In the past few years, the interplay between technology and democracy has reached a critical juncture. The untrammelled optimism for technology has now been shadowed by rising concerns over the survival of a meaningful democratic society. With the expanding reach of technology platforms, there have been increasing concerns in democratic societies around the world on the impact of such platforms on democracy and human rights. In this context, increasingly there has been focus on policy issues like the need for an antitrust framework for digital platforms, platform regulation and free speech, the challenges of fake news, impact of misinformation on elections, invasion of privacy of citizens due to the deployment of emerging tech, and cybersecurity. This has intensified the quest for optimal policy solutions. We, at the Centre for Communication Governance at National Law University Delhi (CCG), believe that a detailed academic exploration of the relationship between democracy, and big and emerging tech will aid our understanding of the current problems, help contextualise them and highlight potential policy and regulatory responses.
Thus, we bring to you this series of essays—written by experts in the domain—in an attempt to collate contemporary scholarly thought on some of the issues that arise in the context of the interaction of democracy, and big and emerging tech. The essay series is publicly available on the CCG website. We have also announced the release of the essay series on Twitter.
Our first essay addresses the basic but critical question: What is ‘Big Tech’? Urvashi Aneja & Angelina Chamuah present a conceptual understanding of the phrase. While ‘Big Tech’ refers to a set of companies, it is certainly not a fixed set; companies become part of this set by exhibiting four traits or “conceptual markers” and—as a corollary—would stop being identified in this category if they were to lose any of the four markers. The first marker is that the company runs a data-centric model and has massive access to consumer data which can be leveraged or exploited. The second marker is that ‘Big Tech’ companies have a vast user base and are “multi-sided platforms that demonstrate strong network effects”. The third and fourth markers are the infrastructural and civic roles of these companies respectively, i.e., they not only control critical societal infrastructure (which is often acquired through lobbying efforts and strategic mergers and acquisitions) but also operate “consumer-facing platforms” which enable them to generate consumer dependence and gain huge power over the flow of information among citizens. It is these four markers that collectively define ‘Big Tech’. [U. Aneja and A. Chamuah, What is Big Tech? Four Conceptual Markers]
Since the power held by Big Tech is not only immense but also self-reinforcing, it endangers market competition, often by hindering other players from entering the market. Should competition law respond to this threat? If yes, how? Alok P. Kumar & Manjushree R.M. explore the purpose behind competition law and find that competition law is concerned not only with consumer protection but also—as evident from a conjoint reading of Articles 14 & 39 of the Indian Constitution—with preventing the concentration of wealth and material resources in a few hands. Seen in this light, the law must strive to protect “the competitive process”. But the present legal framework is too obsolete to achieve that aim. Current understanding of concepts such as ‘relevant market’, ‘hypothetical monopolist’ and ‘abuse of dominance’ is hard to apply to Big Tech companies which operate more on data than on money. The solution, it is proposed, lies in having ex ante regulation of Big Tech rather than a system of only subsequent sanctions through a possible code of conduct created after extensive stakeholder consultations. [A.P. Kumar and Manjushree R.M., Data, Democracy and Dominance: Exploring a New Antitrust Framework for Digital Platforms]
Market dominance and data control give an even greater power to Big Tech companies, i.e., control over the flow of information among citizens. Given the vital link between democracy and flow of information, many have called for increased control over social media with a view to checking misinformation. Rahul Narayan explores what these demands might mean for free speech theory. Could it be (as some suggest) that these demands are “a sign that the erstwhile uncritical liberal devotion to free speech was just hypocrisy”? Traditional free speech theory, Narayan argues, is inadequate to deal with the misinformation problem for two reasons. First, it is premised on protecting individual liberty from the authoritarian actions by governments, “not to control a situation where baseless gossip and slander impact the very basis of society.” Second, the core assumption behind traditional theory—i.e., the possibility of an organic marketplace of ideas where falsehood can be exposed by true speech—breaks down in context of modern era misinformation campaigns. Therefore, some regulation is essential to ensure the prevalence of truth. [R. Narayan, Fake News, Free Speech and Democracy]
Jhalak M. Kakkar and Arpitha Desai examine the context of election misinformation and consider possible misinformation regulatory regimes. Appraising the ideas of self-regulation and state-imposed prohibitions, they suggest that the best way forward for democracy is to strike a balance between the two. This can be achieved if the State focuses on regulating algorithmic transparency rather than the content of the speech—social media companies must be asked to demonstrate that their algorithms do not facilitate amplification of propaganda, to move from behavioural advertising to contextual advertising, and to maintain transparency with respect to funding of political advertising on their platforms. [J.M. Kakkar and A. Desai, Voting out Election Misinformation in India: How should we regulate Big Tech?]
Much like fake news challenges the fundamentals of free speech theory, it also challenges the traditional concepts of international humanitarian law. While disinformation fuels aggression by state and non-state actors in myriad ways, it is often hard to establish liability. Shreya Bose formulates the problem as one of causation: “How could we measure the effect of psychological warfare or disinformation campaigns…?” E.g., the cause-effect relationship is critical in tackling the recruitment of youth by terrorist outfits and the ultimate execution of acts of terror. It is important also in determining liability of state actors that commit acts of aggression against other sovereign states, in exercise of what they perceive—based on received misinformation about an incoming attack—as self-defence. The author helps us make sense of this tricky terrain and argues that Big Tech could play an important role in countering propaganda warfare, just as it does in promoting it. [S. Bose, Disinformation Campaigns in the Age of Hybrid Warfare]
The last two pieces focus attention on real-life, concrete applications of technology by the state. Vrinda Bhandari highlights the use of facial recognition technology (‘FRT’) in law enforcement as another area where the state deploys Big Tech in the name of ‘efficiency’. Current deployment of FRT is constitutionally problematic. There is no legal framework governing the use of FRT in law enforcement. Profiling of citizens as ‘habitual protestors’ has no rational nexus to the aim of crime prevention; rather, it chills the exercise of free speech and assembly rights. Further, FRT deployment is wholly disproportionate, not only because of the well-documented inaccuracy and bias-related problems in the technology, but also because—more fundamentally—“[t]reating all citizens as potential criminals is disproportionate and arbitrary” and “creates a risk of stigmatisation”. The risk of mass real-time surveillance adds to the problem. In light of these concerns, the author suggests a complete moratorium on the use of FRT for the time being. [V. Bhandari, Facial Recognition: Why We Should Worry the Use of Big Tech for Law Enforcement]
In the last essay of the series, Malavika Prasad presents a case study of the Pune Smart Sanitation Project, a first-of-its-kind urban sanitation programme which pursues the Smart City Mission (‘SCM’). According to the author, the structure of city governance (through Municipalities) that existed even prior to the advent of the SCM violated the constitutional principle of self-governance. This flaw was only aggravated by the SCM which effectively handed over key aspects of city governance to state corporations. The Pune Project is but a manifestation of the undemocratic nature of this governance structure—it assumes without any justification that ‘efficiency’ and ‘optimisation’ are neutral objectives that ought to be pursued. Prasad finds that in the hunt for efficiency, the design of the Pune Project provides only for collection of data pertaining to users/consumers, hence excluding the marginalised who may not get access to the system in the first place owing to existing barriers. “Efficiency is hardly a neutral objective,” says Prasad, and the state’s emphasis on efficiency over inclusion and participation reflects a problematic political choice. [M. Prasad, The IoT-loaded Smart City and its Democratic Discontents]
We hope that readers will find the essays insightful. As ever, we welcome feedback.
This series is supported by theFriedrich Naumann Foundation for Freedom (FNF) and has been published by the National Law University Delhi Press. We are thankful for their support.
The Personal Data Protection Bill, 2019 (PDP Bill/ Bill) was introduced in the Lok Sabha on December 11, 2019 , and was immediately referred to a joint committee of the Parliament. The joint committee published a press communique on February 4, 2020 inviting comments on the Bill from the public.
The Bill is the successor to the Draft Personal Data Protection Bill 2018 (Draft Bill 2018), recommended by a government appointed expert committee chaired by Justice B.N. Srikrishna. In August 2018, shortly after the recommendations and publication of the draft Bill, the Ministry of Electronics and Information Technology (MeitY) invited comments on the Draft Bill 2018 from the public. (Our comments are available here.)[1]
In this post we undertake a preliminary examination of:
The scope and applicability of the PDP Bill
The application of general data protection principles
The rights afforded to data subjects
The exemptions provided to the application of the law
In future posts in the series we will examine the Bill and look at the:
The restrictions on cross border transfer of personal data
The structure and functions of the regulatory authority
The enforcement mechanism and the penalties under the PDP Bill
Scope and Applicability
The Bill identifies four different categories of data. These are personal data, sensitive personal data, critical personal data and non-personal data
Personal data is defined as “data about or relating to a natural person who is directly or indirectly identifiable, having regard to any characteristic, trait, attribute or any other feature of the identity of such natural person, whether online or offline, or any combination of such features with any other information, and shall include any inference drawn from such data for the purpose of profiling”. (emphasis added)
The addition of inferred data in the definition realm of personal data is an interesting reflection of the way the conversation around data protection has evolved in the past few months, and requires further analysis.
Sensitive personal data is defined as data that may reveal, be related to or constitute a number of different categories of personal data, including financial data, health data, official identifiers, sex life, sexual orientation, genetic data, transgender status, intersex status, caste or tribe, and religious and political affiliations / beliefs. In addition, under clause 15 of the Bill the Central Government can notify other categories of personal data as sensitive personal data in consultation with the Data Protection Authority and the relevant sectoral regulator.
Similar to the 2018 Bill, the current bill does not define critical personal data and clause 33 provides the Central Government the power to notify what is included under critical personal data. However, in its report accompanying the 2018 Bill, the Srikrishna committee had referred to some examples of critical personal data that relate to critical state interest like Aadhaar number, genetic data, biometric data, health data, etc.
The Bill retains the terminology introduced in the 2018 Draft Bill, referring to data controllers as ‘data fiduciaries’ and data subjects ‘data principals’. The new terminology was introduced with the purpose of reflecting the fiduciary nature of the relationship between the data controllers and subjects. However, whether the use of the specific terminology has more impact on the protection and enforcement of the rights of the data subjects still needs to be seen.
Application of PDP Bill 2019
The Bill is applicable to (i) the processing of any personal data, which has been collected, disclosed, shared or otherwise processed in India; (ii) the processing of personal data by the Indian government, any Indian company, citizen, or person/ body of persons incorporated or created under Indian law; and (iii) the processing of personal data in relation to any individuals in India, by any persons outside of India.
The scope of the 2019 Bill, is largely similar in this context to that of the 2018 Draft Bill. However, one key difference is seen in relation to anonymised data. While the 2018 Draft Bill completely exempted anonymised data from its scope, the 2019 Bill does not apply to anonymised data, except under clause 91 which gives the government powers to mandate the use and processing of non-personal data or anonymised personal data under policies to promote the digital economy. There are a few concerns that arise in context of this change in treatment of anonymised personal data. First, there are concerns on the concept of anonymisation of personal data itself. While the Bill provides that the Data Protection Authority (DPA) will specify appropriate standards of irreversibility for the process of anonymisation, it is not clear that a truly irreversible form of anonymisation is possible at all. In this case, we need more clarity on what safeguards will be applicable for the use of anonymised personal data.
Second, is the Bill’s focus on the promotion of the digital economy. We have previously discussed some of the concerns regarding focus on the promotion of digital economy in a rights based legislation inour comments to the Draft Bill 2018.
These issues continue to be of concern, and are perhaps heightened with the introduction of a specific provision on the subject in the 2019 Bill (especially without adequate clarity on what services or policy making efforts in this direction, are to be informed by the use of anonymised personal data). Many of these issues are also still under discussion by thecommittee of experts set up to deliberate on data governance framework (non-personal data). The mandate of this committee includes the study of various issues relating to non-personal data, and to make specific suggestions for consideration of the central government on regulation of non-personal data.
The formation of the non-personal data committee was in pursuance of a recommendation by the Justice Srikrishna Committee to frame a legal framework for the protection of community data, where the community is identifiable. The mandate of the expert committee will overlap with the application of clause 91(2) of the Bill.
