I have been asked why there has been little activity on this site off late. Are all the problems related to the perceived threat of the Internet as a medium in India over? Have the laws and the method of functioning of the CERT-IN changed to reflect a greater understanding and respect for democratic processes?

Far from it!

In September of 2006 I returned to the UK to puruse a PhD program . I have been caught up in the process of settling down and setting the groundwork my PhD, which happens to be a technical nature, rather than something related to understanding and influencing policy making and the like.

This does not mean that this site will be allowed to die a slow death. In fact, I renewed my contract with my web host for a further 24 months, yesterday.

I also intend to use my time in the UK to find avenues to take this little cause further. I am painfully aware that I am a small fish in the sea of activism and I don't really know what impact my efforts have had so far. I know there are many others who are individually and in groups doing their bit for similar causes. I hope to utilize my time here to better collect and galvanize ideas and put them into action.

Last month two important events played out. The Mumbai blasts that outlined the need for greater security for out cities and our people. Undoubtedly there is a need for greater security - there is a need for CCTV's in important and sensitive locations with guidelines on their monitoring, usage and backup. There is a need for an enlightened policy of checks and balances regarding luggage in our stations and airports. Many more things are needs, however what is not needed is arbitrary censorship and blanket bans like that unleashed by the CERT-IN almost simultaneously.

In its second wave of Internet censorship the CERT-IN banned 18 very arbitrarily chosen sites decided by some ad-hoc body of bureaucrats without any public consensus. The usual noises were made by the political mandarins about how the ban was important for the security of India and futile attempts were made to hoist the blasts as an example.

Thankfully this time around, the issue was not as silent as the first instance of the Yahoo Groups Ban. The media picked it up and bloggers co-ordinated a wave of online protests that lead to discussions on the net, TV and the newspapers. This led to the bans being silently withdrawn ( or perhaps implemented in a more correct fashion to cover just the 18 sites and not all of blog world)

While most of the blog world is now accessible, it is still unclear what the exact state or view of the establishment on the ban is. Sadly politicians and bureaucrats made calls for more censorship and for monitoring of online content on "all" blogs and online forums! It is very evident that those who made these noises have little if any knowledge of the nature of the medium. ( I personally feel that the feudal mentality of the establishment in this country is a major deterrent to the future of this country. However this is not a forum to discuss that )

I have been writing about this kind of short sightedness on the part of our political and bureaucratic establishment ( and to a large extent our people in general) time and again. It is unfortunate that where Information Security policies are needed acutely, the correct noises never seem to be made and concrete steps are never made.

These include but are not to limited to

• Protection of citizen's data in various government agencies ranging from passport offices to land record offices. As an example, we hear time and again of documents stolen from land records offices and manipulated.
• Protection of customer data by all companies providing services to customers and handling their data. Indian companies are routinely guilty of misusing customer data, by passing on data to sister concerns or selling them to third parties so that they can solicit business through unsolicited promotional calls.

It is frustrating to see that even the biggest organizations and banks like HSBC and Citibank that otherwise have comprehensive Data Protection and Fair Data Use statements in their other areas of operation like the UK and the US have no such statements in India for the benefit of their customers here and are among the biggest culprits when it comes to data misuse.

It is clear that self regulation as routinely advocated will never work. Strict laws and penalties are the only way to ensure that both government agencies and corporates handle data fairly because cultivating such a mindset is an expensive process.

Such processes can be made business enablers in a situation where customers take their business to companies that provide guarantees of data protection, privacy and fair use, but such a mindset does not exist among the Indian masses and must be cultivated simultaneously as well.

It is clear that there are many areas that need enlightened Information Security policies as I have highlighted. Among these the areas of Data Protection, Fair Use of Data and Protection of Customer's Privacy are the most prominent and also the most ignored.

The areas that are the most short sighted and counter-productive are Internet censorship and electronic monitoring of communication, without proper checks and balances that unfortunately are being given the most attention.

The former areas that are ignored, enforce our democratic principles while the latter that are being propagated weaken them greatly. Is this a sign of the mindset of our citizens and establishment? This is a question we must ask ourselves today, the 15th of August, India's Independence day. Do we want to be a country where we have enlightened policies that may of course be difficult to implement, but which enforce the rights of the people, or do we want to have short sighted policies that erode our fundamental rights and principles because they "seem" to be the easier way out? This is probably the most important question that India needs to answer today.

Hindustan Times reports today that "Wikimapia puts city on terror map"

In tune with the trend of alarmist and sensationalist reporting that this country has been seeing over the past few years, the article on the front page goes on to ask "What if terrorists send a guided missile to the city? All they'll need are the exact latitude and longitude of the place they want to target. They'll find more than that on Wikimapia..."

