET Tech report.
  • [Sep 1] Digitalisation is now forcing NASSCOM to reinvent itself, ET Tech report.

Free Speech

  • [Aug 26] IAS Officer who quit over ‘losing freedom of expression’ was facing disciplinary action for misconduct, Swarajya Magazine report.
  • [Aug 27] Withdraw media curbs in Kashmir, The Hindu report.
  • [Aug 27] EU data caught in Facebook audio transcribing, Politico report.
  • [Aug 30] BJP issues gag order on Pragya Thakur after ‘black magic’ remark post Arun Jaitley’s death. News 18 report.
  • [Aug 31] Chargesheet filed against ex-Union Minister Salman Khurshid over remark in UP CM Yogi Adityanath, India Today report.
  • [Aug 31] Rafale deal: Rahul Gandhi summoned by Mumbai court for calling Narendra Modi ‘commander-in-thief’, Scroll.in report.
  • [Aug 31] Media freedom being curbed, says Mamata, The Hindu report.
  • [Sep 1] Madurai man booked for Facebook post against Centre, Army, Times of India report.

Internet Shutdowns

  • [Aug 26] Internet suspended in Indonesia’s Papua region for ‘ security and order’ amid protests, Medianama report.
  • [Aug 29] Months after pledge to open internet, Ethiopia disrupts connectivity amidst communal violence, Global Voices report.

Data Protection and Privacy

  • [Aug 27] Government’s approach to data is dangerous, says Justice Srikrishna, Medianama report.
  • [Aug 27] Microsoft’s lead EU data watchdog is looking into fresh Windows 10 privacy concerns, Tech Crunch report.
  • [Aug 30] This Week in Tech: Facebook’s privacy pivot (business model not included), The New York Times report.
  • [Aug 31] MeitY seeks views on non-personal data, ET Tech report.
  • [Aug 31] Google to pay out $150-200m over YouTube privacy claims: reports, The Hindu report.
  • [Sep 2] Let data protection Bill deal with personal health data, says IAMAI, Business Standard report.

Intermediary Liability

  • [Aug 27] Government notices and issue in TikTok’s ShareChat notices: To ask TikTok how its intermediary status is consistent with claims on owning content, ET Telecom report; Inc42 report.

E-Commerce

  • [Aug 27] Thailand to tax e-commerce companies from next year, Medianama report.
  • [Aug 27] NRAI sends notices to Swiggy, Zomato, others on deep discounting, lack of transparency, Tech Circle report.
  • [Aug 29] MeitY may not include E-commerce data in privacy bill, The Economic Times report; Medianama report; Inc42 report.
  • [Aug 29] 30% local sourcing FDI rule on single brand retailers relaxed, physical stores before online sales not necessary, Medianama report.
  • [Aug 29] Amazon moves Supreme Court against direct selling companies: Report, Medianama report; The Economic Times report.
  • [Aug 30] India big enough for both e-commerce and small retailers: Rajiv umar, ET Tech report.
  • [Aug 30] Zomato, Swiggy and NRAI discuss issues, to meet again in September, Medianama report.
  • [Aug 30] DPIIT asks e-commerce firms to upload FDI compliance certifications, Medianama report.
  • [Aug 31] Why restaurants and aggregators are locking horns over discounts, ET Tech report.
  • [Aug 31] CAIT slams Amazon in public discussion over deep discounting, Entrackr report.
  • [Aug 31] E-marketplaces giving preferential treatment to come: Sellers, ET Tech report.
  • [Sep 2] Swiggy likely to cap restaurant commissions at 25%, ET Tech report.

Digital Payments and FinTech

  • [Aug 30] Another extension for e-wallets: RBI gives 6 months to complete KYC, Entrackr report.
  • [Sep 2] Banks may take 3 years for tech merger, ET Tech report.

Cryptocurrencies

  • [Aug 25] IRS sends new round of letter to Bitcoin and Crypto holders, Coin Telegraph report.
  • [Aug 26] 25]year old Bitcoin seller faces life sentence for unlicensed exchange, Coin Desk report.
  • [Aug 26] Telegram’s 300 million users could soon be trading Bitcoin and Crypto- Despite serious security warning, Forbes report.
  • [Aug 28] Crypto-jacking virus infects 850,000 serves, hackers run off with millions, Coin Desk report.
  • [Aug 30] UN Official: Crypto makes policing child trafficking ‘exceptionally difficult’, Coin Desk report.
  • [Aug 30] How do we get crypto currency to circulate as money? This experiment might hold the answer, The Print report.
  • [Aug 30] Privacy in Crypto: The Impact of Rising Terrorism Concerns, Forbes report.
  • [Aug 28] Telegram to release its cryptocurrency by October 31, Medianama report; ET Markets report.

Tech and Law Enforcement

  • [Aug 26] End-to-end encryption not essential to WhatsApp as a platform: Tamil Nadu Advocate General, Medianama report.
  • [Aug 27] WhatsApp traceability vulnerable to falsification, claims IFF expert submission, Firstpost report; Medianama report.
  • [Aug 31] A new kind of cybercrimes uses AI and your voice against you, Quartz report.