Data Fiduciaries, Social Media Intermediaries and Consent Managers
Data Fiduciaries
As discussed above the Bill categorises data controllers as data fiduciaries and significant data fiduciaries. Any person that determines the purpose and means of processing of personal data, (including the State, companies, juristic entities or individuals) is considered a data fiduciary. Some data fiduciaries may be notified as ‘significant data fiduciaries’, on the basis of factors such as the volume and sensitivity of personal data processed, the risks of harm etc. Significant data fiduciaries are held to higher standards of data protection. Under clauses 27-30, significant data fiduciaries are required to carry out data protection impact assessments, maintain accurate records, audit policy and the conduct of its processing of personal data and appoint a data protection officer.
Social Media Intermediaries
The Bill introduces a distinct category of intermediaries called social media intermediaries. Under clause 26(4) a social media intermediary is ‘an intermediary who primarily or solely enables online interaction between two or more users and allows them to create, upload, share, disseminate, modify or access information using its services’. Intermediaries that primarily enable commercial or business-oriented transactions, provide access to the Internet, or provide storage services are not to be considered social media intermediaries.
Social media intermediaries may be notified to be significant data fiduciaries, if they have a minimum number of users, and their actions have or are likely to have a significant impact on electoral democracy, security of the State, public order or the sovereignty and integrity of India.
Under clause 28 social media intermediaries that have been notified as a significant data fiduciaries will be required to provide for voluntary verification of users to be accompanied with a demonstrable and visible mark of verification.
Consent Managers
The Bill also introduces the idea of a ‘consent manager’ i.e. a (third party) data fiduciary which provides for management of consent through an ‘accessible, transparent and interoperable platform’. The Bill does not contain any details on how consent management will be operationalised, and only states that these details will be specified by regulations under the Bill.
Data Protection Principles and Obligations of Data Fiduciaries
Consent and grounds for processing
The Bill recognises consent as well as a number of other grounds for the processing of personal data.
Clause 11 provides that personal data shall only be processed if consent is provided by the data principal at the commencement of processing. This provision, similar to the consent provision in the 2018 Draft Bill, draws from various principles including those under the Indian Contract Act, 1872 to inform the concept of valid consent under the PDP Bill. The clause requires that the consent should be free, informed, specific, clear and capable of being withdrawn.
Moreover, explicit consent is required for the processing of sensitive personal data. The current Bill appears to be silent on issues such as incremental consent which were highlighted in our comments in the context of the Draft Bill 2018.
The Bill provides for additional grounds for processing of personal data, consisting of very broad (and much criticised) provisions for the State to collect personal data without obtaining consent. In addition, personal data may be processed without consent if required in the context of employment of an individual, as well as a number of other ‘reasonable purposes’. Some of the reasonable purposes, which were listed in the Draft Bill 2018 as well, have also been a cause for concern given that they appear to serve mostly commercial purposes, without regard for the potential impact on the privacy of the data principal.
In a notable change from the Draft Bill 2018, the PDP Bill, appears to be silent on whether these other grounds for processing will be applicable in relation to sensitive personal data (with the exception of processing in the context of employment which is explicitly barred).
Other principles
The Bill also incorporates a number of traditional data protection principles in the chapter outlining the obligations of data fiduciaries. Personal data can only be processed for a specific, clear and lawful purpose. Processing must be undertaken in a fair and reasonable manner and must ensure the privacy of the data principal – a clear mandatory requirement, as opposed to a ‘duty’ owed by the data fiduciary to the data principal in the Draft Bill 2018 (this change appears to be in line with recommendations made in multiple comments to the Draft Bill 2018 by various academics, including our own).
Purpose and collection limitation principles are mandated, along with a detailed description of the kind of notice to be provided to the data principal, either at the time of collection, or as soon as possible if the data is obtained from a third party. The data fiduciary is also required to ensure that data quality is maintained.
A few changes in the application of data protection principles, as compared to the Draft Bill 2018, can be seen in the data retention and accountability provisions.
On data retention, clause 9 of the Bill provides that personal data shall not be retained beyond the period ‘necessary’ for the purpose of data processing, and must be deleted after such processing, ostensibly a higher standard as compared to ‘reasonably necessary’ in the Draft Bill 2018. Personal data may only be retained for a longer period if explicit consent of the data principal is obtained, or if retention is required to comply with law. In the face of the many difficulties in ensuring meaningful consent in today’s digital world, this may not be a win for the data principal.
Clause 10 on accountability continues to provide that the data fiduciary will be responsible for compliance in relation to any processing undertaken by the data fiduciary or on its behalf. However, the data fiduciary is no longer required to demonstrate such compliance.
Rights of Data Principals
Chapter V of the PDP Bill 2019 outlines the Rights of Data Principals, including the rights to access, confirmation, correction, erasure, data portability and the right to be forgotten.
Right to Access and Confirmation
The PDP Bill 2019 makes some amendments to the right to confirmation and access, included in clause 17 of the bill. The right has been expanded in scope by the inclusion of sub-clause (3). Clause 17(3) requires data fiduciaries to provide data principals information about the identities of any other data fiduciaries with whom their personal data has been shared, along with details about the kind of data that has been shared.
This allows the data principal to exert greater control over their personal data and its use. The rights to confirmation and access are important rights that inform and enable a data principal to exercise other rights under the data protection law. As recognized in the Srikrishna Committee Report, these are ‘gateway rights’, which must be given a broad scope.
Right to Erasure
The right to correction (Clause 18) has been expanded to include the right to erasure. This allows data principals to request erasure of personal data which is not necessary for processing. While data fiduciaries may be allowed to refuse correction or erasure, they would be required to produce a justification in writing for doing so, and if there is a continued dispute, indicate alongside the personal data that such data is disputed.
The addition of a right to erasure, is an expansion of rights from the 2018 Bill. While the right to be forgotten only restricts or discontinues disclosure of personal data, the right to erasure goes a step ahead and empowers the data principal to demand complete removal of data from the system of the data fiduciary.
Many of the concerns expressed in the context of the Draft Bill 2018, in terms of the procedural conditions for the exercise of the rights of data principals, as well as the right to data portability specifically, continue to persist in the PDP Bill 2019.
Exceptions and Exemptions
While the PDP Bill ostensibly enables individuals to exercise their right to privacy against the State and the private sector, there are several exemptions available, which raise several concerns.
The Bill grants broad exceptions to the State. In some cases, it is in the context of specific obligations such as the requirement for individuals’ consent. In other cases, State action is almost entirely exempted from obligations under the law. Some of these exemptions from data protection obligations are available to the private sector as well, on grounds like journalistic purposes, research purposes and in the interests of innovation.
The most concerning of these provisions, are the exemptions granted to intelligence and law enforcement agencies under the Bill. The Draft Bill 2018, also provided exemptions to intelligence and law enforcement agencies, so far as the privacy invasive actions of these agencies were permitted under law, and met procedural standards, as well as legal standards of necessity and proportionality. We have previously discussed some of the concerns with this approach here.
The exemptions provided to these agencies under the PDP Bill, seem to exacerbate these issues.
Under the Bill, the Central Government can exempt an agency of the government from the application of this Act by passing an order with reasons recorded in writing if it is of the opinion that the exemption is necessary or expedient in the interest of sovereignty and integrity, security of the state, friendly relations with foreign states, public order; or for preventing incitement to the commission of any cognizable offence relating to the aforementioned grounds. Not only have the grounds on which government agencies can be exempted been worded in an expansive manner, the procedure of granting these exemptions also is bereft of any safeguards.
The executive functioning in India suffers from problems of opacity and unfettered discretion at times, which requires a robust system of checks and balances to avoid abuse. The Indian Telegraph Act, 1885 (Telegraph Act) and the Information Technology Act, 2000 (IT Act) enable government surveillance of communications made over telephones and the internet. For drawing comparison here, we primarily refer to the Telegraph Act as it allows the government to intercept phone calls on similar grounds as mentioned in clause 35 of the Bill by an order in writing. However, the Telegraph Act limits the use of this power to two scenarios – occurrence of a public emergency or in the interest of public safety. The government cannot intercept communications made over telephones in the absence of these two preconditions. The Supreme Court in People’s Union for Civil Liberties v. Union of India, (1997) introduced guidelines to check abuse of surveillance powers under the Telegraph Act which were later incorporated in Rule 419A of the Indian Telegraph Rules, 1951. A prominent safeguard included in Rule 419A requires that surveillance and monitoring orders be issued only after considering ‘other reasonable means’ for acquiring the required information. The court had further limited the scope of interpretation of ‘public emergency’ and ‘public safety’ to mean “the prevalence of a sudden condition or state of affairs affecting the people at large and calling for immediate action”, and “the state or condition of freedom from danger or risk at large” respectively. In spite of the introduction of these safeguards, the procedure of intercepting telephone communications under the Telegraph Act is criticised for lack of transparency and improper implementation. For instance, a 2014 report revealed that around 7500 – 9000 phone interception orders were issued by the Central Government every month. The application of procedural safeguards, in each case would have been physically impossible given the sheer numbers. Thus, legislative and judicial oversight becomes a necessity in such cases.
The constitutionality of India’s surveillance apparatus inclduing section 69 of the IT Act which allows for surveillance on broader grounds on the basis of necessity and expediency and not ‘public emergency’ and ‘public safety’, has been challenged before the Supreme Court and is currently pending. Clause 35 of the Bill also mentions necessity and expediency as prerequisites for the government to exercise its power to grant exemption, which appear to be vague and open-ended as they are not defined. The test of necessity, implies resorting to the least intrusive method of encroachment up on privacy to achieve the legitimate state aim. This test is typically one among several factors applied in deciding on whether a particular intrusion on a right is tenable or not, under human rights law. In his concurring opinion in Puttaswamy (I) J. Kaul had included ‘necessity’ in the proportionality test. (However, this test is not otherwise well developed in Indian jurisprudence). Expediency, on the other hand, is not a specific legal basis used for determining the validity of an intrusion on human rights. It has also not been referred to in Puttaswamy (I) as a basis of assessing a privacy violation. The use of the term ‘expediency’ in the Bill is deeply worrying as it seems to bring down the threshold for allowing surveillance which is a regressive step in the context of cases like PUCL and Puttaswamy (I). A valid law along with the principles of proportionality and necessity are essential to put in place an effective system of checks and balances on the powers of the executive to provide exemptions. It seems unlikely that the clause will pass the test of proportionality (sanction of law, legitimate aim, proportionate to the need of interference, and procedural guarantees against abuse) as laid down by the Supreme Court in Puttaswamy (I).
The Srikrishna Committee report had recommended that surveillance should not only be conducted under law (and not executive order), but also be subject to oversight, and transparency requirements. The Committee had argued that the tests of lawfulness, necessity and proportionality provided for under clauses 42 and 43 (of the Draft Bill 2018) were sufficient to meet the standards set out under the Puttaswamy judgment. Since the PDP Bill completely does away with all these safeguards and leaves the decision to executive discretion, the law is unconstitutional. After the Bill was introduced in the Lok Sabha, J. Srikrishna had criticised it for granting expansive exemptions in the absence of judicial oversight. He warned that the consequences could be disastrous from the point of view of safeguarding the right to privacy and could turn the country into an “Orwellian State”. He has also opined on the need for a separate legislation to govern the terms under which the government can resort to surveillance.
Clause 36 of the Bill deals with exemption of some provisions for certain processing of personal data. It combines four different clauses on exemption which were listed in the Draft Bill 2018 (clauses 43, 44, 46 and 47). These include processing of personal data in the interests of prevention, detection, investigation and prosecution of contraventions of law; for the purpose of legal proceedings; personal or domestic purposes; and journalistic purposes. The Draft Bill 2018 had detailed provisions on the need for a law passed by Parliament or the State Legislature which is necessary and proportionate, for processing of personal data in the interests of prevention, detection, investigation and prosecution of contraventions of law. Clause 36 of the Bill does not enumerate the need for a law to process personal data under these exemptions. We hadargued that these exemptions granted by the Draft Bill 2018 (clauses 43, 44, 46 and 47) were wide, vague and needed clarifications, but the exemptions under clause 36 of the Bill are even more ambiguous as they merely enlist the exemptions without any specificities or procedural safeguards in place.
In the Draft Bill 2018, the Authority could not give exemption from the obligation of fair and reasonable processing, measures of security safeguards and data protection impact assessment for research, archiving or statistical purposes As per the current Bill, the Authority can provide exemption from any of the provisions of the Act for research, archiving or statistical purposes.
