Identity, Minorities, Social Networking and Privacy
PRIVACY MATTERS: Identity, Minorities, Social Networking and Privacy
CONFERENCE SUMMARY
On the 5th of February, civil society, lawyers, students, NGO‟s, and representatives from the IT companies gathered together at the TERI Southern Regional Center to take part in ‘Privacy Matters’ – a public conference held to discuss privacy issues in India, and the privacy legislation that has been proposed in the parliament.
The conference was opened by Prashant Iyengar, head researcher at Privacy India. Mr. Iyengar explained the mandate of Privacy India, which is to raise awareness of privacy, spark civil action, and promote democratic dialogue around privacy challenges and violations in India.
“Privacy India’s objectives are to raise awareness, spark civil action, and promote democratic dialogue around privacy challenges and violations in India. One of Privacy India’s goals is to build consensus towards the promulgation of a comprehensive privacy legislation in India through consultations with the public, legislators and the legal and academic community” – Prashant Iyengar, Privacy India
KEYNOTE
ASHISH RAJADHYAKKSHA, SENIOR FELLOW, CENTRE FOR THE STUDY OF CULTURE & SOCIETY
Mr. Rajadhyaksha delivered the keynote speech. In his presentation he focused on privacy in relation to the changing nature of the individual. He pointed out how humans are now becoming technologically enhanced individuals – in essence cybernetic organisms. These technological enhancements can be both positive and negative, but in both cases come with multiple and complicated questions of privacy, because the technological enhancements facilitate everyday life but at the same time create possible privacy violations. He further raised the point that people are not aware of these privacy implications, and thus violations of privacy are not seen as coercive acts, and people do not see their liberty as being placed at risk or challenged.
Questions to Consider
· How do we define claim rights vs. liberty rights in terms of privacy?
· How do we define our rights in terms of privacy?
PRIVACY AND MINORITIES
SESSION I OF THE CONFERENCE FOCUSED ON THE PRIVACY RIGHTS OF MINORITIES AND PRIVACY AND OPEN GOVERNMENT DATA
Zainab Bawa, CIS RAW fellow spoke on Privacy and Open Government Data. Her presentation, titled Property Rights, Privacy, and Open Government Data looked at how data by governmental agencies is handled. Her research is specifically on land records and the government. In her work she looks at:
· How data bases are designed
· How documents are translated into English
· How hardcopy documents are digitized
· How information is posted
· What are the privacy implications for all these processes?
Questions to Consider
· How can a privacy legislation insure that when data bases are architected, they are structured in a way that is appropriate for that type of data?
· How can a privacy legislation work to ensure that when records are digitized, information is not lost or manipulated?
· What are ways in which the Government can post data, so that it is both open and not in violation of an individual‟s privacy?
Shubha Chacko from Sangama spoke on the issues of sex workers and questions of privacy. Ms. Chacko opened her presentation by pointing out that there is a common conception that sex workers have no rights to privacy. She then talked about the precarious position sex workers find themselves in, because the law and society find it offensive that a sex worker brings into the public sphere what society believes is to happen in the private. Ms.Chacko also spoke on the invasive techniques that sex workers are subjected to such as HIV intervention and open disclosure of health records, and how these invasive techniques take away the privacy of sex workers. Furthermore, the nature of sex workers work means that they are not privy to the same right of anonymity that many believe is an important principle of privacy. Ms. Chacko closed her presentation by pointing out that the UID might actually bring privacy to sex workers.
Closing the panel, Sahana Basavapatna spoke on refugees, the UID, and privacy. Ms. Basavapatna spoke about the difficult situation that refugees are placed in as they have no identity in India, but are also easily identified.
Questions to Consider
· How can a privacy legislation ensure anonymity for all citizens when necessary?
· Should specific steps be taken in a privacy legislation to ensure the privacy of minorities such as refugees and sex workers?
· How can a privacy legislation be framed and implemented in order to not perpetuate existing societal stigmas?
IDENTITY AND PRIVACY
SESSION III OF THE CONFERENCE FOCUSED ON IDENTITY AND PRIVACY
Hamish Fraser (Partner at Truman Hoyle, Sydney, Australia) spoke on the Australia Identity card, and how, among other reasons, it was privacy concerns that squashed the identity card in Australia. Furthermore, out of the attempt to make an Australian Identity Card, the Privacy Act of 1995 was passed. Currently in Australia individuals do not have identity cards, but instead they have numbers for different services – such as a tax number, a health number, and a driver license number. These numbers are not unique, and one number for a certain service cannot be used for another service, thus the government cannot track an individual by their number. Mr. Hamish also touched on the ten principles of privacy that the Australian legislation adopts, and pointed out that though the legislation does not have strong teeth, in Australia there is a strong culture of privacy that makes the law enforceable.
Michael Whitener (Principal and co-founder of VistaLaw International LLC) spoke next. His presentation titled “Science Fiction Becomes Reality, but at What Cost” focused on the privacy aspects of biometrics and changing technology.
Questions to Consider
· How are court regulators going to balance the privacy rights against the need for authentication?
· What will be the requirements for securing storage of biometric data?
· How will a legislation or privacy policy respond to security breaches?
· How will legislation answer the question of what constitutes “consent”?
· What privacy principles should a privacy legislation in India enforce?
· Should a privacy legislation allow an individual to be “forgotten”?
· How could a privacy legislation be given either legal or social teeth in India?
Raman Chima, Privacy analyst for Google, was the final speaker on the panel. Mr. Chima worked to expose many myths that people hold about why Google collects information, and how they use that information. For instance Google gathers limited information to develop valuable products and services, and to develop innovative products that reflect strong privacy standards. Mr. Chima also pointed out that though online tracking can have negative implications, it also has many positive implications – such as allowing spam to be stopped and tracking disease in areas. He concluded his presentation by urging citizens to become more informed, and ask for more rights. He also pointed out that privacy has yet to be spelled out and presented in a way that any person can comprehend, understand, respect, and follows
Questions to Consider
·Should a privacy legislation regulate how much access to private citizens records is the government granted?
