AIFON

Section 66A of ITA 2008 has been one of the most abused sections of the Act in recent days. There is also a discussion about the constitutional validity of this section on  whether this section infringes on the constitutional “Right to Freedom of Expression” as provided in Article 19(1) (a) of the Constitution. The discussion has arisen due to the filing of criminal cases in recent days in the case of Ravi Srinivasan of Pondicherry over a tweet, and two ladies in Palghar over postings in Facebook,

Article 19(1)(a) of the constitution is subject to “Reasonable Restrictions” as mentioned in Article 19(2) which provides discretion for any Government to frame and implement laws  infringing on the freedom of expression under the following condition namely,

“in the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, decency or morality or in relation to contempt of court, defamation or incitement to an offence”

The question therefore is whether Section 66A of ITA 2008 is a legislation framed under the exceptions provided under Article 19(2) of the Constitution.

This discussion would be relevant only if there is an impact of this section 66A on the “Freedom of Expression” under Article 19(1) in the first place. The perception of the community is of course that section 66A does infringe on the “Freedom of Expression” as otherwise the police action in the case of Ravi Srinivasan and the Palghar ladies were unwarranted.

However when we analyze the situation we need to also consider  whether the action of the Police in the above two cases were in fact because the Police considered that Section 66A was an exception under Article 19(1) or simply because they misread the law.

If the Police had misread the law the remedy is not in removing the section but in punishing the Police for “Human Rights Violation” and providing such clarifications as would ensure that in future similar mistakes would not be done.

In this context it becomes necessary to discuss if Section 66A of ITA 2008 was indeed meant to address the situation where a Facebook post or a Twitter post could cause annoyance to another individual and that the person who had expressed the objectionable view could not be protected under Article 19(1).

Section 66A has three parts.

It is reproduced below for immediate reference.

Section 66A: Punishment for sending offensive messages through communication service, etc

Any person who sends, by means of a computer resource or a communication device,-

a) any  information that is grossly offensive or has menacing character; or

b) any   information which he knows to be false, but for the purpose of causing annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or ill will, persistently  by making use of such computer resource or a communication device,

c) any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages

shall be punishable with imprisonment for a term which may extend to three years and with fine.

Explanation: For the purposes of this section, terms “Electronic mail” and “Electronic Mail Message” means a message or information created or transmitted or received on a computer, computer system, computer resource or communication device including attachments in text, image, audio, video and any other electronic record, which may be transmitted with the message

This section  applies to “Any Person” who “Sends” by means of a computer resource or a communication device, “any Information” or “Electronic Mail” or “Electronic Mail Message”.

It may be noted that this section is applicable to “Messages” and not for “Publishing” a content on a web platform. Under ITA 2008 offenses related to “Publishing” were covered under Sections 67, 67A and 67B and were restricted to content which was “Obscene”.

Then does it mean that ITA 2008 did not address situations where “Defamation” could occur through non obscene content being published on the web as in the case of the above cases?. The clear indication in the legislation is “Yes”. ITA 2008 did not try to address “Defamation” in electronic space except where the content was obscene.

The perception that Section 66A addressed defamation arose from the fact that it referred to “Information that is grossly offensive or menacing” under Section 66A(a)  as well as “information” that could cause “annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or ill will” under Section 66A(b) and “Causing annoyance” under Section 66A(c).

The first time the section was invoked to address defamation was in the Delhi High Court case of E2labs Vs Zone-H.org. In this case the remedy sought was shutting down of a website which allegedly hosted some defamatory content. Since the defendant in this case was a foreigner and chose not to respond to the notices of the Court for reasons of his own, the Court passed an interim order blocking the website which has remained in place permanently since the defendant will never contest the injunction.

The interim judgement has therefore created a perception that the Court agrees that “Defamation” was caused by the publication and hence the site was blocked. This perception provides a sort of legitimacy to the claim that “Section 66A can be invoked when defamatory content is published on the web platform and it does not get restricted by the constitutional rights of freedom of expression”.

It must however be noted that Section 66A was meant to address “Information” that can be “Sent” and not “Information which is static”. Information which is “Sent” is a “message” and is sent from one person to another. It is “Pushed” . On the other hand a content which is “Posted” is  not directed at any person. It is only “Pulled” by persons who have become part of a “Community” who have agreed to exchange information with other members of the community.

A “Facebook” post or a “Twitter Post” falls into this category of “Hosted content” and does not fall into the category of “messages”. They can be dealt with under the Section 499 of IPC and there is no need to invoke Section 66A.

The fact that Section 66A was meant for “messages” is also evident from the fact that Section 66A(b) used he word “Persistently”. This means that if a person is again and again sending a message (which he knows to be false and is sending it with the malicious intention of causing annoyance etc). In a website posting, the content is posted and not sent again and again to another person.

