Could India Create the World’s (Second) Largest Police State?

This article was originally published here on Eurasia Review.

As the world’s largest democracy, India is known as an emerging economic powerhouse, a new member of the UN Human Rights Council vying for a seat on the Security Council, but also a country whose rampant poverty, corruption and bureaucracy weighs down its every upward stride. Now, imagine if instead of cultivating a culture of openness, transparency and discourse, it gallops towards one of fear, mistrust and closed doors. Imagine if the 1.2 billion people who live here became part of a new era electronic police state.

Could India create an electronic police state (characterised by government surveillance of telephonic traffic, email, internet surfing, video surveillance and other electronic tracking)? It’s certainly trying. Through the Unique Identification Project, the Government is building a database – the largest of its kind – documenting every citizen to create a unique biometric-based identity: the Aadhaar number. The scheme has been lauded for its eventual ability to ensure that benefits and services promised by the government actually reach those to whom they are due. In a country where claiming entitlements under a government scheme is often difficult, and where benefits are given, they are often below par or scarce, an identity number could provide people with an empowering tool. However, cases of fraud, misinformation and unnecessary bureaucracy, exemplified by the fortunate coriander plant in Andhra Pradesh which (or should I say who?) received its own Aadhaar number, have already marred progress. Perhaps what is most concerning is the unreliability of biometric data: fingerprints which are not taken to a particular standard are not accurate, and can change with heavy labour and age. Iris scans can be fooled by something as simple as a contact lens. Neither of these methods then are fool-proof identifiers, especially when the initial data is itself recorded incorrectly. The fact that this technology is already failing calls into question whether a database of such massive scale can be securely maintained.

The Finance Ministry has recently suggested that 16 states link the Aadhaar number to social development programmes – covering everything from Public Distribution System (PDS) to National Rural Employment Guarantee Act (NREGA). The National Identification Authority of India Bill 2010 was rejected by Parliament because of the provision to make the Aadhaar number compulsory. This new measure suggests an attempt to supplant this by giving people no choice if they want to receive their benefits. With the Finance Minister’s sanction of over Rs. 14000 crore to enroll 40 crore more citizens, perhaps the government has recognised the benefits of the UID, not to the country’s poor, but to its own welfare.

With all this, the question of privacy is being ignored. A growing number of media exposés highlight the many ways in which the government is watching its citizens, suggesting an implicit lack of respect for this right: to be free from unsanctioned intrusion. The right to privacy is fundamental, enshrined in both the Universal Declaration of Human Rights and the Indian constitution. Without a law in place, personal security too is sidelined; there is no way to control the government’s use of private data or its access to it.

With the Right to Privacy Bill 2011 to be on the monsoon parliamentary agenda, public awareness of these issues is crucial. Privacy rights are fundamental to put safeguards in place to prevent overzealous government authorities from monitoring innocent citizens. In a country with a long history of corruption, there is no guarantee that this data will not be shared by greedy powers-that-be or handed over to National Intelligence Grid (NATGRID), already accesses 21 databases of personal information, under the often alarmist argument of national security and counter terrorism.

To make matters worse, the mounting tension between the Registrar General of Census’s National Population Register (NPR) and Nilekan’s UID, was diffused only by the decision to link the UID database to the Home Ministry’s Crime and Criminal Tracking System (CCTNS) – a complete reversal from the initial assurances that information collected under the UID would not be linked to any other databases. CCTNS is legally bound by the Information Technology Act 2008, amended by the Information Technology Rules 2011. Under these Rules, the Government has unprecedented powers of surveillance, intrusive monitoring and interception of encrypted information. The Rules maintain that “information shall be shared, without obtaining prior consent… with Government agencies… to obtain information including sensitive personal data or information for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.“  If the UID database falls under this mandate, it means that provided the government claims national security or even merely criminal investigation, they can access any information, and privacy be damned.

In a country like India, where there is little discourse between government and ordinary citizens, where government entities are not known for prioritising and safeguarding citizens’ rights, or of being overly conscious of legal practices, access to huge amounts of information can only increase this chasm of power.  After the 26/11 Mumbai attacks, the excuse of “national security” to fight against the all-encompassing threat of “terrorism” has allowed the Government free reign to spy on and collect information on its own citizens. The ability to then profile each citizen will give them the ability to decide off-hand who is or isn’t a danger to their personal ideal of a safe Indian nation. When a citizen does something which opposes a traditionalist Government, what is to stop the government from threatening, accusing, or arresting them on mere suspicion?

The ensuing worry that private data may end up in malicious hands stopped a biometric identity from being created in the UK in 2004; the right to privacy is so significant that the Data Protection law superseded even the Freedom of Information Act.