The last addition to this chapter of exemptions is that of creating a sandbox for encouraging innovation. This newly added clause 40 is aimed at encouraging innovation in artificial intelligence, machine-learning or any other emerging technology in public interest. The details of what the sandbox entails other than exemption from some of the obligations of Chapter II might need further clarity. Additionally, to be considered an eligible applicant, a data fiduciary has to necessarily obtain certification of its privacy by design policy from the DPA, as mentioned in clause 40(4) read with clause 22.
Though well appreciated for its intent, this provision requires clarification on grounds of selection and details of what the sandbox might entail.
[1] At the time of introduction of the PDP Bill 2019, the Minister for Law and Justice of India, Mr. Ravi Shankar Prasad suggested that over 2000 inputs were received on the Draft Bill 2018, based on which changes have been made in the PDP Bill 2019. However, these comments and inputs have not been published by MeitY, and only a handful of comments have been published, by the stakeholders submitting these comments themselves.
Huawei finds support from Indian telcos in the 5G rollout as PayPal withdrew from Facebook’s Libra cryptocurrency project; Foreign Portfolio Investors moved MeitY against in the Data Protection Bill; the CJEU rules against Facebook in case relating to takedown of content globally; and Karnataka joins list of states considering implementing NRC to remove illegal immigrants – presenting this week’s most important developments in law, tech and national security.
Digital India
[Sep 30] Why the imminent global economic slowdown is a growth opportunity for Indian IT services firms, Tech Circle report.
[Sep 30] Norms tightened for IT items procurement for schools, The Hindu report.
[Oct 1] Govt runs full throttle towards AI, but tech giants want to upskill bureaucrats first, Analytics India Magazine report.
[Oct 3] – presenting this week’s most important developments in law, tech and national security. MeitY launches smart-board for effective monitoring of the key programmes, The Economic Times report.
[Oct 3] “Use human not artificial intelligence…” to keep a tab on illegal constructions: Court to Mumbai civic body, NDTV report.
[Oct 3] India took 3 big productivity leaps: Nilekani, Livemint report.
[Oct 4] MeitY to push for more sops to lure electronic makers, The Economic Times report; Inc42 report.
[Oct 4] Core philosophy of Digital India embedded in Gandhian values: Ravi Shankar Prasad, Financial Express report.
[Oct 4] How can India leverage its data footprint? Experts weigh in at the India Economic Summit, Quartz report.
[Oct 4] Indians think jobs would be easy to find despite automation: WEF, Tech Circle report.
[Oct 4] Telangana govt adopts new framework to use drones for last-mile delivery, The Economic Times report.
[Oct 5] Want to see ‘Assembled in India’ on an iPhone: Ravi Shankar Prasad, The Economic Times report.
[Oct 6] Home market gets attractive for India’s IT giants, The Economic Times report.
Internet Governance
[Oct 2] India
Govt requests maximum social media content takedowns in the world, Inc42 report;
Tech Circle report.
[Oct 3]
Facebook can be forced to delete defamatory content worldwide, top EU court
rules, Politico EU report.
[Oct 4] EU
ruling may spell trouble for Facebook in India, The Economic Times report.
[Oct 4] TikTok,
TikTok… the clock is ticking on the question whether ByteDance pays its content
creators, ET Tech report.
[Oct 6] Why
data localization triggers a heated debate, The Economic Times report.
[Oct 7]
Sensitive Indian govt data must be stored locally, Outlook report.
Data
Protection and Privacy
[Sep 30] FPIs
move MeitY against data bill, seek exemption, ET markets report,
Inc42 report;
Financial Express report.
[Oct 1] United
States: CCPA exception approved by California legislature, Mondaq.com report.
[Oct 1] Privacy
is gone, what we need is regulation, says Infosys Kris Gopalakrishnana, News18 report.
[Oct 1]
Europe’s top court says active consent is needed for tracking cookies, Tech
Crunch report.
[Oct 3] Turkey
fines Facebook $282,000 over data privacy breach, Deccan Herald report.
Free
Speech
[Oct 1]
Singapore’s ‘fake news’ law to come into force Wednesday, but rights group
worry it could stifle free speech, The Japan Times report.
[Oct 2]
Minister says Singapore’s fake news law is about ‘enabling’ free speech, CNBC report.
[Oct 3] Hong
Kong protests: Authorities to announce face mask ban, BBC News report.
[Oct 3] ECHR:
Holocaust denial is not protected free speech, ASIL brief.
[Oct 4] FIR
against Mani Ratnam, Adoor and 47 others who wrote to Modi on communal
violence, The News Minute report;
Times Now report.
[Oct 5] UN asks
Malaysia to repeal laws curbing freedom of speech, The New Indian Express report.
[Oct 6] When
will our varsities get freedom of expression: PC, Deccan Herald report.
[Oct 6] UK
Government to make university students sign contracts limiting speech and
behavior, The Times report.
[Oct 7] FIR on
Adoor and others condemned, The Telegraph report.
Aadhaar,
Digital IDs
[Sep 30] Plea
in SC seeking linking of social media accounts with Aadhaar to check fake news,
The Economic Times report.
[Oct 1] Why
another omnibus national ID card?, The Hindu Business Line report.
[Oct 2] ‘Kenyan
court process better than SC’s approach to Aadhaar challenge’: V Anand, who
testified against biometric project, LiveLaw report.
[Oct 3] Why
Aadhaar is a stumbling block in Modi govt’s flagship maternity scheme, The
Print report.
[Oct 4]
Parliament panel to review Aadhaar authority functioning, data security, NDTV report.
[Oct 6] Roger Marshall, Deccan Herald, Big oil, Big Data and the shape of water.
[Oct 6] Neil Chatterjee, Fortune, The power grid is evolving. Cybersecurity must too.
[Oct 7] Scott W Pink, Modaq.com, EU: What is GDPR and CCPA and how does it impact blockchain?
[Oct 7] GN Devy, The Telegraph, Has India slid into an irreversible Talibanization of the mind?
[Oct 7] Susan Ariel Aaronson, South China Morning Post, The Trump administration’s approach to AI is not that smart: it’s about cooperation, not domination.
The deadline to link PAN cards with Aadhaar was extended to December 31 this week; the Election Commission ruled that voting rights of those excluded in the NRC process remain unaffected; the Home Minister proposed a digital census with multipurpose ID cards for 2021; and 27 nations including the US, UK and Canada issued joint statement urging for a rules-based order in cyberspace – presenting this week’s most important developments in law, technology and national security.
Aadhaar and Digital IDs
[Sep 23] Home Minister announces
digital census in 2021, proposed multipurpose ID card, Entrackr report; Business Today report.
[Sep 24] NRIs can now apply for
Aadhaar on arrival without 182-day wait, The Economic Times report.
[Sep 24] Aadhaar will be linked
to driving license to avoid forgery: Ravi Shankar Prasad, The Indian Express report.
[Sep 24] One nation, one card?
Amit Shah floats idea of all-in-one ID; here are all the problems with that
idea, Medianama report; Money Control report.
[Sep 24] Explained: Is India
likely to have a multipurpose national ID card? The Indian Express report.
[Sep 24] UIDAI nod to ‘voluntary’
use of Aadhaar for National Population Register rollout, The Economic Times report.
[Sep 24] Govt must decide on
Aadhaar-social media linkage:SC, Deccan Herald report.
[Sep 25] New law needed for
Aadhaar-social media linkage: UIDAI, The Economic Times report; Inc42 report.
[Sep 26] NPR process to include
passport, voter ID, Aadhaar and other details, Business Standard report.
[Sep 27] Gang involved in making
fake Aadhaar cards busted, The Tribune report.
[Sep 27] What will happen if you
don’t link your PAN card with Aadhaar by Sep 20, The Quint report.
[Sep 27] Explained: The National
Population Register, and the controversy around it, The Indian Express report.
[Sep 27] Aadhaar to weed out
bogus social security beneficiaries in Karnataka, Deccan Herald report.
[Sep 29] Bajrang Dal wants
Aadhaar mandatory at dandiya to keep ‘non-Hindus’ out, The Hindustan Times report; The Wire report.
[Sep 30] Kerala urges Centre to
extend deadline to link ration cards with Aadhaar, The News Minute report.
[Sep 30] PAN-Aadhaar linking
deadline extended to December 31, The Economic Times report.
Digital India
[Sep 25] India’s regulatory
approach should focus on the regulation of the ‘core’: IAMAI, Livemint report.
[Sep 27] India may have to offer
sops to boost electronic manufacturing, ET Tech report; Inc42 report.
[Sep 27] Digital India, start-ups
are priorities for $5 trillion economy: PM Modi, Medianama report.
[Sep 29] Tech giants aim to skill
Indian govt officials in AI, cloud, ET CIO report.
[Sep 29] India’s share in IT,
R&D biz up in 2 years: report, The Economic Times report.
Internet Governance
[Sep 24] Supreme Court to MeitY:
What’s the status of intermediary guidelines? Tell us by Oct 15, Medianama report.
[Sep 26] Will not be ‘excessive’
with social media rules, ay Govt officials, Inc42 report.
[Sep 26] Government trying to
balance privacy and security in draft IT intermediary norms, The Economic Times
report.
[Sep 27] Citizens, tech companies
served better with some regulation: Facebook India MD Ajit Mohan, ET Tech report; Inc42 report.
[Sep 27] Balance benefits of
internet, data security: Google CEO Sundar Pichai, ET Tech report; Business Today report.
Free Speech
[Sep 25] Jadavpur University
calls upon ‘stakeholders’ to ensure free speech on campus, The New Indian
Express report.
[Sep 28] RSS raises objections to
uncensored content of Maoj Bajpayee’s “The Family Man”, The Hindu report; Outlook report.
Privacy and Data Protection
[Sep 23] A landmark decision on
Tuesday could radically reshape how Google’s search results work, Business
Insider report.
[Sep 23] Google tightens its
voice assistant rules amidst privacy backlash, Wired report.
[Sep 24] Dell rolls out new data
protection storage appliances and capabilities, ZDNet report.
[Sep 24] ‘Right to be forgotten’
privacy rule is limited by Europe’s top court, The New York Times report; Live Law report.
[Sep 27] Nigeria launches
investigation into Truecaller for potential breach of privacy, Medianama report.
[Sep 29] Right to be forgotten
will be arduous as India frames data protection law, Business Standard report.
[Sep 30] FPIs move against data
bill, seek exemption, ET Telecom report; Entrackr report.
Data Localisation
[Sep 26] Reconsider imposition of
data localisation: IAMAI report, The Economic Times report.
[Sep 27] Why data is not oil:
Here’s how India’s data localisation norms will hurt the economy, Inc42 report.
Digital Payments and Fintech
[Sep 23] RBI rider on credit
bureau data access has Fintech in a quandary, ET Tech report.
[Sep 23] The face of India’s
crypto lobby readies for a clash, Ozy report.
[Sep 23] Why has Brazil’s Central
Bank included crypto assets in trade balance? Coin Telegraph report.
[Sep 24] French retailers
widening crypto acceptance, Tech Xplore report.
[Sep 26] Why crypto hoaxes are so
successful, Quartz report.
[Sep 26] South Africa: the net
frontier for crypto exchanges, Coin Telegraph report.
[Sep 27] The crypto wars’ strange
bedfellows, Forbes report.
[Sep 28] Crypto industry is already
preparing for Google’s ‘quantum supremacy’, Decrypt report.
[Sep 29] How crypto gambling is
regulated around the world, Coin Telegraph report.
Tech and Law Enforcement
[Sep 29] New WhatsApp and
Facebook Encryption ‘Backdoors’ – What’s really going on, Forbes report.
[Sep 28] Facebook, WhatsApp will
have to share messages with UK Government, Bloomberg report.
[Sep 23] Secret FBI subpoenas
scoop up personal data from scores of companies, The New York Times report.
[Sep 23] ‘Don’t transfer the
WhatsApp traceability case’, Internet Freedom Foundation asks Supreme Court,
Medianama report.
[Sep 24] China offers free subway
rides to citizens who register their face with surveillance system, The
Independent report.
[Sep 24] Facial recognition
technology in public housing prompts backlash, The New York Times report.