·How can a privacy legislation be drafted and implemented, so that is practical and applicable for the common citizen?
PRIVACY AND SOCIAL NETWORKING
SESSION IV OF THE CONFERENCE FOCUSED ON PRIVACY AND SOCIAL NETWORKING
Ujjvala Ballal from Inclusive Planet , a social networking site for the disabled, focused her presentation on the privacy rights of the disabled. She raised the point that disabled people have been struggling for equal access rights for many years. In the process they have lost much of the privacy that they have a right to. She went on to explain that there are many privacy issues that are unique to a disabled persons. Some of which include: the disclosure of their disability, the stigma that comes along with their disability, and the denial of services based on their disability.
Gagan K. (NLSIU Law Student) spoke on Privacy Issues in Social Networking Websites. Gagan pointed out that on social networking sites privacy issues include:
· Data mining
· Profiling
· Third party disclosure.
Questions to Consider
·Should information pertaining to the disabled be held to higher standards of privacy, because of its sensitive nature?
·How can a privacy legislation be drafted, so it is accessible to the disabled?
·Could a privacy legislation construct regulations on the handling of data, in order to prevent profiling and discrimination?
CONCLUSION
THE CONCLUDING SESSION WAS A TIME FOR DISCUSSION AND OPINION SHARING
From the closing session, and the above sessions many themes and questions pertaining to privacy came out that will need to be addressed when considering the way forward for a privacy legislation including:
·Property rights and privacy
·The right to be forgotten
·Privacy rights of minorities
·Privacy and open government data- how is it collected, transferred, stored, and reproduced
·Privacy and foreigners (refugees, illegal migration, etc)
·Recognizing privacy rights in a changing technological society
·Privacy implications of biometric usage
·Privacy rights superseding identification needs
·Corporate privacy policies
·Privacy rights and the disabled
·Privacy rights and social networking
Identity, Minorities, Social Networking and Privacy
PRIVACY MATTERS
CONFERENCE SUMMARY
On the 5th of February, civil society, lawyers, students, NGO‟s, and representatives from the IT companies gathered together at the TERI Southern Regional Center to take part in ‘Privacy Matters’ – a public conference held to discuss privacy issues in India, and the privacy legislation that has been proposed in the parliament. The conference was opened by Prashant Iyengar, head researcher at Privacy India. Mr. Iyengar explained the mandate of Privacy India, which is to raise awareness of privacy, spark civil action, and promote democratic dialogue around privacy challenges and violations in India.
“Privacy India’s objectives are to raise awareness, spark civil action, and promote democratic dialogue around privacy challenges and violations in India. One of Privacy India’s goals is to build consensus towards the promulgation of a comprehensive privacy legislation in India through consultations with the public, legislators and the legal and academic community” – Prashant Iyengar, Privacy India
KEYNOTE
ASHISH RAJADHYAKKSHA, SENIOR FELLOW, CENTRE FOR THE STUDY OF CULTURE & SOCIETY
Mr. Rajadhyaksha delivered the keynote speech. In his presentation he focused on privacy in relation to the changing nature of the individual. He pointed out how humans are now becoming technologically enhanced individuals – in essence cybernetic organisms. These technological enhancements can be both positive and negative, but in both cases come with multiple and complicated questions of privacy, because the technological enhancements facilitate everyday life but at the same time create possible privacy violations. He further raised the point that people are not aware of these privacy implications, and thus violations of privacy are not seen as coercive acts, and people do not see their liberty as being placed at risk or challenged.
QUESTIONS TO CONSIDER
· How do we define claim rights vs. liberty rights in terms of privacy?
· How do we define our rights in terms of privacy?
PRIVACY AND MINORITIES
SESSION I OF THE CONFERENCE FOCUSED ON THE PRIVACY RIGHTS OF MINORITIES AND PRIVACY AND OPEN GOVERNMENT DATA
Zainab Bawa, CIS RAW fellow spoke on Privacy and Open Government Data. Her presentation, titled Property Rights, Privacy, and Open Government Data looked at how data by governmental agencies is handled. Her research is specifically on land records and the government. In her work she looks at:
· How data bases are designed
· How documents are translated into English
· How hardcopy documents are digitized
· How information is posted
· What are the privacy implications for all these processes?
QUESTIONS TO CONSIDER
· How can a privacy legislation insure that when data bases are architected, they are structured in a way that is appropriate for that type of data?
· How can a privacy legislation work to ensure that when records are digitized, information is not lost or manipulated?
· What are ways in which the Government can post data, so that it is both open and not in violation of an individual‟s privacy?
Shubha Chacko from Sangama spoke on the issues of sex workers and questions of privacy. Ms. Chacko opened her presentation by pointing out that there is a common conception that sex workers have no rights to privacy. She then talked about the precarious position sex workers find themselves in, because the law and society find it offensive that a sex worker brings into the public sphere what society believes is to happen in the private. Ms.Chacko also spoke on the invasive techniques that sex workers are subjected to such as HIV intervention and open disclosure of health records, and how these invasive techniques take away the privacy of sex workers. Furthermore, the nature of sex workers work means that they are not privy to the same right of anonymity that many believe is an important principle of privacy. Ms. Chacko closed her presentation by pointing out that the UID might actually bring privacy to sex workers.
Closing the panel, Sahana Basavapatna spoke on refugees, the UID, and privacy. Ms. Basavapatna spoke about the difficult situation that refugees are placed in as they have no identity in India, but are also easily identified.