The notion then of a well-understood and utilised right to privacy law is crucial, but over 200 million people have already been registered and the likelihood of the UID’s denunciation is now slim. In countries where ‘big brother’ laws are leading to electronic police states, this culture of monitoring can only be exacerbated by a database of personal information this large and could lead to other violations of human rights. Monitoring, through intelligence equipment, and profiling, through stores of personal data, can become pervasive, invasive and all-encompassing. And particularly in a country with a poor and uneducated populace, governments are able to run unchecked, monitoring their citizens while proclaiming gleefully, “it’s for your own good.” Worst of all, India could lose its crown as the world’s largest democracy and instead become the far less glamorous world’s second largest police state.

As the world’s largest democracy, India is known as an emerging economic powerhouse,a new member of the UN Human Rights Council vying for a seat on the Security Council, but alsoa country whose rampant poverty, corruption and bureaucracy weighs down itsevery upward stride. Now, imagine if instead of cultivating a culture of openness, transparency and discourse, it gallops towards one of fear, mistrust and closed doors. Imagine if the 1.2 billion people who live here became part of a new era electronic police state.

Could India create an electronic police state (characterised by government surveillance of telephonic traffic, email, internet surfing, video surveillance and other electronic tracking)? It’s certainly trying. Through the Unique Identification Project, the Government is building a database–the largest of its kind – documenting every citizen to create a unique biometric-based identity: the Aadhaar number. The scheme has been lauded for its eventual ability to ensure that benefits and services promised by the government actually reach those to whom they are due. In a country where claiming entitlements under a government scheme is often difficult, and where benefits are given, they are often below par or scarce, an identity number could provide people with an empowering tool. However, cases of fraud, misinformation and unnecessary bureaucracy, exemplified by the fortunate coriander plant in Andhra Pradesh which (or should I say who?) received its own Aadhaar number, have already marred progress. Perhaps what is most concerning is the unreliability of biometric data: fingerprints which are not taken to a particular standard are not accurate, and can change with heavy labour and age. Iris scans can be fooled by something as simple as a contact lens. Neither of these methods then are fool-proof identifiers, especially when the initial data is itself recorded incorrectly. The fact that this technology is already failing calls into question whether a database of such massive scale can be securely maintained.

The Finance Ministry has recently suggested that 16 states link the Aadhaar number to social development programmes – covering everything from Public Distribution System (PDS) to National Rural Employment Guarantee Act (NREGA). The National Identification Authority of India Bill 2010 was rejected by Parliament because of the provision to make the Aadhaar number compulsory. This new measure suggests an attempt to supplant this by giving people no choice if they want to receive their benefits. With the Finance Minister’s sanction of over Rs. 14000 crore to enroll 40 crore more citizens, perhaps the government has recognised the benefits of the UID, not to the country’s poor, but to its own welfare.

With all this, the question of privacy is being ignored. A growing number of media exposés highlight the many ways in which the government is watching its citizens, suggesting an implicit lack of respect for this right: to be free from unsanctioned intrusion. The right to privacy is fundamental, enshrined in both the Universal Declaration of Human Rights and the Indian constitution. Without a law in place, personal security too is sidelined; there is no way to control the government’s use of private data or its access to it.

With the Right to Privacy Bill 2011 to be on the monsoon parliamentary agenda, public awareness of these issues is crucial. Privacy rights are fundamental to put safeguards in place to prevent overzealous government authorities from monitoring innocent citizens. In a country with a long history of corruption, there is no guarantee that this data will not be shared by greedy powers-that-be or handed over to National Intelligence Grid (NATGRID), already accesses 21 databases of personal information, under the often alarmist argument of national security and counter terrorism.

To make matters worse, the mounting tension between the Registrar General of Census’s National Population Register (NPR) and Nilekan’s UID, was diffused only by the decision to link the UID database to the Home Ministry’s Crime and Criminal Tracking System (CCTNS)– a complete reversal from the initial assurances that information collected under the UID would not be linked to any other databases. CCTNS is legally bound by the Information Technology Act 2008, amended by the Information Technology Rules 2011. Under these Rules, the Government has unprecedented powers of surveillance, intrusive monitoring and interception of encrypted information. The Rules maintain that “information shall be shared, without obtaining prior consent… with Government agencies… to obtain information including sensitive personal data or information for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.“ If the UID database falls under this mandate, it means that provided the government claims national security or even merely criminal investigation, they can access any information, and privacy be damned.

In a country like India, where there is little discourse between government and ordinary citizens, where government entities are not known for prioritising and safeguarding citizens’ rights, or of being overly conscious of legal practices, access to huge amounts of information can only increase this chasm of power. After the 26/11 Mumbai attacks, the excuse of “national security” to fight against the all-encompassing threat of “terrorism” has allowed the Government free reign to spy on and collect information on its own citizens. The ability to then profile each citizen will give them the ability to decide off-hand who is or isn’t a danger to their personal ideal of a safe Indian nation. When a citizen does something which opposes a traditionalist Government, what is to stop the government from threatening, accusing, or arresting them on mere suspicion?

The ensuing worry that private data may end up in malicious hands stopped a biometric identity from being created in the UK in 2004; the right to privacy is so significant that the Data Protection law superseded even the Freedom of Information Act.

