The Architecture of Cybersecurity Institutions in India

This is an edited excerpt of Part IV and Annexure ‘B’ of CCG’s Comments to the National Security Council Secretariat on the National Cyber Security Strategy 2020 (NCSS 2020). The full text of the Comments can be accessed here.

This consolidated organogram is a depiction of cyber security institutions in India as an inter-ministerial and inter-departmental ecosystem. Different ministries and departments are in charge of different aspects of national security in general and cyber security in particular.

The National Security Advisor (NSA) holds a rank equivalent to a Cabinet Minister in charge of the National Security Council Secretariat (NSCS) and is the apex officer relating to national security. The NSA is also in charge of the National Technical Research Organization (NTRO) which is a technical intelligence agency under the Prime Minister’s Office (PMO). The National Critical Information Infrastructure Protection Centre (NCIIPC) was established under Section 70A of the Information Technology Act, 2000 and functions as a unit of the NTRO. 

The National Cyber Security Coordinator (NCSC) is the nodal officer for issues related to cybersecurity, functioning under the PMO along side the NSCS to coordinate with different agencies like CERT-In at the national level.

Our research reveals that the Ministry of Communications, Ministry of Electronics and Information Technology (MeitY), Ministry of Home Affairs (MHA), Ministry of Defence (MoD) and the Ministry of External Affairs (MEA) are most relevant to the establishment, operation and maintenance of technical and administrative ecosystem that enables cybersecurity. The departmental structure of each of these Ministries is outlined below.


Ministry of Communications

The Ministry of Communications consists of two Departments – (i) Department of Telecommunications (DoT) and the (ii) Department of Posts.

The DoT deals with  (a) issues of policy, licensing and coordination matters relating to telegraphs, telephones, wireless, data, facsimile and telematic services and other like forms of communications, (b) standardization, research and development in telecommunications, (c) procurement of stores and equipment required by the Department of Telecommunications and (d) administration of laws including the Indian Telegraph Act, 1885 (13 of 1885), the Indian Wireless Telegraphy Act, 1933 (17 of 1933), the Telecom Regulatory Authority of India Act, 1997 (24 of 1997), among others. Within its ambit is also the Digital Communications Commission, which is responsible for implementing the Government’s telecom policy in all matters relating to telecommunication.

Ministry of Electronics and Information Technology

The Ministry for Electronics and Information Technology (MeitY) deals with all policy matters relating to information technology, electronics and the internet (barring issues relating to licensing of Internet Service Providers, which fall within the mandate of the DoT). Its major functions include (a) the administration of matters relating to cyber laws including the Information and Technology Act, 2000, (b) Promotion of standardization, testing and quality in IT and standardization of procedure for IT application and Tasks and (c) digital initiatives including Digital India, among others.

Significantly, the Indian Computer Emergency Response Team (CERT-In) as well as the Unique Identification Authority of India (UIDAI) are both within its ambit. The Cyber Swacchta Kendra (Botnet Cleaning and Malware Analysis Center) functions under CERT-In.

Ministry of Home Affairs

The Ministry of Home Affairs (MHA) discharges multifarious responsibilities, the important among them being – internal security, border management, Centre-State relations, administration of Union Territories, management of Central Armed Police Forces, disaster management, etc. The MHA continuously monitors the internal security situation, issues appropriate advisories, shares intelligence inputs, extends manpower and financial support, guidance and expertise to the State Governments for maintenance of security, peace and harmony.

Among others, the MHA’s Cyber and Information Security Division (consisting of the Cyber Crime Wing, Cyber Security Wing and Monitoring Unit) as well as some wings of the Department of Internal Security including the Modernization Division of the Police and the Counter Terrorism and Counter Radicalization Division have particular relevance to cyber security.

The Indian Cyber Crime Coordination Centre (I4C) was established as a scheme in 2018 to combat cyber crime in a coordinated and effective manner.

Ministry of Defence

The MoD is comprised of four Departments – Department of Defence (DOD), Department of Defence Production (DDP), Defence Research & Development Organisation (DRDO) and Department of Ex-Servicemen Welfare and also Finance Division.

A new Department of Military Affairs has been created recently, and is headed by the Chief of Defence Staff, General Bipin Rawat. Departments that have particular relevance to cybersecurity, including the newly established Defence Cyber Agency are highlighted.

Ministry of External Affairs

The Ministry of External Affairs (MEA) is responsible for all matters relating to India’s external affairs including consular functions. Departments / activities that have relevance to cybersecurity are highlighted in purple, including international security, counter terrorism and others. The New Emerging and Strategic Technologies (NEST) Division was recently set up as the nodal point for all matters connected to new and emerging technologies including exchange of views with foreign governments and coordination with domestic ministries and departments.  News reports indicate that a major restructuring of the MEA is in the offing.

India's Cybersecurity Budget FY 2013-14 to FY 2019-20: Analysis of Budgetary Allocations for Cybersecurity and Related Activities

This is an edited excerpt of Part V and Annexure ‘C’ of CCG’s Comments to the National Security Council Secretariat on the National Cyber Security Strategy 2020 (NCSS 2020). The full text of the Comments can be accessed here.

Note on Research Methodology

CCG compiled the data on allocations (budgeted and revised) and actual expenditure from the Demands for Grants of Ministries as approved by Parliament and presented in the Annual Expenditure Budget of various ministries and their respective departments which are related to cybersecurity from FY 2013-17 to FY 2019-20. 

The departments have been identified from publicly available information represented in the organograms presented as Annexure ‘B’. We understand a ‘relevant department’ to mean those departments which are either directly related to cybersecurity and/or support the functioning of the technical and security aspects of internet governance at large.

We have then identified those budget heads under the Union Budgets for FY 2013-14 through FY 2019-2020, which correspond most closely to the departments identified and highlighted in Annexure ‘B’ to calculate the total allocation to ministries for cybersecurity-related activities. We then analyse this data in under four broad categories:

(I) Department Wise Allocation: The departments that are directly related to the expenditure for cybersecurity are calculated under this heading. Various expenditures under Ministry of Electronics and Information Technology (MEITY), Department of Telecommunication (DOT), and Ministry of Home Affairs are tabulated for this. 

Under MeitY, we have included the budget heads for

  1. Computer Emergency Response Team (CERT-IN),
  2. Centre for Development of Advanced Computing (C-DAC),
  3. Centre for Materials for Electronics and IT (C-MET),
  4. Society for Applied Microwave Electronics Engineering and Research (SAMEER),
  5. Standardization Testing and Quality Certification (STQC),
  6. Controller of Certifying Authorities (CCA), and
  7. Foreign Trade and Export Promotion and
  8. Certain components of the Digital India Initiative, namely:
  • Manpower Development,
  • National Knowledge Network,
  • Promotion of electronics and IT HW manufacturing,
  • Cybersecurity projects (which includes National Cyber Coordination centre and others),
  • Research and Development in Electronics/IT,
  • Promotion of IT/ITeS industries,
  • Promotion of Digital Payment, and
  • Pradhan Mantri Digital Saksharta Abhiyan (PMGDISHA).

Under Ministry of Communication, our focus was only on the Department of Telecommunication. We considered the budget allocated to the following, to come up with the total Department budget. These heads are:

  1. Telecom Regulatory Authority of India (TRAI),
  2. Human Resource Management under National Institute of Communication Finance,
  3. Wireless Planning and Coordination,
  4. Telecom Engineering Centre,
  5. Technology Development and Investment Promotion,
  6. South Asia Sub-Regional Economic Cooperation (SASEC) under Information Highway Project,
  7. Telecom Testing and Security Certification Centre,
  8. Telecom Computer Emergency Response Team,
  9. Central Equipments Identity Register (CEIR),
  10. 5G Connectivity Test Bed,
  11. Promotion of Innovation and Incubation of Future Technologies for Telecom Sector,
  12. Centre for Development of Telematics (C-DoT), and
  13. Labour, Employment and Skill Development.

Under Ministry of Home Affairs, the funds allocated for the following budget heads have been included:

  1. Education, Training and Research purposes,
  2. Criminology and Forensic Science,
  3. Modernisation of Police Forces and Crime and Criminal Tracking Network and Systems (CCTNS),
  4. Indian Cyber Crime Coordination Centre, and
  5. Technical and Economic Cooperation with Other Countries.

All these budget heads were tabulated to come up with the total for department wise allocation. Along with departments mentioned under ‘Supporting Departments’, all these departments were again classified on the basis of their functions and activities,  and analysed under (III).

(II) Supporting Department Wise Allocation: While certain expenditures of the Ministry of Defence, Ministry of External Affairs, Department of Telecommunication, and Ministry of Home Affairs can potentially be used for cybersecurity-related activities, but it it is not possible to infer from the Demands for Grants, the share of cyber in the total allocation, we have treated them as ‘allocations to supporting departments’. In this data, the total funds indicated may not be directly related to cybersecurity efforts, but they contribute towards the larger security and governance framework, which enables the creation of a secure ecosystem for cyber. These headings are tabulated under this section.

Under Ministry of Defence, the following heads were considered to contribute towards the larger security and governance framework in cyberspace:

  1. Navy/Joint Staff,
  2. Ordnance Factories R&D,
  3. Research and Development, including the Research and Development component of R&D head,
  4. Capital Outlay on R&D, and
  5. Technology Development and Assistance for Prototype Development under Make Procedure

Under Ministry of External Affairs, we considered the following heads as important contributors:

  1. The Special Diplomatic Expenditure,
  2. Expenditure for International Cooperation,
  3. Expenditure for Technical and Economic Cooperation with other Countries, and
  4. Other Expenditure of Ministry

Under Department of Telecommunication again, there were several heads that we considered not to be directly related to cybersecurity, but they did significantly contribute towards it. These include allocations for

  1. Defence Spectrum,
  2. Capital Outlay on Telecommunication and Electronic Industries,
  3. Capital Outlay on Other Communication Services, and
  4. Universal Service Obligation Fund (USOF)

Under Ministry of Home Affairs, the departments that are involved with defence and intelligence along with law enforcement are important to be considered for cybersecurity. Thus we included the allocations for

  1. Intelligence Bureau,
  2. NATGRID,
  3. Delhi Police, and
  4. Capital Outlay on Police.

(III) Activity Wise Allocation: For further analysis, we have categorized the expenditures mentioned in Department Wise Allocation into five categories, each of which have been identified as constituent elements of the three Pillars of Strategy namely:

  1. Human Resource Development Component (Strengthen)
  2. Technical Research & Development Component, Capacity Building (Strengthen/Synergize)
  3. International Cooperation and Investment Promotion Component (Secure/Synergise)
  4. Standardisation, Quality Testing and Certification Component (Strengthen)
  5. Active Cyber Incident Response/ Defence Operations and Security Component (Secure/Strengthen)      

The total for these are calculated to identify if any trends or patterns emerge in expenditure by the ministries. Apart from the ministries covered in classifications (I) and (II), we have also included budgets of two other heads/departments. Namely, these are (i) the allocation towards corporate data management under the authority of the Ministry of Corporate Affairs, which has been included in category (5) indicated above and (ii) the allocation towards technical and economic cooperation with other countries for the Department of Economic Affairs under the Ministry of Finance, which has been included in category (3) indicated above.