Tech and National Security

  • [Aug 26] Russia to supply critical components of Gaganyaan, Free Press Journal report.
  • [Aug 26] CAG report on offset deal in Rafale contract to be tabled in Winter Session: Report, News Nation report.
  • [Aug 27] Gaganyaan Mission: Russia to train four Indian astronauts from November, DNA India report.
  • [Aug 27] Centre inks Rs 380 cr deal with private firm for nine precision approach radars, DNA India report.
  • [Aug 27] Navy needs “assured” budget support to build capacity: CHief, The Economic Times report; The Indian Express report; Outlook India report.
  • [Aug 27] ITI Nagpur students to learn to assemble Rafale jets, The Economic Times report.
  • [Aug 27] Incentivise pvt sector for defence production: Brookings, Outlook India report.
  • [Aug 28] Amazon and Microsoft unchallenged in $10bn ‘Jedi’ contract review, Financial Times report.
  • [Aug 28] India’s HAL deepens private sector engagement through Make-II initiative, Jane’s 360 report.
  • [Aug 29] NSA-level meet today, France keen to sell second batch of 36 Rafales, The Indian Express report; Financial Express report; ANI News report.
  • [Aug 30] Russia set to offer submarines during Modi-Putin summit, Defence Aviation Post report.
  • [Aug 30] India must be prepared to face any threat: Vice President Venkaiah Naidu, The New Indian Express report.
  • [Aug 31] US to use fake social media to check on people entering the country, India Today report.

Cybersecurity

  • [Aug 26] Ransomware threat raises National Guard’s role in state cybersecurity in the United States, Statescoop report.
  • [Aug 26] The Pentagon wants to bolster Defense Innovation Unit’s Cyber defenses, Nextgov report.
  • [Aug 27] The importance of training: Cybersecurity awareness as a firewall, Forbes report.
  • [Aug 28] Why cybersecurity is a central ingredient in evolving digital business models, Financial Express report.
  • [Aug 28] Cyber security and the finance sector: the need for stronger data protection capabilities, Security Boulevard report.
  • [Aug 28] India to unveil cybersecurity strategy policy early next year, Financial Express report; Inc42 report.
  • [Aug 28] Face it – Biometrics to be big in cybersecurity, Forbes report.
  • [Aug 28] MHA has taken various measures to counter cyber threat: MoS Kishan Reddy, United News of India report.
  • [Aug 30] Google says hackers have put ‘monitoring implants’ in iPhones for years, The Guardian report; DW report.
  • [Aug 30] Employee errors responsible for half of cybersecurity incidents: report, The Hindustan Times report.
  • [Aug 30] Despite changes by Microsoft, Windows 10 might still be remotely spying on you, Digital Trends report.
  • [Aug 30] Only 5-10% pharma firms have cybersecurity: Expert, Times of India report.

Internal Security: J&K

  • [Aug 27] Kashmir updates: UN Chief urges all parties to avoid escalation, India Today report.
  • [Aug 27] Kashmir: MHA to hold high level security meet; SC will hear Faesal and Shehla Rashid, The Week report.
  • [Aug 29] There is only fear and no ‘freedom’ in the Northeast and J&K, The Wire report.
  • [Aug 29] ‘Feel unsafe at home’: J&K residents accuse security forces of raiding houses, arresting ‘innocent’ Kashmiri youth under Public Safety Act, Firstpost report.
  • [Aug 30] Jammu and Kashmir: Rumours fly thick but slow in absence of communication, The Economic Times report.
  • [Aug 30] Army Chief to review security in J&K today, his first visit after Art 370 repeal, The Hindustan Times report.
  • [Aug 31] Mobile services restored partially in Kashmir’s Kupwara district, ET Telecom report.

Internal Security: North East and the NRC

  • [Aug 29] Security measures tightened in Assam, Sec 144 CrPC in Guwahati ahead of final NRC, India Today report.
  • [Aug 30] Assam police declare 14 districts as sensitive areas, Times of India report.
  • [Aug 30] How the National Citizenship Registration in Assam is shaping a new national identity in India, The Conversation report.
  • [Aug 30] NRC not to solve foreigner problem: Himanta Biswa Sarma, Deccan herald report.
  • [Aug 31] No Aadhaar from elsewhere for those excluded from NRC, ET Tech report.
  • [Aug 31] Assam on edge a day before publication of NRC, India Today report.
  • [Sep 1] Assam BJP, Opposition unhappy with updated NRC, India Today report.
  • [Sep 1] Assam NRC final list: Centre in no hurry for follow-up, The Hindu report.
  • [Sep 1] Happy to know how many are doubtful citizens, says AIUDF, The Telegraph report.
  • [Sep 1] Indian citizens register excludes 1.9m Assam residents, Financial Times report.

Telecom/5G

  • [Aug 26] India will not compromise on security of telecom networks: Dhotre, ET Telecom report.
  • [Aug 27] 5G spectrum sale may be deferred to early 2020, ET Telecom report.
  • [Aug 27] Govt invites bids to select agency for conducting spectrum auction, ET Telecom report.
  • [Aug 28] Reliance Jio records highest telecom revenue market share in Q1FY20, Medianama report.
  • [Aug 31] Govt focusing on improved telecom connectivity in NE, ET Telecom report.
  • [Aug 28] 3G network to shut by December, 5G adoption not expected, Phonepe, Paytm and more, Medianama report.