[Sep 24] Facebook-Aadhaar linkage
and WhatsApp traceability: Supreme Court says government must frame rules, CNBC
TV18 report.
[ep 27] Fashion that counters
surveillance cameras, Business Times report.
[Sep 27] Unnao rape case: Delhi
court directs Apple to give Sengar’s location details on day of alleged rape,
Medianama report.
[Sep 27] Face masks to decoy
t-shirts: the rise of anti-surveillance fashion, Times of India report.
[Sep 30] Battle for privacy and
encryption: WhatsApp and government head for a showdown on access to messages,
ET Prime report.
[Sep 29] Improving digital
evidence sharing, Scottish Government news report; Public technology report.
Internal Security: J&K
[Sep 23] Government launches
internet facilitation centre in Pulwama for students, Times of India report; Business Standard report.
[Sep 23] Army chief rejects ‘clampdown’
in Jammu and Kashmir, Times of India report.
[Sep 24] Rising power: Why India
has faced muted criticism over its Kashmir policy, Business Standard report.
[Sep 24] ‘Restore Article 370,
35A in Jammu and Kashmir, withdraw army, paramilitary forces’: 5-member women’s
group will submit demands to Amit Shah, Firstpost report.
[Sep 24] No normalcy in Kashmir,
says fact finding team, The Hindu report.
[Sep 25] End clampdown: Kashmir
media, The Telegraph report.
[Sep 25] Resolve Kashmir issue
through dialogue and not through collision: Erdogan, The Economic Times report.
[Sep 25] Rajya Sabha deputy chair
thwarts Pakistan’s attempt at Kashmir at Eurasian Conference, The Economic
Times report.
[Sep 25] Pakistan leader will
urge UN intervention in Kashmir, The New York Times report.
[Sep 25] NSA Ajit Doval back in
Srinagar to review security situation, The Hindustan Times report.
[Sep 27] Communication curbs add
fresh challenge to Kashmir counter-insurgency operations, News18 report.
[Sep 27] Fresh restrictions in
parts of Kashmir, The Hindu report.
[Sep 27] US wants ‘rapid’ easing
of Kashmir restrictions, Times of India report.
[Sep 27] Kashmir issue: Rescind
action on Art. 370, OIC tells India, The Hindu report.
[Sep 28] India objects to China’s
reference to J&K and Ladakh at UNGA, The Economic Times report; The Hindu report.
[Sep 29] Surveillance, area
domination operations intensified in Kashmir, The Economic Times report; Financial Express report.
[Sep 29] Police impose
restrictions in J&K after Imran Khan’s speech at UNGA, India Today report.
Internal Security: NRC and the
North-East
[Sep 23] Assam framing cyber
security policy to secure data related to NRC, police, services, The Economic
Times report; Money Control report.
[Sep 24] BJP will tell SC that we
reject this NRC, says Himanta Biswa Sarma, Business Standard report.
[Sep 24] Amit Shah to speak on
NRC, Citizenship Amendment Bill in Kolkata on Oct 1, The Economic Times report.
[Sep 26] ‘Expensive’ legal battle
for those rejected in Assam NRC final list, The Economic Times report.
[Sep 27] Scared of NRC? Come back
in 2022, The Telegraph report.
[Sep 27] Voters left out of NRC
will have right to vote, rules Election Commission, India Today report; The Wire report.
[Sep 27] NRC: Assam government
announces 200 Foreigners Tribunals in 33 districts, Times Now report; Times of India report.
[Sep 28] Judge urges new FT
members to examine NRC claims with utmost care, Times of India report.
National Security Legislation
[Sep 23] Centre will reintroduce
Citizenship Bill in Parliament: Himanta Biswa Sarma, The Hindu report.
[Sep 26] National Security Guard:
History, Functions and Operations, Jagran Josh report.
[Sep 28] Left parties seek
revocation of decision on Article 370, The Tribune India report.
Tech and National Security
[Sep 25] Army to start using
Artificial Intelligence in 2-3 years: South Western Army commander, The Print report; India Today report; The New Indian Express report; Financial Express report.
[Sep 23] Modi, Trump set new
course on terrorism, border security, The Hindu report.
[Sep 23] PM Modi in the US” Trump
promises more defence deals with India, military trade to go up, Financial
Express report.
[Sep 23] Punjab police bust
terror module supplied with weapons by drones from Pak, NDTV report.
[Sep 26] Lockheed Martin to begin
supplying F-16 wings from Hyderabad plant in 2020, Livemint report.
[Sep 26] Drones used for
cross-border arms infiltration in Punjab a national security issues, says
Randhawa, The Hindu report.
[Sep 27] UK MoD sets up cyber
team for secure innovation, UK Authority report.
[Sep 29] New tri-services special
ops division, meant for surgical strikes, finishes first exercise today, The
Print report.
[Sep 30] After Saudi attacks,
India developing anti-drone technology to counter drone menace, Eurasian Times report.
Tech and Elections
[Sep 20] Microsoft will offer
free Windows 7 support for US election officials through 2020, Cyber Scoop report.
[Sep 26] Social media platforms
to follow ‘code of ethics’ in all future elections: EC, The Economic Times report.
[Sep 28] Why is EC not making
‘authentic’ 2019 Lok Sabha results public? The Quint report.
Cybersecurity
[Sep 24] Androids and iPhones
hacked with just one WhatsApp click – and Tibetans are under attack, Forbes report.
[Sep 25] Sharp questions can help
board oversee cybersecurity, The Wall Street Journal report.
[Sep 25] What we know about
CrowdStrike, the cybersecurity firm trump mentioned in Ukraine call, and its
billionaire CEO, Forbes report.
[Sep 25] 36% smaller firms
witnessed data breaches in 2019 globally, ET Rise report.
[Sep 28] Defence Construction
Canada hit by cyber attack – corporation’s team trying to restore full IT
capability, Ottawa Citizen report.
[Sep 29] Experts call for
collective efforts to counter cyber threats, The New Indian Express report.
[Sep 29] Microsoft spots malware
that turns PCs into zombie proxies, ET Telecom report.
[Sep 29] US steps up scrutiny of
airplane cybersecurity, The Wall Street Journal report.
Cyberwarfare
[Sep 24] 27 countries sign cybersecurity pledge urging rules-based control over cyberspace in Joint Statement, with digs at China and Russia, CNN report; IT world Canada report; Meri Talk report.
[Sep 26] Cyber Peace Institute fills a critical need for cyber attack victims, Microsoft blog.
[Sep 29] Britain is ‘at war every day’ due to constant cyber attacks, Chief of the Defence Staff says, The Telegraph report.
Telecom and 5G
[Sep 27] Telcos’ IT investments
intact, auto companies may slow pace: IBM exec, ET Tech report.
[Sep 29] Telecom players to lead
digital transformation in India, BW Businessworld report.
More on Huawei
[Sep 22] Huawei confirms another
nasty surprise for Mate 30 buyers, Forbes report.
[Sep 23] We’re on the same page
with government on security: Huawei, The Economic Times report.
[Sep 24] The debate around 5G’s
safety is getting in the way of science, Quartz report (paywall).
[Sep 24] Govt will take call on
Huawei with national interest in mind: Telecom Secy, Business Standard report.
[Sep 24] Huawei enables 5G smart
travel system at Beijing airport, Tech Radar report.
[Sep 25] Huawei 5G backdoor entry
unproven, The Economic Times report.
[Sep 25] US prepares $1 bn fund
to replace Huawei ban kit, Tech Radar report.
[Sep 26] Google releases large
dataset of deepfakes for researchers, Medianama report.
[Sep 26] Huawei willing to
license 5G technology to a US firm, The Hindu Business Line report; Business Standard report.
[Sep 26] Southeast Asia’s top
phone carrier still open to Huawei 5G, Bloomberg report.
[Sep 29] Russia rolls out the red
carpet for Huawei over 5G, The Economic Times report.
Emerging Tech and AI
[Sep 20] Google researchers have
reportedly achieved “Quantum Supremacy”, Financial Times report; MIT Technology Review report.
[Sep 23] Artificial Intelligence
revolution in healthcare in India: All we need to know, The Hindustan Times report.
[Sep 23] A new joystick for the
brain-controlled vehicles of the future, Defense One report.
[Sep 24] Computing and AI:
Humanistic Perspectives from MIT, MIT News report.
[Sep 24] Emerging technologies
such as AI, 5G posing threats to privacy, says report, China Daily report.
[Sep 25] Alibaba unveils chip
developed for artificial intelligence era, Financial Times report.
[Sep 26] Pentagon wants AI to
interpret ‘strategic activity around the globe, Defense One report.
[Sep 27] Only 10 jobs created for
every 100 jobs taken away by AI, ET Tech report.
[Sep 27] Experts say these
emerging technologies should concern us, Business Insider report.
[Sep 27] What is on the horizon
for export controls on ‘emerging technologies’? Industry comments may hold a
clue, Modaq.com report.
[Sep 27] India can become world
leader in artificial intelligence: Vishal Sikka, Money Control report.
[Sep 27] Elon Musk issues a
terrifying prediction of ‘AI robot swarms’ and huge threat to mankind, The
Daily Express (UK) report.
[Sep 27] Russia’s national AI
Centre is taking shape, Defense One report.
[Sep 29] Explained: What is
‘quantum supremacy’, The Hindu report.
[Sep 29] Why are scientists so
excited about a new quantum computing milestone?, Scroll.in report.
[Sep 29] Artificial Intelligence
has a gender bias problem – just ask Siri, The Wire report.
[Sep 29] How AI is changing the
landscape of digital marketing, Inc42 report.
Opinions and Analyses
[Sep 21] Wim Zijnenburg, Defense One, Time to Harden International Norms on Armed Drones.
[Sep 23] David Sanger and Julian
Barnes, The New York Times, The urgent search for a cyber silver bullet against Iran.
[Sep 23] Neven Ahmad, PRIO Blog, The EU’s response to the drone age: A united sky.
[Sep 23] Bisajit Dhar and KS
Chalapati Rao, The Wire, Why an India-US Free Trade Agreement would require New Delhi to
reorient key policies.
[Sep 23] Filip Cotfas, Money Control, Five reasons why data loss prevention has to be taken seriously.
Cybersecurity experts warned of a new ‘SIM jacking’ threat, the Kerala High Court recognizes a right to access internet as the internet shutdown in Kashmir entered its 50th day; more updates on the linkage of Aadhaar with voter IDs and social media as the Indian Army braces itself to adopt AI – presenting this week’s most important developments in law, tech and national security.
Aadhaar
[Sep 16] Here are the amendments
the Election Commission wants to the Representation of the People Act for
Aadhaar-Voter ID linkage, Medianama report.
[Sep 18] Why Maj. Gen. Vombatkere
has challenged Aadhaar Amendment Act in the Supreme Court; On WhatsApp and
traceability, Medianama report.
[Sep 19] Drop in Aadhaar
enrolments in J&K, The Economic Times report.
[Sep 20] In-principle decision to
link Aadhaar with GST registration, The Economic Times report.
[Sep 23] Aadhaar card is now
mandatory for nominees of your EPF account, Livemint report.
Digital India
[Sep 18] Indo-US ICT working group to meet on Sept 30, Oct 1, Medianama report.
[Sep 17] NITI Aayog frames guidelines for automated inspection of vehicles, ET Auto report.
[Sep 17] What TikTok told MEITY about its intermediary status, data collection, and policies for children, Medianama report.
[Sep 18] Soon, lands will have Aadhaar-like unique numbers, The Economic Times report; Business Today report.
[Sep 18] Drones to be used to digitally map India: report, Medianama report.
[Sep 18] PMO panel to release policy to boost handset manufacturing in India: report, Medianama report.
[Sep 19] Karnataka to set up exclusive body to boost innovation, The Hindu report.
[Sep 20] ‘Right To Access Internet Is Part Of Right To Privacy And Right To Education’: Kerala HC, Live Law report; Hindu report; NDTV report.
Data Protection and Privacy
[Sep 15] Privacy debate between govt, Facebook continues; no winner yet, Money Control report.
[Sep 16] Singapore, Philippines sign MoU on personal data protection, The Manila Times report.
[Sep 16] Industry wants careful drafting of regulations on non-personal data, The Economic Times report.
