Technology & National Security Reflection Series Paper 8: Tallinn Manuals as Law of the States or for the States– a Sola Fide Exploration?

Posted on January 21, 2022 by CCG

About the Author: The author is a 2021 graduate of the National Law University, Delhi. He is currently an Associate at Talwar Thakore & Associates, Mumbai. His interests lie in evolving landscapes of technology and their impact on international law and economics.

Editor’s note: This post is part of the Reflection Series showcasing exceptional student essays from CCG-NLUD’s Seminar Course on Technology & National Security Law.

INTRODUCTION

In this post, we evaluate the authoritative value of interpretations of international law expressed in the Tallinn manual with reference to Article 38 of the Statute of the International Court of Justice.

NATO’s Cooperative Cyber Defence Centre of Excellence (“CCDCOE”) was established for NATO members to coordinate their efforts in the field of cyberwarfare in 2008, in light of the 2007 cyberattacks on Estonia’s critical cyber infrastructure. Given the international nature of cyberspace and consequently cyberwarfare, the CCDCOE convened a group of international experts to analyse how international law can be applied to cyberwarfare. Thus, the Tallinn manual came into existence, named after Estonia’s Capital, in 2013. The group of experts released Tallinn 2.0 in 2017 as a follow up which deals with a much broader field of ‘cyber operations’ instead of cyberwarfare. The original manual involved conflict while 2.0 deals with cyber operations both inside and outside conflict.

As far as the authoritative value of the Manual is in question, it is pertinent to point out that the Manual notes that every rule or assertion may not be a representation of principles of international law. Moreover, neither the rules nor the commentaries of the Tallinn manuals reflect the NATO doctrine or has been adopted as the official position of any State. Thus, prima facie, the Tallinn manuals (including Tallinn 2.0) were an end result of an academic study to determine and restate the lex lata i.e. the law as it exists; and probably deduce the direction of the lex ferenda i.e. as future law should be (although the manuals expressly stated that they avoided any statements or lex ferenda or the preferred policy for States). However, this still leaves the question unanswered about the value it holds today amongst other sources of international law.

Photo by Ministerie van Buitenlandse Zaken. Licensed under CC BY 2.0

THE LEGAL CONUNDRUM ENCIRCLING ARTICLE 38 (1) AND TALLINN MANUAL

Article 38(1) of the Statute of the International Court of Justice is considered as the most widely recognized iteration of sources of international law. It is no debate that the Manuals would fall under 38(1)(d) as the teachings of most qualified publicists as the international group of experts who were involved in their drafting are legal luminaries who are recognized for their contributions in cyber law and international law.

We must note here that Article 38(1)(d) is different from the rest of the iterations or sources as it is subsidiary to others, i.e., these teachings per se are not law in and of themselves but are rather references that can be looked into for finding the law applicable.Thus, the manuals positing the arguments of the experts is not the law itself. However, they are a helpful source of determining the other authoritative sources of international law because the premise on which the publicists argue an assertion is usually based on a combination of the other three sources enshrined in article 38(1).

The question now becomes whether these manuals have been elevated to the level of customary international law (CIL). In addition to treaties, rights and obligations of States can also be recognized under CIL which is basically ‘evidence of a general practice accepted as law.’ In brief, a norm of CIL can form with State practice, that is the behavior of States with regards to the custom in question, and opinio juris, which is the belief that the State practice is in fact an obligation arising out of the law that is claimed as CIL.¹ This implies that towards formation of a custom, the State practice is the objective element or the manifestation of the subjective element, opinio juris. Interestingly, a minority of scholars also argue that it is not a watertight framework of having both of these elements, and a strong existence of the opinio juris may lead to the creation of a norm of CIL.

With respect to Cyber-operations, jurists hold that it is still too recent a field and there is no consistent State practice. However, most States have expressed the need of cyber-regulation and security via domestic law or through their representatives. The States are also publicly equipped to create or respond to military cyber operations. This amounts to a valid State practice, and even if it has not taken place for a long time but has been uniformly exercised, and there is proof of existence of the opinio juris, it can still validly contribute towards forming CIL.

ON THE QUESTION OF REPRESENTATION

The question that we now face is whether the Tallinn manuals are a reflection of this global opinio juris. We can analyse from the available evidence and conclude that it may not be the case. To be clear, the international group of experts whose opinions led to the creation of the Manuals participated in their individual capacity– were not representing their country. This is important to note because when a scholar represents a country, they voice or manifest the State’s ‘opinion’ on points of disagreement as we see at the International Law Commission. What Tallinn scholars represent in their individuality or have represented are ideologies such as the Chicago School of Economic Thought or the English School of International Relations but never their State, making the manuals a scholarly exercise rather than a reflection of any opinio juris.

When we talk about representation, another issue which comes up with the manual is that it does not have fair representations from all parts of the world. A few of the biggest players of cyberspace are China and Russia. These States have successfully hacked/controlled their way to becoming important State actors within the cyber realm. Their opinions or voices; and even that of Israel (Israeli experts were on board for Tallinn 2.0), which is a dominant player in cyber-security today or that of Iran, were not taken into consideration. This further takes away from any claims whatsoever that the manuals represent opinio juris of States. The Manuals only take this issue of representation further in circumstances wherein only the military manuals of first world countries are referenced without providing any objective criteria for such selection.

At the same time there are some rules, which arguably do reflect opinio juris of States. For example, “Rule 4 – A State must not conduct cyber operations that violate the sovereignty of another State.” However, it is not the Tallinn manuals that made these laws customary in nature. Instead the manuals merely restate a preexisting custom adding the reference to cyberspace.

From a content point of view, Pukhraj Singh points out that the manual which was touted to bring clarity to complex questions of cyberspace and law has turned a complete volte-face. Singh highlights that experts disagreed with each other at places providing counter-narratives, and that the manuals jump the gun by over- analogizing with conventional operations. The legal imputation of physical laws, such as the law of armed conflict to cyber-attacks may not always make complete technical sense. At the end of day, cyberspace is an intangible concept of connected computers, and not as physically controllable as how the manuals consider it to be.

Most cyber-attacks will be done in a clandestine fashion with no clear indication as to which State did it or is responsible for it. The manuals (especially Tallinn 1.0) are not of much help as they simply restate the law on attribution and do not completely fulfil their role of creating practical and acceptable attribution standards (even if it meant holding the US responsible for Stuxnet!).

Moreover, it must be looked into whether the Manuals’ rules have been adopted and followed by various States or not and to what extent. This ascertains whether the States consider themselves bound by the rules of the manual (or is regarded as opinio juris). Now, apart from the disagreements that States have on some rules of the manual, a study done on 11 hostile cyber-operations that happened between 2013-2017 revealed that the manual or its rules were not followed.

CONCLUSION

Thus, with this understanding, we can conclude that while some of the rules restate CIL, the manuals as a whole do not seem to represent the global lex lata or the opinio juris of the States. It may seem that they instead represent the lex ferenda or what the law should be. However, that is also not exactly the case with their many loopholes and misplaced allegiances as they themselves state.

It can instead be said that the manuals represent a hope or even a viable precedent that an exercise such as this can be undertaken by various other clusters of nations, like EU, SCO, SAARC, OAS or ASEAN. As more and more clusters will come up with their own varying opinions on cyber-space and cyber-operations, the chances of them possibly culminating into a mutual understanding between all States regarding international law applicable to cyberspace becomes more plausible. For this long drawn vision, Tallinn manuals seem to be a worthy starting point.

*Views expressed in the blog are personal and should not be attributed to the institution.

References:

North Sea Continental Shelf (Libya v Malta) (Merits) [1985] ICJ Rep 13[27].; Legality of the Threat or Use of Nuclear Weapons (Advisory Opinion) 1996 ICJ Rep 226 [64].; ILC, ‘Draft conclusions on identification of customary international law, with commentaries’ (2018) UN Doc A/73/10 Conclusion 2. Antonio Cassese, International Law, (2nd edn. OUP 2005), 156.

Technology and National Security Law Reflection Series Paper 5: Legality of Cyber Weapons Under International Law

Posted on January 14, 2022 by CCG

Siddharth Gautam^*

About the Author: The author is a 2020 graduate of National Law University, Delhi.

Editor’s note: This post is part of the Reflection Series showcasing exceptional student essays from CCG-NLUD’s Seminar Course on Technology & National Security Law. In the present essay, the author reflects upon the following question:

What are cyber weapons? Are they cyber weapons subject to any regulation under contemporary rules of international law? Explain with examples.

Introducing Cyber Weapons

In simple terms weapons are tools that harm humans or aim to harm the human body. In ancient times nomads used pointing tools to hunt and prey. Today’s world is naturally more advanced than that. In conventional methods of warfare, modern tools of weapons include rifles, grenades, artillery, missiles, etc. But in recent years the definition of warfare has changed immeasurably after the advancement of the internet and wider information and communication technologies (“ICT”). In this realm methods and ways of warfare are undergoing change. As internet technology develops we observe the advent/use of cyber weapons to carry out cyber warfare.

Cyber warfare through weapons that are built using technological know-how are low cost tools. Prominent usage of these tools is buttressed by wide availability of computer resources. Growth in the information technology (“IT”) industry and relatively cheap human resource markets have a substantial effect on the cost of cyber weapons which are capable of infiltrating other territories with relative ease. The aim of cyber weapons is to cause physical or psychological harm either by threat or material damage using computer codes or malware.

2007 Estonia Cyber Attack

For example during the Estonia –Russia conflict the conflict arose after the Soldier memorial was being shifted to the outskirts of Estonia. There was an uproar in the Russian speaking population over this issue. On 26^thand 27^thApril, 2007 the capital saw rioting, defacing of property and numerous arrests.

On the same Friday cyber attacks were carried out using low tech methods like Ping, Floods and simple Denial-of-Service (DoS) attacks. Soon thereafter on 30^thApril, 2007 the scale and scope of the cyber attack increased sharply. Actors used botnets and were able to deploy large scale distributed denial of service (D-DoS) attacks to compromise 85 thousand computer systems and severely compromised the entire Estonian cyber and computer landscape. The incident caused widespread concerns/panic across the country.