QUESTIONS TO CONSIDER
· How can a privacy legislation ensure anonymity for all citizens when necessary?
· Should specific steps be taken in a privacy legislation to ensure the privacy of minorities such as refugees and sex workers?
· How can a privacy legislation be framed and implemented in order to not perpetuate existing societal stigmas?
IDENTITY AND PRIVACY
SESSION III OF THE CONFERENCE FOCUSED ON IDENTITY AND PRIVACY
Hamish Fraser (Partner at Truman Hoyle, Sydney, Australia) spoke on the Australia Identity card, and how, among other reasons, it was privacy concerns that squashed the identity card in Australia. Furthermore, out of the attempt to make an Australian Identity Card, the Privacy Act of 1995 was passed. Currently in Australia individuals do not have identity cards, but instead they have numbers for different services – such as a tax number, a health number, and a driver license number. These numbers are not unique, and one number for a certain service cannot be used for another service, thus the government cannot track an individual by their number. Mr. Hamish also touched on the ten principles of privacy that the Australian legislation adopts, and pointed out that though the legislation does not have strong teeth, in Australia there is a strong culture of privacy that makes the law enforceable.
Michael Whitener (Principal and co-founder of VistaLaw International LLC) spoke next. His presentation titled “Science Fiction Becomes Reality, but at What Cost” focused on the privacy aspects of biometrics and changing technology.
QUESTIONS TO CONSIDER
· How are court regulators going to balance the privacy rights against the need for authentication?
· What will be the requirements for securing storage of biometric data?
· How will a legislation or privacy policy respond to security breaches?
· How will legislation answer the question of what constitutes “consent”?
· What privacy principles should a privacy legislation in India enforce?
· Should a privacy legislation allow an individual to be “forgotten”?
· How could a privacy legislation be given either legal or social teeth in India?
Raman Chima, Privacy analyst for Google, was the final speaker on the panel. Mr. Chima worked to expose many myths that people hold about why Google collects information, and how they use that information. For instance Google gathers limited information to develop valuable products and services, and to develop innovative products that reflect strong privacy standards. Mr. Chima also pointed out that though online tracking can have negative implications, it also has many positive implications – such as allowing spam to be stopped and tracking disease in areas. He concluded his presentation by urging citizens to become more informed, and ask for more rights. He also pointed out that privacy has yet to be spelled out and presented in a way that any person can comprehend, understand, respect, and follows
QUESTIONS TO CONSIDER
·Should a privacy legislation regulate how much access to private citizens records is the government granted?
·How can a privacy legislation be drafted and implemented, so that is practical and applicable for the common citizen?
PRIVACY AND SOCIAL NETWORKING
SESSION IV OF THE CONFERENCE FOCUSED ON PRIVACY AND SOCIAL NETWORKING
Ujjvala Ballal from Inclusive Planet , a social networking site for the disabled, focused her presentation on the privacy rights of the disabled. She raised the point that disabled people have been struggling for equal access rights for many years. In the process they have lost much of the privacy that they have a right to. She went on to explain that there are many privacy issues that are unique to a disabled persons. Some of which include: the disclosure of their disability, the stigma that comes along with their disability, and the denial of services based on their disability.
Gagan K. (NLSIU Law Student) spoke on Privacy Issues in Social Networking Websites. Gagan pointed out that on social networking sites privacy issues include:
· Data mining
· Profiling
· Third party disclosure.
QUESTIONS TO CONSIDER
·Should information pertaining to the disabled be held to higher standards of privacy, because of its sensitive nature?
·How can a privacy legislation be drafted, so it is accessible to the disabled?
·Could a privacy legislation construct regulations on the handling of data, in order to prevent profiling and discrimination?
CONCLSUION
THECONCLUDING SESSION WAS A TIME FOR DISCUSSION AND OPINION SHARING
From the closing session, and the above sessions many themes and questions pertaining to privacy came out that will need to be addressed when considering the way forward for a privacy legislation including:
·Property rights and privacy
·The right to be forgotten
·Privacy rights of minorities
·Privacy and open government data- how is it collected, transferred, stored, and reproduced
·Privacy and foreigners (refugees, illegal migration, etc)
·Recognizing privacy rights in a changing technological society
·Privacy implications of biometric usage
·Privacy rights superseding identification needs
·Corporate privacy policies
·Privacy rights and the disabled
·Privacy rights and social networking
Privacy, Minority Identities, and Security
On 26 March 2011, civil society, lawyers, judges, students and NGO’s, gathered together at the Ahmedabad Management Association to take part in ‘Privacy Matters’ – a public conference organised by Privacy India in partnership with IDRC and Research Foundation for Governance in India (RFGI) — to discuss the challenges of privacy in India, with an emphasis on national security and privacy.
The conference was opened by Prashant Iyengar, head researcher at Privacy India and Kanan Drhu, director of RFGI. Mr. Iyengar explained Privacy India’s mandate to raise awareness of privacy, spark civil action, and promote democratic dialogue around privacy challenges and violations in India. RFGI is a think tank established in 2009 which aims to research, promote, and implement various reforms to improve the legal and political process in Gujarat and across India. ‘Privacy Matters –Ahmedabad’ is the third conference out of the eight that Privacy India will be hosting across India. The next conference will take place in Hyderabad on 9 April 2011. It will focus on human rights and privacy.
Keynote
Usha Ramanathan, Expert on Law and Poverty, opened the conference by examining the links not often made between privacy and personal security, between databases and national security, and the centrality of dislodging privacy in projects of social control. In her presentation she spoke about the inverse relationship between national and personal security, making the point that an important part of privacy is the ability of an individual to secure his or her own person.