[Sep 16] Here are the top three reasons why data protection is required in every business, Firstpost report.
[Sep 20] Sensitive, super-sensitive data must be stored locally in india: RS PRasad, Business Standard report.
[Sep 20] Yet another data leak in Indian government database, exoposes multiple citizen IDs, Inc42 report.
[Sep 22] Infosys co-founder Kris Gopalakrishnan to lead panel on protection of non-personal data, Financial Express report.
E-Commerce
[Sep 16] Odisha government makes
e-marketplace mandatory for procurements, The New Indian Express report.
[Sep 17] Ministry of COnsumer
Affairs extends deadline for comments on draft E-Commerce Guidelines 2019 to
October 31, Medianama report.
FinTech and Digital Payments
[Sep 16] WhatsApp to roll out its
payment services by end of this year: report, Medianama report; The
Economic Times report.
[Sep 18] RBI proposes norms to
regulate payment gateways and payment aggregators, Entrackr report.
[Sep 19] Regulatory shock for
fintech firms: RBI blocks unregulated access to consumer credit history,
Entrackr report.
[Sep 19] DSCI, MeitY and Google
India join hands for ‘Digital Payment Abhiyan’, The Economic Times report.
Cryptocurrencies
[Sep 16] The toss of a Bitcoin:
How crypto ban will hurt 5 mn Indians, 20k Blockchain developers, The Economic
Times report.
[Sep 16] US Sanctions three
alleged crypto hacking groups from North Korea, Coin Desk report.
[Sep 16] Crypto firms assess how
to comply with anti-money laundering standards, The Wall Street Journal report.
[Sep 19] Bitcoin and crypto
wallets are now being targeted by malware, Forbes report.
[Sep 21] Weekends are for
Altcoins when it comes to crypto market gains, ET Markets report.
[Sep 21] Chinese officials
surprisingly chill on crypto, Decrypt report.
Cybersecurity
[Sep 13] Ransomware has a new
target, Defense One report.
[Sep 16] Deep learning and
machine learning to transform cybersecurity, Tech Wire Asia report.
[Sep 16] America needs a
whole-of-society approach to cybersecurity. ‘Grand Challenges’ can help,
Defense One report.
[Sep 17] Financial asset firm PCI
ordered to pay $1.5 million for poor cybersecurity practices, ZD Net report.
[Sep 20] Current Act outdated,
need to include cyber security in IT legal framework: DCA chief, The Indian
Express report.
[Sep 20] 10% of IT budget should
be used for cybersecurity: Rear Admiral Mohit Gupta, ET Times report.
[Sep 20] Once hacked, twice shy:
How auto supplier Harman learned to fight cyber car jackers, ET Auto report.
[Sep 21] Cybersecurity a big
opportunity for telcos, says IBM executive, The Economic Times report.
[Sep 23] Cybersecurity experts
raise alarm over new SIM jacking threat, The New Indian Express report.
[Sep 23] Cybersecurity: Tackling
the menace of phishing, Financial Express report.
Tech and Law Enforcement; Surveillance
[Sep 15] Facebook moots
‘prospective’ solution to WhatsApp issue; India stands firm on traceability,
Business Today report; Livemint report.
[Sep 18] Chinese firms are
driving the rise of AI surveillance across Africa, Quartz report.
[Sep 18] Documents reveal how
Russia taps phone companies for surveillance, Tech Crunch report.
[Sep 20] WhatsApp traceability
case petitioner asks court to remove Aadhaar from the plea, consider only ‘authorised
govt proofs’, Medianama report; Inc42 report; Bar & Bench report.
[Sep 20] Chennai-based KPost says
traceability is possible, wants to be impleaded in WhatsApp case, Medianama report.
Tech and National Security
[Sep 13] Pentagon’s former top
hacker wants to inject some Silicon Valley into the defense industry, Defense
One report.
[Sep 16] Here’s how startups are
helping the Defence Ministry up its game, Money Control report.
[Sep 16] After 6 years in exile,
Edward Snowden explains himself, Wired report.
[Sep 17] US tells Saudi Arabia
oil attacks were launched from Iran, The Wall Street Journal report.
[Sep 17] Why Rafale jets may be
inducted into IAF by next summer only, Livemint report.
[Sep 17] US Air Force to shift
billions of dollars to network its weapons, Defense One report.
[Sep 18] India to achieve US$26
billion defence industry by 2025: Defence Minister, Business Standard report.
[Sep 18] Mitigating security
risks from emerging technologies, Army Technology analysis.
[Sep 18] Revised draft defence
procurement norms to be ready by November end, The Hindu report.
[Sep 20] The NSA is running a
satellite hacking experiment, Defense One report.
[Sep 20] Army to host seminar on
artificial intelligence next week; seeks to enhance lethality, The Economic
Times report; India Today report; The New Indian Express report.
[Sep 20] Defence Procurement: Not
a level playing field for private sector, PSUs still rule, Bharat Shakti report.
[Sep 20] Indian Air Force
‘accepts’ Rafale, formal hand over on Dussehra, Livemint report.
[Sep 22] Amid US-India blooming
ties, Washington prepares to take down Indian air defence systems, EurAsian
Times report.
[Sep 23] Government likely to
order 36 more Rafale fighter jets, The Economic Times report.
Tech and Elections
[Sep 20] Social media companies
raise concerns over Election Commission’s voluntary code of ethics, Medianama report.
Internal Security: J&K
[Sep 16] Supreme Court says
normalcy to return to Kashmir but with national security in mind, India Today report.
[Sep 16] Farooq Abdullah booked
under Public Safety Act, committee to decide duration of arrest: report,
Financial Express report.
[Sep 17] Amnesty’s report on the
(mis)use of Public Safety Act in J&K counters the govt’s narrative, Youth
ki Awaaz report.
[Sep 18] China says Kashmir issue
may not be a ‘major topic’ during Modi-Xi meet, Livemint report.
[Sep 19] In Pakistan-held
Kashmir, growing calls for independence, The New York Times report.
[Sep 20] Kashmir residents say
they are being charged by telcos despite no service, The Hindu report.
[Sep 20] UN Chief could discuss
Kashmir issues at UNGA: UN spokesman, The Economic Times report.
[Sep 20] How military drones are
becoming deadly weapons across the globe, The Economic Times report.
[Sep 22] Modi’s Digital India
comes crashing down in Kashmir’s longest ever internet gag, The Wire report; The Hindu report.
[Sep 23] No clampdown in Kashmir,
only communication line of terrorists stopped: Army Chief Bipin Rawat, India
Today report.
Internal Security: NRC
[Sep 16] Those declared foreigners
cannot file NRC appeal, say Assam govt, Hindustan Times report.
This week, Delhi International Airport deployed facial recognition on a ‘trial basis’ for 3 months, landline communications were restored in Kashmir as the Government mulls over certification for online video streaming platforms like Netflix and PrimeVideo – presenting this week’s most important developments in law, tech and national security.
Aadhaar
[Sep 3] PAN will be issued
automatically using Aadhaar for filing returns: CBDT, DD News report.
[Sep 3] BJD set to collect Aadhaar
numbers of its members in Odisha, Opposition parties slam move, News 18 report; The New Indian Express report; Financial Express report.
[Sep 5] Aadhaar is secure, says
ex-UIDAI chief, Times of India report.
[Sep 5] Passport-like Aadhaar centre
opened in Chennai: Online appointment booking starts, Livemint report.
[Sep 8] Plans to link Janani Suraksha
and Matra Vandan schemes with Aadhaar: CM Yogi Adityanath, Times of India report.
Digital India
[Sep 5] Digital media bodies welcome
26% FDI cap, Times of India report.
[Sep 6] Automation ‘not threat’
to India’s IT industry, ET Tech report.
[Sep 6] Tech Mahindra to modernise
AT&T network systems, Tech Circle report.
Data Protection and Governance
[Sep 2] Health data comes under the
purview of Data Protection Bill: IAMAI, Inc42 report.
[Sep 2] Credit history should not be
viewed as sensitive data, say online lenders, Livemint report.
[Sep 3] MeitY may come up with policy
on regulation of non-personal data, Medianama report.
[Sep 3] MeitY to work on a white paper
to gain clarity on public data regulations, Inc42 report.
[Sep 6] Treating data as commons is
more beneficial, says UN report, Medianama report.
[Sep 9] Indian Government may allow
companies to sell non-personal data of its users, Inc42 report, The Economic Times report.
[Sep 9] Tech firms may be compelled to
share public data of its users, ET Tech report.
Data Privacy and Breaches
[Sep 2] Chinese face-swap app Zao faces
backlash over user data protection, KrAsia report; Medianama report.
[Sep 2] Study finds Big Data eliminates
confidentiality in court judgments, Swiss Info report.
[Sep 4] YouTube will pay $170 million
to settle claims it violated child privacy laws, CNBC report; FTC Press Release.
[Sep 4] Facebook will now let people
opt-out of its face recognition feature, Medianama report.
[Sep 4] Mental health websites in
Europe found sharing user data for ads, Tech Crunch report.
[Sep 5] A huge database of Facebook
users’ phone numbers found online, Tech Crunch report.
[Sep 5] Twitter has temporarily
disabled tweet to SMS feature, Medianama report.
[Sep 6] Fake apps a trap to track your
device and crucial data, ET Tech report.
[Sep 6] 419 million Facebook users
phone numbers leaked online, ET Tech report; Medianama report.
[Sep 9] Community social media
platform, LocalCircles, highlights data misuse worries, The Economic Times report.
Free Speech
[Sep 7] Freedom of expression is not
absolute: PCI Chairman, The Hindu report.
[Sep 7] Chennai: Another IAS officer
resign over ‘freedom of expression’, Deccan Chronicle report.
[Sep 8] Justice Deepak Gupta: Law on
sedition needs to be toned down if not abolished, The Wire report.
Online Content Regulation
[Sep 3] Government plans certification
for Netflix, Amazon Prime, Other OTT Platforms, Inc42 report.
[Sep 4] Why Justice for Rights went to
court, asking for online content to be regulated, Medianama report.
[Sep 4] Youtube claims new hate speech
policy working, removals up 5x, Medianama report.
[Sep 6] MeitY may relax norms on
content monitoring for social media firms, ET Tech report; Inc42 report; Entrackr report.
E-Commerce
[Sep 4] Offline retailers accuse Amazon
and Flipkart of deep discounting, predatory pricing and undercutting, Medianama
report; Entrackr report.
[Sep 6] Companies rely on digital
certification startups to foolproof customer identity, ET Tech report.
Digital Payments and FinTech
[Sep 3] A sweeping reset is in the
works to bring India in line with fintech’s rise, The Economic Times report.
[Sep 3] Insurance and lending companies
in agro sector should use drones to reduce credit an insurance risks: DEA’s
report on fintech, Medianama report.
[Sep 4] Firefox will not block
third-party tracking and cryptomining by default for all users, Medianama report.
[Sep 4] Insurance companies are fueling
ransomware attacks, Defense One report.
[Sep 5] Firms facing shortage of
skilled workforce in cybersecurity: Infosys Research, The Economic Times report.
[Sep 5] Cybersecurity a boardroom
imperative in almost 50% of global firms: Survey, Outlook report; ANI report.
[Sep 5] DoD unveils new cybersecurity
certification model for contractors, Federal News Network report.
[Sep 5] Jigsaw Academy launches
cybersecurity certification programme in India, DQ India report.
[Sep 6] Indians lead the world as
Facebook Big Bug Hunters, ET Tech report.
[Sep 6] Australia is getting a new
cybersecurity strategy, ZD Net report.
[Sep 9] China’s 5G, industrial internet
roll-outs to fuel more demand for cybersecurity, South China Morning Post report.
Tech and National Security
[Sep 3] Apache copters to be inducted
today, The Pioneer report.
[Sep 3] How AI will predict Chinese and
Russian moves in the Pacific, Defense One report.
[Sep 3] US testing autonomous
border-patrol drones, Defense One report.
[Sep 3] Meet the coalition pushing for
‘Cyber Peace’ rules. Defense One report.
[Sep 4] US wargames to try out concepts
for fighting China, Russia, defense One report.
[Sep 4] Southern Command hosts seminar
on security challenges, Times of India report; The Indian Express report.
[Sep 4] Russia, already India’s biggest
arms supplier, in line for more, Business Standard report.
