Naavi.org

Economic Times carried a report today that there is one section of the officials who think that the JPC version of the Data Protection Act 2021  may be shelved and a new Bill may be drafted.

The copy of the ET article is available here

It has been the suggestion of some of the dissenting members of the JPC that the Bill as proposed need to be shelved completely. This view is now being justified by this story which tries to attribute the story to some sources within the Government.

So far objections were being raised in the name of “Privacy Activists” who did not agree with Section 35 of the proposed Act which gave certain powers to the Government to exempt some agencies under certain specific conditions clearly permitted under the Constitution of India

Then objections were raised on the “Data Localization” aspect which was non existent.

The present set of objections appear to come in the name of Start Up companies who have specific exemptions under Section 40 of the proposed Act.

The report states that the objection is about the structure of the Data Protection Authority which is labelled as “Very Bureaucratic”. Earlier an objection had been raised that the selection panel which would recommend members of this Committee consisted only of the Cabinet Secretary, IT Secretary and Law Secretary and hence it was meant to create a pliable committee of favourites of the Government.  Now that the new provision has expanded the selection board to include academicians from IIT and IIM etc, the earlier objection lost the steam and hence a new term “Very Bureaucratic” has been raised.

We may recall that the supervisory authorities in the EU Countries who oversee GDPR implementation is led by a single Supervisory authority as if it is a single member board. This leads to many atrocious decisions where as the Indian system has 7 members as full time members with representation from different sections of competence.

The term “Bureaucratic” means that the system is not a Person centric like in EU. If the Indian DPA was like the EU supervisory authority the same critics would have criticised it even more. Perhaps what these critics want is to create a “Mini NASSCOM” within DPA so that the vested business interests are represented in the day to day decision making.

Such a structure would not work since the DPA has to take into account the interests of the individuals as well as the Government besides the business.

The reference to “inclusion of Social media intermediaries” as a point of objection indicates that this set of objections are engineered by the Face Book,  Google and Twitter kind of companies who are expected to be held accountable for their activities.

The colonial mindset of the report is indicated by the reference to an EDPB report on Section 35 of the  Indian Data Protection law.

We are aware that EDPB expects that all non EU countries surrender their sovereign rights to exercise control over data protection activities within their jurisdiction even if they could hurt the sovereignty and integrity of the country in which the data is processed. It expects the whole world to protect the EU interests and EU to be the conscience keeper of the world as regards Privacy.

The  ET report also refers to the “Wide ranging access to personal data sought by the Government, Inclusion of Non Personal Data and absence of a time line of implementation.”

It must be stated that the JPC report has a suggested time line and inclusion of Non Personal Data is only an “Empowerment” which could be relegated to the background. The powers of the Government for national security is not a concern of the IT companies who reportedly have raised the objections unless they want to be the mouth piece anti nationals and support the fake news industry like what some social media has been for some time.

It is unfortunate that NASSCOM and DSCI have let themselves to be projected as the leaders of this campaign to scuttle the law and wants to send another representation to the Government at this stage. NASSCOM and DSCI should appreciate that they are Indian agencies and have to consider the Indian national interest  as paramount.

It is ironic that at one time, it was NASSCOM which was pressing for a Data Protection Law in India so that the EU business of Indian companies was not affected and this brought in the 2008 amendments to ITA 2000 which are operative today under Section 43A and 72A. Now the same NASSCOM wants the law to be deferred.

The sections 43A and 72A of ITA 2000 protect both personal data and sensitive personal data and if Adjudication officers exercise their Suo Moto powers under Section 46 of ITA 2000, the regulator for data protection is already available in India along with the CERT-In which is available for handling data breach. Hence the current laws are adequate to cover most of the aspects of Data Protection as envisaged under DPA 2021 and the industry is raising unsustainable objections against DPA 2021 without understanding that it is an improvement over ITA 2000/8.

The Industry under the leadership of NASSCOM is taking a dangerous stance against “National Security” . The long term consequences of such a stance are inimical to the existence of India as a nation. The Board of NASSCOM and DSCI need to rethink on their stance against DPA 2021.