Today, because national security follows a policy of ubiquitous surveillance, it is almost impossible for an individual to secure their person from the state. Ms. Ramanathan also traced the beginnings of ubiquitous surveillance to the increasing global fear of terrorism, and the national break down of the criminal justice system in India. Instead of looking to the roots of terrorism and the roots of failure in the criminal justice system, the Indian State has responded to both these factors by superimposing a system of surveillance on top of the existing rule. Consequently, the state has become pan-optical — closely following the movement of its entire population. The state has been able to achieve this level of surveillance through technology, which it has used to create identifiers for its population. The use of technology by the state mediates a link between corporate interest and state interest. Thus, by facilitating the easy and ubiquitous creation of identifiers and surveillance, technology is changing the idea and the nature of privacy.
For example, it is now important that a privacy law allows for individuals to protect and secure their identity, something that every individual has and every individual controls, while regulating the creation and external use of identifiers — something that is used by another (not you) to distinguish a person from the rest of the population.
Questions to Consider
· How can privacy legislation work to positively regulate the use of technology by the government, so that invasion of privacy does not consequently become state policy?
· How can privacy legislation distinguish between and work to protect an identity while regulating the creation and use of personal information as identifiers?
Session I of the Conference featured a Judicial Perspective of Privacy and a Presentation on the Connections between Privacy and the Federal Income Tax regime in India Justice Bhatt, former Chief Justice of Gujarat Professor Amal Dhru, Indian Institute of Management, Ahmedabad J N Bhatt, the former Chief Justice of Gujarat and Bihar, and currently the head of the Gujarat State Law Commission, spoke about privacy as a fundamental right that has been written into articles 19 and 21 of the Constitution of India. Important points from hispresentation include:
· As privacy is already a recognized fundamental right, the question at hand is not if there is a right to privacy, but instead how can the right to privacy be best proliferated.
· Within the question of how a privacy can best be proliferated, is a question about rights and duties. Wherever there is a right to privacy there is also a corresponding duty to privacy — as rights and duties are interdependent.
· Though privacy has been recognized as a fundamental right in India, when looking at the actual assertion of the right, it is important to be aware of the cultural realities of India. India is a country with 39 per cent of her population living below the poverty line, with an even lower literacy rate, and there is a direct connection between the assertion of civil liberties, an individual’s civic sense, and education.
· When looking at how to best proliferate the right to privacy, governance and common law, a methodology to reach the poorest of the poor should be laid out first.
Questions to Consider
· What is the best way to proliferate the right to privacy?
· What legal structures need to be in place to ensure that the poor can assert their right to privacy?
· What social structures need to be in place to ensure that the poor can assert their right to privacy?
Professor Amal Dhru, visiting professor from the Indian Institute of Management, Ahmedabad and a practicing Chartered Accountant spoke on the connections between privacy and the federal income tax regime in India. In his presentation he explained how the information collected by the federal income tax regime in India can be both useful in holding a citizen accountable, and invasive of one’s personal privacy if mis-used. Important points from his presentation include:
· The Indian tax regime highlights the tension between public interest as tax evasion is considered an exception to the right to privacy as it is a matter of public interest.
· There is a lack of confidence in the existing banking and tax system in India. For example in the business sector, Indian investors have deposited over 700 billion dollars abroad as they are given complete privacy and security over their money.
· Though there is a lack of confidence in the current banking and tax system, a tighter law is not necessarily the solution. For example, studies have found that tighter tax regimes lead to greater evasion, while looser tax regimes have higher compliance rates.
· On April 1, 2011 the new tax codes for India will be implemented. The reform will give enormous power to tax offices, and as the tax authorities will become equipped to do taxes smarter – this will come at a cost to citizen’s privacy.
Questions to Consider
· Just as a tighter tax law leads to a higher percentage of tax evasion, will a tight privacy law simply lead to greater numbers of privacy violations?
· What creates public confidence in a law?
· Should privacy legislation be responsible for defining the public good?
· Should privacy protection of tax-related information be incorporated into privacy legislation or contained only in tax law?
· To what extent should tax authorities be allowed to investigate potential tax evasion i.e., one’s computer, house or e-mail?
· How does one balance the private vs. the public good?
Session II of the Conference focused on National Security and Privacy, and Cultural Conceptions of Privacy, Colonel Mathew Thomas
In the second session on Privacy and National Security, Colonel Mathew
Thomas spoke on privacy and national security. Colonel Thomas is a management consultant and activity leader for development centers and has held top positions in the Indian Army, and the Defence Research and Development Organisation, where he headed the missile manufacturing facility. Sharing his personal experiences in the army he explained the connection between privacy and national security.
Important points from his presentation include:
· National security is often not an internal threat, but instead an external threat.
· There is a connection between the increase in surveillance and liberalization of government.
· More surveillance does not bring more security.
· Foreign software poses as a threat to national security.
· Greater security is gained through intelligent use and analysis of data.
· A strong national security plan should not rely solely on surveillance of its citizens.
Instead national security should be brought about through strong economic policies, non-reliance on foreign software, neutrality in foreign policy, fair trade policies, rural development and prevention of migration to cities, and having a politically honest and accountable governance.
Questions to Consider
· Is it effective for privacy to be compromised in the name of anti- terror laws?
· Can the development and distribution of indigenous software protect national privacy?
· How can strong economic policies indirectly protect an individual’s privacy?
· How can a strong foreign policy protect an Indian citizen’s privacy when it is stored or sent abroad?
Gagan Sethi from the Centre for Social Justice, Ahmedabad shared his opinion on privacy. Important points from his presentation include:
· Privacy is a cultural construct that changes with context, perspective, and time.
· When considering a privacy policy it is important to create a policy that does not strictly define what privacy is and what it is not, but instead create a policy that defines and promotes a common respect for human dignity.