I have few words to describe reporting of this kind. Under researched, alarmist and short sighted are a few of the less hard hitting words.

Information of the kind referenced to is available from more sources than one can imagine, not just on the Internet but from survey maps published by the Geological Survey of India! While one can argue that the exact co-ordinates of Fort William and Raj Bhawam are not available in these other sources, the task of interpolating from available information is one that can be given to an undergraduate student as a weekend project.

If terrorists are in possession of missiles and more so guided missiles within the borders of the country, the failure lies elsewhere. It points to a failure of the security establishment, customs, border controls and the efficacy of your armed forces in general.

If missiles are fired from across the border it is a larger issue of cross border terrorism , and aggression between nation states and banning Google Earth and Wikimapia within India will in no way solve the problem. In any case it is a given that with satellite imagery of the kind available today, such information is available with armies the world over in any case.

The threat is not the Internet and new technology. The real threat is alarmist and under researched reporting and the short sightedness of Indian politicians and the Indian establishment. One hopes this does not now result in a blanket ban on Wikimapia. It is not unlikely that Indian ISP's will end up banning any site that begins with "wiki" and it will be goodbye Wikipedia as well then.

Recently when the same noise was being made with reference to Google Earth some reports suggested that Air Chief Marshal S P Tyagi, Chief of the Air Staff, said Google Earth was not a threat

and some reports suggested that the IAF chief thought Google Earth was a threat,

One can only wonder what the real stand of the armed forces is. I suspect , as is reasonable that they work under the assumption that information regarding military installations is available by default with the opponent, be they nation states or terrorists. It would be foolish to base any notion of security on the assumption that the opponent has partial information of physical locations, as opposed to strategy and other soft information.

It seems it has happened again. CERT-IN is at it again and this time it is the Blogsphere that seems to be the target.

Some unconfirmed and some confirmed reports suggest that Indian ISP's are in the process of blocking all blogs hosted on Blogpsot and Typepad and apparently Geocities is inaccessible from many parts of India as well.

***************************

---------- Forwarded message ----------
From: Kiran Jonnalagadda <****@**box.com>
Date: Jul 17, 2006 4:37 PM
Subject: [Reader-list] India censors the web again
To: reader Liste04

The Department of Telecommunications passed an order to ISPs Friday
to block several websites. The list is confidential. ISPs have been
slowly coming into compliance. SpectraNet, MTNL, Reliance, and as of
this afternoon, Airtel. BSNL and VSNL have not started yet but likely
will soon.

The known list of blocked domains is *.blogspot.com, *.typepad.com
and geocities.com/*

Yes folks, the government has decided to censor blogs and refused to
explain why. Shivam Vij managed to talk to Dr Gulshan Rai, director
of CERT-IN, the only body authorised to issue a blocking directive.
His response: "Somebody must have asked for some sites to be blocked.
What is your problem?"

I'm keeping a running log here:
http://jace.seacrow.com/archive/2006/07/17/blogspot-blocked-by-indian-isps

If you find several sites suddenly inaccessible today, please call
your ISP and demand to know why. Another person is preparing to file
an RTI application with DoT. If you can help, please join the
coordinating group:
http://groups.google.com/group/BloggersCollective

--
Kiran Jonnalagadda
http://www.pobox.com/~jace

****************************
Bloggers have created this group to co-ordinate protests and gather information

http://groups.google.com/group/BloggersCollective

India is today making great economic strides. That the Indian economy is a force that cannot be ignored is a generally accepted consensus. Indian software forms a bulk of the global market and Indian BPO services power giant MNC's and public services the world over. While this trend and its effect on the economies of the west seem to be subjects of much interest, an equal measure of interest is lacking on the effects of this rapid economic growth on India itself. Various figures such as GDP,Sensex, rate of growth, projected rate of growth,  etc etc are regularly published. However, issues relating to the effect of India's economic rise on it's biodiversity, its environment and its people, are generally given much less importance.

Sometimes there are the warning noises. Pollution is mentioned feebly as is environmental degradation. Sometimes the rift between the haves and have nots is mentioned but these issues are not given as much importance.  The need for creating a conducive environment for business is the call of the hour for our policy makers. The general (and incorrect) consensus seems to be that any issue not directly related to achieving a 10% growth rate is secondary and can be taken care of once we become an economic powerhouse.

Often India's overburdened power grid is mentioned under the preamble that not feeding the grid would slow economic growth.