The notion then of a well-understood and utilised right to privacy law is crucial, but over 200 million people have already been registered and the likelihood of the UID’s denunciation is now slim. In countries where ‘big brother’ laws are leading to electronic police states, this culture of monitoring can only be exacerbated by a database of personal information this large and could lead to other violations of human rights. Monitoring, through intelligence equipment, and profiling, through stores of personal data, can become pervasive, invasive and all-encompassing. And particularly in a country with a poor and uneducated populace, governments are able to run unchecked, monitoring their citizens while proclaiming gleefully, “it’s for your own good.” Worst of all, India could lose its crown as the world’s largest democracy and instead become the far less glamorous world’s second largest police state.

Is it time for India’s #blackwednesday?

On the same day that Salman Rushdie’s entrance to the country is being denied because of the banned novel, “The Satanic Verses”, web censorship around the world has come to a fore. India has a decision to make – democracy or not?

In the wake of the world-wide Wikipedia blackout (#blackwednesday), thousands of other sites followed suit, ranging of course from the all-consuming Google’s SOPA/Pipa landing page, the comic Oatmeal, Cyanide & Happiness and icanhazcheeseburger, to the blogging site wordpress and music sharing grooveshark. Both popular and niche audiences lost access to their favourite sites yesterday (unless they disabled JavaScript, but that’s beside the point) all in aid of raising awareness and forcing people to take action on the controversial SOPA and PIPA bills in the United States.

But, why is there no national movement similar to this when a New Delhi High Court judge in India threatens that he can block Facebook, Google, Youtube and others “just like China” for posting anything “obscene, objectionable, and defamatory”? Our telecomm Minister’s crusade against these sites, claiming that we must pre-screen content to remove anything “offensive”, seems to have infected a vast majority of the country to believe that freedom of expression must abide by people’s sensibilities and that in a “socially conservative” country, these freedoms may cause “communal riots”. The irony of course is that there has been no physical violence caused by any of this content in India. At the same time, Vinay Rai, long-time journalist has according to WSJ taken on the role of “India’s Censorship Crusader.” Well, good for Vinay. His argument: “It is the right of every Indian citizen to voice his/her opinion against what he deems objectionable.” While this is true, expressing one opinion should not equate to gagging someone else’s. He elucidates his point by explaining that much of the objectionable content “deeply offends several religions”. Yet, as a secular country, we not only advocate tolerance but healthy debate. If his argument stands, anyone who does not blindly praise all faiths must be censored and shut down. Scientology, anyone?

The Information Technology (IT) Rules 2011 that were added to the IT Act 2000 are key in this debate; it makes companies responsible for the user content posted on their websites, requiring them to take it down within 36 hours if “any affected person” files a complaint. Ironically, the rules state: “an intermediary is not liable for any content hosted or transmitted through it by a user,” however at the same time, they must remove anything that is “grossly harmful, harassing, blasphemous, defamatory” as well as anything “racially or ethnically objectionable, disparaging” or “otherwise unlawful in any manner.” The rhetoric used in this law is completely ambiguous; there are no parameters set out to explain what any of these terms refer to: what is defined as “blasphemous”? Indeed, the Government is putting in place more stringent measures on the internet than on other media (print or broadcast); while you can write a blasphemous article in a newspaper, you cannot post it online. This misguided act makes little sense considering how much harder it is to regulate content on the internet, particularly on social networking or user-hosted websites.

The now pending case between Vinay Rai and 21 internet moguls firms is set to continue tomorrow, sanctioned to be tried for “serious crimes such as fomenting religious hatred and spreading social discord, offences that could land company directors in prison.” In fact, our new trumpeters of “free speech” fail to recognise that there is no mechanism in place, or one that could be put in place to regulate these sites. A search engine indexes already present content; a social networking site like Facebook only hosts content uploaded by its users, and already has safeguards in place. The complete lack of understanding of how these sites work does not put much faith in our Telecomm’s Minister, a High Court judge and a generally pontificating and often unnecessarily pompous Government.

It’s clear that the entire web censorship issue in India is more to do with a few politicians’ hurt egos coming out of recent corruption scandals, the Hazare movement’s use of social networking, and a desire to infantalise and control a public, already haunted by a colonial past. Web censorship is clearly not limited to the United States and its sister SOPA and PIPA bills, but is spreading across the globe. If the world’s largest democracy cannot allow freedom of expression on the last open medium, then what are we left with? If our Government cannot allow a dialogue between its citizens and their representatives, but expects merely adulation and praise, then what are we left with? The new rules added to the IT Act allow arbitrary censorship and gag our freedom of expression. If we want to distinguish ourselves from our dictatorial neighbor, perhaps our politicians and censorship crusaders need to grow a thicker skin, accept some criticism and realise that some good-natured ribbing is part of a robust democracy. When the State begins to gag its citizens, it’s only a step away from censoring, well, anything.