Questions to Consider
· If a privacy policy is developed to promote a common respect for human dignity – will it be effective?
· Can you develop a policy that has a loose definition and mandate, but has strong legal teeth?
Session III of the Conference focused on Minority Identities and Privacy, Prisoner Rights, and Cyber Security.
Bobby Kunhu, Lawyer & Activist Yash Sampat, Aditya Yagnik, Vimmi Surti , Ramswaroop Chaudhar, Interns for RFGI
Bobby Kuhnu, a lawyer and activist, presented in the third session on Privacy, Minority Identities, and Security. In his talk Mr. Kuhnu through the use of three examples examined the ideological underpinnings of the discourse on privacy and its bearings on socially marginalized identities in the context of the Indian State and the constitutional right to privacy. Important points from his presentation include:
· In India, names can be sensitive and personal information like one’s religion, family, caste, and background can all be known through a name.
· Because of the sensitivity of a person’s name, many people do not feel safe or comfortable in their own identity.
· Reservation lists and public postings of information can and have been used to discriminate and violate another’s privacy.
Questions to Consider
· Should there be a privacy legislation requirement throughout institutions and government bodies that names should not be publically displayed to the point of identification?
· What is the most effective way of legally protecting an individual from discrimination based on their name?
Yash Sampat and Aditya Yagnik spoke on the origins of privacy and privacy in the cyber world. Vimmi Surti spoke on prisoner’s rights and privacy and Ramswaroop Chaudhary presented on minority identities in South Asia and privacy. Important points from their presentation include:
· Internet has led to an increase in privacy violations.
· The result of privacy infringements is often the deprivation of individuals from safe access to services availed to them.
· When looking at privacy as the protection of human dignity, prisoner’s rights are violated through overcrowding in prisons, poor health, and poor sanitation.
Questions to Consider
· Are there legal mechanisms that can be put in place to ensure the least amount of deprivation to services when an individual’s privacy is invaded?
· To what extent should prisoners be availed the right to privacy?
Conclusion
The Concluding Session was a Time for Discussion and Opinion Sharing
From the closing session, and the above sessions many themes and questions pertaining to privacy came out that will need to be addressed when considering the way forward for a privacy legislation including:
· Regulation of ubiquitous surveillance in the name of national security
· Regulation over public display of names and personal information
· The need to distinguish between identity and identifier.
· The need to protect an individual’s identity while regulating the production and use of identifiers.
· Privacy rights and prisoners: what does the right to privacy mean to a prisoner, i.e., clean facilities and health care.
· Can the right to privacy be a platform for individuals to claim sanitary/safe working and living conditions.
· Recognize the changing nature of privacy rights in a technological society.
· Privacy implications of biometric usage.
· Creation of a definition of when privacy rights will supersede identification needs.
· How can government institutions, like the tax department, incorporate and protect the right to privacy with the collection of large amounts of data for more efficient services.
· Privacy and the family
Privacy and Telecommunications
On August 6th 2011 the public conference “Privacy Matters” was held at the Madras Institute for Development (MIDS) in Chennai. The conference discussed the challenges and concerns of privacy in India, with a focus on consumer privacy and privacy and telecommunications.
The daylong consultation was organized in partnership with Citizen consumer and civic Action Group, MIDS, and IDRC. The event was attended by consumer activists, grass root NGO representatives, students, local press, and advocates.
Welcoming the participants, Prashant Iyengar lead researcher for Privacy India, gave an introduction to the objectives of Privacy India, and briefed the gathering about the thematic “Privacy Matters” consultations previously held across the country in Kolkata, Bangalore, Guwahati, and Ahmedabad. Mr. Iyengar also gave a background to issues that India is facing in concern with privacy, explaining the many contexts that privacy can be found in, and raising questions such as: Why is privacy important? How can it be maintained with the way technology is encroaching upon our lives? And how can we make privacy laws practical and functional?
“Privacy India’s objectives are to raise awareness, spark civil action, and promote democratic dialogue around privacy challenges and violations in India. One of Privacy India’s goals is to build consensus towards the promulgation of a comprehensive privacy legislation in India through consultations with the public, legislators and the legal and academic community” – Prashant Iyengar, Privacy India.
KEY NOTE SPEECH
Speaking in the keynote session was Dr. Santosh Babu,Sashi Kumar Menon, and R.Ramamurthy.Dr. Santosh Babu, the Secretary of IT for the Tamil Nadu Government shared his personal experiences with e-governance projects and privacy. He emphasized the importance of privacy, and explained how e-governance projects, such as electronic grievance systems, can bring great benefits to all classes in society, but they can also pose a risk to privacy, because they depend on the collection of information and formation of databases. Therefore, the pros and cons of every project developed must beweighed with privacy in mind. Sashi Kumar Menon, founder Chairman of the Media Development Foundation spoke on the relationship between the media and privacy. In his presentation he pointed out that care needs to be taken when addressing privacy and the media, as the right to privacy could, if not properly framed, work to censor the media rather than protect a fundamental right. R. Ramamurthy,Chairman, Cyber Society of India spoke about different threats to national security that the internet has brought about. Because of these threats, when it is a case of national security, national security must take precedence.
SESSION I PRIVACY AND TELECOMMUNICATIONS
In the first session, Usha Ramanathan, advocate and social activist and Mrs. Desikan, Consumer Association of India, spoke on privacy and telecommunications. Mrs. Ramanathan pointed out that telecommunications are just one way in which the State is collecting information about individuals. New initiatives such as the UID and other e-governance projects also work to build databases and collect information about individuals. This collection of information is a threat to individual privacy as people lose the ability to control who has access to their information, what that information says about them, and how that information is used. Mrs. Ramanathan also spoke about the new draft Privacy Bill, pointing out that we should look at what the Privacy Bill is protecting in terms of privacy, but also what the Bill is accepting as areas that need privacy protection. Using the example of files being inserted with RFDI chips to ensure that they moved from one desk to another desk, Mrs.Ramanthan pointed out that in many cases today technology is being used as a band aid solution to a problem, and in doing so is also violating individual privacy.