[Sep 4] Pentagon, NSA prepare to train
AI-powered cyber defenses, Defense One report.
[Sep 5] Cabinet clears procurement of Akash
missile system at Rs. 5500 crore, Times Now report.
[Sep 5] India to go ahead with $3.1
billion US del for maritime patrol aircraft, The Economic Times report.
[Sep 5] DGCA certifies ‘small’ category
drone for complying with ‘No-Permission, No-Takeoff’ protocol, Medianama report.
[Sep 5] India has never been aggressor
but will not hesitate in using its strength to defend itseld: Rajnath Singh,
The Economic Times report.
[Sep 5] Panel reviewing procurement
policy framework to come out with new versions of DPP, DPM by March 2020, The
Economic Times report; Business Standard report; Deccan Herald report.
[Sep 5] Russia proposes joint
development of submarines with India, The Hindu report.
[Sep 7] Proud of you: India tells ISRO
after contact lost with CHandrayaan-2 lander, India Today report.
Tech and Elections
[Sep 4] ECI asks social media firms to
follow voluntary code of ethics ahead of state polls: report, Medianama report.
[Sep 6] Congress party to reorganise its
data analytics department, Medianama report.
[Sep 5] Why the 2020 campaigns are
still soft targets for hackers, Defense One report.
[Sep 5] Facebook meets with FBI to
discuss election security, Bloomberg report.
[Sep 5] Facebook is making its own AI
deepfakes to head off a disinformation disaster, MIT Tech Review report.
Internal Security: J&K
[Sep 4] Long convoy, intel failure:
Multiple lapses led to Pulwama terror attack, finds CRPF inquiry, India Today report; Kashmir Media Service report; The Wire report.
[Sep 4] Extension of President’s Rule
in Kashmir was not delayed, MHA says in report to SC lawyer’s article,
Scroll.in report.
[Sep 6] Landline communication restored
in Kashmir Valley: Report, Medianama report.
[Sep 7] Kashmir’s Shia areas face
curbs, all Muharram processions banned, The Quint report.
[Sep 7] No question of army atrocities
in Kashmir as it’s only fighting terrorists: NSA Ajit Doval, India Today report.
[Sep 8] More than 200 militants trying
to cross into Kashmir from Pakistan: Ajit Doval, Money Control report.
[Sep 8] ‘Such unilateral actions are
futile’, says India after Pakistan blocks airspace for President Kovind,
Scroll.in report; NDTV report.
Internal Security: NRC
[Sep 2] Contradictory voices in Assam
Congress son NRC: Tarun Gogoi slams it as waste paper, party MP says historic
document, India Today report.
[Sep 3] Why Amit Shah is silent on NRC,
India Today report.
[Sep 7] AFSPA extended for 6 months in
Assam, Deccan Herald report.
[Sep 7] At RSS mega meet, concerns over
Hindus being left out of NRC: Sources, Financial Express report.
National Security Institutions
and Legislation
[Sep 5] Azhar, Saeed, Dawood declared
terrorists under UAPA law, Deccan Herald report; The Economic Times report.
[Sep 8] Home Minister says India’s
national security apparatus more robust than ever, Livemint report.
[Sep 8] Financial safety not national
security reason for women to join BSF: Study, India Today report.
Telecom/5G
[Sep 6] Security is an issue in 5G:
NCSC Pant on Huawei, Times of India report.
More on Huawei
[Sep 1] Huawei believes banning it from
5G will make countries insecure, ZD Net report.
[Sep 2] Huawei upbeat on AI strategy
for India, no word on 5G roll-out plans yet, Business Standard report.
[Sep 3] Huawei denies US allegations of
technology theft, NDTV Gadgets 260 report; Business Insider report; The Economic Times report.
[Sep 3] Shocking Huawei ‘Extortion and
Cyberattack’ allegations in new US legal fight, Forbes report; Livemint report, BBC News report; The Verge report.
[Sep 3] Committed to providing the most
advanced products: Huawei, ET Telecom report.
[Sep 4] Huawei says 5G rollout in India
will be delayed by 3 years if it’s banned, Livemint report
[Sep 4] Trump not interested in talking
Huawei with China, Tech Circle report.
[Sep 5] Nepal’s only billionaire
enlists Huawei to transform country’s elections, Financial Times report.
[Sep 8] Trump gets shocking new Huawei
warning – from Microsoft, Forbes report.
Emerging Tech
[Aug 30] Facebook is building an AI
Assistant Inside Minecraft, Forbes report.
[Sep 3] AWS partners with IIT KGP for
much needed push to India’s AI skilling, Inc42 report.
[Sep 3] Behind the Rise of China’s
facial recognition giants, Wired report.
[Sep 4] Facebook won’t use facial
recognition on you unless you tell it to, Quartz report.
[Sep 4] An AI app that turns you into a
movie star has risked the privacy of millions, MIT Technology Review report.
[Sep 6] Police use f facial recognition
is accepted by British Court, The New York Times report.
[Sep 6] Facebook, Microsoft announce
challenge to detect deepfakes, Medianama report.
[Sep 6] Facial recognition tech to
debut at Delhi airport’s T3 terminal; on ‘trial basis’ for next three months,
Medianama report.
Internet Shutdowns
[Sep 3] After more than 10 weeks,
internet services in towns of Rakhine and Chin restored, Medianama report.
[Sep 4] Bangladesh bans mobile phone
services in Rohingya camps, Medianama report.
Opinions and Analyses
[Sep 2] Michael J Casey, Coin Desk, A crypto fix for a broken international monetary system.
[Sep 2] Yengkhom Jilangamba, News18 Opinion, Not a solution to immigration problem, NRC final list has only brought to surface fault lines within society.
[Sep 2] Samuel Bendett, Defense One, What Russian Chatbots Think About Us.
[Sep 2] Shivani Singh, Hindustan Times, India’s no first use policy is a legacy that must be preserved.
[Sep 3] Abir Roy, Financial Express, Why a comprehensive law is needed for data protection.
[Sep 3] Dhirendra Kumar, The Economic Times, Aadhaar is back for mutual fund investments.
[Sep 3] Ashley Feng, Defense One, Welcome to the new phase of US-China tech competition.
[Sep 3] Nesrine Malik, The Guardian, The myth of the free speech crisis.
[Sep 3] Tom Wheeler and David Simpson, Brookings Institution, Why 5G requires new approaches to cybersecurity.
[Sep 3] Karen Roby, Tech Republic, Why cybersecurity is a big problem for small businesses.
[Sep 4] Wendy McElroy, Bitcoin.com, Crypto needs less regulation, not more.
[Sep 4] Natascha Gerlack and Elisabeth Macher, Modaq.com, US CLOUD Act’s potential impact on the GDPR.
[Sep 4] Peter Kafka, Vox, The US Government isn’t ready to regulate the internet. Today’s Google fine shows why.
[Sep 5] Murtaza Bhatia, Firstpost, Effective cybersecurity can help in accelerating business transformation.
[Sep 5] MG Devasahayam, The Tribune, Looking into human rights violations by Army.
[Sep 5] James Hadley, Forbes, Cybersecurity Frameworks: Not just for bits and bytes, but flesh and blood too.
[Sep 5] MR Subramani, Swarajya Magazine, Question at heart of TN’s ‘WhatsApp traceability case’: Are you endangering national security if you don’t link your social media account with Aadhaar?
[ Sep 5] Justin Sherman, Wired, Cold War Analogies are Warping Tech Policy.
[Sep 6] Nishtha Gautam, The Quint, Peer pressure, militant threats enforcing civil curfew in Kashmir?
[Sep 6] Harsh V Pant and Kartik Bommakanti, Foreign Policy, Modi reimagines the Indian military.
[Sep 6] Shuman Rana, Business Standard, Free speech in the crosshairs.
[Sep 6] David Gokhshtein, Forbes, Thoughts on American Crypto Regulation: Considering the Pros and Cons.
[Sep 6] Krishan Pratap Singh, NDTV Opinion, How to read Modi Government’s stand on Kashmir.
MeitY sought views on ‘non-personal data’; India and France announce joint research consortium on AI and digital partnership after NSA-level talks; Section 144 CrPC imposed in areas of Assam anticipating unrest after the publication of the NRC list as the MHA holds a high-level security meet on Kashmir; and the tussle between MeitY and the Niti Aayog for control over the Rs. 7000 cr AI project continues – presenting this week’s most important developments at the intersection of law and tech.
Aadhaar
[Aug 27] Aadhaar integration can weed
out fake voters: UIDAI’s Ajay Bhushan Pandey, Business Standard report.
[Aug 27] Government to intensify
Aadhaar enrolment in J&K after Oct 31: Report, Medianama report; Times Now report; The Quint report
[Aug 27] Interview: Why I filed a case
to link Aadhaar and Social Media Accounts, The Quint report.
[Aug 27] Aadhaar database cannot be
hacked even after a billion attempts: Ravi shankar Prasad, Money Control report.
[Aug 27] Most dangerous situation:
Justice Srikrishna on EC-Aadhaar linking, The Quint report.
[Aug 28] Aadhaar ads to women’s
problems in India. Here’s why. The Wire report.
[Aug 28] What Centre will tell Supreme
Court on Aadhaar and social media account linkage, The Hindustan Time report.
[Aug 28] All residents of an MP village
have the same date of birth on their Aadhaar, Business Standard report.
[Aug 29] Blood banks advised to ask for
donors’ Aadhaar cards, Times of India report.
[Aug 29] Aadhaar continues to evolve
and grow as India issues biometric seafarers’ ID, Biometric Update report.
[Aug 31] Aadhaar mandatory for farmers
to avail crop loan in Odisha, Odisha Sun Times report.
[Sep 1] NRIs to get Aadhaar sans
180-day wait in 3 months, The Hindu report.
[Sep 1] Aadhaar-liquor link to check
bottle littering? Deccan Herald report.
[Sep 1] Linking Aadhaar with social
media can lead to insidious profiling of people, says Apar Gupta, Times of
India report.
Digital India
[Aug 27] NASSCOM-DSCI on National
Health Stack: separate regulatory body for health, siloed registries, usage of
single ID, Medianama report.
[Aug 27] Govt looks to develop
electronics component manufacturing base in India: MeitY Secretary, YourStory report; Money Control report.
[Aug 30] India is encouraging foreign
firms to shift biz from China: report, Medianama report; Reuters report.
[Aug 30] Wipro, Google to speed up
digital shift of enterprises, ET Telecom report.
[Aug 30] Government committed to reach
public via technology, Times of India report.
[Aug 31] MeitY and Google tie up to
Build for Digital India, Livemint report; India TV report; ANI report; The Statesman report; Inc42 report.
[Sep 1] Govt is setting up high-tech
R&D facilities for India Inc to encourage big-bang projects, ET Tech report.
[Sep 1] Digitalisation is now forcing
NASSCOM to reinvent itself, ET Tech report.
Free Speech
[Aug 26] IAS Officer who quit over
‘losing freedom of expression’ was facing disciplinary action for misconduct,
Swarajya Magazine report.
[Aug 27] Withdraw media curbs in
Kashmir, The Hindu report.
[Aug 27] EU data caught in Facebook
audio transcribing, Politico report.
[Aug 30] BJP issues gag order on Pragya
Thakur after ‘black magic’ remark post Arun Jaitley’s death. News 18 report.
[Aug 31] Chargesheet filed against
ex-Union Minister Salman Khurshid over remark in UP CM Yogi Adityanath, India
Today report.
[Aug 31] Rafale deal: Rahul Gandhi
summoned by Mumbai court for calling Narendra Modi ‘commander-in-thief’,
Scroll.in report.
[Aug 31] Media freedom being curbed,
says Mamata, The Hindu report.
[Sep 1] Madurai man booked for Facebook
post against Centre, Army, Times of India report.
Internet Shutdowns
[Aug 26] Internet suspended in
Indonesia’s Papua region for ‘ security and order’ amid protests, Medianama report.
[Aug 29] Months after pledge to open
internet, Ethiopia disrupts connectivity amidst communal violence, Global
Voices report.
Data Protection and Privacy
[Aug 27] Government’s approach to data
is dangerous, says Justice Srikrishna, Medianama report.
