India's incoming data laws need our serious attention NOW.

The Joint Parliamentary Committee is all set to table their comments within the next few days, & you deserve to know: What are its glaring issues? How can we make it better? 🧵 1/n #MonsoonSession
internetfreedom.in/update-indias-…
Is India's incoming data law secure? Is it enough? Does it really protect you?

At IFF, we dived into them through #StartFromScratch #DataProtectionTop10 #PrivacyOfThePeople, where we analysed the Bill and looked at how they would affect you — as someone under its purview. 2/n
Now, the recommendations of the JPC will probably be considered, and the Bill itself may be passed. We're keeping our eyes peeled! But the story isn't over just yet.

Due to the cabinet reshuffle, multiple positions lie vacant in the JPC, including that of the chairperson! 3/n
Additionally, here's a scoop: the report may substantially expand the scope of the Bill to include non-personal data, a *major* missing component of the current Personal Data Protection Bill 2019! But, but, but... the framework may be unconstitutional. 4/n
hindustantimes.com/india-news/cab…
Why?

1. Overbroad definitions! What is 'personal'? What is 'non-personal'? What's the relationship between the Bill and the framework? Does it protect your data privacy and security? (nope) 4/n
2. What is non-personal data? It's mostly just personal data that has been "anonymised", and the risk of *de-anonymisation* is high — given that today's internet makes true anonymity close to impossible. We must create strong safeguards against this risk. 5/n
3. Your data may be exploited... against your interests. Entities should *not* be given a free hand to collect your data and use it for their own interests, and they *must* prioritise YOUR consent. 6/n
That's why these issues must be resolved ASAP:

a. Fill up JPC vacancies! It's urgent, and the Speaker must focus on this.

b. Some suggestions will be accepted and some won't be. We deserve to know why. 7/n
c. Lastly, accepting the 'non-personal' data framework changes the incoming data law substantially, i.e A LOT.

As a democratic country, this can't be heaped on us. We need fresh consultations to inspect the multiple issues that may be thrown up by this integration. 8/n
At IFF, we're fully funded by the people of India. Help us advocate for your fundamental rights in a digital India!

internetfreedom.in/donate/

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Internet Freedom Foundation (IFF)

Internet Freedom Foundation (IFF) Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @internetfreedom

19 Jul
As #Pegasus trends today, we move beyond sensationalism for truth. In 10 tweets, we verify each statement the IT Minister, Ashwini Vaishnaw, made before the Parliament today on the #PegasusProject row and surveillance revelations by media groups, including @thewire_in.

1/10 👇 Image
On the number of individuals who were spied upon through #Pegasus.

2/10 Image
On whether snooping took place.

Read more here in this report by @thewire_in: thewire.in/tech/faq-pegas….

3/10 Image
Read 10 tweets
19 Jul
For over 20 days, Muslim women in India were "auctioned" on a @github platform. But the Islamophobic, misogynist nightmare isn't over just yet, and the authorities can deal with it better. Here's how 🧵
1/n

internetfreedom.in/womens-safety-…
In early July, the issue appeared in the public eye when multiple accounts posted screenshots of the application. It randomly assigned you a Muslim woman as the 'deal of the day'. To say that it was objectifying & demeaning would be an understatement.
2/n

As a result of the public outcry, @github removed the application, @NCWIndia took suo moto cognisance, and @DCWDelhi issued notice to the @DelhiPolice. The Cyber Cell of Delhi Police registered FIRs under S.354-A of the Indian Penal Code.
3/n

thewire.in/women/sulli-de…
Read 8 tweets
19 Jul
On July 18 '21, @thewire_in as part of the #PegasusProject revealed that 300+ verified Indian mobile numbers were targeted by Israeli spyware firm NSO (of #Pegasus fame), that supposedly sells only to verified government clients.
1/n

internetfreedom.in/iffs-statement…
A leaked database (with over 40 Indian journalists' numbers) accessed by @FbdnStories + @amnesty led to this explosive claim, & forensic analysis confirmed that #Pegasus was used to target at least 10 Indian phones, which included @svaradarajan @paranjoygt @mkvenu1 & others.
2/n
The Govt. of India has responded to #PegasusProject inquiries on the alleged hacking, mentioning that any interception, monitoring or decryption carried out is done as per the due process of law.

However, this response is massively insufficient.
3/n

Read 9 tweets
18 Jul
According to a July 15, 2021 report published by the @washingtonpost, an Israeli hacking-for-hire firm Candiru has helped government clients spy on more than 100 victims around the world including human rights activists and journalists.

1/n

washingtonpost.com/nation/2021/07…
According to a @citizenlab report, Candiru has helped governments in Israel and the Palestinian territories, Iran, Lebanon, Yemen, Spain, the United Kingdom, Turkey, Armenia and Singapore target dissidents & adversaries.

2/n

citizenlab.ca/2021/07/hookin…
Candiru’s spyware can reportedly infect ​​and monitor iPhones, Androids, Macs, PCs, and cloud accounts. There are existing concerns in India about the use of similar spyware (Pegasus) supplied by the Israeli firm NSO to target human rights defenders.

3/n

internetfreedom.in/the-need-to-in…
Read 4 tweets
16 Jul
12,368 — that's the number of content removal demands issued to Twitter by the Government of India. No other country has issued as many demands, ever.

The first round of Transparency Reports has been revealed, and this is what we found. 🧵 1/n

internetfreedom.in/big-tech-relea…
Guess what? 2 million accounts were banned by WhatsApp in 1 month.

Yes, you read that right. 2/n
Here's more: The government issued over 40,300 orders between July and December 2020. This affected over 62,754 Indian users in just 6 months, or an average of 10,000 Indian users every month. 3/n

transparency.fb.com/data/governmen…
Read 6 tweets
15 Jul
Today, we look at India's new Health Data Management Policy. How well does it do on protecting the people's consent, data privacy and security? Is it inclusive, coercive, or too lenient with the private sector's access to your health data?🧵

1/n

internetfreedom.in/analysing-the-…
First, some positives: the HDMP centres privacy, user autonomy, and explicit & informed consent as its guiding principle. It gives certain rights to users on their medical data, including the rights to determine if they want their data erased or accessed by certain entities.
2/n
But if you've had the #CovidVaccine - you'll notice a Unique Health ID number has been issued on the certificate without consent or any prior information. This is at odds with the consent framework the Health Data Management Policy claims to uphold.
3/n

nationalheraldindia.com/india/modi-gov…
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

:(