Other Types of Cyber Weapons

Another prominent type of cyber weapon is HARM i.e. High-speed Anti Radiation missiles. It is a tactical air-to-surface anti radiation missile which can target electronic transmissions emitted from surface-to-air radar systems. These weapons are able to recognise the pulse repetition of enemy frequencies and accordingly search for the suitable target radar. Once it is visible and identified as hostile it will reach its radar antenna or transmitter target, and cause significant damage to those highly important targets. A prominent example of its usage is in the Syrian–Israel context. Israel launched cyber attacks against the Syrian Air defence system by blinding it. It attacked their Radar station in order not to display any information of Airplanes reaching their operators.

A third cyber weapon worth analysing can be contextualised via the Stuxnet worm that sabotaged Iran’s nuclear programme by slowing the speed of its uranium reactors via fake input signals. It is alleged that the US and Israel jointly conducted this act of cyber warfare to damage Iran’s Nuclear programme.

In all three of the aforementioned cases, potential cyber weapons were used to infiltrate and used their own technology to conduct cyber warfare. Other types of cyber risks emerge from semantic attacks which are otherwise known as social engineering attacks. In such attacks perpetrators amend the information stored in a computer system and produce errors without the user being aware of the same. It specifically pertains to human interaction with information generated by a computer system, and the way that information may be interpreted or perceived by the user. These tactics can be used to extract valuable or classified information like passwords, financial details, etc.

HACKERS (PT. 2) by Ifrah Yousuf. Licensed under CC BY 4.0.From CyberVisuals.org, a project of the Hewlett Foundation Cyber Initiative.

Applicable Landscape Under International Law

Now the question that attracts attention is whether there are any laws to regulate, minimise or stop the aforementioned attacks by the use of cyber weapons in International law? To answer this question we can look at a specific branch of Public international law; namely International Humanitarian law (“IHL”). IHL deals with armed conflict situations and not cyber attacks (specifically). IHL “seeks to moderate the conduct of armed conflict and to mitigate the suffering which it causes”. This statement itself comprises two major principles used in the laws of war.

Jus ad Bellum – the principle which determines whether countries have a right to resort to war through an armed conflict,
Jus in bello– the principle which governs the conduct of the countries’ soldiers/States itself which are engaging in war or an armed conflict.

Both principles are subjected to the Hague and Geneva Conventions with Additional Protocol-1 providing means and ways as to how the warfare shall be conducted. Nine other treaties help safeguard and protect victims of war in armed conflict. The protections envisaged in the Hague and Geneva conventions are for situations concerning injuries, death, or in some cases damage and/or destruction of property. If we analyse logically, cyber warfare may result in armed conflict through certain weapons, tools and techniques like Stuxnet, Trojan horse, Bugs, DSOS, malware HARM etc. The use of such weapons may ultimately yield certain results. Although computers are not a traditional weapon its use can still fulfil conditions which attract the applicability of provisions under the IHL.

Another principle of importance is Martens Clause. This clause says that even if some cases are not covered within conventional principles like humanity; principles relating to public conscience will apply to the combatants and civilians as derived from the established customs of International law. Which means that attacks shall not see the effects but by how they were employed

The Clause found in the Preamble to the Hague Convention IV of 1907 asserts that “even in cases not explicitly covered by specific agreements, civilians and combatants remain under the protection and authority of principles of international law derived from established custom, principles of humanity, and from the dictates of public conscience.” In other words, attacks should essentially be judged on the basis of their effects, rather than the means employed in the attack being the primary factor.

Article 35 says that “In any armed conflict, the right of the Parties to the conflict to choose methods or means of warfare is not unlimited. It is prohibited to employ weapons, projectiles and material and methods of warfare of a nature to cause superfluous injury and unnecessary suffering”

The above clause means that the action of armed forces should be proportionate to the actual military advantage sought to be achieved. In simple words “indiscriminate attacks” shall not be undertaken to cause loss of civilian life and damage to civilians’ property in relation to the advantage.

Conclusion

Even though the terms of engagement vis-a-vis kinetic warfare is changing, the prospect of the potential of harm from cyber weapons could match the same. Instead of guns there are computers and instead of bullets there is malware, bugs, D-DOS etc. Some of the replacement of one type of weapon with another is caused by the fact that there are no explicit provisions in law that outlaw cyber warfare, independently or in war.

The principles detailed in the previous section must necessarily apply to cyber warfare because it limits the attacker’s ability to cause excessive collateral damage. On the same note cyber weapons are sui generis like the nuclear weapons that upshot in the significance to that of traditional weapons

Another parallel is that in cyber attacks often there are unnecessary sufferings and discrimination in proportionality and the same goes for traditional armed conflict. Therefore, both should be governed by the principles of IHL.

In short, if the cyber attacks produce results in the same way as kinetic attacks do, they will be subject to IHL.

*The views expressed in the blog are personal and should not be attributed to the institution.

The Pegasus Hack–II: Secrecy for Snooping in Public Procurement?

Posted on July 27, 2021 by Gunjan Chawla

“Into the Rabbit Hole” by Aswin Behera @Behera_Aswin is licensed under CC BY 4.0.
From CyberVisuals.org, a project of the Hewlett Foundation Cyber Initiative

By Gunjan Chawla

The recent revelation of the Pegasus hacks has re-ignited public discourse on privacy, surveillance and intelligence reform. As the proposed Personal Data Protection Bill, 2019 makes room for wide exemptions to military, intelligence and law enforcement agencies for the collection and processing of citizens’ data, privacy and data protection laws in their current form will be limited in their potential to enforce meaningful procedural safeguards and oversight over State surveillance.

Although these conversations are not new, we must continue to have them. At the same time, it is important to not miss the forest of State-run cybersurveillance programmes for the sprawling branches of the Pegasus tree. That the global cyber-surveillance industry thrives on State secrecy – is no secret.

While the need for and significance of surveillance reforms cannot be over-emphasized, data protection or privacy law in itself may not succeed in ensuring that Government is prohibited or restrained from acquiring Pegasus-like spyware. Nor will they ensure that the Government is obligated to disclose that such technologies that risk undermining basic fundamental freedoms of its citizenry have been procured by it, with the intent of deployment by law enforcement and/or intelligence agencies. In an earlier piece the Pegasus Hack, CCGNLUD had addressed issues in international frameworks for export controls designed for dual-use technology and their limitations in providing meaningful remedy to the aggrieved.

In this piece, the author argues that Parliamentary legislation and oversight on public procurement processes, classifications and procedures is far more likely to address the root of the multi-faceted problems we are faced with in the wake of Pegasus. Yet, public commentary or critique on the far-reaching consequences of such provisions is hard to come by. This is despite the fact that multiple estimates peg the share public procurements by Government departments and agencies as accounting for 20-30% of India’s national GDP.^[1]

The argument proceeds as follows. First, we highlight the central provision that enables the Government to keep such concerning acquisitions of technology in the dark, away from Parliamentary and public scrutiny. Second, we examine the far-reaching implications of this somewhat obscure provision for the cybersecurity industry in India and the public at large. Finally, we explain how this State-sanctioned secrecy in procurement of spyware – whether from foreign or Indian vendors – could potentially deprive the aggrieved targets of surveillance through Pegasus of meaningful legal remedy before the Courts.

Executive Regulations on Public Procurements and ‘National Security’

In the absence of a Parliamentary enactment, public procurements in general, are governed by the overarching principles and procedures codified in the General Financial Rules, 2017 (GFR). These rules were first issued after independence in 1947, and later revised in 1963 and 2005.^[2]

Rule 144 of the GFR mandates that every authority procuring goods in public interest shall have the responsibility and accountability to bring efficiency, economy and transparency in matters relating to public procurement and for fair and equitable treatment of suppliers and promotion of competition in public procurement.^[3] It also sets out certain ‘yardsticks’ with which procuring agencies must conform – and some are more problematic than others.

One of the most significant changes introduced in the 2017 iteration of the GFR, is the introduction of a ‘national security exception’. Under the these new provisions, Ministries/Departments may be exempted from requirement of e-procurement and e-publication of tender enquiries and bid awards, which is mandatory as a general rule. This may be permitted

In individual cases where confidentiality is required for reasons of national security, subject to approval by the Secretary of the Ministry/Department with the concurrence of the concerned Financial Advisor, [Rule 159(ii)]and
In individual case[s] where national security and strategic considerations demands confidentiality, after seeking approval of concerned Secretary and with concurrence of Financial Advisors. [Rule 160(ii)]

This indicates that the ‘national security exception’ is intended to apply to non-military procurements, expanding the realm of secrecy in procurements far beyond military matters with direct adverse consequences for the civilian realm of affairs. This is supported by the fact that Rule the procurement of goods for the military is excluded from the scope of the GFR by Rule 146. This rule prescribes that the procurement of goods required on mobilisation and/or during the continuance of military operations shall be regulated by special rules and orders issued by the Government from time to time.

Thus, the acquisition of spyware as a product to enhance India’s cybersecurity posture—which can easily be proved to implicate strategic considerations that demand confidentiality—could be exempted from mandatory obligations of e-procurement through the central portal and e-publication of the tender inquiry as well as the bid award, after approval from the concerned Secretary and/or Financial Advisors. Although the rule also obliges the Finance Ministry to maintain statistical information on cases where such an exemption is granted, and the value of the contract,^[4] whether or not such statistics are amenable to public disclosure through Right to Information (RTI) applications remains unclear at the time of writing.

What Implications for the Cybersecurity Industry?

In addition to spyware and malware, we can expect that even legitimate cybersecurity products and services when procured by Government could also be caught within the above mentioned clause for exempting an ‘individual case where national security and strategic considerations demands confidentiality’.

Given the current state of India’s information security, the acquisition of legitimate cybersecurity products and services will, and should be conducted across Ministries including but not limited to the Ministry of Defence or even law enforcement.

The demand and market for cybersecurity products and services in the country is burgeoning. These exceptions could also be invoked by the relevant ministry/department to keep the identity of vendors of cybersecurity products and private sector partners for the development of surveillance and other cyber capabilities outside the public domain.

The invocation of such regulatory provisions to keep details of the vendors of cybersecurity products and service providers as confidential may create information asymmetries about Government’s needs and preferences among private players in the market. This will not be conducive for creating a competitive market for cybersecurity products and services. These asymmetries can then distort the market with far-reaching implications for the health and growth of the cybersecurity and IT industry at large.

