Sarai I-Fellowship Post 4.2
Thanks to the assistance of Prof. Ramarkrishna, a faculty member here at NLSIU Bangalore, I was able to meet Detective Inspector Vinayak of the Karnataka Police and ask several questions of him regarding Internet regulation here in the State of Karnataka. He answered most of my questions, though he did indicate that he'd prefer that I not maintain an audio recording since he thought that it would be more appropriate that I recorded one with his superiors instead.
What I gathered from him is as follows. With regards as to whether there is any specific sanction for the regulatory framework here concerning cybercafes here, there is a government order to that effect. This government order (which one should remember is an exercise of rule creation by the executive; not clear sanction by the legislature) apparently mandates that cybercafes have to maintain information as to their users, and that to in a prescribed register format. Supposedly, this government order was passed under the Information Technology Act, 2000 though I personally maintain that the Act in fact does not provide any such clear authority. Inspector Vinayak also stated that the Secretary, Information Technology & Biotechnology has been designated as the adjudicatory authority here in this state, meaning that all civil matters in Karnataka coming under the Information Technology Act come to him.
With respect to the issue of the regulation of access to certain forms of online content, mainly the classic example of pornography, I was told that there are no special rules here in Karnataka concerning access. According to Inspector Vinayak, accessing such materials was generally not a crime and hence not a matter of concern to the Karnataka Police. However, with respect to the issue of whether the usage of cybercafes to access pornographic online content was an issue as important to the Karnataka Police as it is to the Mumbai Police (whose concern for the same is quite well reported), he said that while it was not as deep a concern it still had to be kept in mind that exhibition of such content in a public place was as offence under the Indian Penal Code in the view of the Karnataka Police. On the issue of publishing such content online, he said that there was one case taken on by the Karnataka Police concerning the maintenance of a website with such material, though he wasn't clear as to the details.
He was aware of the notification empowering CERT-In as the nodal agency for all website blocking requests, and in response to a query of mine said that there had been no such website blocking requests from Karnataka as per his knowledge. As to the matter of how the Karnataka Police engage with Internet Service Providers (ISPs), it is apparently the case that these ISPs provide direct evidence of access and physical addresses of users when requested to do so by the police. The exact manner in which such requests were framed was not clear, though he seemed to indicate that is was mostly done in the course of investigation of specific cases.
Saturday 3 November 2007
Friday 2 November 2007
A glimpse into CERT-IN: An interview with Dr. Gulshan Rai
Sarai I-Fellowship Post 4.1
I had first met Dr. Gulshan Rai back in early 2006 when I was part of the Law and Technology Committee here at the National Law School, to publicize the first issue of the Indian Journal of Law and Technology. Dr Rai is an official with the Department of Information Technology, Ministry of Communications and Information Technology, Government of India, heading (at least at that time) ERNET (Education Resource Network) and part of the cyber laws drafting section, but far more famous for his role as head of the Computer Emergency Response Team for India, commonly knows as CERT-In. Originally set up on the pattern of Computer Emergency Response teams worldwide to deal with matters pertaining to analyzing and issuing advisories concerning internet security matters (i.e. with respect to viruses, worms, cracking attempts on servers etc), CERT-In was later oddly enough empowered to review requests for blocking website and order for the same to be complied with by means of Notification G.S.R.181(E) issued by the Department of Information Technology, Ministry of Communications and Information Technology on 27th February 2003. Granted this, plus Dr. Rai's considerable history with respect to technology law legislation in India owing to his involvement in the drafting of the Information Technology Act, 2000 I thought he would be a perfect person to interview in order to get into a glimpse of the plans and general approach towards Internet regulation matters at the central level of the Department of Information Technology.
I've posted a rough draft transcript of the audio record of my interview with Dr. Gulshan Rai in June 2007 up on Google Documents here. Once I convert the audio record into a usable digital format, I'll try posting that along with a further cleaned up version of the transcript.