Mrs. Desikan spoke predominately about consumers rights in concern with telecommunications and telemarketers. Members of the audience voiced their discontent over the telemarketing calls that they receive multiple times a day. Mrs. Desikan responded to these complaints by pointing out that though TRAI can do a better job of enforcing regulations and bringing redress for violations, it is also the responsibility of the consumer to know the contracts that they are signing and the products that they are purchasing.
Also speaking in thissession was Mr. S Martin, Advocate and Consumer Activist. Mr. S Martin spoke on financial transactions and privacy. He argued that an individual’s financial information should be held to the highest level of privacy, unless the information involves public money. In his presentation Mr. Martin emphasized to the audience the importance of disclosing financial information only when consent has been given.
QUESTIONS TO CONSIDER
What does the leaked Privacy Bill say about India’s cultural perspective about what needs the protection of privacy?
Are there ways to design policies to ensure that technology does not become an inappropriate solution?
What are ways in which consumers can become more informed about the products they are consuming, the information they are sharing, and the privacy implications involved?
SESSION II PRIVACY AND CONSUMER RIGHTS
In the second session Dr. Revathi, Associate Professor at the Dr. Ambedkar Law University in Chennai, looked at consumer privacy from a legal perspective. Noting that as consumers we are always exchanging personally identifiable information, and thus our privacy is always at risk, she talked about how consumer privacy is mainly concerned with how ones information is collected, what information is collected, and how that information is used. Her presentation highlighted different regimes and bodies that protect privacy in India such as the RBI, and discussed different obligations that corporates have in India to protect consumers’ privacy.
QUESTIONS TO CONSIDER
Is a comprehensive data protection of a sectoral approach more suited to the needs of India?
Does India want to become compliant with international standards for data protection?
How will privacy policies be enforced and how will organizations be held accountable for protection of client privacy under the legislation?
Will consumers be notified if their information is breached? If so – what will be included in the breach notification?
How can legislation ensure that consumers are aware of their privacy rights?
How can privacy legislation address the need for different levels of protection for different types of data?
SESSION III PRIVACY AND HUMAN BASIC NEEDS
The last session focused on Privacy and Basic Rights/Needs. Dr. N Manimekalai, head of the gender studies department at the Bharathidasan University in Trychy, spoke on how protecting human rights of individuals can also work to protect their privacy. Her presentation highlighted how the lives of the underprivileged are concerned with privacy in many ways including: the right to sanitation, the right to shelter, and the right to familial privacy, labor rights in the work place bodily integrity, the right to public space, and the right to clothing. Dr. N Manimekalai also spoke about how women face specific challenges to privacy such as lack of proper public restrooms and lack of privacy over personal choices concerning her body.
Speaking on privacy and natural resources was Mr. Ramkumar. Mr. Ramkumar pointed out that when talking about natural resources – rights and entitlements are very important. What the UID seeks to do is to deny those who are not in the UID system entitlements, because you do not have the accepted identity. He also brought out the point that the UID will work to take away the informal sector in India, but the impact of this must be considered as currently, India is largely comprised of the informal sector.
QUESTIONS TO CONSIDER
How can privacy be formed as a right that provides individuals the ability to be private individuals i.e. proper infrastructure, basic human needs etc.?
How can land resourced by allocated and distributed to protect individual privacy?
CONCLUSION
Many themes relating to privacy were brought out over the course of the day. On one note the audience discussed different consumer violations they had experienced, and noted that consumers need to be aware of what information that is being collected, how that information is being used, and what are the forms of redress on can take if the information is abused. Over-collection of information by the Government was another theme. Members of the audience voiced concerns about the amount of information the Government is collecting through different schemes, and the way in which this will change the relationship between the State and the citizen. The need to protect the privacy of the underprivileged as a basic human right emerged as another theme.
Property rights and privacy
Privacy rights of minorities
Privacy and the UID
Privacy and consumer rights
Privacy and telecommunications
Cultural perceptions of privacy
Privacy: RTI, UID and Surveillance
Unfortunately many of the scheduled invitees had to drop out owing to developments on the Lokpal issue at the Centre, and simultaneously Guwahati was witnessing unrest following an agitation over land rights that left three persons dead.
Welcoming the participants, Prashant Iyengar, lead researcher for Privacy India, gave an introduction to the objectives of PrivacyIndia, and briefed the gathering about the thematic “Privacy Matters” consultations previously held across the country in Kolkata, Bangalore and Ahmedabad. Mr. Iyengar also gave a background to issues that India is facing in concern with privacy, explaining the many contexts that privacy can be found in, and raising questions such as: Why is privacy important? How can it be maintained with the way technology is encroaching upon our lives? And how can we make privacy laws functional?
“Privacy objectives are to raise awareness, spark civil action and promote democratic dialogue around privacy challenges and violations in India. One of Privacy India’s goals is to build consensus towards the promulgation of a comprehensive privacylegislation in India through consultation with the public, legislators and the legal and academic community.”
Prashant Iyengar, Privacy India.
Event Sessions
The structure of the event was one of open discussion, with presentations made by those who wanted to share. Throughout the day, the conversation fell into three main topics including: privacy and the RTI, privacy and the UID, and privacy and surveillance in the context of North East India.
