Archive for ◊ June, 2013 ◊

• Thursday, June 20th, 2013

Suggested Technological Safeguards To Fight Back Against Projects Like Prism And CMSThe recent exposure of United States e-surveillance exercises through PRISM project by National Investigation Agency (NSA) is now well known and globally protested. India  has not only expressed its concerns regarding e-surveillance exercises by U.S. agencies but has also demanded information about the data and information of Indians accessed during such project that has resulted in violation of their civil liberties.

This reaction is natural as James Clapper, director of NSA, has confirmed that NSA has been targeting foreign citizens for surveillance and this includes Indian citizens as well. Speculations about use of Utah data centre for e-surveillance purposes have also been raised but NSA has denied the same in the past. Further, national security letters (NSLs) are openly used by FBI to gather warrant less information.

The command and control servers of malware and e-surveillance tool FinFisher have also been found in 36 countries including India. Cyber espionage tools like Stuxnet, Duqu, Flame, etc are already used widely by national governments. In the absence of internationally acceptable cyber law and cyber security treaties, there is no uniform application of international law to tackle cyber terrorism and cyber warfare. Even Tallinn manual is not applicable to international cyber warfare attacks and defence.

Meanwhile, India has launched its own version of PRISM in the form of Central Monitoring System (CMS) that is extremely dangerous in nature. India has also announced initiatives like national critical information infrastructure protection centre (NCIPC), national cyber coordination centre (NCCC), national intelligence grid (Natgrid), etc. None of these projects are governed by any regulatory framework and parliamentary oversight.

Further, in the absence of privacy laws and constitutional lawful interceptions laws in India, the CMS is even worst than the PRISM project of NSA. Nevertheless no sovereign government would allow other government to do e-surveillance and eavesdropping upon its citizens, at least not openly.

Civil liberties protection in cyberspace is a very difficult process. This is the reason that even the United Nation has taken decades to raise protest against e-surveillance. So we have governments that are well committed to indulge in e-surveillance, we have inadequate or no laws to protect privacy and we have no international organisation to support civil liberties protection in cyberspace.

So what is the alternative left to us to protect our civil liberties in cyberspace? We believe that self defence in cyberspace is the only viable option left to those who wish to exercise their civil liberties in cyberspace. Technology can assist us in achieving this task.

We can use disposable e-mails to avoid e-mail surveillance, safeguards like TOR against illegal Internet eavesdropping and sniffing, use TOR for instant messaging (IM) and mobile phones for private and secure conversations, for Blackberry users and those believing in a good combination of privacy and security, use Pretty Good Privacy (PGP) along with any good smart phone, use Enigmail for encrypted e-mails, use VPNs and reliable proxies, use open source browsers like Firefox with addons, use secured connections while communicating online, use of search engines like Startpage or DuckDuckGo, etc.

There are many more options available here that can be availed of by civil liberty activists around the world. We hope these tools and resources would help Indian citizens to reclaim their privacy and civil liberties in Indian cyberspace.

Category: Uncategorized  | Comments off
• Thursday, June 20th, 2013

EU India Free Trade Agreement (FTA) May Be Narrowed Down Due To DifferencesThe European Union and Indian Free Trade Agreement (FTA) has never been smooth. Whether it is border enforcement of intellectual property rights (IPRs) of Indian goods meant for third countries destinations or dispute at WTO the negotiations between EU and India were never hassle free.

Even some controversial dialogues like removal of India from Generalised Systems of Preferences (GSP) Scheme of EU, disagreements over TRIPS Plus provisions vis-à-vis IPRs, issues of Data Exclusivity, etc also surfaced. However, all these issues were amicable settled between India and EU.

Further, India is expecting a Data Secure Nation Status from European Union.  Once this status is granted, formal objections against India as a weak data protection nation would be discarded out rightly. This would also attract more outsourced work in India.

However, EU is in no mood to confer this status upon India lightly. EU has refused to grant data secure status to Indian information technology companies and instead offering a data adequacy status. Similar status has been given by EU to U.S.

India has also made its stand stern and has declared that it may sign a FTA with EU with a narrow political window. This means that India would be unwilling to offer further tariff cuts for automobiles and would provide no room to flexibilities on pharmaceuticals and government procurement.

EU has been raising various demands for the past seven years since the negotiations began. Some of them are not even tenable at the moment. For instance, regarding the government procurement, EU has demanded commitments based on the proposed public procurement law, which has not even been placed before Parliament. India has given an assurance that it would look into the matter once the law is passed but for EU it is a pre condition for the FTA.

EU is pushing for preference in government purchases for European companies, which is unacceptable to India as India is willing to ensure that orders above a specified value are bid out and European bidders are not at a disadvantage.
EU is raising issues at the last minute where political consensus is very difficult to achieve. India would be witnessing general elections next summer and with the present pace, a FTA between EU and India is not possible. So as on date there seems to be a deadlock between EU and India on the FTA.

Source: IPRs Blog Of PTLB.

Category: Uncategorized  | Comments off
• Monday, June 03rd, 2013

US-Refuses-To-Serve-Indian-Summons-Upon-US-Websites-Including-Facebook-And-GoogleIndia is in a habit to indulge in phone tapping and e-surveillance without court warrants and it expected similar treatment from United States. However, U.S. made it very clear that in order to obtain information and data, the judicial route cannot be ignored.

Previously, U.S. refused to serve summons upon Google, Facebook, etc citing civil liberty concerns. This process of serving summons upon U.S. websites through U.S. government was adopted as the Indian subsidiaries of these foreign companies took the defence that they are just sales outlets in India and nothing more.

Naturally, India had to serve summons upon the parent companies by invoking the Indo-US mutual legal assistance treaty but the same failed to materialise in India’s favour. Frustrated by these attempts, India tried to explore all possible courses of actions. These include setting up of servers in India by VOIP providers and other providers providing encryption services, launching India’s own social media platforms, launching of e-surveillance projects like Aadhaar, central monitoring system, national intelligence grid, etc.

The idea is to route all the traffic through Indian servers and systems so that they can be analysed at will and without any intervention of ISPs, social media platforms, etc. However, in its zest to gain unrestricted information access, India has failed to maintain a balance between national security requirements and civil liberty protections. The refusal by U.S. is a good wake up call for India in this regard.

As on date we have no constitutionally sound lawful interception law in India.  For instance, the cell site data location laws in India and privacy issues must be suitably regulated by a new law. Similarly, the cell site location based e-surveillance in India and surveillance of internet traffic in India must also be part and parcel of a new legislation.

Indian government has given some hints regarding enactment of a privacy law for India. The proposed law may carry a provision that imposes a penalty of Rs. 2 crore for illegal phone tapping in India.

Indian security agencies are now exploring their options in this regard. One of them is to amend the Information Technology Act, 2000 so that global internet operators providing IT services in India are represented by a duly registered legal entity in India. They believe that this would facilitate them to serve summons upon Indian entitles.

Category: Uncategorized  | Comments off