[Aug 27] Microsoft’s lead EU data
watchdog is looking into fresh Windows 10 privacy concerns, Tech Crunch report.
[Aug 30] This Week in Tech: Facebook’s
privacy pivot (business model not included), The New York Times report.
[Aug 31] MeitY seeks views on
non-personal data, ET Tech report.
[Aug 31] Google to pay out $150-200m
over YouTube privacy claims: reports, The Hindu report.
[Sep 2] Let data protection Bill deal
with personal health data, says IAMAI, Business Standard report.
Intermediary Liability
[Aug 27] Government notices and issue
in TikTok’s ShareChat notices: To ask TikTok how its intermediary status is
consistent with claims on owning content, ET Telecom report; Inc42 report.
E-Commerce
[Aug 27] Thailand to tax e-commerce
companies from next year, Medianama report.
[Aug 27] NRAI sends notices to Swiggy,
Zomato, others on deep discounting, lack of transparency, Tech Circle report.
[Aug 29] MeitY may not include
E-commerce data in privacy bill, The Economic Times report; Medianama report; Inc42 report.
[Aug 29] 30% local sourcing FDI rule on
single brand retailers relaxed, physical stores before online sales not
necessary, Medianama report.
[Aug 29] Amazon moves Supreme Court
against direct selling companies: Report, Medianama report; The Economic Times report.
[Aug 30] India big enough for both
e-commerce and small retailers: Rajiv umar, ET Tech report.
[Aug 30] Zomato, Swiggy and NRAI discuss
issues, to meet again in September, Medianama report.
The National Investigation Agency Act was amended by Parliament this week, expanding its investigation powers to include cyber-terrorism; FaceApp’s user data privacy issues; and the leaked bill to ban cryptocurrencies— presenting this week’s most important developments in law and tech.
Aadhaar
[July 15] Govt plans Aadhaar based identification of patients to
maintain health records, Live Mint report;
The Indian Express report.
[July 15] Petition in Delhi HC seeking linking of Aadhaar with
property documents, Live Mint report.
[July 15] Government stops verification process using Aadhaar for
driving license, The Economic Times report.
[July 15] Government stops verification process
using Aadhaar for driving license: Nitin Gadkari, ET Auto report.
[July 18] Will Aadhaar interchangeability for
ITR make PAN redundant? Live Mint report.
[July 18] Govt floats idea for Aadhaar-like
database for mapping citizen health, Business Standard report;
Money Control report;
Inc42 report.
[July 19] Linking Aadhaar with Voter ID—
Election Commission to decide within weeks, The Print report;
India Legal analysis.
[July 21] Mumbai man fights against linking
Aadhaar to salary account, The Quint report.
[July 21] Violating SC rules, matrimonial site
sells love, marriage using Aadhaar data, National Herald report.
[July 22] Large cash deposits may soon need
Aadhaar authentication, Times of India report;
Money Control report.
Right to Information
[July 19] Bill to amend RTI law introduced in
Lok Sabha amid opposition, India Today report.
Free Speech
[July 18] Ajaz Khan of Big Boss fame arrested
by Mumbai Police for TikTok video, The Asian Age report;
DNA India report.
[July 19] Guwahati HC grants anticipatory bail
to poets accused of writing communally charged poetry on Assam citizenship
crisis, Live Law report.
Internet Governance
[July 16] MeitY to finalise Intermediary
Liability rules amendment by month end, Medianama report;
Inc42 report.
Data Protection and Data Privacy
[July 17] Canada probing data theft at military
research center: reports, Business recorder report.
[July 17] BJP raises issue of privacy breach by
tech devices in Rajya Sabha, BJD demads more funds, News 18 report.
[July 17] TMC MPs protest outside Parliament in
Delhi, demand to bring Data Protection Law, DNA India report.
[July 16] K Satish Kumar, DNA India, Need more clarity on data bill.
[July 16] Abhishek Banerjee, Swarajya, Richa Bharti: The Free Speech Hero India Needs.
[July 17] Ananth Krishnan, The Print, Three reasons why it’s not Huawei or the highway for India’s 5G future.
[July 17] Rajesh Vellakat, Financial Express, Personal Data Protection Bill: Will it disrupt our data ecosystem?
[July 17] Nouriel Roubini, Live Mint Opinion, Seychelles-based BitMEX and the great crypto heist.
[July 17] Tim O’Reilly, Quartz, Antitrust regulators are using the wrong tools to break up Big Tech.
[July 18] Tiana Zhang, Jodi Wu, Yue Qiu and Richard Sharpe, Mondaq, Newly released draft measures on data security management strengthen China’s data protection framework.
[July 18] Gwyn D’Mello, India Times, If you worry about FaceApp and not your Facebook and Aadhaar, you have bigger problems.
[July 18] Sue Halpern, The New Yorker, How Cyber Weaqpons are changing the landscape of modern warfare.
[July 19] TV Mohandas Pai and Umakant Soni, Financial Express, An AI innovation engine for New India.
[July 20] Amit Cowshish, The Tribune, Indo-US defence trade not free from encumbrances.
[July 20] Umberto Sulpasso, Eurasia Review, Domestic Knowledge Product: Enhancing Wealth, Welfare and National Security—Analysis.
[July 20] Tiffancy C Li, The Atlantic, FaceApp makes today’s privacy laws look antiquated.
[July 20] Tom Robinson, Venture Beat, Crypto can prevent money laundering better than traditional finance.
[July 21] Vimal Kumar Kashyap, The Pioneer, 5G to usher in fourth industrial revolution.
[July 21] Michael Ashley, Forbes, It’s time to fight back for data sovereignty.
[July 22] Vidushi Marda, The Hindu, Facial recognition is an invasive and inefficient tool.
The Parliament passed the Aadhaar Amendment Bill, expected to have a far-reaching impact on data sharing with private companies and State Governments; France rolled out a new “digital tax” for Big Tech, Facebook slapped with a massive $5bn fine by the US FTC, while uncertainty over Huawei’s inclusion in India’s 5G trials deepens — presenting this week’s most important developments in law and tech.
In focus this week: opinions and analyses of the Defence Budget for 2019-20.
Aadhaar
[July 8] Parliament passes Aadhaar amendment bill, The Hindu Business Line report.
[July 8] RS clears bill on voluntary use of Aadhaar as ID proof, Live Mint report.
[July 8] Techie moves Madras High Court assailing compulsory linking of Aadhaar with Universal Account Number (UAN) to avail EPFO pension, The Economic Times report.
[July 9] You are not bound to share Aadhaar data with schools, banks and telcos, DNA India report.
[July 9] ‘Ordinance on Aadhaar use doesn’t survive as House has cleared the Bill’: Centre tells SC, The Hindu report.
[July 10] Aadhaar Bill passage in Parliament: New clause helps secure non-NDA votes, The Economic Times report.
[July 11] PAN not linked to Aadhaar will become invalid from September, Business Standard report.
[July 11] Aadhaar amendments: New clause to allow use of Aadhaar data for state schemes, Live Mint report.
[July 11] Amendment: no Aadhaar for mobile wallet firms, The Economic Times report.
[July 11] All your Aadhaar fears are coming true in Assam, HuffPost India report.
[July 13] Rajya Sabha passes Aadhaar amendment Bill, allows to file complaint in case of security breach, India Today report.
[July 14] You may soon have to pay Rs. 10,000 as fine for entering wrong Aadhaar number for transactions, New 18 report.
Free
Speech
[July 9] Twitter backs off broad limits on ‘Dehumanizing Speech’, The New York Times report.
[July 10] TikTok influencers charged for hate speech and attempting to incite communal violence, Business Insider report.
[July 13] White House Social Media recap, National Public Radio report, CNN report, The New York Times report, Engadget report. The Verge report.
[July 13] FIRs against 10 for poems that try to ‘hinder NRC’ in Assam, Times of India report.
[July 15] RSS wing calls for TikTok, Helo ban, The Economic Times report.
Data
Protection
[July 8] Indian parliament members call for Data Protection Bill and TikTok ban, Inc42 report.
[July 8] British Airways fined record 183 million for data breach involving 500,000 customers: report, Medianama report, BBC report.
[July 9] Digital data protection to be a fundamental right in Brazil as amendment to constitution is approved, Medianama report.
[July 12] Not ‘Okay Google’: Firms admits that workers listen to audio from Assistant, Home, Medianama report, Fox News report, VRT News report.
[July 12] Google data breach faces review by Irish privacy watchdog, Bloomberg report.
[July 13] Facebook fined $ 5 billion by US regulators over privacy and data protection lapses, News 18 report, The Hindu Business Line report.
[July 13] Indian Govt is selling vehicle owner data to companies and citizens don’t have a clue, Inc42 report, Entrackr report.
[July 15] Data protection law must be the same for both private and government players, The New Indian Express report.
Digital
India
[July 15] PMO panel seeks multinational
companies’ inputs on making India electronics hub, ET Telecom report.
Data
Localisation and E-Commerce
[July 11] Gautam Adani woos Amazon and Google
with Indian data hubs, ET Telecom report.
[July 9] A tug of war hots the draft e-commerce policy. US tech
giants want leeway in data localisation, ET Prime report. [paywall]
[July 15] Delhi and Bengaluru customs stop
clearing ‘gifts’, Economic Times report,
Medianama report.
Telecom/5G
[July 15] Inter-ministerial panel clears draft
RFP to select auctioneer for 2019 spectrum sale, ET Telecom report.
More
on Huawei
[July 10] Huawei makes Monaco world’s
fully 5G country, Live Mint report.
[July 10] Huawei ban eased but tech can’t
relax, Financial Times report.
[July 11] NSAB members, Chinese diplomat cross
swords over Huawei, Indian Express report.
[July 12] Doubts over Huawei’s participation in
India’s 5G rollout deepen, Live Mint report, NDTV
Gadgets 360 report.
[July 14] Huawei plans extensive layoffs at its
US operations, Live Mint report, The
Economic Times report.
[July 13] US tells Britain: Fall in line over
China and Huawei, or no trade deal, The Telegraph report.
[July 14] US seeks to discredit UK spies in war
against Huawei, The Times UK report.
Big
Tech: Regulation
[July 11] France passes law taxing digital
giants in defiance of US anger, Agence France Presse report.
[July 10] US Announces Inquiry of French
Digital Tax that may end in tariffs, The New York Times report.
Cryptocurrencies
[July 9] Indian govt to educate top cops on cryptocurrencies,
aiming to investigate crypto matters, CrytpoNewZ report.
[July 9] Facebook to Senators: Libra
crypto will respect privacy, Coin Desk report.
[July 11] Winklevoss-backed crypto
self-regulatory group prepares to woo congress, Coin Desk report.
[July 12] Japanese crypto exchange hacked,
loses $ 32 million, The Hindu Business Line report, Coin
Telegraph report.
[July 13] Study exposes how Russia, Iran and
China are weaponizing crypto, CNN report.
[July 13] China’s illegal crypto mining
crackdown could ignite a bitcoin price rally, CNN report.
[July 15] IRS confirms it trained staff to find
crypto wallets, Coin Desk report.
Emerging
Tech
[July 9] AI in cybersecurity expected to surpass $38 billion, Security
Boulevard report.
[July 14] How aritifical intelligence is
solving different business problems, Financial Express report.
[July 14] Why AI is the future of
cybersecurity, Forbes report.
Cybersecurity
[July
8] Chinese hackers demonstrate their global cyber espionage reach with breach
at 10 of the world’s biggest telecoms, CPO Magazine report.
[July 12] Businesses in India tapping AI to
improve cybersecurity, The Economic Times report,
Fortune India report.
[July 15] Indian IT managers facing budget
crunch for cybersecurity, The Economic Times report.
Tech
and Law Enforcement: Surveillance and Cyber Crime
[July 9] The chase gets a lot easier for tech-wielding cops
now, The Economic Times report.
[July 9] Delhi government begins installing
CCTV cameras inside classrooms to prevent crime: report, Medianama report.
Times now News report.
[July 10] Instagram announces two new
anti-bullying features, Instagram’s announcement, Thw
Wall Street Journal report,
Medianama report.
[July 11] WhatsApp messages can be traced
without diluting encryption, Zee News report.
[July 12] New POCSO bill to expand child porn
definition to include anime, adults posing depicting children, Medianma report,
Hindustan Times report.