Privacy and the RTI
Prashant Iyengar opened the discussion on privacy and the RTI by highlighting the tension between the need for transparency of the State, and the need to protect the privacy of public figures. For many participants privacy and transparency was a new concept that they had just started thinking about. Participant Rakesh (HRLN, Manipur) spoke on the shortcomings that he saw in the RTI Act noting that though the RTI brings some transparency to society, many citizens still do not understand the extent of their Right to Information as it is protected under the Act. Furthermore, the RTI Act is still not applied equally across the country, and the transparency that the RTI tries to achieve is still in very nascent stages. Lowang, a participant from Arunachal Pradesh, shared the importance of drawing a line between privacy and transparency when it comes to information related to education and health. Anjuman Azra Begum, a research scholar working on indigenous people rights, noted the irony of the RTI as it is meant to bring transparency to the state, yet all ministers and MLA’s take an oath of secrecy, not transparency. Anjuman also spoke on the fact that the RTI often fails to protect the privacy of sensitive issues, such as sexual balance. She echoed Rakesh’s comment on the inaccessibility of the RTI, sharing that for a common person to exercise his/her rights is a very daunting task. Anthony Debbarmun, a human rights activist from Tripura noted that he felt that the North Eastern states are by and large seen as resource (land) by the centre and has shown no concern for citizens and their well-being. Government is seen as a dictator in this region, hence the question — Transparency for whom?, Privacy for Whom? The distinction between the transparency brought about by the RTI and individual privacy was also made. It was pointed out that the RTI is concerned with transparency of the State, but individual privacy is separate from this concept.
Personal Experiences Shared
Anjuman Azra Begum shared her sister’s experience with the RTI. Her sister had applied for a job in 2008. Their family filed an RTI for details of the procedure, but was denied details by the RTI officer, who said that furnishing details would violate theprivacy of other candidates. This example raises questions about when it is appropriate for RTI officers to withhold information in the name of privacy, and what mechanisms can be put in place to ensure that the RTI does not use privacy as a way to deny information. Lowang also shared his experience with the RTI. He had filed an RTI asking for answer sheets because he doubted the appointment of police personnel. He was told that the cost in total would be Rs.2000, when in reality each sheet costs Rs.2 — the misconstruing of facts was another example of how RTI officials restrict access information indirectly. From these examples the concern about RTI officials using privacy as an excuse to deny information was brought to the surface. To highlight the problems with the current implementation of the RTI and the lack of basic knowledge of how to use the RTI Mhao Lotha from the DICE Foundation shared a personal experience of his friend who had filed an RTI against the fishery department, and the RTI official simply shouted at her. L. Rima told a similar story as Mhao Lotha. In her experience the RTI is good in theory, but in practice it has become a commercial platform, where officers pay money to applicants for RTI cases to be taken off.
From the discussion and the shared experiences it was clear that the RTI, although a strong law on paper, still faces many challenges in implementation that a privacy law could also face, and that the fact that if more privacy is brought into the RTI, it will become yet another way for the State to avoid disclosing information.
Questions to Consider
- Can a privacy law be made to be functional in the same way that the RTI is functional?
- In terms of the RTI who should have more privacy? Who should be more transparent? Can NGOs be held accountable under the RTI?
- What mechanism should be established to enforce the balance between privacy and transparency?
Privacy and Security/Law Enforcement in the North East of India
 |
Another important discussion held during the conference was the practices of law enforcement in the North East, security, and privacy. Because the North East is in a state of armed conflict several laws such as the Armed Forces Special Powers Act, Sedition Act and provisions in the IPC give immunity to security forces. This has led to gross violation of citizens’ privacy by law enforcement agencies — as the acts give large amounts |
of power to law enforcement agencies with little or no accountability, and the acts are often misused. Furthermore, the security laws that exist in the North East explicitly prohibit access to individual personal information. For example, in the Assam Police Manual, which is followed by police in the North East — no papers can be given out to the public except to the investigation officer — this includes personal information such as medical records and post-mortem reports. Anjuman shared an example of how this rule violates individual privacy. In her example, a victim was not allowed access her own medical report, but her medical records were being circulated among police, doctors, and media. This example highlights how privacy and the right to information can go hand in hand as it was the victim’s right to access her own medical file, and at the same time getting access to her own medical file is an act of personal privacy protection.
Personal Experiences Shared
Participants shared how individual privacy is often violated by the army, as it is allowed to enter and search any space without warrant, if there is any type of “suspicion”. They also shared how phone tapping and random monitoring is a common practice by both the army and civil police. For example, one day the police recorded a conversation by Director of the Police, Wireless who was giving a lecture on how to lead an effective agitation. The transcript was handed to the high court and the director punished. Other examples include policemen frisking women in public, newspapers publishing police frisking women in public, and law enforcement agencies compelling pregnant women to give birth in open in front of people. The discussion surrounding privacy and security/law enforcement highlighted an important way in which privacy is violated in the North East. The unregulated action of law enforcement acts as a very real and dangerous way in which individual privacy is violated on a daily basis.
Questions to Consider
- Can privacy legislation regulate the acts of law enforcement agencies?
- Will privacy legislation be implemented differently in the North East because of the armed conflict?
- Will a privacy law supersede other laws such as the AFSPA?
Privacy and the UID
During the conference the discussion also briefly focused on the UID and privacy. It was shared that there had yet to be UID consultations in the North East of India. The only information individuals had about the UID was that it was going to allow individuals to access BPL benefits more easily.
Questions around the UID included: why is the UID needed for citizens living within their own country? How will the UID impact and help families who send their children to gather rations from the ration shops? What is the connection between the UID and the expected privacy law? What is the connection between the UID and intelligence agencies? What would UID mean to people living in border areas?