Section 66A(a) does not use the word “Persistently” but it applies only to such messages which can be considered as “Grossly offensive or Menacing”.

Section 66A(c) also does not use the word “Persistently” but it is specifically mentioned that it is addressed to an “Electronic Mail”.

Thus it can be inferred that Section 66A was meant only for “messages” and not for “Content”. This is justifiable since Section 499 may not be apt for “letters sent from one person to another” and also that the web presented the possibility of a higher level of annoyance than the physical equivalent of “Bulk letter mailing” since “Bulk email bombardment” is more likely.

Section 66A addressed the message because there were offences such as Cyber bullying and Cyber Stalking as well as “Spam” which could not be effectively dealt with under Section 499.

In view of the above we can conclude that Section 66A ITA 2008 was never meant to address “Defamation” and never meant to overlap Section 499 of IPC but was meant to address situations which in the cyber space were significant threats and were not addressed effectively by the physical world equivalent addressed by IPC.

If therefore we come to the conclusion that “No change is required in Section 66A” it will be because the section was never meant to address “Defamation” and  exclusions under Article 19(2) of the constitution and not because we endorse the view that Section 66 A is within the constitutional validity of Article 19(2).

Media needs to understand the issues involved and does not misinterpret the views that may be expressed by the Court in this regard.

Naavi

(Continued from the previous post)

The theory of regulated anonymity as propounded by Naavi advocates a conflict resolution solution for preserving the democratic principles of Privacy Protection in Cyber Space along with the need of the law enforcement to be able to prevent misuse of “Privacy” as a cover for Cyber Crimes.

The Theory is built on the premise that “Absolute Anonymity of the Netizen is impractical as it would be completely opposed by all law enforcement authorities and is against the current laws in most countries. Under the theory, Anonymity should be regulated by providing every Netizen with a “Cyber Space Avatar ID” to substitute the “Physical Space Citizen ID”. The Netizen may use his Netizen ID whenever he wants to be anonymous while he is free to do any transaction in Cyber Space also with the Citizen ID of the Physical Society. Whenever a justification arises for the Privacy wail to be lifted, a due process outside the control of the Government/Politicians/Corporate interests would be applied.

The assumptions under this theory are

a) Government of the day is not absolutely trusted by the Citizens and

b) Privacy law in most countries advocate a “Due Process” for lifting the privacy wail in the interest of national security etc. However the “Due Process” has a tendency to get corrupted in favour of an aggressive Government or influential corporate authority.

c) There is a need for an agency to act as an “Ombudsman” (Privacy Protection Group or PPG) between the Law enforcement authorities and the Citizen to decide when privacy wail can be lifted in the interest of national security and in accordance with the due process of law.

d) PPG has to be constituted outside the control of the major stake holders in privacy breach namely the Government, Politicians, and the Corporate powers.

e) Anonymity can be better preserved by distributing data across multiple persons and locations so that no single country or single person has all the data that are necessary for identifying a Netizen of the Cyber Society to a corresponding Citizen in the Physical world.

f) Necessary and Sufficient Penalties can be imposed on the Netizens applicable to Cyber Society independent of the penalties that can be imposed on the Citizen mapped to an offending the Netizen ID.

Suggested Process

In pursuance of the above principles, the system of Regulated Anonymity recommended by Naavi is depicted in the following diagrams. The first diagram shows the suggested architecture for converting the Citizen ID to a Netizen ID and the second diagram shows how the request for the lifting of the privacy wail will function.

In the above process, only for a brief period, private data will not be available in unencrypted form at any stage of anonymization. The decryption occurs only at the time of disclosure. These servers would be in different countries other than the country of residence of the user. The Netizen ID and its mapping to the ID required for accessing the data when required would be kept in a fourth server.

This system ensures that data gets distributed over four different countries and servers and hence it would be difficult to forcefully access the data by any Governmental authority.

The process of revealing the personal data in case of a genuine need would be handled with a strong mechanism for filtering fake requests and unlawful requests. The body which filters the requests from law enforcement agencies will consist of experts in privacy law in different countries.

This process of Regulated Anonymity is expected to satisfy the Privacy requirements as well as the law enforcement needs.

It remains to be seen however who will venture into setting up the above system. It would be ideal that an organization like ICANN should take the lead in establishing such a system.

Naavi

Internet developed in the 70’s because of its ability to provide an opportunity for anonymous expression by individuals. Even today Privacy activists are fighting for anonymity as a matter of right. “Right to be Forgotten” is the new prescription of privacy laws under development in EU.