(IV) Ministries share over Financial Year: The total value tabulated in Department wise allocation and supporting department wise allocation for the ministries is then used to calculate the share of budget allocated to Cyber Security and related activities with respect to the total budget allocation of ministries. The ministries taken into account, which contribute significantly to Cyber Security and related activities are:

  1. Department of Telecommunication (under the Ministry of Communications),
  2. Ministry of Defence,
  3. Ministry of External Affairs,
  4. Ministry of Electronics and Information Technology,
  5. Ministry of Home Affairs, and
  6. Department of Science and Technology (under the Ministry of Science and Technology).

Ministry-wise Allocations and Expenditure on Cybersecurity and Related Activities FY 2013-14 to FY 2019-20

Figure 9 depicts actual expenditure (from FY 2013-14 to FY 2017-18), the Revised Expenditure (RE) for FY 2018-19 and Budgeted Expenditure for FY 2019-20. With the exception of FY 2016-17, we can see a clear trend of increasing allocations for expenditure towards cyber-security related activities, especially for the DoT. It is relevant to point out that this representation also includes the expenditure on Departments playing a supporting role in cybersecurity activities, such as the IDS/Joint Staff and R&D under the Ministry of Defence (MoD) as well as the MEA’s expenditure on international technical cooperation. As the expenditure incurred on cybersecurity related activities alone cannot be inferred from these budget heads, they have been treated as Departments playing a supporting role for cybersecurity efforts and included in overall expenditure.

Figure 9: Ministry-wise Total Expenditure on Cybersecurity and Related Activities
FY 2013-14 to FY 2019-20

Figure 10 is a narrower subset of the expenses indicated in Figure 9. It represents the allocations to Departments in Ministries that have been entrusted with core activities that contribute towards cybersecurity operations, R&D, e-Governance and internet governance at large. These include, to name a few, the promotion of electronics and IT hardware manufacturing and other initiatives such as Digital India, C-DAC, NCCC and other similar programmes under MeitY, TRAI, C-DoT and the 5G test bed under the authority of the DoT and MHA’s expenses towards modernization of police forces, forensics, and initiatives such as the Indian Cyber Crime Coordination Centre.

Figure 10 reveals an immediate upsurge in such allocations in the time period during and immediately after the formulation of the National Cyber Security Policy 2013, after which the allocations begin to dwindle in FY 2014-15. We can also note that with the exception of FY 2015-16 actual expenditure is consistently lower than the Budgeted Expenditure allocated to all these Ministries for cybersecurity related activities.

Figure 10: Ministry-wise Total Expenditure on Cybersecurity and Related Activities
FY 2013-14 to FY 2019-20

It is interesting to note that if we convert the absolute figures represented in Figure 10 into percentages, and represent the same data set as such, it reveals a remarkable consistency and a clear pattern emerges in burden-sharing between these three Ministries (MHA, MeitY and DoT under the Ministry of Communications).

Figure 11 depicts the same allocations indicated as absolute figures in Figure 10 as percentages of the total expenditure on core cybersecurity activities. It is clear that the MHA consistently bears the bulk of expenses on cyber security related activities, clearly with an emphasis on cyber crimes. The remaining half seems to be divided between MeitY and DoT more or less equally. FY 2015-16 allocations and actual expenditure in FY 2014-15 is the only exception to this equal distribution.

Figure 11: Ministry-wise Total Allocation for Cybersecurity and Related Activities
FY 2013-14 to FY 2019-20

Activity-wise Allocation and Expenditure on Cybersecurity

To further analyse how these budgetary allocations are being utilized, we have re-categorized the expenditures mentioned in Department/Ministry wise allocation into five categories, each of which have been identified as constituent elements of the three Pillars of Strategy namely: 

  1. Human Resource Development Component (Strengthen)
  2. Technical Research and Development Component, Capacity Building (Strengthen/Synergize)
  3. International Cooperation and Investment Promotion Component (Secure/Synergise)
  4. Standardization, Quality Testing and Certification Component (Strengthen)
  5. Active Cyber Incident Response/ Cyber Defence Operations and Security Component (Secure/Strengthen)

The total expenses incurred for these allocations are calculated to identify if any trends or patterns emerge to identify which activities are being prioritized according to the actual expenditure incurred by the relevant ministries. It is important to note that none of these categories include any expenses earmarked for cyber defence operations under the MoD, as the budget heads do not permit drawing such an inference in its current format.

In this reclassification, we have included one budget head each for two other Departments that do not figure in the data represented in Figures 9, 10 or 11. Namely, these are (a) the allocation towards corporate data management under the authority of the Ministry of Corporate Affairs, which has been included in category (5) indicated above and (b) the allocation towards technical and economic cooperation with other countries for the Department of Economic Affairs under the Ministry of Finance, which has been included in category (3) indicated above.

Figure 12 represents activity-wise trends in these Ministries’ actual expenditure. The figures for FY 2018-19 and FY 2019-20 represent the RE and BE for those years, respectively. It is not surprising that the expenditure on international cooperation and investment promotion towers over all other activities, as the allocated expenses would contribute to overall cooperation efforts at the international level and the promotion of investment broadly, and not only cybersecurity. Nonetheless, these are crucial contributions to enhancing India’s cybersecurity posture at home and abroad. For a clearer analysis, we remove the indicator for expenses towards international cooperation and investment promotion in Figure 13.

Figure 12: Activity-wise Expenditure for Cyber Security
FY 2013-14 to FY 2019-20
Figure 13: Activity-wise Expenditure for Cybersecurity FY 2013-14 to FY 2019-20 (excluding international cooperation and investment promotion)

From Figure 13, we can clearly infer which of the four activities at the core of the Government’s cybersecurity efforts are being prioritized in terms of allocation of budgetary resources. Clearly, emphasis on equipment testing and certification needs to be sharpened. There is an apparent tension between the funds that are made available for active cybersecurity operations and programmes on the one hand, and investments in human resource development on the other.

We submit that in both these areas, the Government must look to the private sector to create synergies and supplement the financial resources available for these particular activities. We also recommend that the expenditure earmarked for quality testing, development of technical standards and certification should be increased, and accorded greater priority than before.

Share of Ministries’ Budget Allocated to Cybersecurity and Related Activities

If we try to contextualize the utilization of funds made available for cybersecurity-related activities against the total allocations to relevant Ministries, there is no identifiable trend in expenditure patterns of the MEA, MeitY and DoT. Figure 14 represents the total expenditure on cybersecurity-related activities as a percentage of the total expenses allocated to the relevant Ministry. Cybersecurity-related activities appear to be fluctuating in terms of the priority accorded to them over time, in the diversion of financial resources towards this area. The contribution of the Department of Science and Technology towards R&D in cybersecurity has been consistently low, almost negligible. This has only changed with the establishment of the National Mission on Interdisciplinary Cyber Physical Systems in FY 2018-19. has been MHA’s share of expenditure on cybersecurity activities appears relatively more consistent, and could potentially be leveraged to create synergies for the rationalization of expenditure across Ministries.

Figure 14: Share of Cybersecurity-related Activities in Total Budget Allocated to Ministries

Budget for NCSS 2020?

In anticipation of the National Cyber Security Strategy 2020 expected to be released soon, we will be closely monitoring the the Union Budget for FY 2020-21 for fresh allocations to the relevant departments indicated in our analysis. We will also be on the lookout for fresh allocations that may be relevant to various components of the NCSS 2020. Watch this space for more on India’s Cybersecurity Budget 2020, coming soon!

Right to Privacy: The Puttaswamy Effect

By Sangh Rakshita and Nidhi Singh

The Puttaswamy judgement of 2017 reaffirmed the ‘Right to Privacy’ as a fundamental right in Indian Jurisprudence. Since then, it has been used as an important precedent in many cases, to emphasize upon the right to privacy as a fundamental right and to clarify the scope of the same. In this blog, we discuss some of the cases of the Supreme Court and various High Courts, post August 2017, which have used the Puttaswamy judgement and the tests laid in it to further the jurisprudence on right to privacy in India. With the Personal Data Protection Bill tabled in 2019, the debate on privacy has been re-ignited, and as such, it is important to explore the contours of the right to privacy as a fundamental right, post the Puttaswamy judgement.   

Navtej Singh Johar and ors Vs. Union of India (UOI) and Ors., 2018 (Supreme Court)

In this case, the Supreme Court of India unanimously held that Section 377 of the Indian Penal Code 1860 (IPC), which criminalized ‘carnal intercourse against the order of nature’, was unconstitutional in so far as it criminalized consensual sexual conduct between adults of the same sex. The petition, challenged Section 377 on the ground that it was vague and it violated the constitutional rights to privacy, freedom of expression, equality, human dignity and protection from discrimination guaranteed under Articles 14, 15, 19 and 21 of the Constitution. The Court relied upon the judgement in the case of K.S. Puttaswamy v. Union of India, which held that denying the LGBT community its right to privacy on the ground that they form a minority of the population would be violative of their fundamental rights, and that sexual orientation forms an inherent part of self-identity and denying the same would be violative of the right to life.

Justice K.S. Puttaswamy and Ors. vs. Union of India (UOI) and Ors., 2018 (Supreme Court)

 The Supreme Court upheld the validity of the Aadhar Scheme on the ground that it did not violate the right to privacy of the citizens as minimal biometric data was collected in the enrolment process and the authentication process is not exposed to the internet. The majority upheld the constitutionality of the Aadhaar Act, 2016 barring a few provisions on disclosure of personal information, cognizance of offences and use of the Aadhaar ecosystem by private corporations. They relied on the fulfilment of the proportionality test as laid down in the Puttaswamy (2017) judgment.