It also militates against the objective of promoting fair competition and transparency in the public procurement process. Adopting the right blend of rules to encourage competition in industry is crucial to fostering a healthy ecosystem for the cybersecurity industry in India, which is still in its infancy.

The Courts will Protect Us?

In other words, through the 2017 amendment of the GFRs, Government of India’s executive branch gave to itself–the power to procure goods and services ‘in the interest of national security’– whie remaining sheltered from the public gaze. This was the first time such a provision was inserted into the GFR – the language of its 2005, 1963 and 1947 iterations make no mention of ‘national security’ whatsoever.

It is pertinent to point out that the term ‘national security’ is an extra-constitutional one – it does not occur anywhere in the Constitution of India. Instead, the Constitution refers only to ‘security of the State’ or ‘defence of India’, or ‘sovereignty and integrity of India’. In recent years, the Executive has co-opted the term ‘national security’ as a catch-all phrase to encompass everything from serious threats of cross-border terrorism and acts of foreign aggression, to issues like organised protests which were traditionally considered as falling under ‘public order’ – a category clearly distinguished from ‘security of the State’ as early as 1966 by the Supreme Court of India in Ram Manohar Lohia v. State of Bihar AIR 1966 SC 740.

A more recent order of the Supreme Court in dated December 14, 2018, in Manohar Lal Sharma v. Narendra Damodardas Modi (The Rafale Case) underlines the Court’s reluctance to hold the Executive accountable for procurements and public spending in domains like defence. The Court stated,

“We also cannot lose sight of the tender in issue. The tender is not for construction of roads bridges et cetera it is a defence tender for the procurement of aircrafts. The parameters of scrutiny would give far more leeway to the government keeping in mind the nature of the procurement itself.”^[5]

Additionally, the emergence of the Supreme Court’s “sealed cover” jurisprudence, although recent in its origins –is testament to the growing shadow of secret executive action pervading the judicial sphere with opacity as well. In this context, it is relevant that recent coverage of the award of the “all-India tender” for the provision of a video conferencing platform for the Supreme Court of India does not yet disclose which entity or corporation was awarded this contract.

Coming back to the Pegasus, should the aggrieved persons targeted with this spyware seek judicial remedy, Section 123 of the Indian Evidence Act, 1872 prohibits Government officials from providing evidence “derived from unpublished official records relating to any affairs of State, except with the permission of the officer at the head of the department concerned, who shall give or withhold such permission as he thinks fit.” (emphasis added)

This means that if a case relating to procurements exempted from e-publication is brought before courts, the appropriate authority to give or withhold permission for disclosure to court would be the same Secretary and Financial Advisors who permitted the procurement to be exempted from publication requirements in the first place. Section 124 further prohibits compelled disclosure of official communications made to a Government official in confidence.

And thus, the conspiracy of silence on potentially criminal acts of Government officials could easily escape judicial scrutiny. This will invariably create a challenging situation for individuals impacted by the use of the Pegasus spyware to effectively seek judicial redressal for violation of their right to privacy and hold the government accountable.

Without an explicit acknowledgment from the Government of the fact that the spyware was in fact procured by it – questions on the legality of procedures that resulted in its targeted deployment against citizens and judicial remedies for violations of due process in criminal investigation remains a moot point. In their current form, the applicable rules permit the Government to enable secret procurement of goods and services for non-military purposes under the GFR’s ‘national security exception’, and also permits the Government to disallow disclosure of this information in judicial proceedings.

Given the lower level of judicial scrutiny that such procurements will likely be subjected to, the doctrine of checks and balances and the doctrine of separation of powers necessitates that appropriate parliamentary mechanisms be set up to ensure effective oversight over all government procurements. Presently, the legal framework for procurements is comprised almost exclusively of executive-issued regulations. Constitutionalism requires that no organ of government should be granted or allowed to exercise unfettered discretion and is always held accountable by the other organs of the government.

This is an essential element of the Rule of Law and can only be ensured by way of a Parliamentary enactment on procurement procedures and concomitant disclosure requirements as well as effective Parliamentary oversight mechanisms to enforce accountability on public spending incurred for procurements in the name of national security.

^[1] Government Procurement in India : Domestic Regulations and Trade Prospects, CUTS International, October 2012,p. 33, accessible at http://www.cuts-citee.org/pdf/Government-Procurement-in-India_Domestic-Regulations-Trade-Prospects.pdf. CUTS’ analysis draws upon reports and estimates in various reports of the World Bank, Planning Commission of India, the Central Vigilance Commission along with the Reserve Bank of India’s GDP Data on Macro-Economic Aggregates.

^[2] General Financial Rules, 2005 http://finmin.nic.in/the_ministry/dept_expenditure/GFRS/gfr2005.pdf .

^[3]Rule 144, General Financial Rules 2017.

^[4] Rule 159(ii), General Financial Rules 2017.

^[5] Manohar Lal Sharma v. Narendra Damodardas Modi, WP (Crl) 225/2018 etc, at para 9.

Technology and National Security Law and Policy: Seminar Course Curriculum [February-June 2020]

Posted on July 4, 2020 by Gunjan Chawla

Given the rapidly evolving landscape of international security issues and the challenges and opportunities presented by new and emerging technologies, Indian lawyers and policymakers need to acquire the capacity to engage effectively with national security law and policy. However, curricula in Indian law schools do not engage adequately with issues of national security. National security threats, balance of power, issues of secrecy and political accountability, terrorism and surveillance laws tend to be discussed in a piece-meal manner within various courses or electives.

To fill this knowledge gap within the legal community, the Centre for Communication Governance at National Law University Delhi (CCG-NLU) offered this seminar course to fourth and fifth-year students of the B.A. LL.B. (Hons.) Programme during in February-June 2020..

The course explores interdisciplinary approaches in the study of national security law and policy, with a particular focus on issues in cybersecurity and cyberwarfare. Through this course curriculum, we aim to (1) recognize and develop National Security Law as a discrete discipline of legal studies, and (2) impart basic levels of cybersecurity awareness and inculcate good information security practices among tomorrow’s lawyers.

The curriculum is split into six modules taught over a period of 12 weeks:

Module I: Unpacking ‘National Security’
Module II: Introduction to Strategic Thinking – Linking Law and Policy
Module III: National Security in the Domestic Sphere
Module IV: War and National Security in International Law
Module V: Cybersecurity, Cyberwarfare and International Law
Module VI: Cybersecurity in India

The course outline and reading list can be accessed here:

ccg-nlud-technology-and-national-security-law-and-policy-seminar-course-3 Download

CCG’s Comments to the National Security Council Secretariat on the National Cyber Security Strategy 2020

Posted on January 30, 2020 by Gunjan Chawla

The Centre for Communication Governance at the National Law University Delhi (CCG) is grateful to the National Security Council Secretariat for this opportunity to make meaningful contributions to its mandate of formulating a futuristic National Cyber Security Strategy 2020 (NCSS). In response to the Call for Comments CCG apart from the comments below, CCG has separately submitted detailed comments to the Office of the National Cyber Security Coordinator.

Our comments are a result of original and thorough legal and policy research which draws upon multiple primary sources of information, including applicable domestic and international law and precedents, and a comparative study of the cyber security strategy and policy documents of 16 other countries. Secondary sources such as news reports, statistics on cybercrime and malicious cyber activity compiled and released by various Government departments and agencies and data on budgetary allocations released by the Union Government have also been relied on.

This submission is presented in six parts, supplemented by three annexures that provide insight into our sources, analysis and research methodology.

Part I introduces the background in which this strategy is being formulated, and presents a principled approach to the formulation of cybersecurity policy, that is driven by a coherent strategic framework constructed under the NCSS to guide it.

Part II presents an analysis of the landscape of existing and emergent threats that pose a risk to the cybersecurity of the entire nation. We do so with the objective of identifying areas that need to be accorded a higher priority in the formulation of the NCSS.

Parts III, IV and V correspond to the three pillars of strategy identified in the Call for Comments. Part III deals with the horizontal dimension of strategy and unpacks the contents of the first pillar, i.e., “Secure”, wherein we present for the consideration of the Secretariat, an original three-tiered model of the ‘national cyberspace’ as a roadmap to cyber sovereignty. We submit for consideration for the Secretariat, the adoption of the principle of peaceful uses of cyberspace to align with the nation’s goals of sustainable economic development, while being mindful of the gradual militarization of cyberspace by both state and non-state actors.

Part IV deals with the “Strengthen” pillar in which CCG examines the existing architecture for cybersecurity to analyse the vertical dimensions of strategy. Herein, we propose measures to strengthen institutions, process and capabilities relevant for cyber security.

Part V deals with the third pillar, namely, “Synergise”, which explains how the horizontal and vertical dimensions of the strategy can be integrated in order to optimize levels of inherent friction that could hinder the achievement of strategic and policy goals. We propose that synergies need to be identified and/or created at three levels. First, at the inter-ministerial level, among the government departments and agencies. Second, at the national level, for enhanced cooperation and strategic partnerships between the public and private sectors. Third, at the international level for enhanced cooperation and strategic partnerships with like-minded nations, geared towards building stronger national defences in cyberspace. In this part, we take the Government’s inclination to treat data a “public good” or “societal commons” to its logical conclusion and accordingly, propose a principled, common-but-differentiated-responsibility model between multiple stakeholders in the cybersecurity ecosystem for grounding public private partnerships and pooling of financial resources.

Part VI concludes this submission and presents the major findings, suggestions and recommendations of this submission.

The full text of the comments is available here.

[September 30-October 7] CCG’s Week in Review Curated News in Information Law and Policy

Posted on October 7, 2019 by Gunjan Chawla

Huawei finds support from Indian telcos in the 5G rollout as PayPal withdrew from Facebook’s Libra cryptocurrency project; Foreign Portfolio Investors moved MeitY against in the Data Protection Bill; the CJEU rules against Facebook in case relating to takedown of content globally; and Karnataka joins list of states considering implementing NRC to remove illegal immigrants – presenting this week’s most important developments in law, tech and national security.