There is admittedly, a strong case for “anonymity” and also “Pseudonomity” as means of protecting the privacy of an individual on the Internet. However looking from the perspective of increasing Cyber Crimes and their escalation to Cyber Terrorism and Cyber Wars, there is an equally strong case for the demand of the law enforcement for absolute surveillance and need to identify individuals conducting any transaction on the Internet. The new laws in most countries including India and US try to provide for such “ Authorized Invasion of Privacy”. This brings forth the direct conflict between Privacy and Crime Prevention while formulating regulations.

If we agree that even “Democracy” needs to defend Cyber attacks on its individuals and therefore do everything within its powers to identify criminals and punish them if they are hiding behind the privacy rights, then it is necessary to find a solution to this conflict of interest.

The biggest problem in Privacy advocates accepting to any form of surveillance is the proven fact that a power meant to secure the society is always misused by the Government to secure its own power to rule. Thus, surveillance will be used to gather information on the activities of the political opponents and to intimidate the opponents. Thus a dictatorship under the garb of democracy can always use the powers assumed for national security of the security of the political party.

It is in this context of both “Anonymity” and “Regulation” having their own justification that I suggest a system of “Regulated Anonymity”. This could be a solution to resolving the conflict between Privacy advocates and the regulators.

The system of “Regulated Anonymity” envisages that a “Non-Governmental” body of the Netizens will regulate the anonymity. The system would be similar to the presently available “Anonimizer” services. However, at present the anonimizers are either run with a profit motive by a private company or known groups of law evaders. While an anonimizer run by a private company will only replace the Government with a private entity who can be corrupted for an organized breach of information, an anonimizer run by law evaders will not cooperate with the regulators even when it is necessary in the interest of the society.

We therefore need to have an agency which is not a Government body with political interests, nor a private body with profit interest nor a criminal body with self protective interests. It is a challenge of the “Regulated Anonymity” system to find such an agency.

Perhaps the answer lies in the system of how Wikipedia runs or some thing similar to it. The control should be with a distributed set of persons committed to Privacy and Safe Internet. The interaction with the law enforcement should be with people who are another set of persons who can evaluate the requirements of the law enforcement and invoke a trusted cooperation from the technical team to reveal the identity of persons behind any offending transaction.

I invite suggestions and comments from legal and technical persons about how such a system can be designed.

(Part II in continuation)

Aaron Swartz, the young techie who committed suicide on the 11th of January represents a tragedy that could have been prevented if the Police had been more reasonable.It is alleged that the US prosecutors tried to demand higher punishments by invoking Computer Fraud and Abuse Act and thereby trying to enhance the possible punishment from around 6 months to 35 years.

Involvement of Swartz in the campaign against “Stop Online Piracy Act” (SOPA) made him a symbol  of Internet activism which needs to be remembered by all Netizens.. See here for details

Though the prosecutor in the case denied that they tried to threaten the victim with over prosecution threat, the possibility of an unreasonable punishment appears to be a principal cause for the suicide.

This is indicative of what is in store for Netizens if they silently suffer the misuse of law from time to time.  In India we have already been seeing how the criminal justice system is misused by politicians. If therefore Netizens donot organize themselves and fight against misuse of law by those in power, they will be unfairly exploited.

This AIFON therefore tries to lay the foundation for the development of an all India body of Netizens.

Naavi

It is being increasingly observed in India that the Cyber Law space is in need of a major overhaul. Cyber Crimes are increasing and the Government machinery as well as the Police are acting dangerously showing apathy for genuine victims and aggression for political opponents.

ITA 2008 has bestowed enormous powers on the Police and if a tendency develops int he police to misuse them then there would be danger for the society.

Our Human Rights Organizations are incapable of understanding the requirements of Netizens, protecting their rights and preventing their unfair victimization.

Examples of Government apathy is evident in the Government of India remaining silent on the appointment of chair person for the Cyber Appellate Tribunal in Delhi. In Karnataka apathy of the Government is evident from the action of the earlier Adjudicator who has kept the service out of reach of cyber crime victims in Karnataka with a tainted decision and the new administration remaining silent.

Examples of Police atrocities is raising. Honest Small business owners in Internet space are in danger of being harassed by excessive use of force

There is a need for change in some of the laws to make them more effective without being repressive.

Naavi.org has been a spokes person for such issues on cyber space for nearly 15 years. But the anti netizen forces have now become so strong that unless a larger movement of netizens takes up the responsibility for fighting for netizen’s rights, the future of Cyber space dwellers from India looks bleak.

Naavi.org therefore proposes setting up of an All India Netizen’s Forum with the sole objective of being a representative body of Netizens which can take up issues of importance to the Netizens with the appropriate authorities from time to time.

Initially, Naavi.org will be the base and an attempt to build a critical mass of Netizens into this forum will be started. If sufficient support is received, the movement will be taken forward.

The outline of what this “All India Forum of Netizens” (AIFON) is expected to do will be presented through this site.

I look forward to support from all like minded persons for this initiative.

Naavi