Joseph Shine vs. Union of India (UOI), 2018 (Supreme Court)

The Supreme Court decriminalised adultery in this case where the constitutional validity of Section 497 (adultery) of IPC and Section 198(2) of Code of Criminal Procedure, 1973 (CrPC) was challenged. The Court held that in criminalizing adultery, the legislature has imposed its imprimatur on the control by a man over the sexuality of his spouse – in doing that, the statutory provision fails to meet the touchstone of Article 21. Section 497 was struck down on the ground that it deprives a woman of her autonomy, dignity and privacy and that it compounds the encroachment on her right to life and personal liberty by adopting a notion of marriage which subverts true equality. Concurring judgments in this case referred to Puttaswamy to explain the concepts of autonomy and dignity, and their intricate relationship with the protection of life and liberty as guaranteed in the Constitution. They relied on the Puttaswamy judgment to emphasize the dangers of the “use of privacy as a veneer for patriarchal domination and abuse of women.” They also cited Puttaswamy to elucidate that privacy is the entitlement of every individual, with no distinction to be made on the basis of the individual’s position in society.

Indian Young Lawyers Association and Ors. vs. The State of Kerala and Ors., 2018 (Supreme Court)

In this case, the Supreme Court upheld the right of women aged between 10 to 50 years to enter the Sabrimala Temple. The court held Rule 3(b) of the Kerala Hindu Places of Public Worship (Authorisation of Entry) Rules, 1965, which restricts the entry of women into the Sabarimala temple, to be ultra vires (i.e. not permitted under the Kerala Hindu Places of Public Worship (Authorisation of Entry) Act, 1965). While discussing the guarantee against social exclusion based on notions of “purity and pollution” as an acknowledgment of the inalienable dignity of every individual J. Chandrachud (in his concurring judgment) referred to Puttaswamy specifically to explain dignity as a facet of Article 21. In the course of submissions, the Amicus to the case had submitted that the exclusionary practice in its implementation results in involuntary disclosure by women of both their menstrual status and age which amounts to forced disclosure that consequently violates the right to dignity and privacy embedded in Article 21 of the Constitution of India.

(The judgement is under review before a 9 judge constitutional bench.)

Vinit Kumar Vs. Central Bureau of Investigation and Ors., 2019 (Bombay High Court)

This case dealt with phone tapping and surveillance under section 5(2) of the Indian Telegraph Act, 1885 (Telegraph Act) and the balance between public safety interests and the right to privacy. Section 5(2) of the Telegraph Act permits the interception of telephone communications in the case of a public emergency, or where there is a public safety requirement. Such interception needs to comply with the procedural safeguards set out by the Supreme Court in PUCL v. Union of India (1997), which were then codified as rules under the Telegraph Act. The Bombay High Court applied the tests of legitimacy and proportionality laid down in Puttaswamy, to the interception orders issued under the Telegraph Act, and held that in this case the order for interception could not be substantiated in the interest of public safety and did not satisfy the test of “principles of proportionality and legitimacy” as laid down in Puttaswamy. The Bombay High Court quashed the interception orders in question, and directed that the copies / recordings of the intercepted communications be destroyed.

Central Public Information Officer, Supreme Court of India vs. Subhash Chandra Agarwal, 2019 (Supreme Court)

In this case, the Supreme Court held that held that the Office of the Chief Justice of India is a ‘public authority’ under the Right to Information Act, 2005 (RTI Act) – enabling the disclosure of information such as the Judges personal assets. In this case, the Court discussed the privacy impact of such disclosure extensively, including in the context of Puttaswamy. The Court found that the right to information and right to privacy are at an equal footing, and that there was no requirement to take a view that one right trumps the other. The Court stated that the proportionality test laid down in Puttaswamy should be used by the Information Officer to balance the two rights, and also found that the RTI Act itself has sufficient procedural safeguards built in, to meet this test in the case of disclosure of personal information.

X vs. State of Uttarakhand and Ors., 2019 (Uttarakhand High Court)

In this case the petitioner claimed that she had identified herself as female, and undergone gender reassignment surgery and therefore should be treated as a female. She was not recognized as female by the State. While the Court primarily relied upon the judgment of the Supreme Court in NALSA v. Union of India, it also referred to the judgment in Puttaswamy. Specifically, the judgment refers to the finding in Puttaswamy that the right to privacy is not necessarily limited to any one provision in the chapter on fundamental rights, but rather intersecting rights. The intersection of Article 15 with Article 21 locates a constitutional right to privacy as an expression of individual autonomy, dignity and identity. The Court also referred to the Supreme Court’s judgment in Navtej Singh Johar v. Union of India, and on the basis of all three judgments, upheld the right of the petitioner to be recognized as a female.

(This judgment may need to be re-examined in light of the The Transgender Persons (Protection of Rights) Bill, 2019.)

Indian Hotel and Restaurant Association (AHAR) and Ors. vs. The State of Maharashtra and Ors., 2019 (Supreme Court)

This case dealt with the validity of the Maharashtra Prohibition of Obscene Dance in Hotels, Restaurant and Bar Rooms and Protection of Dignity of Women (Working therein) Act, 2016. The Supreme Court held that the applications for grant of licence should be considered more objectively and with open mind so that there is no complete ban on staging dance performances at designated places prescribed in the Act. Several of the conditions under the Act were challenged, including one that required the installation of CCTV cameras in the rooms where dances were to be performed. Here, the Court relied on Puttaswamy (and the discussion on unpopular privacy laws) to set aside the condition requiring such installation of CCTV cameras.

(The Puttaswamy case has been mentioned in at least 102 High Court and Supreme Court judgments since 2017.)

[September 30-October 7] CCG’s Week in Review Curated News in Information Law and Policy

Huawei finds support from Indian telcos in the 5G rollout as PayPal withdrew from Facebook’s Libra cryptocurrency project; Foreign Portfolio Investors moved MeitY against in the Data Protection Bill; the CJEU rules against Facebook in case relating to takedown of content globally; and Karnataka joins list of states considering implementing NRC to remove illegal immigrants – presenting this week’s most important developments in law, tech and national security.

Digital India

  • [Sep 30] Why the imminent global economic slowdown is a growth opportunity for Indian IT services firms, Tech Circle report.
  • [Sep 30] Norms tightened for IT items procurement for schools, The Hindu report.
  • [Oct 1] Govt runs full throttle towards AI, but tech giants want to upskill bureaucrats first, Analytics India Magazine report.
  • [Oct 3] – presenting this week’s most important developments in law, tech and national security. MeitY launches smart-board for effective monitoring of the key programmes, The Economic Times report.
  • [Oct 3] “Use human not artificial intelligence…” to keep a tab on illegal constructions: Court to Mumbai civic body, NDTV report.
  • [Oct 3] India took 3 big productivity leaps: Nilekani, Livemint report.
  • [Oct 4] MeitY to push for more sops to lure electronic makers, The Economic Times report; Inc42 report.
  • [Oct 4] Core philosophy of Digital India embedded in Gandhian values: Ravi Shankar Prasad, Financial Express report.
  • [Oct 4] How can India leverage its data footprint? Experts weigh in at the India Economic Summit, Quartz report.
  • [Oct 4] Indians think jobs would be easy to find despite automation: WEF, Tech Circle report.
  • [Oct 4] Telangana govt adopts new framework to use drones for last-mile delivery, The Economic Times report.
  • [Oct 5] Want to see ‘Assembled in India’ on an iPhone: Ravi Shankar Prasad, The Economic Times report.
  • [Oct 6] Home market gets attractive for India’s IT giants, The Economic Times report.

Internet Governance

  • [Oct 2] India Govt requests maximum social media content takedowns in the world, Inc42 report; Tech Circle report.
  • [Oct 3] Facebook can be forced to delete defamatory content worldwide, top EU court rules, Politico EU report.
  • [Oct 4] EU ruling may spell trouble for Facebook in India, The Economic Times report.
  • [Oct 4] TikTok, TikTok… the clock is ticking on the question whether ByteDance pays its content creators, ET Tech report.
  • [Oct 6] Why data localization triggers a heated debate, The Economic Times report.
  • [Oct 7] Sensitive Indian govt data must be stored locally, Outlook report.

Data Protection and Privacy

  • [Sep 30] FPIs move MeitY against data bill, seek exemption, ET markets report, Inc42 report; Financial Express report.
  • [Oct 1] United States: CCPA exception approved by California legislature, Mondaq.com report.
  • [Oct 1] Privacy is gone, what we need is regulation, says Infosys Kris Gopalakrishnana, News18 report.
  • [Oct 1] Europe’s top court says active consent is needed for tracking cookies, Tech Crunch report.
  • [Oct 3] Turkey fines Facebook $282,000 over data privacy breach, Deccan Herald report.

Free Speech

  • [Oct 1] Singapore’s ‘fake news’ law to come into force Wednesday, but rights group worry it could stifle free speech, The Japan Times report.
  • [Oct 2] Minister says Singapore’s fake news law is about ‘enabling’ free speech, CNBC report.
  • [Oct 3] Hong Kong protests: Authorities to announce face mask ban, BBC News report.
  • [Oct 3] ECHR: Holocaust denial is not protected free speech, ASIL brief.
  • [Oct 4] FIR against Mani Ratnam, Adoor and 47 others who wrote to Modi on communal violence, The News Minute report; Times Now report.
  • [Oct 5] UN asks Malaysia to repeal laws curbing freedom of speech, The New Indian Express report.
  • [Oct 6] When will our varsities get freedom of expression: PC, Deccan Herald report.
  • [Oct 6] UK Government to make university students sign contracts limiting speech and behavior, The Times report.
  • [Oct 7] FIR on Adoor and others condemned, The Telegraph report.

Aadhaar, Digital IDs

  • [Sep 30] Plea in SC seeking linking of social media accounts with Aadhaar to check fake news, The Economic Times report.
  • [Oct 1] Why another omnibus national ID card?, The Hindu Business Line report.
  • [Oct 2] ‘Kenyan court process better than SC’s approach to Aadhaar challenge’: V Anand, who testified against biometric project, LiveLaw report.
  • [Oct 3] Why Aadhaar is a stumbling block in Modi govt’s flagship maternity scheme, The Print report.
  • [Oct 4] Parliament panel to review Aadhaar authority functioning, data security, NDTV report.
  • [Oct 5] Could Aahdaar linking stop GST frauds?, Financial Express report.
  • [Oct 6] Call for liquor sale-Aadhaar linking, The New Indian Express report.