Digital India

[Sep 30] Why the imminent global economic slowdown is a growth opportunity for Indian IT services firms, Tech Circle report.
[Sep 30] Norms tightened for IT items procurement for schools, The Hindu report.
[Oct 1] Govt runs full throttle towards AI, but tech giants want to upskill bureaucrats first, Analytics India Magazine report.
[Oct 3] – presenting this week’s most important developments in law, tech and national security. MeitY launches smart-board for effective monitoring of the key programmes, The Economic Times report.
[Oct 3] “Use human not artificial intelligence…” to keep a tab on illegal constructions: Court to Mumbai civic body, NDTV report.
[Oct 3] India took 3 big productivity leaps: Nilekani, Livemint report.
[Oct 4] MeitY to push for more sops to lure electronic makers, The Economic Times report; Inc42 report.
[Oct 4] Core philosophy of Digital India embedded in Gandhian values: Ravi Shankar Prasad, Financial Express report.
[Oct 4] How can India leverage its data footprint? Experts weigh in at the India Economic Summit, Quartz report.
[Oct 4] Indians think jobs would be easy to find despite automation: WEF, Tech Circle report.
[Oct 4] Telangana govt adopts new framework to use drones for last-mile delivery, The Economic Times report.
[Oct 5] Want to see ‘Assembled in India’ on an iPhone: Ravi Shankar Prasad, The Economic Times report.
[Oct 6] Home market gets attractive for India’s IT giants, The Economic Times report.

Internet Governance

[Oct 2] India Govt requests maximum social media content takedowns in the world, Inc42 report; Tech Circle report.
[Oct 3] Facebook can be forced to delete defamatory content worldwide, top EU court rules, Politico EU report.
[Oct 4] EU ruling may spell trouble for Facebook in India, The Economic Times report.
[Oct 4] TikTok, TikTok… the clock is ticking on the question whether ByteDance pays its content creators, ET Tech report.
[Oct 6] Why data localization triggers a heated debate, The Economic Times report.
[Oct 7] Sensitive Indian govt data must be stored locally, Outlook report.

Data Protection and Privacy

[Sep 30] FPIs move MeitY against data bill, seek exemption, ET markets report, Inc42 report; Financial Express report.
[Oct 1] United States: CCPA exception approved by California legislature, Mondaq.com report.
[Oct 1] Privacy is gone, what we need is regulation, says Infosys Kris Gopalakrishnana, News18 report.
[Oct 1] Europe’s top court says active consent is needed for tracking cookies, Tech Crunch report.
[Oct 3] Turkey fines Facebook $282,000 over data privacy breach, Deccan Herald report.

Free Speech

[Oct 1] Singapore’s ‘fake news’ law to come into force Wednesday, but rights group worry it could stifle free speech, The Japan Times report.
[Oct 2] Minister says Singapore’s fake news law is about ‘enabling’ free speech, CNBC report.
[Oct 3] Hong Kong protests: Authorities to announce face mask ban, BBC News report.
[Oct 3] ECHR: Holocaust denial is not protected free speech, ASIL brief.
[Oct 4] FIR against Mani Ratnam, Adoor and 47 others who wrote to Modi on communal violence, The News Minute report; Times Now report.
[Oct 5] UN asks Malaysia to repeal laws curbing freedom of speech, The New Indian Express report.
[Oct 6] When will our varsities get freedom of expression: PC, Deccan Herald report.
[Oct 6] UK Government to make university students sign contracts limiting speech and behavior, The Times report.
[Oct 7] FIR on Adoor and others condemned, The Telegraph report.

Aadhaar, Digital IDs

[Sep 30] Plea in SC seeking linking of social media accounts with Aadhaar to check fake news, The Economic Times report.
[Oct 1] Why another omnibus national ID card?, The Hindu Business Line report.
[Oct 2] ‘Kenyan court process better than SC’s approach to Aadhaar challenge’: V Anand, who testified against biometric project, LiveLaw report.
[Oct 3] Why Aadhaar is a stumbling block in Modi govt’s flagship maternity scheme, The Print report.
[Oct 4] Parliament panel to review Aadhaar authority functioning, data security, NDTV report.
[Oct 5] Could Aahdaar linking stop GST frauds?, Financial Express report.
[Oct 6] Call for liquor sale-Aadhaar linking, The New Indian Express report.

Digital Payments, Fintech

[Oct 7] Vision cash-lite: A billion UPI transactions is not enough, Financial Express report.

Cryptocurrencies

[Oct 1] US SEC fines crypto company Block.one for unregistered ICO, Medianama report.
[Oct 1] South Korean Court issues landmark decision on crypto exchange hacking, Coin Desk report.
[Oct 2] The world’s most used cryptocurrency isn’t bitcoin, ET Markets report.
[Oct 2] Offline transactions: the final frontier for global crypto adoption, Coin Telegraph report.
[Oct 3] Betting on bitcoin prices may soon be deemed illegal gambling, The Economist report.
[Oct 3] Japan’s financial regulator issues draft guidelines for funds investing in crypto, Coin Desk report.
[Oct 3] Hackers launch widespread botnet attack on crypto wallets using cheap Russian malware, Coin Desk report.
[Oct 4] State-backed crypto exchange in Venezuela launches new crypto debit cards, Decrypt report.
[Oct 4] PayPal withdraws from Facebook-led Libra crypto project, Coin Desk report.
[Oct 5] Russia regulates digital rights, advances other crypto-related bills, Bitcoin.com report.
[Oct 5] Hong Kong regulates crypto funds, Decrypt report.

Cybersecurity and Cybercrime

[Sep 30] Legit-looking iPhone lightening cables that hack you will be mass produced and sold, Vice report.
[Sep 30] Blackberry launches new cybersecurity development labs, Infosecurity Mgazine report.
[Oct 1] Cybersecurity experts warn that these 7 emerging technologies will make it easier for hackers to do their jobs, Business Insider report.
[Oct 1] US government confirms new aircraft cybersecurity move amid terrorism fears, Forbes report.
[Oct 2] ASEAN unites to fight back on cyber crime, GovInsider report; Asia One report.
[Oct 2] Adopting AI: the new cybersecurity playbook, TechRadar Pro report.
[Oct 4] US-UK Data Access Agreement, signed on Oct 3, is an executive agreement under the CLOUD Act, Medianama report.
[Oct 4] The lack of cybersecurity talent is ‘a national security threat,’ says DHS official, Tech Crunch report.
[Oct 4] Millions of Android phones are vulnerable to Israeli surveillance dealer attack, Forbes report; NDTV report.
[Oct 4] IoT devices, cloud solutions soft target for cybercriminals: Symantec, Tech Circle report.
[Oct 6] 7 cybersecurity threats that can sneak up on you, Wired report.
[Oct 6] No one could prevent another ‘WannaCry-style’ attack, says DHS official, Tech Crunch report.
[Oct 7] Indian firms rely more on automation for cybersecurity: Report, ET Tech report.

Cyberwarfare

[Oct 2] New ASEAN committee to implement norms for countries behaviour in cyberspace, CNA report.

Tech and National Security

[Sep 30] IAF ready for Balakot-type strike, says new chief Bhadauria, The Hindu report; Times of India report.
[Sep 30] Naval variant of LCA Tejas achieves another milestone during its test flight, Livemint report.
[Sep 30] SAAB wants to offer Gripen at half of Rafale cost, full tech transfer, The Print report.
[Sep 30] Rajnath harps on ‘second strike capability’, The Shillong Times report.
[Oct 1] EAM Jaishankar defends India’s S-400 missile system purchase from Russia as US sanctions threat, International Business Times report.
[Oct 1] SC for balance between liberty, national security, Hindustan Times report.
[Oct 2] Startups have it easy for defence deals up to Rs. 150 cr, ET Rise report, Swarajya Magazine report.
[Oct 3] Huawei-wary US puts more pressure on India, offers alternatives to data localization, The Economic Times report.
[Oct 4] India-Russia missile deal: What is CAATSA law and its implications?, Jagran Josh report.
[Oct 4] Army inducts Israeli ‘tank killers’ till DRDO develops new ones, Defence Aviation post report.
[Oct 4] China, Russia deepen technological ties, Defense One report.
[Oct 4] Will not be afraid of taking decisions for fear of attracting corruption complaints: Rajnath Singh, New Indian Express report.
[Oct 4] At conclave with naval chiefs of 10 countries, NSA Ajit Doval floats an idea, Hindustan Times report.
[Oct 6] Pathankot airbase to finally get enhanced security, The Economic Times report.
[Oct 6] rafale with Meteor and Scalp missiles will give India unrivalled combat capability: MBDA, The Economic Times report.
[Oct 7] India, Bangladesh sign MoU for setting up a coastal surveillance radar in Bangladesh, The Economic Times report; Decaan Herald report.
[Oct 7] Indian operated T-90 tanks to become Russian army’s main battle tank, EurAsian Times report.
[Oct 7] IAF’s Sukhois to get more advanced avionics, radar, Defence Aviation post report.

Tech and Law Enforcement

[Sep 30] TMC MP Mahua Mitra wants to be impleaded in the WhatsApp traceability case, Medianama report; The Economic Times report.
[Oct 1] Role of GIS and emerging technologies in crime detection and prevention, Geospatial World.net report.
[Oct 2] TRAI to take more time on OTT norms; lawful interception, security issue now in focus, The Economic Times report.
[Oct 2[ China invents super surveillance camera that can spot someone from a crowd of thousands, The Independent report.
[Oct 4] ‘Don’t introduce end-to-end encryption,’ UK, US and Australia ask Facebook in an open letter, Medianama report.
[Oct 4] Battling new-age cyber threats: Kerala Police leads the way, The Week report.
[Oct 7] India govt bid to WhatsApp decryption gets push as UK,US, Australia rally support, Entrackr report.

Tech and Elections

[Oct 1] WhatsApp was extensively exploited during 2019 elections in India: Report, Firstpost report.
[Oct 3] A national security problem without a parallel in American democracy, Defense One report.