Conclusion
Privacy as a Fundamental Right
In the closing discussion Prashant Iyengar shared different examples of privacy in Indian case law, and the various ways in which the Supreme Court has defined privacy as a right that is implicit in the right to life. The participants discussed what privacymeans to them, and what they thought a right to privacy should entail. Among the points raised, it was brought up that privacyshould be a right that is legally protected for sovereign individuals. The law should also include parameters and limitations in order to protect an individual’s autonomy. Furthermore, privacy should be understood and linked to the concept of human rights and individual rights. From the closing session, and the above sessions many themes and questions pertaining to privacy came out that will need to be addressed when considering the way forward for a privacy legislation including:
- Property rights and privacy
- Privacy rights of minorities
- Privacy and the UID
- Privacy and law enforcement agencies
- Privacy as a fundamental right
- The interplay of privacy law and traditional law
All India Privacy Symposium
Privacy India in partnership with the International Development Research Centre, Canada, Society in Action Group, Gurgaon, Privacy International, UK and Commonwealth Human Rights Initiative is organizing the All India Privacy Symposium at the India International Centre, New Delhi on Saturday, February 4, 2012.
Since June 2010, Privacy India has been engaging in discussions with policy makers, the public and sectoral experts about privacy in India. The discussions have ranged from topics of identity and privacy, to minority rights and privacy, and consumer privacy. The findings of our research show that privacy was a neglected area of study for India in the past, however, this is changing. Advancements in technology, the introduction of e-governance initiatives like the National Fibre Optic Network, the introduction of new legislations, and debates surrounding national security, have brought privacy debates to the forefront in India. Although currently sectoral legislation deals with privacy issues, e.g., the Telegraph Act or RBI guidelines for banking, India has just begun to consider a horizontal legislation that deals comprehensively with privacy across all contexts. This conference is an opportunity to look forward to what could be the future scope of privacy in India.
| When | Feb 04, 2012 from 09:30 AM to 05:00 PM |
|---|---|
| Where | India International Centre, New Delhi |
| Contact Name | Elonnai Hickok |
This is a public meeting. For participation in the event, get in touch with Elonnai (elonnai@cis-india.org)
The All India Privacy Symposium Agenda.pdf
Agenda
| February 4 (9:30 a.m. – 5:00 p.m. ) |
| Registration (9:30 p.m. – 10:00 p.m.) |
Introduction & Welcome (10:00 a.m. – 10:15 a.m.)
|
| Tea Break (10:15 a.m. – 10:30 a.m.) |
Panel I: Privacy and Transparency (10:30 a.m. – 11:30 a.m.)
|
Panel II: Privacy and E-Governance Initiatives (11:30 a.m. – 12:30 p.m.)
|
| Lunch (12:30 p.m. – 1:30 p.m.) |
Panel III Privacy and National Security (1:30 p.m. – 2:30 p.m.)
|
Panel IV Privacy and Banking (2:30 p.m. – 3:30 p.m.)
|
| Tea Break (3:30p.m. – 3:45 p.m.) |
Panel V Privacy and Health (3:45 p.m. – 4:45 p.m.)
|
The Way Forward (4:45 p.m. – 5:00 p.m.)
|
*Participants to be confirmed
The High Level Privacy Conclave
Privacy India in partnership with the International Development Research Centre, Canada, Society in Action Group, Gurgaon and Privacy International, UK is organizing the High Level Privacy Conclave at the Paharpur Business Centre, Nehru Place Greens in New Delhi on Friday, February 3, 2012.
Since June 2010, Privacy India has been engaging in discussions with policy makers, the public and sectoral experts about privacy in India. The discussions have ranged from topics of identity and privacy, to minority rights and privacy, and consumer privacy. The findings of our research show that privacy was a neglected area of study in India during the past, however, this is changing. Advancements in technology, the introduction of e-governance initiatives like the National Fibre Optic Network, introduction of new legislations, and debates surrounding national security, have brought privacy debates to the forefront in India. Although currently sectoral legislation deals with privacy issues, e.g., the Telegraph Act or RBI guidelines for banking, India has just begun to consider a horizontal legislation that deals comprehensively with privacy across all contexts. This conference is an opportunity to look forward to what could be the future scope of privacy in India.
| When | Feb 03, 2012 from 04:00 PM to 08:00 PM |
|---|---|
| Where | Paharpur Business Centre, Nehru Place Greens New Delhi |
| Contact Name | Elonnai Hickok |
This is a closed-door meeting. For participation get in touch with Elonnai (elonnai@cis-india.org).
Conclave Advisors
Sunil Abraham, Centre for Internet &Society (www.cis-india.org)
Gus Hosein, Privacy International (www.privacyinternational.org)
Phet Sayo, IDRC (www.idrc.org)
Rajan Gandhi, Society in Action Group
Sudhir Krishnaswamy, Centre for Law and Policy Research, Bangalore (www.clpr.org.in)
Vickram Crishna, Privacy International (www.privacyinternational.org)
Agenda
| February 3 (4:00 p.m. – 8:00 p.m.) |
| Registration and Tea (4:00 p.m. – 4:30 p.m.) |
Welcome &Introduction to Privacy India (4:30 p.m. – 4:45 p.m.)
|
National Security and Privacy (4:45 p.m. – 5:45 p.m.)
|
Internet and Privacy (5:45 p.m. – 6:45 p.m.)
|
The Way Forward (6:45 p.m – 7:00 p.m.)
|
| Dinner (7:00 p.m. – 8:00 p.m.) |
Conclave Advisors
Phet Sayo
Rajan Gandhi
Sunil Abraham
Sudhir Krishnaswamy
Vickram Crishna
*Participants to be confirmed
- Amol Sharma (Journalist, Wall Street Journal)
- Col Alok Mazumdar (COO, Hans Foundation)
- Vibodh Parthasarathy (Associate Professor, Centre for Culture, Media & Governance, Jamia Milla Islamia University, Delhi)