Digital Payments, Fintech

  • [Oct 7] Vision cash-lite: A billion UPI transactions is not enough, Financial Express report.

Cryptocurrencies

  • [Oct 1] US SEC fines crypto company Block.one for unregistered ICO, Medianama report.
  • [Oct 1] South Korean Court issues landmark decision on crypto exchange hacking, Coin Desk report.
  • [Oct 2] The world’s most used cryptocurrency isn’t bitcoin, ET Markets report.
  • [Oct 2] Offline transactions: the final frontier for global crypto adoption, Coin Telegraph report.
  • [Oct 3] Betting on bitcoin prices may soon be deemed illegal gambling, The Economist report.
  • [Oct 3] Japan’s financial regulator issues draft guidelines for funds investing in crypto, Coin Desk report.
  • [Oct 3] Hackers launch widespread botnet attack on crypto wallets using cheap Russian malware, Coin Desk report.
  • [Oct 4] State-backed crypto exchange in Venezuela launches new crypto debit cards, Decrypt report.
  • [Oct 4] PayPal withdraws from Facebook-led Libra crypto project, Coin Desk report.
  • [Oct 5] Russia regulates digital rights, advances other crypto-related bills, Bitcoin.com report.
  • [Oct 5] Hong Kong regulates crypto funds, Decrypt report.

Cybersecurity and Cybercrime

  • [Sep 30] Legit-looking iPhone lightening cables that hack you will be mass produced and sold, Vice report.
  • [Sep 30] Blackberry launches new cybersecurity development labs, Infosecurity Mgazine report.
  • [Oct 1] Cybersecurity experts warn that these 7 emerging technologies will make it easier for hackers to do their jobs, Business Insider report.
  • [Oct 1] US government confirms new aircraft cybersecurity move amid terrorism fears, Forbes report.
  • [Oct 2] ASEAN unites to fight back on cyber crime, GovInsider report; Asia One report.
  • [Oct 2] Adopting AI: the new cybersecurity playbook, TechRadar Pro report.
  • [Oct 4] US-UK Data Access Agreement, signed on Oct 3, is an executive agreement under the CLOUD Act, Medianama report.
  • [Oct 4] The lack of cybersecurity talent is ‘a  national security threat,’ says DHS official, Tech Crunch report.
  • [Oct 4] Millions of Android phones are vulnerable to Israeli surveillance dealer attack, Forbes report; NDTV report.
  • [Oct 4] IoT devices, cloud solutions soft target for cybercriminals: Symantec, Tech Circle report.
  • [Oct 6] 7 cybersecurity threats that can sneak up on you, Wired report.
  • [Oct 6] No one could prevent another ‘WannaCry-style’ attack, says DHS official, Tech Crunch report.
  • [Oct 7] Indian firms rely more on automation for cybersecurity: Report, ET Tech report.

Cyberwarfare

  • [Oct 2] New ASEAN committee to implement norms for countries behaviour in cyberspace, CNA report.

Tech and National Security

  • [Sep 30] IAF ready for Balakot-type strike, says new chief Bhadauria, The Hindu report; Times of India report.
  • [Sep 30] Naval variant of LCA Tejas achieves another milestone during its test flight, Livemint report.
  • [Sep 30] SAAB wants to offer Gripen at half of Rafale cost, full tech transfer, The Print report.
  • [Sep 30] Rajnath harps on ‘second strike capability’, The Shillong Times report.
  • [Oct 1] EAM Jaishankar defends India’s S-400 missile system purchase from Russia as US sanctions threat, International Business Times report.
  • [Oct 1] SC for balance between liberty, national security, Hindustan Times report.
  • [Oct 2] Startups have it easy for defence deals up to Rs. 150 cr, ET Rise report, Swarajya Magazine report.
  • [Oct 3] Huawei-wary US puts more pressure on India, offers alternatives to data localization, The Economic Times report.
  • [Oct 4] India-Russia missile deal: What is CAATSA law and its implications?, Jagran Josh report.
  • [Oct 4] Army inducts Israeli ‘tank killers’ till DRDO develops new ones, Defence Aviation post report.
  • [Oct 4] China, Russia deepen technological ties, Defense One report.
  • [Oct 4] Will not be afraid of taking decisions for fear of attracting corruption complaints: Rajnath Singh, New Indian Express report.
  • [Oct 4] At conclave with naval chiefs of 10 countries, NSA Ajit Doval floats an idea, Hindustan Times report.
  • [Oct 6] Pathankot airbase to finally get enhanced security, The Economic Times report.
  • [Oct 6] rafale with Meteor and Scalp missiles will give India unrivalled combat capability: MBDA, The Economic Times report.
  • [Oct 7] India, Bangladesh sign MoU for setting up a coastal surveillance radar in Bangladesh, The Economic Times report; Decaan Herald report.
  • [Oct 7] Indian operated T-90 tanks to become Russian army’s main battle tank, EurAsian Times report.
  • [Oct 7] IAF’s Sukhois to get more advanced avionics, radar, Defence Aviation post report.

Tech and Law Enforcement

  • [Sep 30] TMC MP Mahua Mitra wants to be impleaded in the WhatsApp traceability case, Medianama report; The Economic Times report.
  • [Oct 1] Role of GIS and emerging technologies in crime detection and prevention, Geospatial World.net report.
  • [Oct 2] TRAI to take more time on OTT norms; lawful interception, security issue now in focus, The Economic Times report.
  • [Oct 2[ China invents super surveillance camera that can spot someone from a crowd of thousands, The Independent report.
  • [Oct 4] ‘Don’t introduce end-to-end encryption,’ UK, US and Australia ask Facebook in an open letter, Medianama report.
  • [Oct 4] Battling new-age cyber threats: Kerala Police leads the way, The Week report.
  • [Oct 7] India govt bid to WhatsApp decryption gets push as UK,US, Australia rally support, Entrackr report.

Tech and Elections

  • [Oct 1] WhatsApp was extensively exploited during 2019 elections in India: Report, Firstpost report.
  • [Oct 3] A national security problem without a parallel in American democracy, Defense One report.

Internal Security: J&K

  • [Sep 30] BDC polls across Jammu, Kashmir, Ladakh on Oct 24, The Economic Times report.
  • [Sep 30] India ‘invaded and occupied Kashmir, says Malaysian PM at UN General Assembly, The Hindu report.
  • [Sep 30] J&K police stations to have CCTV camera surveillance, News18 report.
  • [Oct 1] 5 judge Supreme court bench to hear multiple pleas on Article 370, Kashmir lockdown today, India Today report.
  • [Oct 1] India’s stand clear on Kashmir: won’t accept third-party mediation, India Today report.
  • [Oct 1] J&K directs officials to ensure all schools reopen by Thursday, NDTV report.
  • [Oct 2]] ‘Depressed, frightened’: Minors held in Kashmir crackdown, Al Jazeera report.
  • [Oct 3] J&K: When the counting of the dead came to a halt, The Hindu report.
  • [Oct 3] High schools open in Kashmir, students missing, The Economic Times report.
  • [Oct 3] Jaishanakar reiterates India’s claim over Pakistan-occupied Kashmir, The Hindu report.
  • [Oct 3] Normalcy prevails in Jammu and Kashmir, DD News report.
  • [Oct 3] Kashmiri leaders will be released one by one, India Today report.
  • [Oct 4] India slams Turkey, Malaysia remarks on J&K, The Hindu report.
  • [Oct 5] India’s clampdown hits Kashmir’s Silicon Valley, The Economic Times report.
  • [Oct 5] Traffic cop among 14 injured in grenade attack in South Kashmir, NDTV report; The Economic Times report.
  • [Oct 6] Kashmir situation normal, people happy with Article 370 abrogation: Prkash Javadekar, Times of India report.
  • [Oct 7] Kashmir residents say police forcibly taking over their homes for CRPF troops, Huffpost India report.

Internal Security: Northeast/ NRC

  • [Sep 30] Giving total control of Assam Rifles to MHA will adversely impact vigil: Army to Govt, The Economic Times report.
  • [Sep 30] NRC list impact: Assam’s foreigner tribunals to have 1,600 on contract, The Economic Times report.
  • [Sep 30] Assam NRC: Case against Wipro for rule violation, The Hindu report; News18 report; Scroll.in report.
  • [Sep 30] Hindu outfits demand NRC in Karnataka, Deccan Chronicle report; The Hindustan Times report.
  • [Oct 1] Centre extends AFPSA in three districts of Arunachal Pradesh for six months, ANI News report.
  • [Oct 1] Assam’s NRC: law schools launch legal aid clinic for excluded people, The Hindu report; Times of India report; The Wire report.
  • [Oct 1] Amit Shah in Kolkata: NRC to be implemented in West Bengal, infiltrators will be evicted, The Economic Times report.
  • [Oct 1] US Congress panel to focus on Kashmir, Assam, NRC in hearing on human rights in South Asia, News18 report.
  • [Oct 1] NRC must for national security; will be implemented: Amit Shah, The Hindu Business Line report.
  • [Oct 2] Bengali Hindu women not on NRC pin their hope on promise of another list, citizenship bill, The Print report.
  • [Oct 3] Citizenship Amendment Bill has become necessity for those left out of NRC: Assam BJP president Ranjeet Das, The Economic Times report.
  • [Oct 3] BJP govt in Karnataka mulling NRC to identify illegal migrants, The Economic Times report.
  • [Oct 3] Explained: Why Amit Shah wants to amend the Citizenship Act before undertaking countrywide NRC, The Indian Express report.
  • [Oct 4] Duplicating NPR, NRC to sharpen polarization: CPM, Deccan Herald report.
  • [Oct 5] We were told NRC India’s internal issue: Bangladesh, Livemint report.
  • [Oct 6] Prasanna calls NRC ‘unjust law’, The New Indian Express report.

National Security Institutions

  • [Sep 30] CRPF ‘denied’ ration cash: Govt must stop ‘second-class’ treatment. The Quint report.
  • [Oct 1] Army calls out ‘prejudiced’ foreign report on ‘torture’, refutes claim, Republic World report.
  • [Oct 2] India has no extraterritorial ambition, will fulfill regional and global security obligations: Bipin Rawat, The Economic Times report.