The EU is threatening Indian business that the transfer of business would be affected if India does not surrender its sovereignty in data protection and this is an attempt to treat India as if it is the colony of these EU countries. It was the same argument which was advanced by NASSCOM when it batted for the changes in ITA 2000 which were incorporated in ITA 2008 amendments.

This attempt of EU with the assistance of local supporters has to be resisted. Mr P P Choudhary the Chairman of JPC has already given a fitting reply to their objections and I wish the Government will brush aside the objections of NASSCOM and go ahead with the implementation of the Act as proposed. There is two year time for implementation and the DPAI can take measures to ensure that the industry feels comfortable. The Act can also be amended some time after three years incorporating the experience of its implementation for at least one year. The Government and the DPAI have the flexibility to defer the penalties or chose to impose only nominal penalties in the beginning so that industry can feel smoothly get into the new regime.

I once again reiterate that the Government should show conviction and push the passage of this Bill in the current session ignoring the eternal objections that will never cease.

Naavi

One of the new requirements that has been brought into the Data Protection Audit in India through the DPA 2021 is the need for “Algorithmic Transparency”. Additionally all devices both software and hardware,  that process data needs to carry a security certification from an accredited lab.

The Data Protection Standard of India (DPSI) has been suitably modified to incorporate these requirements.

At the same time, the DPIA and Harm Audit concepts need to be upgraded to include the audit against any possible “Bias” of an automated decision making involved in data processing.

In order to provide a service for third party “Bias Audit”, Ujvala is developing a new line of activity for “Independent third party Bias Audit” of algorithms as may be considered adequate under DPA 2021.

This audit would not be at the Code level and therefore does not involve any IPR risks.

Ujvala is in the process of finalizing technology partners for this line of activity.

Naavi

The Technology Craze has hit a new ceiling in the form of “Metaverse” which is an attempt to create a “Digital Game” and give it “Legal approval”.

In pursuance of this craze, it has been reported that the first meta verse wedding has taken place in India when one Mr Abhijeet Goel, a tech entrepreneur married Dr Sansriti, a dentist. Abhijeet is located in Bhopal.  The wedding is reported to have taken place on Youg Metaverse, a made in India metaverse platform. The wedding was held on 5th February 2022 between 8.00 pm and 9.00 pm. The digital avatars of the couple appeared to have participated in the wedding process.

The following link provides more information about the way the metaverse wedding took place.

Link: Article in Rediff.com

You can see parts of the wedding videos here.

It appears that the wedding was hosted as a 3D platform and probably we should treat it as a version of the Meta Verse similar to the secondlife.com, as compared to the Meta Verse instances which may require a special VR goggles to participate.

500 registered participants attended the wedding set in a beach environment.

From the sketchy reports available at present, it appears that the wedding was held in the physical space in front of limited family members at a proper muhurtham. Subsequently it appears that the marriage game has been hosted on the Yug Metaverse platform where the registered participants were able to create their own avatars and interact with each other.

It was therefore like a webcasting of the reception to which you could attend virtually. The couple were also present in their “Virtual Avatar” to  receive the greetings.

Naavi had discussed the implications of “Cyber Marriage” way back in 2005.

The article “Should Cyber Marriages be Banned”

 was published on May 1, 2005 discussing the legal implications of Cyber Marriages. This article was prompted at that time by a Cyber Crime complaint in Chennai. One person had filed a complaint with the Police that he was married to a lady through Internet and the family of the girl was preventing the girl to move to the bride’s home. The marriage was claimed to have been consummated in a Chat room”.

At that time it was pointed out that if a marriage can be consummated by a “Contract”, it is possible to consummate such marriages and it was not desirable. Hindu marriage however is not a contract marriage and requires “Saptapadi” as an essential part of the marriage though “Tying the Mangala Sutra” or “Opening of the Antarpata” is considered as also specific events during the marriage to determine the completion of marriage.

Considering the possibility of “Chat room “conversations being treated as “Marriages” and girls being subject to harassment, it was suggested that a specific amendment could be made to Section 1(4) of ITA 2000 to place “Contract Marriage” outside the scope of recognition under ITA 2000.