More on Huawei

  • [Aug 26] 5G trials: China aggression will work against Huawei, say India officials, India Express report.
  • [Aug 27] New Huawei OS Shock: ‘Confirmation’ of Russian Software for mobile devices, Forbes report; Reuters report.
  • [Aug 27] Huawei: UK to make 5G decision ‘by the autumn’, BBC News report.
  • [Aug 29] Huawei’s next flagship phone blocked from using Google apps, The Guardian report.
  • [Aug 30] Huawei under probe by US prosecutors over new allegations, ET Telecom report; Business Standard report.
  • [Sep 1] Huawei just launched 5G in Russia with Putin’s Support: ‘Hello Splinternet’, Forbes report.

Emerging Tech and AI

  • [Aug 27] Niti Aayog, MeitY spar over Rs. 7,000 crore AI mission, ET Telecom report; Inc42 report; Entrackr report.
  • [Aug 27] India, France announce joint research consortium on AI and a digital partnership, Medianama report.
  • [Aug 28] Elon Musk and Jack Ma debate AI at China Summit, Bloomberg report.
  • [Aug 28] Is this Aadhaar of the future? Facial biometric technology-based chip-enabled cards issues, The Economic Times report.
  • [Aug 28] National security imperative to become $5trillion economy: Amit Shah, Livemint report; The Asian Age report.
  • [Aug 29] Swedish school fined over use of facial recognition, Lexology report.

Big Tech

  • [Aug 26] India is important, that’s why bringing hardware devices here: Google, ET Telecom report.
  • [Aug 26] Facebook wins appeal against German Data-Collection ban, The Wall Street Journal report.
  • [Aug 26] Instagram’s latest assault on Snapchat is a messaging app called Threads, The Verge report.
  • [Aug 28] Google is moving Pixel production from China to an old Nokia factory in Vietnam, The Verge report.
  • [Aug 30] Google expands scope of its bug bounty programme, unveils data protection reward programme for developers, NDTV Gadgets 360 report.

Opinions and Analyses

  • [Aug 25] Jon Evans, Tech Crunch, Crypto means Cryptotheology.
  • [Aug 26] Guest Author, Medianama, Should Indian Copyright law prevent text and data mining?
  • [Aug 26] Vishal Chawla, Analytics India Magazine, Why IoT security standards are crucial in preventing hackers from stealing your data.
  • [Aug 26] The Hindu Editorial, ON the wrong side: On PCI backing Kashmir restrictions.
  • [Aug 26] Robert S Taylor, Lawfare, How to measure Cybersecurity.
  • [Aug 26] Mike Giglio, Defense One, China’s Spies Are on the Offensive. Can the US Fend Them Off?
  • [Aug 27] Gurshabad Grover, The Hindu, A judicial overreach into matters of regulation.
  • [Aug 27] Maj Gen Harsha Kakkar, Bharat Shakti, Foreign Policy and National Security.
  • [Aug 27] A Vinod Kumar, Institute for Defence Studies and Analyses, ‘No First Use’ is Not Sacrosanct: Need a Theatre-Specific Posture for Flexible Options.
  • [Aug 27] Jack Cable, Harvard Business Review, Every computer science degree should require a course in cybersecurity.
  • [Aug 27] Rahul Singh, The Hindustan Times, Key decisions underline govt’s focus on building stronger military.
  • [Aug 27] The Economic Times Opinion, Aadhaar linkage with social media is troublesome.
  • [Aug 28] Vikram Koppikar, Money Control, Aadhaar and Social Media: It’s a delicate balance between security and privacy. 
  • [Aug 28] Abhijit Singh. The Hindu, The CHief of Defence Staff needs an enabling institutional infrastructure.
  • [Aug 28] Samantha Ravish, Defense One, The US must prepare for a Cyber ‘Day After’.
  • [Aug 28] Mike Masnick, Tech Dirt, Protocols, not platformsL A technological approach to free speech.
  • [Aug 29] Dhruva Jaishankar, The Hindustan Times, The saga of India’s indigenous defence production.
  • [Aug 29] The Print, Does War & Peace taunt show how poorly equipped India judges are to handle security cases?
  • [Aug 30] Rohan Seth, The Asian Age, Wider debate needed on major changes in data protection law.
  • [Aug 30] Amit Cowshish, Institute for Defence Studies and Analyses, CDS: A pragmatic blueprint required for implementation.
  • [Aug 30] Crystal Lee and Jonathan Zong, Slate, Consent is not an ethical rubber stamp.
  • [Aug 30] Gopal Krishna, Business Today, Why the promised right to privacy and data protection law hasn’t been enacted yet. 
  • [Aug 31] Bidanda Chengappa, Deccan Herald, Peacetime spying is legitimate.
  • [Aug 31] Sandipan Deb, Livemint, When social media monopolies prey on freedom of expression.