More on Huawei, 5G

  • [Sep 30] Norway open to Huawei supplying 5G equipment, Forbes report.
  • [Sep 30] Airtel deploys 100 hops of Huawei’s 5G technology, The Economic Times report.
  • [Oct 1] America’s answer to Huawei, Foreign Policy report; Tech Circle report.
  • [Oct 1] Huawei buys access to UK innovation with Oxford stake, Financial Times report.
  • [Oct 3] India to take bilateral approach on issues faced by other countries with China: Jaishankar, The Hindu report.
  • [Oct 4] Bharti Chairman Sunil Mittal says India should allow Huawei in 5G, The Economic Times report
  • [Oct 6] 5G rollout: Huawei finds support from telecom industry, Financial Express report.

Emerging Tech: AI, Facial Recognition

  • [Sep 30] Bengaluru set to roll out AI-based traffic solution at all signals, Entrackr report.
  • [Sep 1] AI is being used to diagnose disease and design new drugs, Forbes report.
  • [Oct 1] Only 10 jobs created for every 100 jobs taken away by AI, The Economic Times report.
  • [Oct 2]Emerging tech is helping companies grow revenues 2x: report, ET Tech report.
  • [Oct 2] Google using dubious tactics to target people with ‘darker skin’ in facial recognition project: sources, Daily News report.
  • [Oct 2] Three problems posed by deepfakes that technology won’t solve, MIT Technology Review report.
  • [Oct 3] Getting a new mobile number in China will involve a facial recognition test, Quartz report.
  • [Oct 4] Google contractors targeting homeless people, college students to collect their facial recognition data: Report, Medianama report.
  • [Oct 4] More jobs will be created than are lost from the IA revolution: WEF AI Head, Livemint report.
  • [Oct 6] IIT-Guwahati develops AI-based tool for electric vehicle motor, Livemint report.
  • [Oct 7] Even if China misuses AI tech, Satya Nadella thinks blocking China’s AI research is a bad idea, India Times report.

Big Tech

  • [Oct 3] Dial P for privacy: Google has three new features for users, Times of India report.

Opinions and Analyses

  • [Sep 26] Richard Stengel, Time, We’re in the middle of a global disinformation war. Here’s what we need to do to win.
  • [Sep 29] Ilker Koksal, Forbes, The shift toward decentralized finance: Why are financial firms turning to crypto?
  • [Sep 30] Nistula Hebbar, The Hindu, Govt. views grassroots development in Kashmir as biggest hope for peace.
  • [Sep 30] Simone McCarthy, South China Morning Post, Could China’s strict cyber controls gain international acceptance?
  • [Sep 30] Nele Achten, Lawfare blog, New UN Debate on cybersecurity in the context of international security.
  • [Sep 30[ Dexter Fergie, Defense One, How ‘national security’ took over America.
  • [Sep 30] Bonnie Girard, The Diplomat, A firsrhand account of Huawei’s PR drive.
  • [Oct 1] The Economic Times, Rafale: Past tense but furture perfect.
  • [Oct 1] Simon Chandler, Forbes, AI has become a tool for classifying and ranking people.
  • [Oct 2] Ajay Batra, Business World, Rethink India! – MMRCA, ESDM & Data Privacy Policy.
  • [Oct 2] Carisa Nietsche, National Interest, Why Europe won’t combat Huawei’s Trojan tech.
  • [Oct 3] Aruna Sharma, Financial Express, The digital way: growth with welfare.
  • [Oct 3] Alok Prasanna Kumar, Medianama, When it comes to Netflix, the Government of India has no chill.
  • [Oct 3] Fredrik Bussler, Forbes, Why we need crypto for good.
  • [Oct 3] Panos Mourdoukoutas, Forbes, India changed the game in Kashmir – Now what?
  • [Oct 3] Grant Wyeth, The Diplomat, The NRC and India’s unfinished partition.
  • [Oct 3] Zak Doffman, Forbes, Is Huawei’s worst Google nightmare coming true?
  • [Oct 4] Oren Yunger, Tech Crunch, Cybersecurity is a bubble, but it’s not ready to burst.
  • [Oct 4] Minakshi Buragohain, Indian Express, NRS: Supporters and opposers must engage each other with empathy.
  • [Oct 4] Frank Ready, Law.com, 27 countries agreed on ‘acceptable’ cyberspace behavior. Now comes the hard part.
  • [Oct 4] Samir Saran, World economic Forum (blog), 3 reasons why data is not the new oil and why this matters to India.
  • [Oct 4] Andrew Marantz, The New York Times, Free Speech is killing us.
  • [Oct 4] Financial Times editorial, ECJ ruling risks for freedom of speech online.
  • [Oct 4] George Kamis, GCN, Digital transformation requires a modern approach to cybersecurity.
  • [Oct 4] Naomi Xu Elegant and Grady McGregor, Fortune, Hong King’s mask ban pits anonymity against the surveillance state.
  • [Oct 4] Prashanth Parameswaran, The Diplomat, What’s behind the new US-ASEAN cyber dialogue?
  • [Oct 5] Huong Le Thu, The Strategist, Cybersecurity and geopolitics: why Southeast Asia is wary of a Huawei ban.
  • [Oct 5] Hannah Devlin, The Guardian, We are hurtling towards a surveillance state: the rise of facial recognition technology.
  • [Oct 5] PV Navaneethakrishnan, The Hindu Why no takers? (for ME/M.Tech programmes).
  • [Oct 6] Aakar Patel, Times of India blog, Cases against PC, letter-writing celebs show liberties are at risk.
  • [Oct 6] Suhasini Haidar, The Hindu, Explained: How ill purchases from Russia affect India-US ties?
  • [Oct 6] Sumit Chakraberty, Livemint, Evolution of business models in the era of privacy by design.
  • [Oct 6] Spy’s Eye, Outlook, Insider threat management.
  • [Oct 6] Roger Marshall, Deccan Herald, Big oil, Big Data and the shape of water.
  • [Oct 6] Neil Chatterjee, Fortune, The power grid is evolving. Cybersecurity  must too.
  • [Oct 7] Scott W Pink, Modaq.com, EU: What is GDPR and CCPA and how does it impact blockchain?
  • [Oct 7] GN Devy, The Telegraph, Has India slid into an irreversible Talibanization of the mind?
  • [Oct 7] Susan Ariel Aaronson, South China Morning Post, The Trump administration’s approach to AI is not that smart: it’s about cooperation, not domination.

India’s new Defence Cyber Agency—II: Balancing Constitutional Constraints and Covert Ops?

By Gunjan Chawla

In our previous post on India’s cyber defence infrastructure, we discussed the new Defence Cyber Agency (DCA), one of the three tri-service agencies announced at the Combined Commander’s Conference last year. Under the leadership of Rear Admiral Mohit Gupta, appointed as its head in April this year, the DCA is expected to serve a dual purpose—first, to fight virtual wars in the cyber dimension and second, to formulate a doctrine of cyberwarfare. In doing so, it is expected to contribute towards a cybersecurity strategy policy which integrates cyberwarfare with conventional military operations. In June, Lt. Col. Rajesh Pant, the National Cyber Security Coordinator announced that the new cybersecurity strategy policy will be released early in 2020.

The utilisation of cyberspace for military operations holds the potential to infuse a certain ‘jointness’ among the Army, Navy and Air Force. Lt. Gen. (Retd.) DS Hooda pointed out the herculean task that lies ahead of Rear Admiral Gupta– “to find a way to work around vertical stovepipes into which the three services have enclosed themselves”. The tri-services nature of the DCA could potentially compel the three services to share operational information and resources on a regular basis, which would further help to formulate a comprehensive and robust cyber defence infrastructure for the country.

From Coordination to Integration

Since the appointment of Rear Admiral Gupta as the head of the DCA, the Government has made only one announcement that has a significant bearing on its role and functioning. The Prime Minister’s announcement in August about the creation of a new position of a Chief of Defence Staff (CDS) is a welcome step and is expected to catalyse the move from coordination to integration  in the operations of the Army, Navy and Air Force and the operationalization of the three tri-services agencies. The burden of this herculean task entrusted to Admiral Gupta will now presumably, be shared by the CDS.

Unlike the Chairman of the Chiefs of Staff Committee (COSC), which is an additional position occupied by the senior-most officer among the three Chiefs, who serves as primus inter pares, or the first among equals – the CDS will be above the three chiefs, and act as a single-point military advisor to the Government and coordinate long term planning, procurements and logistics of the three service. However, there is long way to go between the announcement of this reform and its actual implementation.

Each of these two announcements – the setting up of the DCA, as well as creation of the CDS post necessitates certain changes in the legislated structure of the three wings of the armed forces for two distinct, but related reasons.

First, because the present legislations that govern the composition and structure of the three wings do not offer sufficient guidance for routine operations conducted jointly by the three wings, nor do they envision an officer superior in rank to the Chiefs of the three services.

The Central Government has the power to make rules under S. 191(2)(l) of the Army Act, 1950 to provide for the relative rank of the officers, junior commissioned officers, petty officers and non-commissioned officers of the regular Army, Navy and Air Force when acting together. S. 189(2)(l) of the Air Force Act, 1950 also confers the same power with respect to the Air Force. However, such a provision to make rules is conspicuous by its absence in the Navy Act, 1957. S. 184(2) of the Navy Act, 1957 confers upon the Central Government, the power to make regulations to provide for the relative rank, precedence, powers of command and authority of officers and sailors in the naval service in relation to members of the regular Army and the Air Force, but this makes no specific reference to the situation when members of three forces are acting together. Instead, S. 7 of the Navy Act provides that

“When members of the regular Army and the Air Force are serving with the Indian Navy or the Indian Naval Reserve Forces under prescribed conditions, then those members of the Army or the Air Force shall exercise such command, if any, and be subjected to such discipline as may be prescribed [under this Act].”

Additionally, the provision states that it cannot be deemed to authorise members of the regular Army or the Air Force to exercise powers of punishment over members of the Indian Navy. This provision is rooted in the colonial history of our naval laws, as it was felt that as the conditions of service at sea differed from that on land and because the erstwhile Navy (Discipline) Act, 1934 differed in many respects to the law relating to the Army and the Air Force, no attempt should be made to assimilate the revised Navy Act in other respects to the law relating to the Army and Air Force. Oddly enough, such unique demands of the sea as a theatre of war that prevented assimilation of the three wings are amplified in the case of cyberspace as a distinct, but connected theatre of war and deserve appropriate recognition in law – in a manner that encourages integration.

