2020 has been quite the eventful year, and the policy front was no different. This blog post is a quick review of all that we were able to achieve. We first attempt to show in numbers the consultations we participated in and move towards an impact break down in core thematic areas around informational privacy, free expression and innovation. Most of our work was the product of collaboration and working alongside diverse experts, groups and collectives. As we look towards next year we hope to further increase the spirit of collaboration and listen more to increase the impact of digital rights across the spectrum of individual liberty and social welfare.
Over the course of the year, we participated in 11 consultations with governmental bodies. The topics under consultation included data protection legislation, internet access, net neutrality enforcement, and digital infrastructure among others. A full table of consultations can be found below.
|January 13, 2020||Cybersecurity Strategy 2020|
|February 28, 2020||Personal Data Protection Bill, 2020|
|March 03, 2020||TRAI consultation paper on net neutrality enforcement|
|March 20, 2020||Draft Competition (Amendment) Bill, 2020|
|July 07, 2020||Draft Unmanned Aircraft System (Drones) Rules, 2020|
|October 03, 2020||DoT paper on the Development of an Indian Artificial Intelligence Stack|
|October 20, 2020||TRAI's Consultation Paper on Broadband Access and Connectivity|
|November 09, 2020||Draft Online Dispute Resolution Policy|
|November 19, 2020||Draft Data Centre Policy 2020|
|November 30, 2020||Draft Data Empowerment and Protection Architecture Policy|
|December 14, 2020||NITI Aayog's draft Working Document: Enforcement Mechanisms for Responsible #AIforAll|
Areas of Engagement
Aarogya Setu : Just like 2020, our work this year also revolved a lot around COVID-19. We published a case study on technological interventions for COVID-19, and detailed public resistance towards and criticism of the Aarogya Setu app (see here, here, here and here). We also analysed the app in the context of the right to privacy and raised certain technical issues with the app and its documentation. In addition to this, we raised concerns over the mandatory imposition of the app (see here and here), while through RTIs we were able to go through government documents about Aarogya Setu. This completed wider efforts (on which we collaborated with close to 50 organisations) going beyond the mandatory and voluntary quagmire into Aarogya Setu's core design and our strategic litigation in the Kerala High Court.
Data Protection Legislation : Under the flag of #SaveOurPrivacy we continued work to ensure a user centric data protection law. Our efforts included a representation on the Personal Data Protection Bill, 2019 at the start of the year and provided a detailed explainer on the Bill and the various issues surrounding it. We also sent our detailed comments on the Bill to the Joint Parliamentary Committee on the Bill, along with several public briefs. We further discussed the need for incorporating safeguards for data security as well protections for cybersecurity researchers and whistleblowers. In addition to these, we wrote about both the consultation process itself and the working of the Joint Committee. Lastly, we provided an analysis of the National Population Register in the context of the Bill.
Internet Access, Shutdowns and Net Neutrality: The year began with TRAI’s consultation paper on net neutrality enforcement (see here for our summary). We provided TRAI with comments and counter-comments on the paper. We also wrote to TRAI and the DoT on various subjects such as net neutrality in the context of the lockdown, traffic management practices, and OTT licensing. Our website blocking tracker has also helped us raise awareness about specific instances of website blocking (such as this and this) and advocate reform towards policy makers. To this extent, we engaged with the TRAI and DOT asking them to respect net neutrality while ensuring customer centric policies to expand access. We also successfully petitioned the Prime Minister's office for high speed internet in the Andaman and Nicobar islands. With regards to internet shutdown rules we continued to demand reforms to the provisions of the Telegraph Act to make it compliant with the Anuradha Bhasin judgement.
Digital Infrastructure : As digitalisation increases in India, so does the need for more robust digital infrastructure. Moreover, given the prevailing socio-economic conditions, it must be ensured that digitalisation does not lead to exclusion from services. In this context, we analysed new frameworks for data architecture and data centres. We also discussed the use of digital technologies in the judicial system. As with all our work, the focus of these engagements derived from our constitutional values and hopes to centre large, digital systems towards individual liberty and social welfare.
Facial Recognition Technology: As we had committed at the start of the year we focussed our efforts on long term study and policy position on the growth of Facial Recogniton Technology (FRT) that is increasingly being used in policing and state systems such as voting. We provided an overview of FRT systems in India, analysed such technologies from a legal standpoint, and examined international perspectives on the issues. Our efforts culminated with the launch of Project Panoptic, a FRT tracker we built for the Indian context.
That's (not) all folks
Though the Shreya Singhal Judgement deemed section 66A of the Information Technology Act, 2000 to be unconstitutional, many ‘zombie’ cases continue to be registered under it. We analysed these ‘legal zombies’ and tracked uses of 66A. We also highlighted similar issues in the amendments to the Kerala Police Act, 2011 and provided certain recommendations to the Government Kerala on how to proceed after the repealing of the amendments.
We participated in the consultation process for the Health Data Management Policy (see here and here), and also advocated for state level frameworks for health data management. We also raised issues of worker surveillance (see here and here), and provided an explainer on the AgriStack. More recently, we conducted a review of the privacy policies of the four major telecom service providers.
Do you have suggestions on what we can do better? Reach out to us by filing in this form and letting us know what we should focus towards in 2021, or let us know how we can make our existing work more effective.