Too many carbs are no longer not only bad for our health, but also cyber security. Today, the entire Domino’s DB has been exposed and is circulating widely. We are intentionally *not* linking to it since it exposes sensitive personal data. 1/n #SaveOurPrivacy
Such data breaches put you to immense risk. They create threat vectors for financial cyber crimes and also ID fraud. What makes this worse, is the seeming inaction and acknowledgment by data processors who we trust with out personal data. 2/n
Immediate government response is of considerable concern given that there is inaction by @IndianCERT & @GoI_MeitY despite regular and persistent requests by us investigate, provide guidance and lay out a framework for notifications to impacted victims. We urge them to act! 3/n
@IndianCERT @GoI_MeitY We will act in the instance as well next week. But our past experience has met with inaction on data breaches by technology companies and the public sector. You can explore more of our detailed representations here. 4/n internetfreedom.in/tag/breaches/
@IndianCERT @GoI_MeitY The draft data protection law makes bad choices on incident reporting and response. Why? Does not shield data security researchers who uncover & report exploits to fix them. Second, the companies are not under any obligation to notify victims. 5/n saveourprivacy.in/media/all/Brie…
@IndianCERT @GoI_MeitY What can you do? Start following IFF's monthly cyber security guides by @faultyatom. Also, follow explainer videos on our YouTube Channel. Remember, cyber security is the practice of safety. You must start taking steps today! 6/6 internetfreedom.in/launching-cybe…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Internet Freedom Foundation (IFF)

Internet Freedom Foundation (IFF) Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @internetfreedom

25 May
India's incoming data law confers more power than ever to the State for surveillance, with little accountability.

This is a grave concern because the passing of the Data Bill is now inevitable.

Here's a breakdown of how this will happen. Thread.
1/n
internetfreedom.in/dataprotection…
India's State surveillance mechanism hinges on two facts:

1. The government and law enforcement administer a wide range of surveillance projects on citizens.

2. Several provisions under the law empower the State to engage in surveillance.

Now, let's look at data bill.
2/n Image
1. Under the Data Protection Bill, Clause 35 enables the Central Government to exempt, by order, ANY agency of the government from ANY provision of the Bill, in the interest of reasons such as national security. Remember - these provisions exist to protect your data.
3/n
Read 10 tweets
24 May
🚨 SOS!

Tomorrow, May 25, is the deadline for significant social media intermediaries like FB, Twitter, and Instagram to comply with new obligations under the IT Rules. If you use social media, pay attention- here's how this will roll out.
1/n
internetfreedom.in/pound-the-alar…
On Feb 25, @GoI_MeitY and @MIB_India issued the contentious and undemocratic IT Rules, 2021. At least 6 writ petitions have been filed before 3 HCs challenging them. We provided legal assistance to @LiveLawIndia in their challenge before Kerala HC.
2/n
internetfreedom.in/intermediaries…
First, what is a social media intermediary?

SM platforms don't generate content - you do. They are simply intermediaries who host it. This distinction helps them avoid liability for your content.

Significant SMIs have >50 lakh users and more compliances than regular SMIs.
3/n
Read 10 tweets
22 May
IT Act 2000, Blocking Rules 2009, Art 19(1)(a), Art 19(2) - none of these allow @GoI_MeitY to request en masse removal of the phrase 'Indian Variant' OR prohibit Twitter's use of the manipulated media tag. We wrote to MeitY about this today. Thread.
1/n
internetfreedom.in/meity-asks-soc…
MeitY has issued two letters requesting
(a) all social media platforms to take down content referring to an Indian variant of COVID, and
(b) Twitter to remove the manipulated media tag on tweets by political leaders.
We have several concerns regarding this as outlined below.
2/n
Let's look at the letter on the Indian variant - neither Section 69A of the IT Act nor the 2009 Blocking Rules empower MeitY to request SM platforms for *en masse* content removal. This vague, overbroad request also violates Article 19(1)(a) i.e. freedom of speech, because...
3/n
Read 9 tweets
21 May
We are filing RTIs seeking further information under which provision of law are such directions being issued by the Government of India. Further updates will follow.
Update : We have filed RTIs with the relevant government ministries. We will be monitoring @lumendatabase. Government censorship needs to be anchored in a legal power, that is exercised with transparency. To determine legality & safeguard public’s right to receive information.
Further: Our democratic system relies on a system of laws that are constitutionally consistent. Hence, it becomes vital as per the Hon’ble Supreme Court’s judgement in the Shreya Singhal case for directions by a Court or Government of India to be within prescribed jurisdiction.
Read 4 tweets
21 May
#DataProtectionTop10
Part 6 of our series on the Personal Data Protection Bill focuses on data localisation. What happens to the Internet's open nature? How does the Government decide which data is restricted? How is your privacy affected? A thread. 1/n
internetfreedom.in/dataprotection…
There are two kinds of personal data with location restrictions:
a. sensitive
b. critical
As per Clause 33, when sensitive personal data is transferred outside India with explicit consent, a copy of such data shall continue to be stored in India. This is data mirroring.
2/n
However, critical personal data is strictly localised, and may be stored and processed only in India. It may be transferred only for prompt actions, or if the Central Govt. decides at its discretion that it doesn't affect State security and strategic interests (Clause 34). 3/n
Read 7 tweets
20 May
RTI update: IFF has received a copy of the MoU between @AgriGoI and @MicrosoftIndia for a pilot project in 100 villages. It appears to propose that farmer’s data will be used for identity authentication and mentions a data sharing agreement. Thread!
1/n
internetfreedom.in/revealed-minis…
The Agri Ministry signed an MoU with Microsoft for a pilot project in 100 villages in 6 states, so as "to develop farmer interface for smart and well-organized agriculture, including post-harvest management and distribution". See for background:
2/n
Our joint letter with 55 organisations to the Agri Minister emphasised concerns such as exploitation of farmers by procurers, reduced agency on the part of farmers, and inadequate land records. The MoU's analysis has laid these issues bare.
3/n
internetfreedom.in/joint-letter-t…
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(