The existence of such disparate provisions on the conditions of service of members of the three forces when acting together could foreseeably, prove to be a hurdle in implementing integration for the creation of tri-services agencies. Additionally, the rank, powers and office of a Chief of Defence Staff is not defined or recognized in either of the three Acts. Should such a post be created by the issuing of rules or regulations by the Central Government, they would have to be laid before Parliament, pursuant to S. 185 of the Navy Act, S. 193A of the Army Act and S. 191A of the Air Force Act. In the current state of the law, it is unclear which of these three Acts could be invoked to formulate rules to create such a post in a manner that facilitates such integration.

The second reason is that the advent of cyberwarfare has brought nation-states into what can be described to as the fourth dimension of warfare—military operations that were until recently restricted to the physical domains of land, sea and air have now entered the virtual realm. The growing risk of cyber espionage and breaches of information security of Government agencies, like the ones in 2008 highlight the urgent need for such coordination to ensure prompt, proportionate responses. Thus, we need to prepare a framework not only because the conduct of hostilities now requires unprecedented, seamless integration between the three forces, but also because these hostilities will be conducted in an entirely new dimension, which possesses certain unique characteristics and limitations as a distinct operational theatre for military action.

Accordingly, the question of whether the Government would treat the breach of ‘India’s cyberspace’ by foreign actors, at par with violations of our sovereign territory, airspace or territorial waters must be answered in the affirmative.

At the minimum, this should include, (1) defence communications and operational networks, (2) security of the Government communication networks (3) security of classified and privileged information and (4) critical information infrastructure (CII) should be considered constituent components of our sovereign-protected cyberspace. Since the promulgation and notification of the Information Technology (Critical Information Infrastructure Protection Centre and Manner of Performing Functions and Duties) Rules, 2014, CII falls within the purview of the NCIIPC. Rule 3(4) excludes systems notified by the Ministry of Defence (MoD) as critical information infrastructure. To enable this legally, (1), (2) and (3) ought to be notified by the MoD as such, and explicitly entrusted to the DCA for appropriate action for their protection with appropriate directions.

Constitutional Constraints on Waging War in Cyberspace

Indeed, our cyber forces have been fashioned as an ‘agency’ and not a ‘service’ unto themselves, but contemporary research indicates that with appropriate training and experience, the agency is expected to provide the base for, and grow into a full-fledged Cyber Command.  However, we cannot rely solely on emergency powers under Article 352 of the Constitution as the starting point of our analysis of the legal framework that applies to India’s defensive operations in the cyber realm. Such an analysis leads us to arguments in favour of invoking the fundamental duties of citizens Article 51A for boosting the recruitment of cyber warriors. Such a system can only remain functional, if at all, on an ad-hoc basis. The domain of Parliamentary action cannot reasonably be restricted on the premise that cyberattacks against Government agencies are the ‘new normal’. The State must prepare for the eventuality that ad hoc arrangements set up as necessary reactions to security breaches need to be institutionalized in law. It is not sufficient to assert that the exigencies of cyberwarfare make it inefficient to seek Parliamentary sanction. And so, the military establishment that engages in hostilities with foreign actors in cyberspace, whether fashioned as an agency, service or command, should be read into the phrase ‘any other armed forces’ of Entry 2 of Schedule VII.

When it comes to the defence of India, the Constitution is unambiguous.

Article 53(2) of the Constitution declares that the supreme command of the armed forces of the Union shall be vested in the President and the exercise thereof shall be regulated by law. (emphasis added) Article 53(3)(b) also states that nothing in this Article shall “prevent Parliament from conferring by law functions on authorities other than the President”.

Article 246(1) of the Constitution vests legislative powers in the Parliament. The provision refers to Schedule VII, which identifies specific areas upon which Parliament is entitled to legislate in the national security domain. These areas include the following:

1. Entry 1 refers to “the Defence of India and every part thereof including preparation for defence and all such acts as may be conducive in times of war to its prosecution and after its termination to effective demobilization.”

2. Entry 2 places “naval, military and air forces; and any other armed forces of the Union” within the legislative competence of Parliament. To this effect, The Army Act and Air Force Act were adopted by the Parliament in 1950 and the Navy Act in 1957.

3. Entry 7 refers to “Industries declared by Parliament by law to be necessary for the purpose of defence or for the prosecution of war”. Although the IT sector is treated as a strategic sector by the Government, no such law has been enacted by Parliament.

The language of Article 246 indicates that Parliament is competent to legislate on these issues. However, the use of the word ‘shall’ in the language Article 53 suggests that Parliament is duty-bound to enact such a law. This can also be inferred from the language of Article 73(1) of the Constitution, which states that “The Executive power of the Union shall extend –(a) to matters with respect to which Parliament has the power to make laws”. This makes it clear that the exercise of the Executive power is made conditional on the legislative competence of the Parliament, and not vice versa.

So far, no specific legislation has been forthcoming from Parliament to approve or regulate the exercise of the executive power to engage in cyberwarfare, nor has the Government proposed any. However, the promulgation of a Cybersecurity Act that would cover not only various cyber-related crimes, offences, forensic and policing, but also, have enabling provisions for cyber war and defences against cyber war has been proposed by other think tanks, and even Admiral Gupta himself.

Thus, the power to make preparations for prosecution of war in cyberspace should be backed by Parliamentary sanction. Such an enactment would also help clarify many other questions and streamline the contours of India’s cybersecurity infrastructure and institutions. For example, the domain of authority of the DCA and its relationship with its civilian counterparts including the National Cyber Security Coordinator (NCSC) and the Indian Computer Emergency Response Team (CERT-In) remain unclear. With proper consideration and consultations, the setting up of the DCA could potentially open the doors to enhanced, perhaps even institutionalised civilian-military cooperation that begins in cyber operations and permeates into conventional operations as well.

Two new domains—space and cyber—enabled by high technology, offer unprecedented opportunities for enhanced communication and coordination among wings of the armed forces in all theaters of war, and be used as force multipliers for intelligence analysis, mission planning and control.[i] Given their crucial role in intelligence analysis, foreseeably, the Government could model the agency as one that ‘cyber-supports’ military operations, but  with a greater emphasis on covert operations rather than conventional warfare.  In such a scenario, we may expect that its structure and functioning would be shrouded in secrecy, analogous to the Research and Analysis Wing (R&AW) or the Intelligence Bureau (IB). This means that the DCA would work closely with the Defence Intelligence Agency (DIA). While structures analogous to existing intelligence agencies could potentially allow greater freedom of action for cyber operations, it could also compromise the DCA’s potential to draw upon civilian expertise.

In the interest of widening the pool from which the DCA recruits and trains its cyber-warriors, a proper legislative mandate would go a long way in establishing and strengthening strategic partnerships with the private sector, where most of the country’s tech talent is currently employed.


[i] As an aside, it is pertinent to mention that India’s entry into the fifth dimension i.e. space remains debatable— even after carrying out the first successful test of anti-satellite (ASAT) weapon and being in the process of setting up a Defense Space Agency, our policies still espouse the principle of peaceful uses of outer space.

[September 9-16] CCG’s Week in Review: Curated News in Information Law and Policy

This week Telecom Minister RS Prasad announced 5G spectrum allocation this year, or by early 2020; The Supreme Court will hear matters relating to Article 370, including communication shutdowns and detentions on Monday; Indian trader bodies seek bans on Amazon and Flipkart festive sales; and MEITY constitutes a non-personal data committee to be headed by S. Gopalakrishnan.

Aadhaar

  • [Sep 13] Linking of social media with Aadhaar: Supreme Court asks govt to share plans, Livemint report.
  • [Sep 14] IT ministry doesn’t favour linking Aadhaar & social media accounts, The Times of India report.
  • [14 Sep] PAN-Aadhaar cards linkage deadline this month. How to link or check status, Livemint report.
  • [Sep 15] Aadhaar verification to be mandatory for new dealers from January 2020: GST Network, Business Today report.

Digital India and MEITY

  • [Sep 10] MeitY pings UIDAI on Aadhaar-social media linking, The Economic Times report.
  • [Sep 11] MeitY Demands Update Over Objectionable Content From Facebook, Twitter, Inc42 report.
  • [Sep 16] When Yogi Adityanath stepped in to stop Samsung from leaving UP, The Hindustan Times report.
  • [Sep 16] Indian govt forms committee to recommend governance norms for non-personal data, Infosys’ Gopalakrishnan to head it, Medianama report; Business Standard report; Indian Express report; ET Tech report.

Data Protection and Governance

  • [Sep 12] 4 New Data Protection Trends in India Jeopardize Innovation, The Diplomat report.
  • [Sep 12] Government’s proposed data protection bill to be significant in building data privacy norms in India: Omidyar Network India, CNBCTV18 report.
  • [Sep 12] School ‘bans’ surnames because of ‘data protection’, Metro UK report.
  • [Sep 13] Hefty Fines Considered for Noncompliance with Russia’s Data Protection, Internet Laws, Lexology.com report.

Online Content Regulation

  • [Sep 10] Govt & Social Media Regulation: A year of ups & downs, yet no clarity, ET Tech report.
  • [Sep 10] India: Minimum Modicum Of Obscenity & Need Of Online Content Regulation In India, Mondaq.com report.
  • [Sep 11] Host Violent Content? In Australia, You Could Go to Jail, The Ney York Times report.
  • [Sep 12] Internet regulator instructs platforms to create ‘healthy’ online environment, Technode report.
  • [Sep 15] Universities In Iran Implementing Tough New Regulation To Deter Students From Activism, Radio Farda report.
  • [Sep 16] Major streaming platforms commit to produce responsible content, The Manilla Times report.

E-Commerce

  • [Sep 10] Jack Ma steps down as Alibaba chairman, CEO Daniel Zhang to succeed him, Medianama report.
  • [Sep 14] CAIT urges government to ban festival sales by e-commerce players, The Times of India report.
  • [Sep 16] Indian Trader Body Seeks Ban on Amazon, Flipkart’s Festive Season Sales: Report, First Post report.
  • [Sep 16] US antitrust officials investigate Amazon’s marketplace practices, Medianama report.