Internal Security: J&K

[Sep 30] BDC polls across Jammu, Kashmir, Ladakh on Oct 24, The Economic Times report.
[Sep 30] India ‘invaded and occupied Kashmir, says Malaysian PM at UN General Assembly, The Hindu report.
[Sep 30] J&K police stations to have CCTV camera surveillance, News18 report.
[Oct 1] 5 judge Supreme court bench to hear multiple pleas on Article 370, Kashmir lockdown today, India Today report.
[Oct 1] India’s stand clear on Kashmir: won’t accept third-party mediation, India Today report.
[Oct 1] J&K directs officials to ensure all schools reopen by Thursday, NDTV report.
[Oct 2]] ‘Depressed, frightened’: Minors held in Kashmir crackdown, Al Jazeera report.
[Oct 3] J&K: When the counting of the dead came to a halt, The Hindu report.
[Oct 3] High schools open in Kashmir, students missing, The Economic Times report.
[Oct 3] Jaishanakar reiterates India’s claim over Pakistan-occupied Kashmir, The Hindu report.
[Oct 3] Normalcy prevails in Jammu and Kashmir, DD News report.
[Oct 3] Kashmiri leaders will be released one by one, India Today report.
[Oct 4] India slams Turkey, Malaysia remarks on J&K, The Hindu report.
[Oct 5] India’s clampdown hits Kashmir’s Silicon Valley, The Economic Times report.
[Oct 5] Traffic cop among 14 injured in grenade attack in South Kashmir, NDTV report; The Economic Times report.
[Oct 6] Kashmir situation normal, people happy with Article 370 abrogation: Prkash Javadekar, Times of India report.
[Oct 7] Kashmir residents say police forcibly taking over their homes for CRPF troops, Huffpost India report.

Internal Security: Northeast/ NRC

[Sep 30] Giving total control of Assam Rifles to MHA will adversely impact vigil: Army to Govt, The Economic Times report.
[Sep 30] NRC list impact: Assam’s foreigner tribunals to have 1,600 on contract, The Economic Times report.
[Sep 30] Assam NRC: Case against Wipro for rule violation, The Hindu report; News18 report; Scroll.in report.
[Sep 30] Hindu outfits demand NRC in Karnataka, Deccan Chronicle report; The Hindustan Times report.
[Oct 1] Centre extends AFPSA in three districts of Arunachal Pradesh for six months, ANI News report.
[Oct 1] Assam’s NRC: law schools launch legal aid clinic for excluded people, The Hindu report; Times of India report; The Wire report.
[Oct 1] Amit Shah in Kolkata: NRC to be implemented in West Bengal, infiltrators will be evicted, The Economic Times report.
[Oct 1] US Congress panel to focus on Kashmir, Assam, NRC in hearing on human rights in South Asia, News18 report.
[Oct 1] NRC must for national security; will be implemented: Amit Shah, The Hindu Business Line report.
[Oct 2] Bengali Hindu women not on NRC pin their hope on promise of another list, citizenship bill, The Print report.
[Oct 3] Citizenship Amendment Bill has become necessity for those left out of NRC: Assam BJP president Ranjeet Das, The Economic Times report.
[Oct 3] BJP govt in Karnataka mulling NRC to identify illegal migrants, The Economic Times report.
[Oct 3] Explained: Why Amit Shah wants to amend the Citizenship Act before undertaking countrywide NRC, The Indian Express report.
[Oct 4] Duplicating NPR, NRC to sharpen polarization: CPM, Deccan Herald report.
[Oct 5] We were told NRC India’s internal issue: Bangladesh, Livemint report.
[Oct 6] Prasanna calls NRC ‘unjust law’, The New Indian Express report.

National Security Institutions

[Sep 30] CRPF ‘denied’ ration cash: Govt must stop ‘second-class’ treatment. The Quint report.
[Oct 1] Army calls out ‘prejudiced’ foreign report on ‘torture’, refutes claim, Republic World report.
[Oct 2] India has no extraterritorial ambition, will fulfill regional and global security obligations: Bipin Rawat, The Economic Times report.

More on Huawei, 5G

[Sep 30] Norway open to Huawei supplying 5G equipment, Forbes report.
[Sep 30] Airtel deploys 100 hops of Huawei’s 5G technology, The Economic Times report.
[Oct 1] America’s answer to Huawei, Foreign Policy report; Tech Circle report.
[Oct 1] Huawei buys access to UK innovation with Oxford stake, Financial Times report.
[Oct 3] India to take bilateral approach on issues faced by other countries with China: Jaishankar, The Hindu report.
[Oct 4] Bharti Chairman Sunil Mittal says India should allow Huawei in 5G, The Economic Times report
[Oct 6] 5G rollout: Huawei finds support from telecom industry, Financial Express report.

Emerging Tech: AI, Facial Recognition

[Sep 30] Bengaluru set to roll out AI-based traffic solution at all signals, Entrackr report.
[Sep 1] AI is being used to diagnose disease and design new drugs, Forbes report.
[Oct 1] Only 10 jobs created for every 100 jobs taken away by AI, The Economic Times report.
[Oct 2]Emerging tech is helping companies grow revenues 2x: report, ET Tech report.
[Oct 2] Google using dubious tactics to target people with ‘darker skin’ in facial recognition project: sources, Daily News report.
[Oct 2] Three problems posed by deepfakes that technology won’t solve, MIT Technology Review report.
[Oct 3] Getting a new mobile number in China will involve a facial recognition test, Quartz report.
[Oct 4] Google contractors targeting homeless people, college students to collect their facial recognition data: Report, Medianama report.
[Oct 4] More jobs will be created than are lost from the IA revolution: WEF AI Head, Livemint report.
[Oct 6] IIT-Guwahati develops AI-based tool for electric vehicle motor, Livemint report.
[Oct 7] Even if China misuses AI tech, Satya Nadella thinks blocking China’s AI research is a bad idea, India Times report.

Big Tech

[Oct 3] Dial P for privacy: Google has three new features for users, Times of India report.

Opinions and Analyses

[Sep 26] Richard Stengel, Time, We’re in the middle of a global disinformation war. Here’s what we need to do to win.
[Sep 29] Ilker Koksal, Forbes, The shift toward decentralized finance: Why are financial firms turning to crypto?
[Sep 30] Nistula Hebbar, The Hindu, Govt. views grassroots development in Kashmir as biggest hope for peace.
[Sep 30] Simone McCarthy, South China Morning Post, Could China’s strict cyber controls gain international acceptance?
[Sep 30] Nele Achten, Lawfare blog, New UN Debate on cybersecurity in the context of international security.
[Sep 30[ Dexter Fergie, Defense One, How ‘national security’ took over America.
[Sep 30] Bonnie Girard, The Diplomat, A firsrhand account of Huawei’s PR drive.
[Oct 1] The Economic Times, Rafale: Past tense but furture perfect.
[Oct 1] Simon Chandler, Forbes, AI has become a tool for classifying and ranking people.
[Oct 2] Ajay Batra, Business World, Rethink India! – MMRCA, ESDM & Data Privacy Policy.
[Oct 2] Carisa Nietsche, National Interest, Why Europe won’t combat Huawei’s Trojan tech.
[Oct 3] Aruna Sharma, Financial Express, The digital way: growth with welfare.
[Oct 3] Alok Prasanna Kumar, Medianama, When it comes to Netflix, the Government of India has no chill.
[Oct 3] Fredrik Bussler, Forbes, Why we need crypto for good.
[Oct 3] Panos Mourdoukoutas, Forbes, India changed the game in Kashmir – Now what?
[Oct 3] Grant Wyeth, The Diplomat, The NRC and India’s unfinished partition.
[Oct 3] Zak Doffman, Forbes, Is Huawei’s worst Google nightmare coming true?
[Oct 4] Oren Yunger, Tech Crunch, Cybersecurity is a bubble, but it’s not ready to burst.
[Oct 4] Minakshi Buragohain, Indian Express, NRS: Supporters and opposers must engage each other with empathy.
[Oct 4] Frank Ready, Law.com, 27 countries agreed on ‘acceptable’ cyberspace behavior. Now comes the hard part.
[Oct 4] Samir Saran, World economic Forum (blog), 3 reasons why data is not the new oil and why this matters to India.
[Oct 4] Andrew Marantz, The New York Times, Free Speech is killing us.
[Oct 4] Financial Times editorial, ECJ ruling risks for freedom of speech online.
[Oct 4] George Kamis, GCN, Digital transformation requires a modern approach to cybersecurity.
[Oct 4] Naomi Xu Elegant and Grady McGregor, Fortune, Hong King’s mask ban pits anonymity against the surveillance state.
[Oct 4] Prashanth Parameswaran, The Diplomat, What’s behind the new US-ASEAN cyber dialogue?
[Oct 5] Huong Le Thu, The Strategist, Cybersecurity and geopolitics: why Southeast Asia is wary of a Huawei ban.
[Oct 5] Hannah Devlin, The Guardian, We are hurtling towards a surveillance state: the rise of facial recognition technology.
[Oct 5] PV Navaneethakrishnan, The Hindu Why no takers? (for ME/M.Tech programmes).
[Oct 6] Aakar Patel, Times of India blog, Cases against PC, letter-writing celebs show liberties are at risk.
[Oct 6] Suhasini Haidar, The Hindu, Explained: How ill purchases from Russia affect India-US ties?
[Oct 6] Sumit Chakraberty, Livemint, Evolution of business models in the era of privacy by design.
[Oct 6] Spy’s Eye, Outlook, Insider threat management.
[Oct 6] Roger Marshall, Deccan Herald, Big oil, Big Data and the shape of water.
[Oct 6] Neil Chatterjee, Fortune, The power grid is evolving. Cybersecurity must too.
[Oct 7] Scott W Pink, Modaq.com, EU: What is GDPR and CCPA and how does it impact blockchain?
[Oct 7] GN Devy, The Telegraph, Has India slid into an irreversible Talibanization of the mind?
[Oct 7] Susan Ariel Aaronson, South China Morning Post, The Trump administration’s approach to AI is not that smart: it’s about cooperation, not domination.

[September 23-30] CCG’s Week in Review: Curated News in Information Law and Policy

Posted on September 30, 2019 by Gunjan Chawla

The deadline to link PAN cards with Aadhaar was extended to December 31 this week; the Election Commission ruled that voting rights of those excluded in the NRC process remain unaffected; the Home Minister proposed a digital census with multipurpose ID cards for 2021; and 27 nations including the US, UK and Canada issued joint statement urging for a rules-based order in cyberspace – presenting this week’s most important developments in law, technology and national security.