Without going into every detail, the interview was quite interesting in several respects. Perhaps the most noticeable was the constant assertion that the Indian Government did not seek to "censor" the Internet in any way. That term in fact seemed to be anathema with Dr. Rai repeatedly going out of his way to state that it was the Government's aim to censor online content. Arguably, this would seem to be a fallout of the immense negative publicity that the Government in general and CERT-In specifically received due to the blog blocking controversy of July, 2006. Trying to find out more about that incident specifically was a dead end, with him pointedly stating that he did not want to touch upon that the details of that matter at all. He did reveal two interesting points though. Firstly, with respect to the authority under which the aforementioned notification was made empowering CERT-In to act as a nodal agency for site blocking, he said that it was under Section 67, dealing with obscenity, and Section 69, which actually only deals with the power to intercept and decrypt information. This is interesting since it seems to confirm the argument that the notification really doesn't have any explicit legislative authority, since these sections of the Information Technology Act doesn't talk about the general power to block sites anywhere. Secondly, on the point of dissent to site blocking, especially in relation to the blocking of blogs in July 2006, he put the source of all the protest raised as originating from bloggers who had lost access to their facilities and to the media, but of whom the latter had changed its stance concerning Internet regulation now. Essentially, citing Barkha Dutt of NDTV as an example for some reason, he said that incidents of defamation and stalking using networking sites like Orkut had made people change their minds since they were aware that the use the Internet "to malign anybody!". Using this, he seemed to be indicating that the need for the Government so have structures and mechanisms in place by which online content could be dealt with in certain circumstances was now accepted by the Indian public. However, with the exception of instances of defamation, he seemed to be strenuously avoid indicating in clear terms what other instances would necessitate the exercise of the power of the Government regulate Internet content, most notably with regards political speech and possible security related matters.
Notably, Dr. Rai seemed to agree with the oft-quoted position that the cultural background of nations such as the United States (of particular interest due to the fact of the regulation of speech and expression on the Internet being particularly focused upon and subject to oft-successful challenges) being different than that of India meant that we have to look at such matters in somewhat a different way owing for our particular conceptions regarding permissible speech. Yet, he went out of his way to dissuade any comparisons to China, stating that it was a dictatorship while India was a democracy. This emphasis on India's democratic protection of free speech even went to the point of claiming that it was more free than that of the US! Its an interesting reaction to all the negative publicity concerning the actions of the Indian Government in recent times with respect to Internet regulation.
It seemed to be a well accepted point from his various statements that the Internet was definitely regarded by the Government to be situated within the ambit of the power of the State to regulate. However, what seemed to be lacking here vis-a-vis such situations in other comparative nations was the clarity (at least with respect to what's accessible generally by the public) as to the rationale and authority for such regulation by the State, along with the question of whether any clear, explicit policy statements for how the State planned to engage in the same in the future. He was not able to clearly say as to how various proposed state level laws concerning the regulation of cybercafes were going to be taken up and coordinated, and also as to whether and how Parliament was going to address such issues in the form of legislation besides the proposed Information Technology Act Amendments (Notes: This was before the latest draft amendments, which now refer to CERT-In with respect to website blocking). He was clear however that encryption was one matter that the State had situated within its network of control. On the more sensitive matter of installing controls at the level of gateway servers in India, he placed it within the realm of the hypothetical and hence not answerable. More interestingly, he said that he had no information at all concerning the monitoring of Internet communication in India - he did not in any way say that it was in fact no happening but instead claimed that he knew nothing about it. It would seem that in that respect, the Indian State refuses to allow any peek into many aspects of its instruments and structures of power and control over speech and expression on the Internet. Its therefore an issue that begins with transparency as to current structures and proposed mechanisms, and whether the State can in fact do so as per the restrictions cast on it by our constitutional norms and legal framework.
I had first met Dr. Gulshan Rai back in early 2006 when I was part of the Law and Technology Committee here at the National Law School, to publicize the first issue of the Indian Journal of Law and Technology. Dr Rai is an official with the Department of Information Technology, Ministry of Communications and Information Technology, Government of India, heading (at least at that time) ERNET (Education Resource Network) and part of the cyber laws drafting section, but far more famous for his role as head of the Computer Emergency Response Team for India, commonly knows as CERT-In. Originally set up on the pattern of Computer Emergency Response teams worldwide to deal with matters pertaining to analyzing and issuing advisories concerning internet security matters (i.e. with respect to viruses, worms, cracking attempts on servers etc), CERT-In was later oddly enough empowered to review requests for blocking website and order for the same to be complied with by means of Notification G.S.R.181(E) issued by the Department of Information Technology, Ministry of Communications and Information Technology on 27th February 2003. Granted this, plus Dr. Rai's considerable history with respect to technology law legislation in India owing to his involvement in the drafting of the Information Technology Act, 2000 I thought he would be a perfect person to interview in order to get into a glimpse of the plans and general approach towards Internet regulation matters at the central level of the Department of Information Technology.