Cryptocurrency and FinTech

  • [Sep 13] Lord Mayor of London leads fintech mission to India, The Economic Times report.
  • [Sep 13] RBI should give FinTech firms access to transaction and account history data: Finance Ministry’s FinTech report, Medianama report.
  • [Sep 14] Trump Executive Order Banning A Cryptocurrency Could Mutate Into Far-Reaching Law, Forbes report.
  • [Sep 15] Wall Street banks are upping bets on their potential fintech competitors, CNBC report.
  • [Sep 15] Regulators to question Facebook over new Libra cryptocurrency, The Guardian report.
  • [Sep 16] Report: Philippine Police Raid Alleged Cryptocurrency Scam, Arrest 277, Cointelegraph report.

Cybersecurity

  • [Sep 10] Smart Cities Will Require Smarter Cybersecurity, The Wall Street Journal report.
  • [Sep 12] Delhi Airport Facial Recognition Trial Calls for Establishment of Cybersecurity Laws, News18 report.
  • [Sep 16] NZ provides $10 million to help Pacific countries lift cybersecurity capability, CIO New Zealand report; ZDnet report.
  • [Sep 16] Chicago Brokerage to Pay $1.5 million Fine for Lack of Cybersecurity, Securitymagazine.com report.
  • [Sep 16] Cybercriminals Are Targeting Pharma Companies, And India Sees The Sixth Highest Attacks, News18 report.

Tech and National Security

  • [Sep 13] California lawmakers ban facial-recognition software from police body cams, CNN Business report.
  •  [Sep 16] U.S. Targets North Korean Hacking as Rising National-Security Threat, Wall Street Journal report.

Tech and Elections

  • [Sep 15] Snapchat launches political ads library as 2020 election ramps up, CNN Business report.

Internal Security: J&K

  • [Sep 15] SC to hear pleas against Centre’s move to abrogate Article 370, restrictions in J&K on Monday, Zee News report.
  • [Sep 15] ‘If Political Party Can Avail it, Why Not Locals?’ Internet Access to BJP From Media Centre Irks Kashmiris, News18 report.
  • [Sep 16] Farooq Abdullah detained under Public Safety Act for 12 days, The Hindu report.
  • [Sep 16] Kashmir LIVE: Not a Single Bullet Fired Since Scrapping of J&K’s Special Status, Centre Tells SC, News 18 report.
  • [Sep 16] SC asks Centre, J&K to restore normalcy in state keeping in mind national interest, The Times of India report.

Internal Security

  •  [Sep 13] National security: Fortifying Defence, India Today report.
  • [Sep 15] Will implement NRC in Haryana, says CM Khattar, The Times of India report.
  • [Sep 16] Will Implement Citizens’ List “When UP Needs It”: Yogi Adityanath, NDTV report.

Telecom/5G

  • [Sep 10] Telcos face another hit, may have to pay Rs 41,000 crore more as spectrum charges, The Economic Times report.
  • [Sep 16] Telecom department aims to connect uncovered villages by 2022, ET Telecom report.
  • [Sep 16] 5G spectrum auction this year or in early 2020: Telecom Minister RS Prasad, Medianama report.
  • [Sep 16] WhatsApp offers India traceability alternatives, ET Telecom report.

More on Huawei

  • [Sep 9] New Huawei ‘Workaround’ May Put Google Apps Back On Mate 30, Evading Blacklist, Forbes report.
  • [Sep 14] Huawei Offers To License 5G Technology To U.S. To Flush Out Trump, Forbes report.
  • [Sep 15] Trade war between US and China follows Huawei to Africa, South China Morning Post report.
  • [Sep 16] US semiconductor companies urge Trump to hurry Huawei licenses, South China Morning Post report.

Emerging Tech

  • [Sep 10] 21 per cent Indian IT managers consider Internet of Things threats top security risk, The New Indian Express report.
  • [Sep 12] Artificial intelligence: Expert committee to explore the development of a legal framework, The Council of Europe press release.
  • [Sep 15] Ericsson acquires Niche AI workforce for India centre, The Hindu Business Line report.

Opinions and Analyses

  • [Sep 12] Editorial, The New York Times, What Won’t Netanyahu Say to Get Re-elected?
  • [Sep 13] Editorial, The Hindu, John Bolton goes: On the sacking of U.S. National Security Advisor.
  • [Sep 15] Karen Roby, Tech Republic, How holding off on 5G can save money and help the environment.
  • [Sep 15] Editorial, Wall Street Journal, Why London Spurned Hong Kong.
  • [Sep 15] Michael Bloomberg, The New York Post, Rage has free speech under siege on the American campus.
  • [Sep 15] Editorial, The Hindustan Times, The language question.
  • [Sep 16] Editorial, The Hindu, Effort worth emulation: On Rajasthan’s public information portal.
  • [Sep 16] Markandey Katju, The Hindu, The litmus test for free speech.

[September 2-9] CCG’s Week in Review: Curated News in Information Law and Policy

This week, Delhi International Airport deployed facial recognition on a ‘trial basis’ for 3 months, landline communications were restored in Kashmir as the Government mulls over certification for online video streaming platforms like Netflix and PrimeVideo – presenting this week’s most important developments in law, tech and national security.

Aadhaar

  • [Sep 3] PAN will be issued automatically using Aadhaar for filing returns: CBDT, DD News report.
  • [Sep 3] BJD set to collect Aadhaar numbers of its members in Odisha, Opposition parties slam move, News 18 report; The New Indian Express report; Financial Express report.
  • [Sep 5] Aadhaar is secure, says ex-UIDAI chief, Times of India report.
  • [Sep 5] Passport-like Aadhaar centre opened in Chennai: Online appointment booking starts, Livemint report.
  • [Sep 8] Plans to link Janani Suraksha and Matra Vandan schemes with Aadhaar: CM Yogi Adityanath, Times of India report.

Digital India

  • [Sep 5] Digital media bodies welcome 26% FDI cap, Times of India report.
  • [Sep 6] Automation ‘not  threat’ to India’s IT industry, ET Tech report.
  • [Sep 6] Tech Mahindra to modernise AT&T network systems, Tech Circle report.

Data Protection and Governance

  • [Sep 2] Health data comes under the purview of Data Protection Bill: IAMAI, Inc42 report.
  • [Sep 2] Credit history should not be viewed as sensitive data, say online lenders, Livemint report.
  • [Sep 3] MeitY may come up with policy on regulation of non-personal data, Medianama report.
  • [Sep 3] MeitY to work on a white paper to gain clarity on public data regulations, Inc42 report.
  • [Sep 6] Treating data as commons is more beneficial, says UN report, Medianama report.
  • [Sep 9] Indian Government may allow companies to sell non-personal data of its users, Inc42 report, The Economic Times report.
  • [Sep 9] Tech firms may be compelled to share public data of its users, ET Tech report.

Data Privacy and Breaches

  • [Sep 2] Chinese face-swap app Zao faces backlash over user data protection, KrAsia report; Medianama report.
  • [Sep 2] Study finds Big Data eliminates confidentiality in court judgments, Swiss Info report.
  • [Sep 4] YouTube will pay $170 million to settle claims it violated child privacy laws, CNBC report; FTC Press Release.
  • [Sep 4] Facebook will now let people opt-out of its face recognition feature, Medianama report.
  • [Sep 4] Mental health websites in Europe found sharing user data for ads, Tech Crunch report.
  • [Sep 5] A huge database of Facebook users’ phone numbers found online, Tech Crunch report.
  • [Sep 5] Twitter has temporarily disabled tweet to SMS feature, Medianama report.
  • [Sep 6] Fake apps a trap to track your device and crucial data, ET Tech report.
  • [Sep 6] 419 million Facebook users phone numbers leaked online, ET Tech report; Medianama report
  • [Sep 9] Community social media platform, LocalCircles, highlights data misuse worries, The Economic Times report.

Free Speech

  • [Sep 7] Freedom of expression is not absolute: PCI Chairman, The Hindu report.
  • [Sep 7] Chennai: Another IAS officer resign over ‘freedom of expression’, Deccan Chronicle report.
  • [Sep 8] Justice Deepak Gupta: Law on sedition needs to be toned down if not abolished, The Wire report.

Online Content Regulation

  • [Sep 3] Government plans certification for Netflix, Amazon Prime, Other OTT Platforms, Inc42 report.
  • [Sep 4] Why Justice for Rights went to court, asking for online content to be regulated, Medianama report.
  • [Sep 4] Youtube claims new hate speech policy working, removals up 5x, Medianama report.
  • [Sep 6] MeitY may relax norms on content monitoring for social media firms, ET Tech report; Inc42 report; Entrackr report.

E-Commerce

  • [Sep 4] Offline retailers accuse Amazon and Flipkart of deep discounting, predatory pricing and undercutting, Medianama report; Entrackr report.
  • [Sep 6] Companies rely on digital certification startups to foolproof customer identity, ET Tech report.

Digital Payments and FinTech

  • [Sep 3] A sweeping reset is in the works to bring India in line with fintech’s rise, The Economic Times report.
  • [Sep 3] Insurance and lending companies in agro sector should use drones to reduce credit an insurance risks: DEA’s report on fintech, Medianama report.
  • [Sep 3] Panel recommends regulating fintech startups, RBI extends KYC deadline for e-wallet companies, TechCircle report.
  • [Sep 4] NABARD can use AI and ML to create credit scoring registry: Finance Ministry report on FinTech, Medianama report.
  • [Sep 5] RBI denies action against Paytm Payments bank over PIL allegation, Entrackr report.
  • [Sep 5] UPI entities may face market share cap, ET Tech report.
  • [Sep 6] NBFC license makes fintech startups opt for lending, ET Tech report.
  • [Sep 9] Ease access to credit history: Fintech firms, ET Markets report.

Cryptocurrencies

  • [Sep 1] Facebook hires lobbyists to boost crypto-friendly regulations in Washington, Yahoo Finance report.
  • [Sep 2] US Congress urged to regulate crypto under Bank Secrecy Act, Coin Telegraph report.
  • [Sep 2] Indian exchanges innovate as calls for positive crypto regulation escalate, Bitcoin.com report.
  • [Sep 4] Marshall Islands official explains national crypto with fixed supply, Coin Telegraph report.
  • [Sep 5] Apple thinks cryptocurrency has “long-term potential”, Quartz report.
  • [Sep 5] NSA reportedly developing quantum-resistant ‘crypto’, Coin Desk report.
  • [Sep 6] Crypto stablecoins may face bottleneck, ET Markets report.