[July 12] SC refuses to stay installation of
CCTV cameras in Delhi Government schools, Medianama report, Bar
& Bench report.
Tech
and Military
[July 8] Japan-India security cooperation: Asian giants to expand
their relations to Space, Financial Express report.
[July 8] Bill to tag individuals as ‘terrorist’ introduced in LS,
Opposition protests: The Unlawful Activities (Prevention) Act Amendment Bill,
2019, Business Standard report.
[July 8] Government introduces Bill in Lok Sabha to amend National
Investigation Agency Act, The Economic Times report.
[July 8] Govt to procure 1.86 lakh bullet proof jackets by April
next, The Hindu Business Line report.
[July 8] India, Russia agree on new payment mode for S-400 deal to
get around US sanctions, The Print report.
[July 9] National e-Governance Division to revamp management app
for the army, The Week report.
[July 9] Amazon, Microsoft wage war over the Pentagon’s ‘war
cloud’, NDTV Gadgets 360 report
[July 10] Last chance to get tech: Navy says negotiating next 6
subs to take years, Business Standard report.
[July 10] Tactical communications market
size in the US region is projected to experience substantial proceeds by 2024,
Tech Mag report.
[July 11] Govt says looking at tech to seal
northern and eastern borders, Live Mint report.
[July 11] Army man arrested for leaking info on
national security, The Tribune report.
[July 12] Wait for sniper rifles gets longer,
MoD retracts the RFP issued last year, Financial Express report.
[July 12] India, Russia discuss space
cooperation, The Hindu report
[July 12] Israel arms company signs $100
million missile deal with Indian army, Middle East Monitor report.
Defense
Budget: Reports and Analyses
[July 8] Budget 2019: India redirects foreign aid to Indian ocean
countries, NSCS expenditure hiked, Business Standard report.
Over two weeks after the ban on Huawei was imposed by the United States on suspicions of facilitating espionage on behalf of China, the newly appointed Minister of Electronics and IT, Ravi Shankar Prasad acknowledged that there are ‘complex security concerns’ around the deployment of Huawei’s technology in India. His statement comes soon after the TRAI’s statement emphasizing the need to indigenize telecom infrastructure in the aftermath of the US ban on Huawei.
The Chinese tech giant has been at the centre of controversy even before May 16, when President Trump signed an Executive Order entitled ‘Securing the Information and Communications Technology and Services Supply Chain’, declaring a national cybersecurity emergency, placing Huawei on the ‘Entity List’ of the US Department of Commerce under Supplement 4 to Part 744 of its Export Administration Regulations. This implies that any US persons and corporate entities that continue to do business with Huawei would face heavy penalties that could potentially include criminal sanctions. Owing to the design of export control laws in the United States, the enforcement of the ban in the United States has extraterritorial effects. According to a Reuters report, US Secretary of State Mike Pompeo warned allies of potential difficulties in sustained cooperation and data sharing with the United States if they continued to use Huawei equipment despite the ban.
Huawei in the
United States
Criminal charges
pending against Huawei in US courts include serious
allegations of corporate espionage, bank fraud, theft of trade secrets and most
importantly, conspiracy to violate the International Emergency Economic Powers Act
(50 U.S.C. 1701 et seq) (IEEPA) by export of telecommunications
services provided by a US citizen to Iran without permission from the Office of
Foreign Assets Control (OFAC). It was on the grounds of violation of the IEEPA that
the US successfully urged Canada to detain Huawei’s CFO, Meng Wanzhou, who is
now awaiting potential
extradition to the United States for prosecution
for the crimes alleged against Huawei.
Some in the US
national security community have even argued that this could potentially be an abuse of the
President’s emergency powers under the
IEEPA, the legislation that enables the US to‘financially asphyxiate targeted
countries, entities or individuals’ that pose ‘any unusual and extraordinary
threat’ to US national security interests. Others, based on Trump’s
statement that saw Huawei being potentially included in a
future trade deal with China, take the view that the ban is no more than a
leveraging tool to get concessions from the Chinese Government. Yet more view
it as a measure designed purely to protect US
telecom industries from Chinese competition in the 5G race,
to prevent the US from losing its edge in communications technologies.
A major reason for the rapid rise of Huawei on the global tech scene has been its competitive prices and convenient payment plans. Thanks to the ban, rival companies like Cicso, Ericsson, Nokia and Samsung do indeed, stand to gain significant advantages and grab bigger market shares, but their prices so far have not been able to compete with those offered by their Chinese counterparts.
Despite this ‘emergency’, a week after President Trump signed an Executive Order, the restrictions were eased by the US Department of Commerce to give American companies a 90 days window to adapt to the new restrictions. In the time that has passed, several tech companies have severed business ties with Huawei. Google was the first to respond, cutting off Huawei’s access to its Android platform, restricting existing users’ access to future security patches and updates. Microsoft, Intel, Qualcomm, Xilinx, Broadcomm, Panasonic and British Chip manufacturer ARM soon followed suit, causing serious disruptions in the global ICT supply chain, especially in its smartphone manufacturing. However, the smart phone business is only a small part of Huawei’s overall products range. It is noteworthy that as on date, Huawei controls 28% of the global marketshare in telecom equipment. In the first quarter of 2019, Huawei surpassed Apple to become the world’s second largest manufacturer of smartphones. Much to the worry of American telcos, some forecasts indicate that China is expected to represent 40% of all global 5G connections by 2025.
Although
Huawei’s founder and CEO, Ren Zhengfei has opposed
retaliation by the Chinese Government against Apple or other American tech companies,
it remains to be seen how China will respond in the ongoing trade tensions with
the US. Some changes to
set up a mechanism that allows for higher degree of protection to its own
national security interests have already been introduced in Chinese cyber
security law in response. China has also threatened the creation of a ‘sweeping
blacklist of US firms’ in retaliation. Reports indicate that
the export of rare
earth minerals to China by the US could be the next
frontier in these ‘hostilities’.
In addition, the Chinese Defense Minister Wei Fenghe came out to explicitly state that Huawei was not part of its military, several Chinese officials have refuted US claims alleging that the decision to blacklist Huawei was unsupported by any evidence. Unsurprisingly though, Russia has rolled out the red carpet for Huawei, where it signed a deal to develop 5G infrastructure for Russian telecom provider MTS.
However, the
most important piece of Chinese legislation for India to consider is the
Chinese intelligence law
passed in 2017 that makes it obligatory upon Chinese
companies and other entities to share onshore and offshore data with the
Government as and when called upon in the interest of national security.
Huawei in India
Some have argued
that India would need
to conclusively prove allegations of assisting the
Chinese government in carrying out cyber espionage before taking any concrete steps
to ban Huawei, otherwise India risks undermining its strategic autonomy and
playing into the hands of the US. However, the argument seems focused
exclusively on the rapid introduction and operationalization of 5G in India and
ignores India’s previous run-ins with Huawei’s technology.
Telecom companies through the Cellular Operators Association of India have sought clarification from the Department of Telecommunications (DoT) on its stance qua usage of Huawei-manufactured equipment by telecom operators. Such a clarification is much needed, considering that Huawei has been kept on a see-saw since September 2018, when the US first started attempting to persuade allies to wall out Huawei in the 5G race. In India, Huawei was first excluded, then extended an invitation which was later rescinded. Huawei India’s CEO Jay Chen recently made a statement demanding a ‘level playing field’ for Huawei in the 5G trials, reiterating the request of the Chinese Government from December of last year.
Presently,
telecom operators including Airtel and Vodafone use
Huawei equipment in many of their circles in India. While the TRAI has
highlighted the need for indigenizing of telecom infrastructure, the truth of
the matter is that as on date, almost 60% of
the Government’s telecom equipment, including especially that of BSNL is
supplied by the Chinese companies ZTE and Huawei. This is despite the fact that
BSNL’s allegations
against Huawei of hacking into its networks were
investigated in 2014. This makes the argument that requires conclusive proof of
malicious activity difficult to sustain, if the security of the existing
infrastructure has already been compromised in the past.
Huawei itself has urged the DoT for an expedited decision on its inclusion in the 5G trials, reportedly after having answered all queries posed to it by the DoT. The DoT appears divided on the issue – with one section that views it as an issue of not just technology, but also one of security with geopoilitcal ramifications, and the other seemingly inclined towards Huawei’s inclusion to maintain the competition and mitigate risks of relying on supplies from European vendors alone.
The New Berlin
Wall and India’s Posturing
At the moment,
India seems to have been caught in the middle of what has been dubbed as the
New Cold War in tech–faced with
prohibitively high prices on the one side, and a risk of
Chinese cyber espionage on the other. On this point, some take the view that ‘what is cheap
now may not be good in the long run’. National
security choices require nations to make difficult trade-offs between economic
and strategic goals and considerations, and the contours of the new ‘Great
Powers’ relations are radically different to the one that ended with the fall
of the Berlin Wall. The New York Times
viewed the ban as one that is “about much more than crippling one Chinese tech
giant”, and is forcing “nations to make an agonizing choice: Which side of the
new Berlin Wall do they want to live on?”
In the collision of tech and trade, foreign policy choices of Governments are now closely intertwined with the commercial interests and health of the domestic telecom and tech industries. Although it is reassuring that India’s telecom minister seems intent on taking ‘a serious look’ at the technological advantage versus security concerns calculus before deciding on Huawei’s inclusion in the upcoming 5G trials, remedial and mitigation measures like reviving MTNL and BSNL services are measures for the long run. However, what makes India the desired location for ‘proxy wars’ in tech is the treasure trove of data that lies beneath the massive subscriber base of over 1.19 billion individuals to telecom services. As for the health of domestic markets, if anything, Indian telecom giants like Reliance Jio that uses 4G equipment manufactured by Samsung, could potentially stand to gain from the move, if Huawei were to be excluded from the Indian market and the 5G trials. It remains to be seen whether such a protectionist measure, following the footsteps of the US, would be introduced by the new Government that has re-risen to power on the promise of strengthening national security. A legitimate concern is the threat of retaliatory pressure tactics from the US if India does fail to do so.
It is notable that India has taken some measures to avoid offending the United States’ declared policies, while the decision on Huawei remains pending. A week after the ban, India stopped importing oil from Iran as well as Venezuela to comply with US sanctions after the US ended exemptions for eight countries including India. More recently, the US revoked India’s preferential trade status under the GSP (Generalised System of Preferences) trade program, alleging that India has not “assured the US that it will provide equitable and reasonable access to its markets”. The US-China trade war presents a similar spectrum of choices to India – while the Ministry of Commerce is mulling over the imposition of ‘retaliatory tariffs’, others take the position that India should cut interest rates to take advantage of the trade war to gain a stronger foothold in both markets.
Against the
backdrop of this new political economy of the cybersecurity industry, a new
kind of non-alignment seems to be emerging, creating an unmistakable split in
traditional alliances between NATO members. Only two of the ‘Five Eyes
Alliance’ of intelligence sharing other than the United States – Australia
and New
Zealand responded quickly by banning Huawei in their respective national
jurisdictions. Some European counties, specifically – the UK and Germany,
while also remaining mindful of the risks posed by Chinese covert activity
through its tech industry that has undeniably acquired a global influence, are seemingly
intent on not abandoning Huawei in the design of their 5G infrastructure. Canada
too, while juggling the pending
extradition of Huawei’s CFO to the US, appears determined to make an
independent decision on the 5G question. At the moment, India’s policies seem
to just as non-aligned as those of Germany or the United Kingdom – aimed at maintaining
the free flow of investments and information while steadily moving towards
indigenization of ICT and expansion of markets instead of encouraging
protectionism to curb competition.
Until such time that
India can completely indigenize the equipment, or alter its telecom equipment
procurement policies across the board to exclude obvious threats to
the integrity of our cybersecurity infrastructure, India’s choice seems to be a
limited to a cybersecurity policy along the lines of the Nehruvian-era doctrine
of non-alignment, perhaps with only slight tilt— this time, toward the United
States? It would appear that the time is ripe for NaMo 2.0 to revisit the
doctrine as NAM 2.0, in
a manner that allows India to preserve the security alliance with one side, and
an economic partnership to avoid disruptions and price escalations in our ICT
supply chain on the other. In other words, the need of the hour is ‘to
effectively manage our global opportunities to maximize our choices’ while
preserving strategic autonomy.