P.S: I have suggested the same kind of amendment to Section 1(4) to de-recognize Crypto currencies as valid electronic documents. This would be the simplest way of banning Crypto Currencies. (See the article: Regulate Bitcoins through ITA 2000 notifications under Section 1(4) and 69/69A/69B)

The Abhijeet marriage is not really a “Cyber Marriage” and hence there should be no legal issue about the validity of the marriage.

However, in future, some other persons may be tempted to use a pure Meta Verse marriage by two digital avatars present in different places tying a virtual Mangala sutra and claiming marriage.

It is found that UTAH has an official online wedding scheme .

The UTAH online wedding requires email request to be sent to the registrar with identity documents and selfies with a payment of a license fee of US $145 (for international couples and $ 70 for local couples).

We are aware that there have been several instances of Cyber Crimes being committed on secondlife.com like platforms where the digital avatar commits a crime against another digital avatar or the platform owner and the matter has been referred to the physical Courts for resolution.

(Please note that the website zone-h.org continues to be blocked by Meity for reasons that has been discussed in detail in the past on this website. It is time MeitY reviews this decision and removes the block. Even the Supreme Court is at fault in causing this blocking of Zone-h.org)

The Virtual marriages including Meta Verse marriages as well as UTAH online marriages tomorrow come up in family courts for divorce and settlements. Then the Courts will be scrambling for identifying the legal basis for marriage, divorce and property related issues.

It is therefore necessary for us to make necessary laws to regulate the Meta Verse marriages soon to avoid problems in future.

Naavi

Related Articles:

What has happened to the Zone-H.org case?

Now Government has to lift the ban on Zone H.org

E2labs project Ethan Dissected…

Following is an copy of the email sent to the RBI Governor today

To

The Governor
RBI
Mumbai

Dear Sir

Mr Yashasvi Yadav, an IPS officer in Maharashtra has published a very informative article on Darknet in TOI. The article  is available here.

The essence of the article is that “Dark Net” and “Dark Web” are posing a mortal risk to the society and needs to be fire walled.

Many technologists will immediately jump in to say that “Technology” and “Innovation” cannot be curbed. It needs to be promoted. The same argument  is being made for promoting Private sector crypto currencies which had led to our Finance Minister providing a sense of recognition through Crypto Tax proposal.

As Mr Yadav has indicated, there are many journalists and non criminals who are also browsing the dark net through Tor browser. This is the classic case of good people supporting the bad people for their own selfish reasons.

We must understand that Darknet and Crypto currencies are bad and any form of support must be avoided.

Mr Yadav suggests that we need to ban Tor browser and block all Tor traffic.

I fully endorse this suggestion along with the banning of all private crypto currencies so that the fuel that runs the darknet is dried up.

While Mr Yadav as a representative of the law enforcement  has expressed his views clearly and flagged the risk of technology, it is unfortunate that the Finance Minister through her budgetary proposal on Crypto currencies is working on strengthening the hands of the criminals by legitimizing the currency of the criminals. Her proposal to bring  Crypto currencies under the tax bracket and whitewash it as “Digital Assets” and simultaneously withdrawing the bill on “Banning of Crypto currencies”, is a big boost to the dark net activities.

The finance minister is trying to hoodwink the public by saying that she is generating tax revenue for the Government by taxing the Crypto transactions and has not recognized Private Crypto currencies. She has also effectively tricked even the Prime Minister Mr Modi to give a statement that the budgetary proposal on Crypto including the proposal for Digital Rupee will be an impetus to the  economy.

This is far from the truth.

The budgetary proposal on Crypto taxes will destroy the country and the Digital Rupee proposal is only a fig leaf to cover the criminal nature of private crypto currencies. The Digital Rupee server will be prone to a serious security risk and criminals will be able to directly hack into the server and issue any amount of fake Digital Rupee to render the system infructuous in no time.

As it is, the Darknet is a threat to the country. But the FM is adding further strength to the dark net through her proposal.

Will Mrs Nirmala Sitharaman wake up from her slumber?

If Mrs Nirmala Sitharaman goes through the proposal to recognize Crypto Currencies without banning of the Crypto Currencies, she should be given a special recognition for having destroyed the legacy currency system in India and causing the death of the world economic order.