I've posted a rough draft transcript of the audio record of my interview with Dr. Gulshan Rai in June 2007 up on Google Documents here. Once I convert the audio record into a usable digital format, I'll try posting that along with a further cleaned up version of the transcript.
Without going into every detail, the interview was quite interesting in several respects. Perhaps the most noticeable was the constant assertion that the Indian Government did not seek to "censor" the Internet in any way. That term in fact seemed to be anathema with Dr. Rai repeatedly going out of his way to state that it was the Government's aim to censor online content. Arguably, this would seem to be a fallout of the immense negative publicity that the Government in general and CERT-In specifically received due to the blog blocking controversy of July, 2006. Trying to find out more about that incident specifically was a dead end, with him pointedly stating that he did not want to touch upon that the details of that matter at all. He did reveal two interesting points though. Firstly, with respect to the authority under which the aforementioned notification was made empowering CERT-In to act as a nodal agency for site blocking, he said that it was under Section 67, dealing with obscenity, and Section 69, which actually only deals with the power to intercept and decrypt information. This is interesting since it seems to confirm the argument that the notification really doesn't have any explicit legislative authority, since these sections of the Information Technology Act doesn't talk about the general power to block sites anywhere. Secondly, on the point of dissent to site blocking, especially in relation to the blocking of blogs in July 2006, he put the source of all the protest raised as originating from bloggers who had lost access to their facilities and to the media, but of whom the latter had changed its stance concerning Internet regulation now. Essentially, citing Barkha Dutt of NDTV as an example for some reason, he said that incidents of defamation and stalking using networking sites like Orkut had made people change their minds since they were aware that the use the Internet "to malign anybody!". Using this, he seemed to be indicating that the need for the Government so have structures and mechanisms in place by which online content could be dealt with in certain circumstances was now accepted by the Indian public. However, with the exception of instances of defamation, he seemed to be strenuously avoid indicating in clear terms what other instances would necessitate the exercise of the power of the Government regulate Internet content, most notably with regards political speech and possible security related matters.
Notably, Dr. Rai seemed to agree with the oft-quoted position that the cultural background of nations such as the United States (of particular interest due to the fact of the regulation of speech and expression on the Internet being particularly focused upon and subject to oft-successful challenges) being different than that of India meant that we have to look at such matters in somewhat a different way owing for our particular conceptions regarding permissible speech. Yet, he went out of his way to dissuade any comparisons to China, stating that it was a dictatorship while India was a democracy. This emphasis on India's democratic protection of free speech even went to the point of claiming that it was more free than that of the US! Its an interesting reaction to all the negative publicity concerning the actions of the Indian Government in recent times with respect to Internet regulation.
It seemed to be a well accepted point from his various statements that the Internet was definitely regarded by the Government to be situated within the ambit of the power of the State to regulate. However, what seemed to be lacking here vis-a-vis such situations in other comparative nations was the clarity (at least with respect to what's accessible generally by the public) as to the rationale and authority for such regulation by the State, along with the question of whether any clear, explicit policy statements for how the State planned to engage in the same in the future. He was not able to clearly say as to how various proposed state level laws concerning the regulation of cybercafes were going to be taken up and coordinated, and also as to whether and how Parliament was going to address such issues in the form of legislation besides the proposed Information Technology Act Amendments (Notes: This was before the latest draft amendments, which now refer to CERT-In with respect to website blocking). He was clear however that encryption was one matter that the State had situated within its network of control. On the more sensitive matter of installing controls at the level of gateway servers in India, he placed it within the realm of the hypothetical and hence not answerable. More interestingly, he said that he had no information at all concerning the monitoring of Internet communication in India - he did not in any way say that it was in fact no happening but instead claimed that he knew nothing about it. It would seem that in that respect, the Indian State refuses to allow any peek into many aspects of its instruments and structures of power and control over speech and expression on the Internet. Its therefore an issue that begins with transparency as to current structures and proposed mechanisms, and whether the State can in fact do so as per the restrictions cast on it by our constitutional norms and legal framework.
Subscribe to:
Posts (Atom)