Aadhaar and Digital IDs

[Sep 23] Home Minister announces digital census in 2021, proposed multipurpose ID card, Entrackr report; Business Today report.
[Sep 24] NRIs can now apply for Aadhaar on arrival without 182-day wait, The Economic Times report.
[Sep 24] Aadhaar will be linked to driving license to avoid forgery: Ravi Shankar Prasad, The Indian Express report.
[Sep 24] One nation, one card? Amit Shah floats idea of all-in-one ID; here are all the problems with that idea, Medianama report; Money Control report.
[Sep 24] Explained: Is India likely to have a multipurpose national ID card? The Indian Express report.
[Sep 24] UIDAI nod to ‘voluntary’ use of Aadhaar for National Population Register rollout, The Economic Times report.
[Sep 24] Govt must decide on Aadhaar-social media linkage:SC, Deccan Herald report.
[Sep 25] New law needed for Aadhaar-social media linkage: UIDAI, The Economic Times report; Inc42 report.
[Sep 26] NPR process to include passport, voter ID, Aadhaar and other details, Business Standard report.
[Sep 27] Gang involved in making fake Aadhaar cards busted, The Tribune report.
[Sep 27] What will happen if you don’t link your PAN card with Aadhaar by Sep 20, The Quint report.
[Sep 27] Explained: The National Population Register, and the controversy around it, The Indian Express report.
[Sep 27] Aadhaar to weed out bogus social security beneficiaries in Karnataka, Deccan Herald report.
[Sep 29] Bajrang Dal wants Aadhaar mandatory at dandiya to keep ‘non-Hindus’ out, The Hindustan Times report; The Wire report.
[Sep 30] Kerala urges Centre to extend deadline to link ration cards with Aadhaar, The News Minute report.
[Sep 30] PAN-Aadhaar linking deadline extended to December 31, The Economic Times report.

Digital India

[Sep 25] India’s regulatory approach should focus on the regulation of the ‘core’: IAMAI, Livemint report.
[Sep 27] India may have to offer sops to boost electronic manufacturing, ET Tech report; Inc42 report.
[Sep 27] Digital India, start-ups are priorities for $5 trillion economy: PM Modi, Medianama report.
[Sep 29] Tech giants aim to skill Indian govt officials in AI, cloud, ET CIO report.
[Sep 29] India’s share in IT, R&D biz up in 2 years: report, The Economic Times report.

Internet Governance

[Sep 24] Supreme Court to MeitY: What’s the status of intermediary guidelines? Tell us by Oct 15, Medianama report.
[Sep 26] Will not be ‘excessive’ with social media rules, ay Govt officials, Inc42 report.
[Sep 26] Government trying to balance privacy and security in draft IT intermediary norms, The Economic Times report.
[Sep 27] Citizens, tech companies served better with some regulation: Facebook India MD Ajit Mohan, ET Tech report; Inc42 report.
[Sep 27] Balance benefits of internet, data security: Google CEO Sundar Pichai, ET Tech report; Business Today report.

Free Speech

[Sep 25] Jadavpur University calls upon ‘stakeholders’ to ensure free speech on campus, The New Indian Express report.
[Sep 28] RSS raises objections to uncensored content of Maoj Bajpayee’s “The Family Man”, The Hindu report; Outlook report.

Privacy and Data Protection

[Sep 23] A landmark decision on Tuesday could radically reshape how Google’s search results work, Business Insider report.
[Sep 23] Google tightens its voice assistant rules amidst privacy backlash, Wired report.
[Sep 24] Dell rolls out new data protection storage appliances and capabilities, ZDNet report.
[Sep 24] ‘Right to be forgotten’ privacy rule is limited by Europe’s top court, The New York Times report; Live Law report.
[Sep 27] Nigeria launches investigation into Truecaller for potential breach of privacy, Medianama report.
[Sep 29] Right to be forgotten will be arduous as India frames data protection law, Business Standard report.
[Sep 30] FPIs move against data bill, seek exemption, ET Telecom report; Entrackr report.

Data Localisation

[Sep 26] Reconsider imposition of data localisation: IAMAI report, The Economic Times report.
[Sep 27] Why data is not oil: Here’s how India’s data localisation norms will hurt the economy, Inc42 report.

Digital Payments and Fintech

[Sep 23] RBI rider on credit bureau data access has Fintech in a quandary, ET Tech report.

Cryptocurrencies

[Sep 23] Facebook reveals Libra currency basket breakdown, Coin Desk report.
[Sep 23] The face of India’s crypto lobby readies for a clash, Ozy report.
[Sep 23] Why has Brazil’s Central Bank included crypto assets in trade balance? Coin Telegraph report.
[Sep 24] French retailers widening crypto acceptance, Tech Xplore report.
[Sep 26] Why crypto hoaxes are so successful, Quartz report.
[Sep 26] South Africa: the net frontier for crypto exchanges, Coin Telegraph report.
[Sep 27] The crypto wars’ strange bedfellows, Forbes report.
[Sep 28] Crypto industry is already preparing for Google’s ‘quantum supremacy’, Decrypt report.
[Sep 29] How crypto gambling is regulated around the world, Coin Telegraph report.

Tech and Law Enforcement

[Sep 29] New WhatsApp and Facebook Encryption ‘Backdoors’ – What’s really going on, Forbes report.
[Sep 28] Facebook, WhatsApp will have to share messages with UK Government, Bloomberg report.
[Sep 23] Secret FBI subpoenas scoop up personal data from scores of companies, The New York Times report.
[Sep 23] ‘Don’t transfer the WhatsApp traceability case’, Internet Freedom Foundation asks Supreme Court, Medianama report.
[Sep 24] China offers free subway rides to citizens who register their face with surveillance system, The Independent report.
[Sep 24] Facial recognition technology in public housing prompts backlash, The New York Times report.
[Sep 24] Facebook-Aadhaar linkage and WhatsApp traceability: Supreme Court says government must frame rules, CNBC TV18 report.
[ep 27] Fashion that counters surveillance cameras, Business Times report.
[Sep 27] Unnao rape case: Delhi court directs Apple to give Sengar’s location details on day of alleged rape, Medianama report.
[Sep 27] Face masks to decoy t-shirts: the rise of anti-surveillance fashion, Times of India report.
[Sep 30] Battle for privacy and encryption: WhatsApp and government head for a showdown on access to messages, ET Prime report.
[Sep 29] Improving digital evidence sharing, Scottish Government news report; Public technology report.

Internal Security: J&K

[Sep 23] Government launches internet facilitation centre in Pulwama for students, Times of India report; Business Standard report.
[Sep 23] Army chief rejects ‘clampdown’ in Jammu and Kashmir, Times of India report.
[Sep 24] Rising power: Why India has faced muted criticism over its Kashmir policy, Business Standard report.
[Sep 24] ‘Restore Article 370, 35A in Jammu and Kashmir, withdraw army, paramilitary forces’: 5-member women’s group will submit demands to Amit Shah, Firstpost report.
[Sep 24] No normalcy in Kashmir, says fact finding team, The Hindu report.
[Sep 25] End clampdown: Kashmir media, The Telegraph report.
[Sep 25] Resolve Kashmir issue through dialogue and not through collision: Erdogan, The Economic Times report.
[Sep 25] Rajya Sabha deputy chair thwarts Pakistan’s attempt at Kashmir at Eurasian Conference, The Economic Times report.
[Sep 25] Pakistan leader will urge UN intervention in Kashmir, The New York Times report.
[Sep 25] NSA Ajit Doval back in Srinagar to review security situation, The Hindustan Times report.
[Sep 27] Communication curbs add fresh challenge to Kashmir counter-insurgency operations, News18 report.
[Sep 27] Fresh restrictions in parts of Kashmir, The Hindu report.
[Sep 27] US wants ‘rapid’ easing of Kashmir restrictions, Times of India report.
[Sep 27] Kashmir issue: Rescind action on Art. 370, OIC tells India, The Hindu report.
[Sep 28] India objects to China’s reference to J&K and Ladakh at UNGA, The Economic Times report; The Hindu report.
[Sep 29] Surveillance, area domination operations intensified in Kashmir, The Economic Times report; Financial Express report.
[Sep 29] Police impose restrictions in J&K after Imran Khan’s speech at UNGA, India Today report.

Internal Security: NRC and the North-East

[Sep 23] Assam framing cyber security policy to secure data related to NRC, police, services, The Economic Times report; Money Control report.
[Sep 24] BJP will tell SC that we reject this NRC, says Himanta Biswa Sarma, Business Standard report.
[Sep 24] Amit Shah to speak on NRC, Citizenship Amendment Bill in Kolkata on Oct 1, The Economic Times report.
[Sep 26] ‘Expensive’ legal battle for those rejected in Assam NRC final list, The Economic Times report.
[Sep 27] Scared of NRC? Come back in 2022, The Telegraph report.
[Sep 27] Voters left out of NRC will have right to vote, rules Election Commission, India Today report; The Wire report.
[Sep 27] NRC: Assam government announces 200 Foreigners Tribunals in 33 districts, Times Now report; Times of India report.
[Sep 28] Judge urges new FT members to examine NRC claims with utmost care, Times of India report.

National Security Legislation

[Sep 23] Centre will reintroduce Citizenship Bill in Parliament: Himanta Biswa Sarma, The Hindu report.
[Sep 26] National Security Guard: History, Functions and Operations, Jagran Josh report.
[Sep 28] Left parties seek revocation of decision on Article 370, The Tribune India report.

Tech and National Security

[Sep 25] Army to start using Artificial Intelligence in 2-3 years: South Western Army commander, The Print report; India Today report; The New Indian Express report; Financial Express report.
[Sep 23] Modi, Trump set new course on terrorism, border security, The Hindu report.
[Sep 23] PM Modi in the US” Trump promises more defence deals with India, military trade to go up, Financial Express report.
[Sep 23] Punjab police bust terror module supplied with weapons by drones from Pak, NDTV report.
[Sep 26] Lockheed Martin to begin supplying F-16 wings from Hyderabad plant in 2020, Livemint report.
[Sep 26] Drones used for cross-border arms infiltration in Punjab a national security issues, says Randhawa, The Hindu report.
[Sep 27] UK MoD sets up cyber team for secure innovation, UK Authority report.
[Sep 29] New tri-services special ops division, meant for surgical strikes, finishes first exercise today, The Print report.
[Sep 30] After Saudi attacks, India developing anti-drone technology to counter drone menace, Eurasian Times report.