Naavi

P.S: While the country is debating on the Hijab Controversy, professionals are refraining from joining the debate because any discussion could be mis-construed as “Political” or “Religious”. However, since the controversy is being debated in the Courts on the basis of the provisions of Indian Constitution, if the professionals remain outside the debate, they will fail to put across their views when it is required.  Hence this small piece.

Hijab Vs Uniform

The Hijab Controversy in Karnataka has now reached the Courts. If the Courts want,  the immediate controversy of “Hijab” in schools can be settled quickly as a need to keep religion out of the education institutions and making uniforms mandatory to ensure a sense of equality of students in a student group.

However, if the Courts want to allow the controversy to be taken to a debate of “Right to Practice Religion”, they will be opening a pandora’s box.

This should be avoided.

Right to Hijab Vs Right to Privacy

However, we should debate the  controversy from a professional perspective and pick up the thread whether the “Right to Hijab” is connected with the “Right to Privacy” as being argued in the Courts.

As we know, “Right to Privacy” was not defined in the KS Puttaswamy Judgement and it stopped at saying that Right to Privacy is part of the Right to life and liberty under constitution (Article 21) and like other fundamental rights is subject to reasonable restrictions to protect other rights of the third parties.

Justice Chelmeshwar went on an argument that Right to privacy includes what we eat, where we go etc., but Justice Chandrachud was clear that “Right to Privacy” is understood as the “Right to be left alone” and it is a mental state of a person to “Feel that he is left alone”. The judgement subsequently focussed more on “Information Privacy” which was the “Right to exercise a choice of how an individual’s personal information can be used by the society”. This was however subject to the “Reasonable Exceptions”.

Right to privacy is not a “Right to anonymity” where one would like to hide his/her identity and interact with other members of the society. It is unacceptable that a person will say I will enter into a transaction with you but I would not like to reveal my identity. This leads to the situation where the right of privacy of one person affects the right to security of another person.

The first level of trust in  human interactions starts with the identity of the other person. Identity is declared by the persons by saying “I am so and so”. But this spoken word is re-inforced by the two people seeing each other, so that there is a “Facial Recognition”.

Any method by which a person will put a veil on his face defeats the requirement of two transacting persons identifying each other and develop “Trust” for conducting a transaction.

A “Transaction” is not always a transaction of “Sexual intentions” and the Court cannot uphold the principle that when a man sees a women, it is always with a bad intention. If this is the basis of Hijab then Courts have to come down heavily against this “Deemed” perception even if it is written down in religious texts.

“Facial Identity” is the essence of building trust and the full body burqa covering the face is therefore not acceptable for a person when interacting with the public. It ceases to be a freedom of choice to dress as it impacts the other persons in the society.

Since Right to Privacy cannot be considered as “Right to hide identity”,  there appears to be no fundamental right to hide identity while trying to involve another person in a transaction. To the extent the head to toe coverage can hide criminals in public place, it is a security concern and hence the head to toe coverage has a public security issue.

Hence any Hijab that covers the face should be considered as unacceptable to the society.

Short Hijab Vs the Burqa

The short hijab covering parts of the hair and chest is different as it does not affect the facial identity.

The short hijab however will continue to be treated as display of religious identity and if this is allowed against the concept of “Uniform” then the Court will have to also allow “Saffron Shawls” or “Saffron headgear” to be worn by others.

It is difficult to see how the Courts can uphold the right to hijab without holding the right to Safforn shawls and hence the decision of the Court in this direction would only take the controversy to higher levels of division of the society and will be a law and order issue.

Hindu Woman vs Muslim Woman

I would like the Court to remember that if they uphold Hijab for this religious consideration that it is meant to protect the modesty of women, it should extend it to even the Hindu women also. It will be illogical to say that protection of the modesty is required only for Muslim women and not Hindu women.

Court Dress Code

If the court is inclined to take a decision to uphold the hijab as a religious right but denounce the Saffron shawl as a Hindutva mischief then it would be an unfortunate decision.

In that case, a question should be asked if the Court is prepared to change the dress code in Courts  and allow all women lawyers and judges cover their faces so that evil eyes cannot fall on them…or  at least allow Muslim women lawyers and Judges to come in burqas to the Court.

I wish the Courts will take the right decision without being hypocritical or religiously diplomatic.

Naavi