Cybersecurity

  • [Sep 3] Google’s Android suffers sustained attacks by anti-Ugihur hackers, Forbes report.
  • [Sep 4] Firefox will not block third-party tracking and cryptomining by default for all users, Medianama report.
  • [Sep 4] Insurance companies are fueling ransomware attacks, Defense One report.
  • [Sep 5] Firms facing shortage of skilled workforce in cybersecurity: Infosys Research, The Economic Times report.
  • [Sep 5] Cybersecurity a boardroom imperative in almost 50% of global firms: Survey, Outlook report; ANI report.
  • [Sep 5] DoD unveils new cybersecurity certification model for contractors, Federal News Network report.
  • [Sep 5] Jigsaw Academy launches cybersecurity certification programme in India, DQ India report.
  • [Sep 6] Indians lead the world as Facebook Big Bug Hunters, ET Tech report.
  • [Sep 6] Australia is getting a new cybersecurity strategy, ZD Net report.
  • [Sep 9] China’s 5G, industrial internet roll-outs to fuel more demand for cybersecurity, South China Morning Post report.

Tech and National Security

  • [Sep 3] Apache copters to be inducted today, The Pioneer report.
  • [Sep 3] How AI will predict Chinese and Russian moves in the Pacific, Defense One report.
  • [Sep 3] US testing autonomous border-patrol drones, Defense One report.
  • [Sep 3] Meet the coalition pushing for ‘Cyber Peace’ rules. Defense One report.
  • [Sep 4] US wargames to try out concepts for fighting China, Russia, defense One report.
  • [Sep 4] Southern Command hosts seminar on security challenges, Times of India report; The Indian Express report
  • [Sep 4] Russia, already India’s biggest arms supplier, in line for more, Business Standard report.
  • [Sep 4] Pentagon, NSA prepare to train AI-powered cyber defenses, Defense One report.
  •  [Sep 5] Cabinet clears procurement of Akash missile system at Rs. 5500 crore, Times Now report.
  • [Sep 5] India to go ahead with $3.1 billion US del for maritime patrol aircraft, The Economic Times report.
  • [Sep 5] DGCA certifies ‘small’ category drone for complying with ‘No-Permission, No-Takeoff’ protocol, Medianama report.
  • [Sep 5] India has never been aggressor but will not hesitate in using its strength to defend itseld: Rajnath Singh, The Economic Times report.
  • [Sep 5] Panel reviewing procurement policy framework to come out with new versions of DPP, DPM by March 2020, The Economic Times report; Business Standard report; Deccan Herald report.
  • [Sep 5] Russia proposes joint development of submarines with India, The Hindu report.
  • [Sep 7] Proud of you: India tells ISRO after contact lost with CHandrayaan-2 lander, India Today report.

Tech and Elections

  • [Sep 4] ECI asks social media firms to follow voluntary code of ethics ahead of state polls: report, Medianama report.
  • [Sep 6] Congress party to reorganise its data analytics department, Medianama report.
  • [Sep 5] Why the 2020 campaigns are still soft targets for hackers, Defense One report.
  • [Sep 5] Facebook meets with FBI to discuss election security, Bloomberg report.
  • [Sep 5] Facebook is making its own AI deepfakes to head off a disinformation disaster, MIT Tech Review report.

Internal Security: J&K

  • [Sep 4] Long convoy, intel failure: Multiple lapses led to Pulwama terror attack, finds CRPF inquiry, India Today report; Kashmir Media Service report; The Wire report.
  • [Sep 4] Extension of President’s Rule in Kashmir was not delayed, MHA says in report to SC lawyer’s article, Scroll.in report.
  • [Sep 6] Landline communication restored in Kashmir Valley: Report, Medianama report.
  • [Sep 7] Kashmir’s Shia areas face curbs, all Muharram processions banned, The Quint report.
  • [Sep 7] No question of army atrocities in Kashmir as it’s only fighting terrorists: NSA Ajit Doval, India Today report.
  • [Sep 8] More than 200 militants trying to cross into Kashmir from Pakistan: Ajit Doval, Money Control report.
  • [Sep 8] ‘Such unilateral actions are futile’, says India after Pakistan blocks airspace for President Kovind, Scroll.in report; NDTV report.

Internal Security: NRC

  • [Sep 2] Contradictory voices in Assam Congress son NRC: Tarun Gogoi slams it as waste paper, party MP says historic document, India Today report.
  • [Sep 3] Why Amit Shah is silent on NRC, India Today report.
  • [Sep 7] AFSPA extended for 6 months in Assam, Deccan Herald report.
  • [Sep 7] At RSS mega meet, concerns over Hindus being left out of NRC: Sources, Financial Express report.

National Security Institutions and Legislation

  • [Sep 5] Azhar, Saeed, Dawood declared terrorists under UAPA law, Deccan Herald report; The Economic Times report.
  • [Sep 8] Home Minister says India’s national security apparatus more robust than ever, Livemint report.
  • [Sep 8] Financial safety not national security reason for women to join BSF: Study, India Today report.

Telecom/5G

  • [Sep 6] Security is an issue in 5G: NCSC Pant on Huawei, Times of India report.

More on Huawei

  • [Sep 1] Huawei believes banning it from 5G will make countries insecure, ZD Net report.
  • [Sep 2] Huawei upbeat on AI strategy for India, no word on 5G roll-out plans yet, Business Standard report.
  • [Sep 3] Huawei denies US allegations of technology theft, NDTV Gadgets 260 report; Business Insider report; The Economic Times report.
  • [Sep 3] Shocking Huawei ‘Extortion and Cyberattack’ allegations in new US legal fight, Forbes report; Livemint report, BBC News report; The Verge report
  • [Sep 3] Committed to providing the most advanced products: Huawei, ET Telecom report.
  • [Sep 4] Huawei says 5G rollout in India will be delayed by 3 years if it’s banned, Livemint report
  • [Sep 4] Trump not interested in talking Huawei with China, Tech Circle report.
  • [Sep 5] Nepal’s only billionaire enlists Huawei to transform country’s elections, Financial Times report.
  • [Sep 8] Trump gets shocking new Huawei warning – from Microsoft, Forbes report.

Emerging Tech

  • [Aug 30] Facebook is building an AI Assistant Inside Minecraft, Forbes report.
  • [Sep 3] AWS partners with IIT KGP for much needed push to India’s AI skilling, Inc42 report.
  • [Sep 3] Behind the Rise of China’s facial recognition giants, Wired report.
  • [Sep 4] Facebook won’t use facial recognition on you unless you tell it to, Quartz report.
  • [Sep 4] An AI app that turns you into a movie star has risked the privacy of millions, MIT Technology Review report.
  • [Sep 6] Police use f facial recognition is accepted by British Court, The New York Times report.
  • [Sep 6] Facebook, Microsoft announce challenge to detect deepfakes, Medianama report.
  • [Sep 6] Facial recognition tech to debut at Delhi airport’s T3 terminal; on ‘trial basis’ for next three months, Medianama report.

Internet Shutdowns

  • [Sep 3] After more than 10 weeks, internet services in towns of Rakhine and Chin restored, Medianama report.
  • [Sep 4] Bangladesh bans mobile phone services in Rohingya camps, Medianama report.

Opinions and Analyses

  • [Sep 2] Michael J Casey, Coin Desk, A crypto fix for a broken international monetary system.
  • [Sep 2] Yengkhom Jilangamba, News18 Opinion, Not a solution to immigration problem, NRC final list has only brought to surface fault lines within society.
  • [Sep 2] Samuel Bendett, Defense One, What Russian Chatbots Think About Us.
  • [Sep 2] Shivani Singh, Hindustan Times, India’s no first use policy is a legacy that must be preserved.
  • [Sep 3] Abir Roy, Financial Express, Why a comprehensive law is needed for data protection. 
  • [Sep 3] Dhirendra Kumar, The Economic Times, Aadhaar is back for mutual fund investments.
  • [Sep 3] Ashley Feng, Defense One, Welcome to the new phase of US-China tech competition.
  • [Sep 3] Nesrine Malik, The Guardian, The myth of the free speech crisis.
  • [Sep 3] Tom Wheeler and David Simpson, Brookings Institution, Why 5G requires new approaches to cybersecurity.
  • [Sep 3] Karen Roby, Tech Republic, Why cybersecurity is a big problem for small businesses.
  • [Sep 4] Wendy McElroy, Bitcoin.com, Crypto needs less regulation, not more.
  • [Sep 4] Natascha Gerlack and Elisabeth Macher, Modaq.com, US CLOUD Act’s potential impact on the GDPR. 
  • [Sep 4] Peter Kafka, Vox, The US Government isn’t ready to regulate the internet. Today’s Google fine shows why.
  • [Sep 5] Murtaza Bhatia, Firstpost, Effective cybersecurity can help in accelerating business transformation. 
  • [Sep 5] MG Devasahayam, The Tribune, Looking into human rights violations by Army.
  • [Sep 5] James Hadley, Forbes, Cybersecurity Frameworks: Not just for bits and bytes, but flesh and blood too.
  • [Sep 5] MR Subramani, Swarajya Magazine, Question at heart of TN’s ‘WhatsApp traceability case’: Are you endangering national security if you don’t link your social media account with Aadhaar? 
  • [ Sep 5] Justin Sherman, Wired, Cold War Analogies are Warping Tech Policy.
  • [Sep 6] Nishtha Gautam, The Quint, Peer pressure, militant threats enforcing civil curfew in Kashmir?
  • [Sep 6] Harsh V Pant and Kartik Bommakanti, Foreign Policy, Modi reimagines the Indian military.
  • [Sep 6] Shuman Rana, Business Standard, Free speech in the crosshairs.
  • [Sep 6] David Gokhshtein, Forbes, Thoughts on American Crypto Regulation: Considering the Pros and Cons.
  • [Sep 6] Krishan Pratap Singh, NDTV Opinion, How to read Modi Government’s stand on Kashmir.
  • [Sep 7] MK Bhadrakumar, Mainstream Weekly, The Big Five on Kashmir.
  • [Sep 7] Greg Ness, Security Boulevard, The Digital Cyber Security Paradox.
  • [Sep 8] Lt. Gen. DS Hoods, Times of India, Here’s how to take forward the national security strategy.
  • [Sep 8] Smita Aggarwal, Livemint, India’s unique public digital platforms to further inclusion, empowerment.