Tech and Elections

[Sep 20] Microsoft will offer free Windows 7 support for US election officials through 2020, Cyber Scoop report.
[Sep 26] Social media platforms to follow ‘code of ethics’ in all future elections: EC, The Economic Times report.
[Sep 28] Why is EC not making ‘authentic’ 2019 Lok Sabha results public? The Quint report.

Cybersecurity

[Sep 24] Androids and iPhones hacked with just one WhatsApp click – and Tibetans are under attack, Forbes report.
[Sep 25] Sharp questions can help board oversee cybersecurity, The Wall Street Journal report.
[Sep 25] What we know about CrowdStrike, the cybersecurity firm trump mentioned in Ukraine call, and its billionaire CEO, Forbes report.
[Sep 25] 36% smaller firms witnessed data breaches in 2019 globally, ET Rise report.
[Sep 28] Defence Construction Canada hit by cyber attack – corporation’s team trying to restore full IT capability, Ottawa Citizen report.
[Sep 29] Experts call for collective efforts to counter cyber threats, The New Indian Express report.
[Sep 29] Microsoft spots malware that turns PCs into zombie proxies, ET Telecom report.
[Sep 29] US steps up scrutiny of airplane cybersecurity, The Wall Street Journal report.

Cyberwarfare

[Sep 24] 27 countries sign cybersecurity pledge urging rules-based control over cyberspace in Joint Statement, with digs at China and Russia, CNN report; IT world Canada report; Meri Talk report.
[Sep 26] Cyber Peace Institute fills a critical need for cyber attack victims, Microsoft blog.
[Sep 29] Britain is ‘at war every day’ due to constant cyber attacks, Chief of the Defence Staff says, The Telegraph report.

Telecom and 5G

[Sep 27] Telcos’ IT investments intact, auto companies may slow pace: IBM exec, ET Tech report.
[Sep 29] Telecom players to lead digital transformation in India, BW Businessworld report.

More on Huawei

[Sep 22] Huawei confirms another nasty surprise for Mate 30 buyers, Forbes report.
[Sep 23] We’re on the same page with government on security: Huawei, The Economic Times report.
[Sep 24] The debate around 5G’s safety is getting in the way of science, Quartz report (paywall).
[Sep 24] Govt will take call on Huawei with national interest in mind: Telecom Secy, Business Standard report.
[Sep 24] Huawei enables 5G smart travel system at Beijing airport, Tech Radar report.
[Sep 25] Huawei 5G backdoor entry unproven, The Economic Times report.
[Sep 25] US prepares $1 bn fund to replace Huawei ban kit, Tech Radar report.
[Sep 26] Google releases large dataset of deepfakes for researchers, Medianama report.
[Sep 26] Huawei willing to license 5G technology to a US firm, The Hindu Business Line report; Business Standard report.
[Sep 26] Southeast Asia’s top phone carrier still open to Huawei 5G, Bloomberg report.
[Sep 29] Russia rolls out the red carpet for Huawei over 5G, The Economic Times report.

Emerging Tech and AI

[Sep 20] Google researchers have reportedly achieved “Quantum Supremacy”, Financial Times report; MIT Technology Review report.
[Sep 23] Artificial Intelligence revolution in healthcare in India: All we need to know, The Hindustan Times report.
[Sep 23] A new joystick for the brain-controlled vehicles of the future, Defense One report.
[Sep 24] Computing and AI: Humanistic Perspectives from MIT, MIT News report.
[Sep 24] Emerging technologies such as AI, 5G posing threats to privacy, says report, China Daily report.
[Sep 25] Alibaba unveils chip developed for artificial intelligence era, Financial Times report.
[Sep 26] Pentagon wants AI to interpret ‘strategic activity around the globe, Defense One report.
[Sep 27] Only 10 jobs created for every 100 jobs taken away by AI, ET Tech report.
[Sep 27] Experts say these emerging technologies should concern us, Business Insider report.
[Sep 27] What is on the horizon for export controls on ‘emerging technologies’? Industry comments may hold a clue, Modaq.com report.
[Sep 27] India can become world leader in artificial intelligence: Vishal Sikka, Money Control report.
[Sep 27] Elon Musk issues a terrifying prediction of ‘AI robot swarms’ and huge threat to mankind, The Daily Express (UK) report.
[Sep 27] Russia’s national AI Centre is taking shape, Defense One report.
[Sep 29] Explained: What is ‘quantum supremacy’, The Hindu report.
[Sep 29] Why are scientists so excited about a new quantum computing milestone?, Scroll.in report.
[Sep 29] Artificial Intelligence has a gender bias problem – just ask Siri, The Wire report.
[Sep 29] How AI is changing the landscape of digital marketing, Inc42 report.

Opinions and Analyses

[Sep 21] Wim Zijnenburg, Defense One, Time to Harden International Norms on Armed Drones.
[Sep 23] David Sanger and Julian Barnes, The New York Times, The urgent search for a cyber silver bullet against Iran.
[Sep 23] Neven Ahmad, PRIO Blog, The EU’s response to the drone age: A united sky.
[Sep 23] Bisajit Dhar and KS Chalapati Rao, The Wire, Why an India-US Free Trade Agreement would require New Delhi to reorient key policies.
[Sep 23] Filip Cotfas, Money Control, Five reasons why data loss prevention has to be taken seriously.
[Sep 23] NF Mendoza, Tech Republic, 10 policy principles needed for artificial intelligence.
[Sep 24] Ali Ahmed, News Click, Are Indian armed forces turning partisan? : The changing civil-military relationship needs monitoring.
[Sep 24] Editorial, Deccan Herald, A polity drunk on Aadhaar.
[Sep 24] Mike Loukides, Quartz, The biggest problem with social media has nothing to do with free speech.
[Sep 24] Ananth Padmanabhan, Medianama, Civilian Drones: Privacy challenges and potential resolution.
[Sep 24] Celine Herwijer and Dominic Kailash Nath Waughray, World Economic Forum, How technology can fast-track the global goals.
[Sep 24] S. Jaishankar, Financial Times, Changing the status of Jammu and Kashmir will benefit all of India.
[Sep 24] Editorial, Livemint, Aadhaar Mark 2.
[Sep 24] Vishal Chawla, Analytics India Magazine, AI in Defence: How Indi compares to US, China, Russia and South Korea.
[Sep 25] Craig Borysowich, IT Toolbox, Origin of Markets for Artificial Intelligence.
[Sep 25] Sudeep Chakravarti, Livemint, After Assam, NRC troubles may visit ‘sister’ Tripura.
[Sep 25] DH Kass, MSSP Blog, Cyber Warfare: New Rules of Engagement?
[Sep 25] Chris Roberts, Observer, How artificial intelligence could make nuclear war more likely.
[Sep 25] Ken Tola, Forbes, What is cybersecurity?
[Sep 25] William Dixon and Jamil Farshchi, World Economic Forum, AI is transforming cybercrime. Here’s how we can fight back.
[Sep 25] Patrick Tucker, Defense One, Big Tech bulks up its anti-extremism group. But will it do more than talk?
[Sep 26] Udbhav Tiwari, Huffpost India, Despite last year’s Aadhaar judgement, Indians have less privacy than ever.
[Sep 26] Sylvia Mishra, Medianama, India and the United States: The time has come to collaborate on commercial drones.
[Sep 26] Subimal Bhattacharjee, The Hindu Business Line, Data flows and our national security interests.
[Sep 26] Ram Sagar, Analytics India Magazine, Top countries that are betting big on AI-based surveillance.
[Sep 26] Patrick Tucker, Defense One, AI will tell future medics who lives and who dies on the battlefield.
[Sep 26] Karen Hao, MIT Technology Review, This is how AI bias really happens – and why it’s so hard to fix.
[Sep 27] AG Noorani, Frontline, Kashmir dispute: Domestic or world issue?
[Sep 27] Sishanta Talukdar, Frontline, Final NRC list: List of exclusion.
[Sep 27] Freddie Stuart, Open Democracy, How facial recognition technology is bringing surveillance capitalism to our streets.
[Sep 27] Paul de Havilland, Crypto Briefing, Did Bitcoin crash or dip? Crypto’s trajectory moving forward.
[Sep 28] John Naughton, The Guardian, Will advances in quantum computing affect internet security?
[Sep 28] Suhrith Parthasarathy, The Hindu, The top court and a grave of freedom.
[Sep 28] Kazim Rizvi, YourStory, Data Protection Authority: the cornerstone to implement data privacy.
[Sep 28] Shekhar Gupta, The Print, Modi has convinced the world that Kashmir is India’s internal affair – but they’re still watching.
[Sep 29] Indrani Bagchi, The Economic Times, Why india needs to tread carefully on Kashmir.
[Sep 29] Medha Dutta Yadav, The New Indian Express, Data: Brave new frontier.
[Sep 29] Jon Markman, Forbes, New cybersecurity companies have their heads in the cloud.
[Sep 29] Editorial, The New York Times, On cybersecurity: Two scoops of perspective.
[Sep 30] Kuldip Singh, The Quint, New IAF Chief’s appointment: Why RKS Bhadauria must tread lightly.
[Sep 30] Karishma Koshal, The Caravan, With the data-protection bill in limbo, these policies contravene the right to privacy.

CCG’s Week in Review [June 17-24]: Curated News in Information Law and Policy

Posted on June 24, 2019 by Gunjan Chawla

From the Aadhaar Amendment Bill introduced in parliament today to US’ cyberattacks against Iranian military installations and India’s soon-to-be-formulated cybersecurity strategy — presenting this week’s most important developments in law and tech.

Data Protection

[June 18] Government stands firm on e-commerce, data security, Times of India report.
[June 18] Government executives, tech companies lock horns over data protection, draft ecommerce policies, Inc42 report.
[June 18] Karnataka to announce new IT policy with focus on Tier-II cities, Medianama report.
[June 19] Data Protection Bill to reach Parliament soon; rules may remain stringent, Business Standard report.
[June 20] Adtech industry ignores data protection laws, UK regulator rules, Forbes magazine report.
[June 20] Data skills in demand as data becomes the new oil, Business Today report.
[June 21] India is set to become a data powerhouse, confirms Piyush Goyal, Entrepreneur India report.

E-Commerce Policy and Digital Payments

[June 18] RBI to examine concerns over data localisation rule: Government, Money Control report; The Wire report.
[June 19] India to counter US protectionism with e-commerce, data security bills, Hindustan Times report.
[June 18] Commerce Ministry: MeitY, RBI to realise full use of digitisation in trade: Piyush Goyal, United News India report.
[June 19] Piyush Goyal meets retailers and Kirana stores representatives to discuss e-commerce policy, Business Today report.
[June 20] Digital payments zoom past FY 19 target driven by private lenders, Economic times report.
[June 20] A more robust Digital India 2.0 to be unveiled soon, DNA India report.
[June 24] Data Protection and Aadhaar Amendment Bills listed for budget session, Economic Times report.
[June 24] RBI increases focus on cybersecurity as India’s digital payment craze peaks, Analytics India magazine report, Analytics India magazine report.

Aadhaar

[June 21] GST Council approves Aadhaar card for GSTN registration , Deccan Chronicle report.
[June 22] Aadhaar is very well protected, says cybersecurity chief Rajesh Pant, NDTV report; Business Standard report.
[June 23] India’s Aadhaar technology a big hit with other nations? Here’s more: India could soon start exporting e-governance software products like Aadhaar to at least 20 Asian and African countries, Qrius report.
[June 23] Aadhaar ousts 5.53 lakh fake ration beneficiaries in Mumbai and Thane, Indian Express report.
[June 24] IT Minister RS Prasad introduces Aadhaar amendment bill in Parliament, “Aadhaar does not violate privacy, is in national interest” Medianama report.

Blockchain and Crypto

[June 17] Europol looks to strengthen crypto and blockchain knowledge, CNN report.
[June 18] Facebook announces Calibra cryptocurrency wallet, wants to create universal currency with Libra, India Today report; Quartz report; Medianama’s all-you-need-to-know summary.
[June 20] Libra could be unbalanced by India’s crypto laws, Coin Desk report.
[June 21] The Week in tech: Facebook’s Crypto Dream Faces deep Mistrust, New York Times report.
[June 22] Global money laundering watchdog has crypto in its sights, Al Jazeera report.
[June 24] Inc42 report on Cryptocurrencvy this week: Facebook’s Libra, Russia to adopt crypto regulations, FATF recommendations and more.

Free Speech / Tech and Law Enforcement

[June 18] Why post on Pulwama intelligence failure blocked on twitter, Digvijaya Singh fumes, India Today report.
[June 18] India asks WhatsApp to fingerprint messages to ensure traceability, The Economic Times report; Medianama report.
[June 18] India bullies Twitter into banning accounts of American, British students thousands of miles away, The Daily Beast report.
[June 19] India forces Twitter to suspend open source intelligence handles, The Week report.
[June 20] Rapper Hard Kaur charged with sedition for post against Adityanath, Bhagwat, The Wire report.
[June 21] No, India did not bully Twitter into banning OSINT accounts, India Today report.

Internet Shutdowns

[June 21] Internet suspended in parts of West Bengal’s North 24 parganas district, Medianama report.
[June 23] Myanmar blocks internet as violence escalates in Rakhine state, The National report.

Big Tech

[June 20] Big tech fears US regulation, but it may be Ireland that should scare them, CNBC report.
[June 23] Apple or Android? What is the NDA Cabinet using? Spoiler: Amit Shah prefers iPhone XS, The Economic Times report.

Emerging Tech/ Aritificial Intelligence (AI)

[June 19] Microsoft launches AI Digital labs in India, aims to train 1.5 lakh students , Medianama report.
[June 24] Hybrid cloud technology is safe but the security it offers isn’t absolute, Financial Express report,

Telecom/ 5G

[June 20] Why 5G is the next headache for some of India’s richest men, ET Telecom report.
[June 20] 5G will power IOT networks, it will also make cyberattacks easier- are telcos listening? ET Prime report.
[June 21] DoT to roll out centralised database of all IMEI numbers “in the coming weeks”: Indian Express report; Medianama report.

More on Huawei

[June 19] Qualcomm and Intel are quietly lobbying against Trump’s Huawei ban, Android Central report.
[June 19] Don’t share our goods with Huawei: US to Indian companies in letter to MEA, The Economic Times report.
[June 19] US ban on Huawei presents Nokia and Ericsson with a huge opportunity, Business Standard report.
[June 20] Huawei technology exposes millions of peoples’ calls to surveillance, US warns, Forbes report.
[June 20] DoT alone will not take call on Huawei, says telecom secretary Aruna Sundarajan, Live Mint report.
[June 20] China asks India to make an independent judgment on Huawei, New Indian Express report.
[June 22] Huawei reportedly sued US Commerce department over seized equipment, ramping up trade war tensions, the Business insider report.
[June 23] Huawei urges India to take ‘informed’ decision on let5tting it join 5G trial, Business Standard report.

Cybersecurity

[June 17] Millions of Venmo transactions scraped in warning over privacy settings, Tech Crunch report.
[June 18] ‘Shot on OnePlus’ app leaked users’ email addresses and other personal data for years, NDTV report; Medianama report.
[June 19] US Senate bill to strengthen cybersecurity coordination with state and local governments, Federal News Network report.
[June 20] Data protection startup Driva’s valuation crosses $1 billion, joins unicorn club, Business Standard report.
[June 21] India, France to deepen cooperation in the cybersecurity sector, All India Radio report.
[June 22] India’s Cybersecurity Strategy Policy in 2020, says National Cybersecurity Coordinator Rajesh Pant, Medianma report.
[June 22] US blacklists 5 Chinese groups working in supercomputing, National Herald report.

Cyberwarfare

[June 15] US escalates attacks on Russia’s power grid, The New York Times report.
[June 17]Experts propose feds use sanctions and cyberweapons to fight deepfakes, Defense One report.
[June 21] Trump made the right call by not pulling the trigger on Iran after it shot down a US drone, former officials say, Business Insider report.
[June 22] Iranian hackers wage cyber campaign amid ongoing tensions with the US, Time Magazine report.
[June 23] Trump approved cyberattacks on Iran after drone downing, Al Jazeera report.
[June 23] US carried out cyberattacks on Iran, New York Times report; The Wall Street Journal report; The Hindu report.

Tech and Military

[June 17] Sniper rifles for India Army delayed as 20 firms offer weapon, but none make ammunition, Defense Aviation Post report.
[June 18] Paris Air Show: Dassault, Airbus unveil stealth jet to replace Rafale, The Week report.
[June 18] Defence University to Defence Chief – Modi Government now has political capital for the big reforms, The Print report.
[June 18] US voices interoperability concerns about Indian S-400 procurement, Jane’s Defence Weekly report.
[June 19] India-US military trade: Partnership between the two nations on an upwards trend, the Financial Express report.
[June 19] Great power competition ushers in a new generation of european weapons, Defense One report.
[June 20] Make aero engines in India for self-reliance: Defence experts, Outlook India report.
[June 21] Navy issues EoI for shortlisting Strategic Partners for building six submarines worth Rs. 45,000 crore, Economic Times report; Business standard report.
[June 21] Two Bengaluru startups first to get CGCA certification for drones Medianama report.
[June 22] One more UPA era defence deal under scanner: CBI searches Sanjay Bhandari’s house, The Deccan herald report ; The Hindu report.
[June 22] US and India to soon sign industrial security annex which will allow transfer of advanced defence technology, Swarajya magazine report.
[June 24] India lining up defence deals worth $10 billion with US amid trade row, Times of India report.
[June 23] Defence forces hope FM will leave enough funds for modernisation in Budget, The Economic Times report.
[June 24] India scraps $500 million arms deal with Israel after DRDO promises Make in India, Indian Express report, International Business times report.
[June 22] Own space station is crucial to India, says ISRO chairman K. Sivan, Business Standard report.

Opinions and Analyses

[June 17] GDPR: Looking to the year ahead, Cooley LLP analysis.
[June 18] Amit Cowshish, Analysis for the IDSA/ Indian Defence Review, Design and Development of equipment by DRDO, DPSUs and Ordnance Factories.
[June 18] China Cybersecurity and Data Protection monthly update by Herbert Smith Freehills on Lexology.
[June 18] Medianama summary: Copyright Amendment Rules 2019: statutory licensing for internet broadcasting firms, stricter code of conduct for copyright societies, etc.
[June 18] Michael Schmitt’s analysis for Just Security (blog), ‘US Cyber Command, Russia and Critical Infrastructure: What Norms and Laws Apply?’.
[June 18] Robert Chesney’s analysis for Lawfare (blog), US Cyber Command and the Russian Grid: Proportional Countermeasures, Statutory Authorities and Presidential Notification.
[June 19] Matthew de Silva, Quartz, The problem with Facebook calling its crypto “Libra”,
[June 19] Is tech too intertwined for Huawei to fall? Fortune analysis.
[June 19] 2001-2019: Huawei’s long history of being considered a national security threat, Medianama summary.
[June 20] Ishan Mehta, Wired, under Trump, the fight against cybercrime has waned.
[June 20] Aayush Mohanty, The Economic Times blog, India’s security interests vis-a-vis the US’ Hobson’s choice.
[June 20] Mei Bowen, Economic Times Telecom, 5G puts the spotlight on network security.
[June 23] Manish Tewari, The Asian Age, The case for regulating social media in India.
[June 21] Martin Giles, MIT Tech Review, Five Reasons why “hacking back” is a recipe for cybersecurity chaos.
[June 23] Zack Doffman, Forbes magazine, US attacks Iran with cyber not missiles—a game changer, not backtrack.

The CCG Blog

Information Law and Policy & Emerging Tech and National Security

Tag Archives: cyberwarfare

Technology & National Security Reflection Series Paper 8: Tallinn Manuals as Law of the States or for the States– a Sola Fide Exploration?

Technology and National Security Law Reflection Series Paper 5: Legality of Cyber Weapons Under International Law

The Pegasus Hack–II: Secrecy for Snooping in Public Procurement?

Technology and National Security Law and Policy: Seminar Course Curriculum [February-June 2020]

CCG’s Comments to the National Security Council Secretariat on the National Cyber Security Strategy 2020

[September 23-30] CCG’s Week in Review: Curated News in Information Law and Policy

CCG’s Week in Review [June 17-24]: Curated News in Information Law and Policy

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this: