Unless in the most exceptional cases, children’s involvement in politics is supported, encouraged, managed, or instigated by the adults in their family. There is a long history of children waving flags, dressing up as political leaders, holding ideological banners, or singing songs in support of political causes. Our reaction to these images depends on our politics: we tend to approve of these actions when we support the cause and are horrified when we don’t. We are not horrified if little children celebrate violence or martyrdom, provided they are doing it for the ‘right’ cause. Most of the time, therefore, adults’ opinion on children in politics is unconsciously self-serving.Read more

We propose a model to operationalise lateral induction in the Indian armed forces to tackle the burden of growing pensions. Read the full article in The Print here.

Google has recently announced a $1 million grant to help fight misinformation in India. This could not have come at a better time. Misinformation has is a reality and bi-product of the Indian and global information age. It could be Kiran Bedi on Twitter claiming that the sun chants Om or WhatsApp forwards saying that Indira Gandhi entered JNU with force and made the leader of the student’s union, Sitaram Yechury, apologise and resign. As someone who was subject to both these pieces of misinformation, I admit I ended up believing both of them at first, without a second thought. While both of those stories are relatively harmless, misinformation does have an unfortunate history of causing fatalities. For instance, in Tamil Nadu, a mob was guilty of mistaking a 65-year-old woman for being a child trafficker. So when they saw her handing out chocolates to children, they put two and two together and proceeded to lynch the woman. Because of instances like these, and because misinformation has the power to shape the narrative, there is an urgent need to combat it. Countries have already begun to take notice and device measures. For instance, during times when ISIS was a greater force and Russia was emerging as an emerging misinformation threat, the US acknowledged that it was engaged in a war against misinformation. To that end, the Obama administration appointed Richard Stengel, former editor of the TIME magazine, as the undersecretary of Public Diplomacy in the State Department to deal with the threat. Stengel later wrote a book called Information Wars and acknowledged the limitations of the state in providing an effective counter to misinformation through fact-checking. When we try to tackle misinformation, we reason through it based on fundamentally incorrect assumptions. Typically, when we think of misinformation, we picture it to be like this pollutant that hits a population and spreads. Here we imagine that the population misinformation is affecting, is largely passive and homogenous. This theory does not take into account how people interact with the information that they receive or how their contexts impact it. It is a simple theory of communication and does not appreciate the complexities within which the world operates. Amber Sinha elaborates on this in his book, The Networked Public. Paul Lazarsfeld and Joseph Klapper debunked this theory of a passive population in the 1950s. Their argument was that contexts matter. Mass communication and information combined do have the potential to reinforce beliefs, but that reinforcement largely depended on the perception, selective exposure, and retention of information. Lazarsfeld and Klapper’s work is a more sobering look at how misinformation spreads. Most importantly, it tells us why fact-checking doesn’t work. People are not always passive consumers of information. There are multiple factors that significantly impact how information is consumed, such as perception, selective exposure, and confirmation bias. Two people can interpret the same piece of information differently. This is why we see that the media does not change beliefs and opinions, but instead, almost always ends up reinforcing them. So just because people are exposed to facts, does not mean that it is going to fix the problem. I tried to test it myself. To the person who had sent me the story about Indira Gandhi making Sitaram Yechury apologise and resign, I forwarded a link and a screenshot that debunked the forward. To my complete lack of a surprise, they did not respond. Similarly, when Kiran Bedi was told that NASA did not confirm that the Sun sounded like Om, she responded by Tweeting, “We may agree or not agree. Both choices are 🙏”. That makes sense. Remember the last time someone fact-checked you, or just blurted with a statement that went against your worldview. No one likes cognitive dissonance. When our beliefs are questioned, we feel uneasy, our brain tries to reconcile the conflicting ideas to make sense of the world again. It is no fun having your belief system shaken. This brings us back to square one. Misinformation is bad and has the potential to conjure divisive narratives and kill people. If fact-checking does not work, how do we counter it? I do not know the answer to this but would argue that the answer lies in patience and reason. We often think that leading with facts directly wins us an argument. In recent times, I have been guilty of that more often than I would like. But doing that just leads to cognitive dissonance, reconciliation of facts and beliefs, and regression to older values. We need to fundamentally rethink how we are to tackle misinformation.  This is why Google’s grant comes at an opportune time. We are yet to see how it will contribute to combating misinformation. While fact-checking is good and should continue, it is not nearly enough to win the information wars.

This article was originally published in Deccan Herald.

The term ‘fake news’ – popularised by a certain world leader – is today used as a catch-all term for any situation in which there is a perceived or genuine falsification of facts irrespective of the intent. But the term itself lacks the nuance to differentiate between the many kinds of information operations that are common, especially on the internet.

Broadly, these can be categorized as disinformation (false content propagated with the intent to cause harm), misinformation (false content propagated without the knowledge that it is false/misleading or the intention to cause harm), and malinformation (genuine content shared with a false context and an intention to harm). Collectively, this trinity is referred to as ‘information disorder’.

Over the last 4 weeks, Facebook and Twitter have made some important announcements regarding their content moderation strategies. In January, Facebook said it was banning ‘deepfakes (videos in which a person is artificially inserted by an algorithm based on photos) on its platform. It also released additional plans for its proposed ‘Oversight Board’, which it sees as a ‘Supreme Court’ for content moderation disputes. Meanwhile, in early February, Twitter announced its new policy for dealing with manipulated media. But the question really is whether these solutions can address the problem.

Custodians of the internet

Before dissecting the finer aspects of these policies to see if they could work, it is important to unequivocally state that content moderation is hard. The conversation typically veers towards extremes: Platforms are seen to be either too lenient with harmful content or too eager when it comes to censoring ‘free expression’. The job at hand involves striking a difficult balance and it’s important to acknowledge there will always be tradeoffs.

Yet, as Tarleton Gillespie says in Custodians of the Internet, moderation is the very essence of what platforms offer. This is based on the twin-pillars of personalisation and the ‘safe harbour’ that they enjoy. The former implies that they will always tailor content for an individual user and the latter essentially grants them the discretion to choose whether a piece of content can stay up on the platform or not, without legal ramifications (except in a narrow set of special circumstances like child sex abuse material, court-orders, etc.) This of course reveals the concept of a ‘neutral’ platform for what it is, a myth. Which is why it is important to look at these policies with as critical an eye as possible.

Deepfakes and Synthetic/Manipulated Media

Let’s look at Facebook’s decision to ban ‘deepfakes’ using algorithmic detection. The move is laudable, however, this will not address the lightly edited videos that also plague the platform. Additionally, disinformation agents have modified their modus operandi to use malinformation since it is much harder to detect by algorithms. This form of information disorder is also very common in India.

Twitter’s policy goes further and aims to label/obfuscate not only deepfakes but any synthetic/manipulated media after March 5. It will also highlight and notify users that they are sharing information that has been debunked by fact-checkers. In theory, this sounds promising but determining context across geographies with varying norms will be challenging. Twitter should consider opening up flagged tweets to researchers.

The ‘Supreme Court’ of content moderation

The genesis of Facebook’s Oversight Board was a November 2018 Facebook post by Mark Zuckerberg ostensibly in response to the growing pressure on the company in the aftermath of Cambridge Analytica, the 2016 election interference revelations, and the social network’s role in aiding the spread of disinformation in Myanmar in the run-up to the Rohingya genocide. The Board will be operated by a Trust to which the company has made an irrevocable pledge of $130 million.

For now, cases will be limited to individual pieces of content that have already been taken down and can be referred in one of two ways: By Facebook itself or by individuals who have exhausted all appeals within its ecosystem (including Instagram). And while the geographical balance has been considered, for a platform that has approximately 2.5 billion monthly active users and removes nearly 12 billion pieces of content a quarter, it is hard to imagine the group being able to keep up with the barrage of cases it is likely to face.

There is also no guarantee that geographical diversity will translate to the genuine diversity required to deal with kind of nuanced cases that may come up. There is no commitment as to when the Board will also be able to look into instances where controversial content has been left online. Combined with the potential failings of its deepfakes policy to address malinformation, this will result in a tradeoff where harmful, misleading content will likely stay online.

Another area of concern is the requirement to have an account in the Facebook ecosystem to be able to refer a case. Whenever the board’s ambit expands beyond content takedown cases, this requirement will exclude individuals/groups, not on Facebook/Instagram from seeking recourse, even if they are impacted.

The elephant in the room is, of course, WhatsApp. With over 400 million users in India and support for end-to-end encryption, it is the main vehicle for information disorder operations in the country. The oft-repeated demands for weakening encryption and providing backdoors are not the solution either.

Information disorder, itself, is not new. Rumours, propaganda, and lies are as old as humanity itself and surveillance will not stop them. Social media platforms significantly increase the velocity at which this information flows thereby increasing the impact of information disorder significantly. Treating this solely as a problem for platforms to solve is equivalent to addressing a demand-side problem through exclusive supply-side measures. Until individuals start viewing new information with a healthy dose of skepticism and media organisations stop being incentivised to amplify information disorder there is little hope of addressing this issue in the short to medium term.

(Prateek Waghre is a research analyst at The Takshashila Institution)

Bengaluru: As India becomes more globalised, there are intense deliberations in orthodox families on the merits of getting married within their own community.

The obvious go-to-market strategy is to ask for family recommendations and visit websites tailored for the community. This is typically followed by patrika and gotra matching, and some family meetings.

But as our scientific understanding of diseases and other heritable attributes increases, we have to question whether continued insistence on community-based marriages is relevant.Endogamy is the practice of marrying within the same community, and genetic diseases arising out of a limited gene pool are a major consequence of it.There is a growing need to reflect on these practices and determine what’s the best way to choose a life partner. (Read more)

The coronavirus outbreak originating in China has made its way across the globe, with nearly 12,000 confirmed cases. There are three confirmed cases in India as of 5 February 2020. There is considerable panic as countries race to contain its spread through screening and quarantine measures. Companies and universities have pressed into action; trying to figure out better diagnostics and possible treatment for the new virus.The ambiguity of the virus’s origin and fear created by its rapid spread and lack of cure has incited a deluge of misinformation. So here are four questions you really need to know about this outbreak.

How deadly is the viral outbreak?

The virus is the latest member of the coronavirus family to jump from other animals to infecting humans. The scientific community has already determined the genetic sequence of the virus. We now understand that every infected person can infect up to 4 people. The virus spreads through the air, enveloped in tiny droplets released as a person sneezes, coughs or talks. Spitting in public places or coughing without covering one’s mouth are basic hygiene fails that need to be avoided. (Read more)

Data is a complex, dynamic issue. We often like to make large buckets where we want to classify them. The Personal Data Protection Bill does this by making five broad categories, personal data, personal sensitive data, critical personal data, non-personal data, and anonymised data. While it is nice to have these classifications that help us make sense of how data operates, it is important to remember that the real world does not operate this way.

For instance, think about surnames. If you had a list of Indian surnames in a dataset, they alone would not be enough to identify people. So, you would put that dataset under the ambit of personal data. But since it is India, and context matters, surnames would be able to tell you a lot more about a person such as their caste. As a result, surnames alone might not be able to identify people, but they can go on to identify whole communities. That makes surnames more sensitive than just personal data. So you could make a case for them to be included in the personal sensitive category.

And that is the larger point here, data is dynamic, as a result of how it can be combined or used alone in varying contexts. As a result, it is not always easy to pin it down to broad buckets of categories.

This is something that is often not appreciated enough in policy-making, especially in the case of anonymised or non-personal data. Before I go on, let me explain the difference between the two, as there is a tendency to use them interchangeably.

Anonymised data refers to a dataset where the immediate identifiers (such as names or phone numbers) are stripped off the rest of the dataset. Nonpersonal data, on the other hand, is a broader, negative term. So anything that is not personal data can technically come under this umbrella, think anything from traffic signal data to a company's growth projections for the next decade.

Not only is there a tendency to use the terms interchangeably, but there is also a false underlying belief that data, once anonymised cannot be deanonymised. The reason the assumption is false is that data is essentially like puzzle pieces. Even if it is anonymized, having enough anonymised data can lead to deanonymisation and identification of individuals or even whole communities. For instance, if a malicious hacker has access to a history of your location through Google Maps, and can combine that with a history of your payments information from your bank account (or Google Pay), s/he does not need your name to identify you.

In the Indian policy-making context, there does not seem to be a realization that anonymisation can be reversed once you have enough data. The recently introduced Personal Data Protection Bill seems to be subject to this assumption.

Through Section 91, it allows “the central government to direct any data fiduciary or data processor to provide any personal data anonymised or other non-personal data to enable better targeting of delivery of services or formulation of evidence-based policies by the Central government”.

There are two major concerns here. Firstly, Section 91 gives the Government power to gather and process non-personal data. In addition, multiple other sections ensure that this power is largely unchecked. For instance, Section 35 provides the Government the power to exempt itself from the constraints of the bill. Also, Section 42 ensures that instead of being independent, the Data Protection Authority is constituted by members selected by the Government. Having this unchecked power when it comes to collecting and processing data is problematic especially it has the potential to give the Government the ability to use this data to identify minorities.

Secondly, it just does not make sense to address nonpersonal data under a personal data protection bill. Even before this version of the bill came out, there had been multiple calls to appoint a separate committee to come up with recommendations in this space. It would have then been ideal to have a different bill that looks at non-personal data. Because the subject is so vast, it does not make sense for it to be governed by a few lines in Section 91 for the foreseeable future.

So the bottom line is that anonymised data and nonpersonal data can be used to identify people. The government having unchecked powers to collect and process these kinds of data has the potential to lead to severely negative consequences. It would be better instead, to rethink the approach to non-personal and anonymised data and have a separate committee and regulation for this.

This article was first published in Deccan Chronicle.

(The writer is a technology policy analyst at the Takshashila Institution. Views are personal)

The Wuhan coronavirus, or nCoV-2019, is likely to become a pandemic in the coming weeks, having already infected at least 17,000 and killed some 400. The World Health Organisation has belatedly declared a public health emergency, while at least 45 million Chinese citizens remain under lockdown. Despite botching up the initial response in Wuhan, authorities in China have since been fast to share information on the outbreak and have even invited overseas experts for help. A draft sequence of the genome has also been published online and scientists from across the world have shared their analysis. Despite wild speculation about the origins of the Wuhan virus there’s absolutely no evidence it is anything other than a naturally mutated pathogen – indeed, it would make no sense for a state to produce a bioweapon that has both high communicability and low lethality.However, future threats to global health will come not only from natural viruses like nCoV-2019 but also from man-made pathogens. Mechanisms that aid early detection and encourage transparency need to be institutionalised quickly as a combination of breakthrough technologies and human malice raise the threat from bioweapons. Major states like China and India are well-positioned to champion this institutionalisation given their high vulnerability to bioweapons attacks and their shared desire to shape global institutions. (Read more)

There is something a little puzzling about the international response to the Wuhan novel coronavirus – nCoV-2019 – outbreak: the actions taken by the United States, Singapore, Australia, New Zealand, Russia, and other countries exceed what the World Health Organisation has recommended. Is the WHO underplaying the risks of a global epidemic or are these countries over-reacting?

The WHO has declared the Wuhan coronavirus outbreak a Public Health Emergency of International Concern (PHEIC), which under International Health Regulations is “an extraordinary event which is determined to constitute a public health risk to other States through the international spread of disease and to potentially require a coordinated international response”. It implies that there is a risk of trans-border spread of a disease necessitating international coordination. Such a declaration obliges all countries to take appropriate countermeasures and share outbreak-related information with the WHO on a regular basis.

Read more

This article originally appeared in Deccan Chronicle.In the lead-up to the 2020 Budget, the industry looked forward to two major announcements with respect to cybersecurity. First, the allocation of a specific ‘cyber security budget’ to protect the country’s critical infrastructure and support skill development. In 2019, even Rear Admiral Mohit Gupta (head of the Defence Cyber Agency) had called for 10% of the government’s IT spend to be put towards cyber security. Second, a focus on cyber security awareness programmes was seen as being critical especially considering the continued push for ‘Digital India’.On 1^st February, in a budget speech that lasted over 150 minutes, the finance minister made 2 references to ‘cyber’. Once in the context of cyber forensics to propose the establishment of a National Police University and a National Forensic Science University. Second, cyber security was cited as a potential frontier that Quantum technology would open up. This was a step-up from the last two budget speeches (July 2019 and February 2019) both of which made no references to the term ‘cyber’ in any form. In fact, the last time cyber was used in a budget speech was in February 2018, in the context of cyber-physical weapons. When combined with other recent developments such as National Security Council Secretariat’s  (NSCS) call for inputs a National Cyber Security Strategy (NCSS), the inauguration of a National Cyber Forensics Lab in New Delhi, and an acknowledgement by Lt Gen Rajesh Pant (National Cyber Security Coordinator) that ‘India is the most attacked in cyber sphere’ are signals that the government does indeed consider cyber security an important area.While the proposal to establish a National Forensic Science University is welcome, it will do little to meaningfully address the skill shortage problem. The Cyber Security Strategy of 2013 had envisioned the creation of 500,000 jobs over a 5-year period. A report by Xpheno estimated that there are 67,000 open cyber security positions in the country. Globally, Cybersecurity Ventures estimates, there will be 3.5 million unfilled cyber security positions by 2021. 2 million of these are expected to be in the Asia Pacific region.It is unfair to expect this gap to be fulfilled by state action alone, yet, the budget represents a missed opportunity to nudge industry and academia to fulfilling this demand at a time when unemployment is a major concern. The oft-reported instances of cyber or cyber-enabled fraud that one sees practically every day in the newspaper clearly point to a low-level of awareness and cyber-hygiene among citizens. Allocation of additional funds for Meity’s Cyber Swachhta Kendra at the Union Budget would have sent a strong signal of intent towards addressing the problem.Prateek Waghre is a research analyst at The Takshashila Institution, an independent centre for research and education in public policy.

The debate and protests around the Citizenship Amendment Act and the National Register of Citizens have dominated headlines around the nation, and rightfully so. While public attention and the news cycle continue to revolve around the issue, the Ministry of Electronics and Information Technology (MeitY) has released a Personal Data Protection Bill.

Since reading the bill, Justice B.N. Srikrishna (chair of the committee that drafted the initial report on data protection) has claimed it to have the potential to turn India into an Orwellian State. The statement is based on legitimate grounds, and that should give most people sleepless nights.

The Personal Data Protection Bill does give the government the power to exempt itself from the legislation. It also gives the State significant powers to demand data, and also places significant restrictions on cross-border data flows.

All of this is troubling on multiple levels and is being written about in columns and articles throughout India’s tech policy space. What is not getting enough attention, however, is that the bill is also bad news for the Indian economy, that too when it is the last thing India needs right now.

There are several counts on which the bill, in its current form, will have a negative impact on the economy. Most importantly among them, is the timeline for enforcement. The 2018 version of the Bill, provided for a period for adjustment and compliance before the enforcement of Bill’s provisions. Section 97’s transitional provisions provided industries a period of 18 months before mandating compliance.

Having a defined period of time that affords the industry the space to be in compliance is an objectively good policy. You could have a debate on how long that period should be, but it should be common ground to have a transition plan. For example, Europe’s Data Protection Law, the GDPR, was adopted in April 2016 but was enforced almost 2 years later, in May 2018.

What this tells us is that policy does not work like a light switch. Flicking it on does not always magically make sure that it will have the intended effects. The current version of the Bill does away with a transitional period altogether. This gives any company that collects data no time to adhere to the bill’s requirements. If implemented without a transition period, the bill would provide the government with grounds to penalise companies and impose punishments for not complying with directives that did not exist a day before the bill was introduced. Bangalore, being the hub of the Indian IT sector is likely to be impacted the most, with Mumbai, Hyderabad, and Delhi-NCR in tow.

Not only does the bill offer no transition period, but it also makes it a lot harder to carry out data processing outside of India. If companies want to outsource data processing of personal sensitive data to a different country, they need to do so under an intra-group scheme with the Data Protection Authority (DPA).

There are two things to consider here. Firstly, the DPA will be set up following the bill. Staffing it and providing it with the correct infrastructure and resources could take months from when the bill is enforced. Since there is no transition period, until the DPA is formed, companies who outsource data for processing would legally not be able to do so.

Secondly, even if the DPA is formed, there must be thousands of companies that would want to apply for an intra-group scheme, with new companies forming every month. It would put a lot of undue strain on the DPA to individually assess each company’s proposal and include them in an intragroup scheme.

This redundancy is going to impact small and medium enterprises a lot more than big firms. Big companies are likely to be able to afford to build processing capacity in India or afford costlier versions to maintain their standards. Small and medium enterprises, especially Indian firms, are not always going to have the money to comply within the given timeframe.

On a related note, the bill also creates three tiers of data, personal, personal sensitive, and critical personal data. While the first two are defined within the bill, critical personal data is not. As you would expect, critical personal data is going to be the tier with the most restrictions and burden of compliance.

For instance, while personal and personal sensitive data can be subject to cross-border transfers, critical personal data is not. So it puts any company that deals with data under a lot of anxiety. It would force them to stay in limbo until the third tier is defined, and will have an impact on how they go about their day-to-day business.

The digital economy is inextricably linked with the traditional economy. All of this, removing a runway for compliance, placing redundancy-ridden restrictions on the cross-border flow of personal sensitive data, and not defining critical personal data is bound to have a negative impact on the Indian economy. If the bill is passed in its current form, we are looking at FDI drying up within this sector. Big companies might have deeper pockets, but localisation laws will also go a long way to make sure that they keep their India-bound spending and outsourcing in check. On the other hand, it is also likely to incentivise small companies and startups to register their businesses elsewhere. All of this is coming at a time when the Indian economy needs it the least.

The redundancy is going to impact small and medium enterprises a lot more than big firms. Big companies are likely to be able to afford to build processing capacity in India or afford costlier versions to maintain their standards. Small and medium enterprises, especially Indian firms, are not always going to have the money to comply within the given timeframe.

Rohan is a Policy Analyst at The Takshashila Institution. Views are personal.

This article was first published in Deccan Chronicle.

This post was originally published on MedianamaBy Rohini Lakshané and Prateek WaghreThe Supreme Court gave a judgement on January 10, 2020, directing the Central government to review the total suspension of Internet services in Jammu and Kashmir imposed since August 5, 2019, and to restore essential services. In response, the government of Jammu and Kashmir issued a whitelist comprising 153 entries on January 18 and increased the number of entries to 301 on January 24. What would the experience of an ordinary resident of Jammu and Kashmir be like under the whitelist arrangement? We conducted a preliminary analysis to empirically determine whether the 301 whitelisted websites and services would be practically usable and found that only 126 were usable to some degree.Before we delve further into the analysis, it is pertinent to understand the background and context in which an ordinary resident of Jammu and Kashmir may access the Internet. India has experienced the highest number of intentional Internet shutdowns across the world since 2012. . Kashmir has been facing the longest intentional Internet shutdown ever recorded in a democratic country. Voice and SMS functionality, without Internet connectivity, was reactivated on postpaid mobile connections in Jammu and Kashmir on October 14, 2019. People in the Kashmir valley can access the Internet only through the 844 kiosks run by the government.

Under three orders (dated January 14, 18, and 24) issued by the government of Jammu and Kashmir:

1. 2G Internet connectivity would be reinstated on postpaid mobile connections in 10 districts of Jammu Division and 2 of Kashmir Division.
2. “The internet speed shall be restricted to 2G only.”
3. 400 additional Internet kiosks are to be installed in Kashmir.
4. Social media websites, peer-to-peer (P2P) communication apps, and Virtual Private Networks (VPNs) services have been explicitly prohibited.
5. ISPs are to provide wired broadband to companies engaged in “Software (IT/ ITES) Services”.
6. For wired connections, Paragraph II of the order dated January 24 states, “For fixed-line Internet connectivity: Internet connectivity shall be [made] available only after Mac-binding.”
7. Voice and SMS functionality would be restored on prepaid mobile connections across all districts of Jammu and Kashmir.
8. For providing internet access on locally-registered pre-paid mobile connections, telecom service providers or “TSPs shall initiate a process of verification of credentials of these subscribers as per the norms applicable for postpaid connections”.
9. “The ISPs shall be responsible for ensuring that access is allowed to whitelisted sites only.”
10. The order dated January 14 states that it “may be subject to further revision” after which the department would conduct “a review of the adverse impact, if any, of this relaxation on the security situation.” According to the order released on January 24, “the law enforcement agencies have reported no adverse impact so far. However, they have expressed apprehension of misuse of terror activities and incitement of general public…”
11. “Whitelisting of sites shall be a continuous process,” which could be interpreted to mean that the government would periodically update the list.

Thus, an ordinary internet user in Jammu and Kashmir accessing the Internet under this whitelist arrangement would be doing so via 2G mobile connections or Internet kiosks placed inside government offices.

Questions raised by a selection of entries in the whitelist

1. In the orders dated January 14 and 18, the Government of Jammu and Kashmir cites the use of the Internet for the following activities as some of the reasons for implementing the total Internet blackout in Kashmir: “terrorism/terror activities”, activities of “anti-national elements”, “rumour-mongering”, “spread of propoganda/ ideologies”, “targeted messaging to propagate terrorism”, “fallacious proxy wars”, “causing disaffection and discontent” among people, and the “spread of fake news”. In light of this explanation, what were the process and criteria applied to select these specific URLs/ services/ websites to be on the whitelist?
2. What were the process and criteria, if any, to reject websites and services that are similar to those whitelisted and those that provide the same or comparable services? For example, some travel aggregator websites (MakeMyTrip, Goibibo, Cleartrip, Trivago, Yatra, etc) have been included but not others (Agoda, Expedia, Kayak, Hotels.com). Online shopping/e-commerce websites Flipkart, Amazon, Myntra, and Jabong feature in the whitelist but not Snapdeal, Ebay, and others.
3. How were the residents of Jammu and Kashmir informed about this whitelist, that these specific services/ websites had become accessible? News websites and social media websites are still blocked. The orders will appear in an issue of the gazette, which is just one source of information and not accessible by everybody.
4. In view of all the above questions, how do the authorised government officers “ensure implementation of these directions in letter and spirit”, as stated in paragraph 7 of the order dated January 14?

Role of Internet Service Providers (ISPs)

The whitelist and its accompanying orders raise some concerns about ISPs’ implementation of the whitelist.

1. In the case of the entries that contain neither URLs nor qualifying information about including subdomains or about permitting mobile applications, it should not be left to the discretion of an Internet Service Provider (ISP) to determine the appropriate URLs or the appropriate mode of access (mobile or desktop application, mobile or desktop version) of a whitelisted service or website. ISPs are intermediaries and are not authorised to take a judgement call on the orders they receive from the government. Moreover, the whitelist orders explicitly state that the onus of ensuring that sites outside the whitelist remain inaccessible is on the ISPs  (“The ISPs shall be responsible for ensuring that access is allowed to whitelisted sites only.”)
2. In the case of invalid or indeterminate URLs, how are whitelisted entries to be implemented? What are the options for an ISP to seek clarifications about these from the government?
3. ISPs have been directed to provide wired broadband to companies in Jammu and Kashmir engaged in “Software (IT/ ITES) Services”. In view of the fact that the terms IT (information technology) and ITES (information technology-enabled services) cover a broad range of commercial activities, how is this directive going to be operationalised?
4. In a recently published paper analysing how ISPs in India block websites, researchers at the Centre for Internet and Society (CIS) found that ISPs and governments were not willing to disclose the URLs that were blocked. The study also found that less than 30% of blocked URLs were common across the ISPs included in the study, and different ISPs used different techniques to implement blocklists. This is indicative of arbitrary action on the part of individual ISPs. It is also likely that Internet users have limited recourse owing to the lack of transparency in censoring websites. When combined with the need for ISPs to exercise their own discretion/ judgement in implementing these orders (as argued in 1), there is plenty of potential for inconsistent enforcement by ISPs.
5. It is unclear how ISPs will actually implement this whitelist. If the filtering is done at the DNS layer, then the number of practically unusable websites will likely be higher than what we encountered, since the DNS resolution process itself is likely to be broken for any website that returns anything other than an A record/ IP Address.

Findings and Analysis

1. Entries with no URL

1. Media service providers/streaming services: There are 7 streaming services on the list: Amazon Prime, Netflix, Sony Liv, Zee 5, Hotstar, Voot, and Airtel TV. They support viewing on desktop browsers and mobile apps. This may be a reason why the whitelist only states their names and not the corresponding URLs. Assuming that these services are enabled for use on both desktop and mobile applications, they will still be practically unusable because:

1. Only 2G speeds are currently permitted in Jammu and Kashmir. 2G speeds are too slow for streaming audio-video and multimedia content.
2. Streamed content is delivered over CDN (content delivery network) URLs, none of which are present on the current whitelist.

2. JioChat: JioChat is an iOS and Android instant messaging app that supports voice and video calling. It is the only service on this whitelist that supports these functionalities. It is unlikely that this app would be practically usable for video/voice calls because 2G speeds are too slow for it.

2. Government-owned eTLDs

The whitelist includes three entries for government-owned eTLDs (effective top-level domains, also known as “public suffixes”): “Gov.in”, “Nic.in”, and “Ac.in”. The entries do not contain URLs or qualifying information about including subdomains. It should be explicitly stated if ISPs are expected to allow gov.in, nic.in, ac.in, and all their subdomains. For example, gov.in houses four levels of subdomains. Currently, it is unclear how ISPs will interpret and implement this since the entries in the whitelist do not contain adequate information. The directory of Indian government websites is available at http://goidirectory.nic.in.

3. Banking and Finance Services

Log-in pages are on domains or subdomains different from those listed in the whitelist, which is why these services are not practically useful regardless of whether the actual whitelisted URL is accessible/usable. For example,

1. The website of ICICI Bank https://www.icicibank.com is whitelisted. However, the URL to log-in to personal banking at ICICI is on a subdomain of the website, https://infinity.icicibank.com, which is not whitelisted. So, individuals with an account at ICICI Bank, will not be able to access their accounts online.
2. While https://www.hdfc.com has been whitelisted, HDFC Bank’s personal banking services are on a different domain, https://www.hdfcbank.com, which will also remain inaccessible.

VPNs and proxy services are prohibited, so an ordinary user would be unable to circumvent restrictions imposed by the whitelist.Of the 15 websites categorised under “Banking” in the whitelist, only 2 (www.jkbankonline.comand www.westernunion.com) had accessible log-in pages/sections and all 15 had at least one identifiable issue when they were accessed with the whitelist restrictions in place.

4. CDN, Sub-Domains, and Third-Party Content

The State of the Web maintained by http Archive indicates that the median number of requests on a webpage for mobile devices is approximately 70. These requests are spread across subdomains of the website, domains owned by content delivery networks (CDNs) such as akamaized.net, cloudfront.net, cloudflare.net, etc., and third-party domains such as Google Analytics, tag managers, real user monitoring tools, advertisers, and so on. The whitelist approach interferes with these requests and more often than not, results in an adverse impact on the functioning of the website itself. In our analysis, we observed that this affected websites to varying degrees:

1. Minimal visible impact
2. Some images don’t load
3. All images don’t load
4. Critical functions become unresponsive, such as search in the case of some OTAs (online travel agents)
5. The entire layout scheme breaks

Example 1: Consider www.amazon.in. The request map shows that a significant number of requests are made to domains other than www.amazon.in. Since these requests will be blocked, the website will barely function for the user accessing behind the whitelist. This is evident from the screenshot of the landing page.

Request map for www.amazon.in

Screenshot of www.amazon.in

 Example 2: In the case of the website of the Indian Railways, www.irctc.co.in, once again, the request map indicates a large number of requests to other domains. This results in breaking the layout of the page (as is evident in the screenshot), as well as the operation of the website.

Request map for www.irctc.co.in

Screenshot of www.irctc.co.in

Example 3: The website of the Public Works Department of the Government of Jammu and Kashmir, www.jkpwdrb.nic.in, sends no requests to other domains as indicated by the request map and thus the whitelist restrictions have no visible impact. It should be noted that this kind of website setup is uncommon.

Request map for www.jkpwdrb.nic.in

Screenshot of www.jkpwdrb.nic.in

5. Search Engines

The updated list in the January 24 order contains 10 hostnames classified as search engines and www.bing.com classified under utilities.

1. The whitelist did not include Indian subdomains (google.co.in, in.search.yahoo.com) which means that users may not be able to access them, whether they type it manually or get redirected to the Indian domain of the search engine based on language or browser settings.
2. The list included Canadian and UK subdomains for Google. It also included the Canadian and French-Canadian versions of Yahoo Search. There was also no justification provided for the exclusion of Indian locales while including non-Indian locales.
3. We also found that while conducting a search was possible, a user could only successfully navigate to results from websites that were on the whitelist (subject to how they worked as determined by our testing). For websites not on the whitelist, the information contained in the snippets was readable on the search results page, but not beyond it.

So we have categorised search engines as ‘partially usable’.

6. News/Technology Updates

The updated list in the January 24 order also contains 74 websites categorised as “ews”  (60) and “Technology Updates” (14).

1. There was a mix of regional, national and international websites.
2. Audio/podcast and video content for all of these sites were either delivered from subdomains/CDN domains or YouTube and hence did not work.
3. International publications such as The Washington Post, Wall Street Journal, and The New York Times allow limited views before enforcing a paywall. However, their sign-in pages were not accessible. In such cases, even if the websites were minimally visually affected, they were categorised as ‘practically not usable’.
4. For the remaining, we observed that the impact to page layout varied in degrees:
   1. All pages and UI elements were broken.
   2. Only the Home page was broken.
   3. Only subsection pages were affected.
   4. Only article pages were not affected.

The categorisation between usable, partially usable, and not usable was done on the basis of how easy or difficult it was to consume content and navigate within each website.

Screenshot indicating broken page layout

7. Additional Observations

1. Mail: The whitelist included 4 webmail services. However, none were usable since the sign-in pages required navigating to domains that were not on the whitelist. They have been categorised as ‘practically not usable’.
2. Entertainment: The updated list from the January 24 order also included 7 entertainment sites along with URLs which made testing them possible (this in contrast to the 6 listed in the January 18 order that did not include URLs and only named the services). Only one (https://wynk.in) of these was able to stream content successfully. It was categorised as ‘practically usable’ even though it may be difficult to stream content on a 2G network. 6 out of 7 have been categorised as ‘practically not usable’. It should be noted that such content is typically consumed on apps that were not tested as a part of this exercise. Apps generally use different hostnames to request resources.
3. Official websites of apps: The whitelist includes Gingerlabs.com, the official website for the note-taking mobile app Notability. Another entry, Kinemaster.com is the official website of the eponymous video-editing app for Android and iOS. The website enables users to get user support and interact with the community of users. For the purpose of this analysis, the websites were tested and categorised as per their usability. It should be noted that new downloads would not be possible since the Apple App Store and Google Play Store are not included in the whitelist. It is also unclear if users who already have these apps installed will be able to use them since the apps may not use the same domain(s) to make requests.
4. URLs that contain paths: Two URLs on the whitelist contain specific paths (www.marutisuzuki.com/MarutiSuzuki/Car and https://www.heromotocorp.com/en-in/). It is unclear how ISPs could whitelist these two entries without whitelisting the domains Marutisuzuki.com and Heromotocorp.com.

Summary of Findings

Number of entries in the whitelist	301
Number of duplicate entries	13
Number of invalid URLs	4
Number of entries with no specified URL and no qualifying information about the website/service	8
Number of inconclusive/indeterminate entries	6
Number of URLs after validation and de-duplication	270
Number of websites that are practically usable	58	Most of these websites are largely comprised of textual information.
Number of websites that are practically partially usable	68	Some important features are adversely affected.
Total number of websites usable to some degree	126
Number of URLs in the list (no protocol or http) that default to https	94 out of 270	These may not work in actual use cases because of the redirect to https.

 

Usability by ‘Field’	Practically Usable?
Field (as specified in the whitelist)	Could Not Test	No	Partially	Yes
Automobiles	1	1	1	1
Banking		8	7
Education		25	14	7
Employment		1	1	1
Entertainment	7	8	1	2
Mail	1	3
News	6	18	17	19
NGOs			1	4
Search Engines	1	4	5
Services	4	5	1	3
Technology Updates		8	4	2
Travel	3	13	1	3
Utilities	8	49	15	15
Weather				1
Web Service		1	1
Total	31	144	68	58

*The detailed results from testing all entries in the first version of the whitelist as recorded on January 22 and 23, IST is available here. We updated the set of results on 26 January to reflect the next version of the whitelist, available here. This version carries over all entries of the previous one unchanged.

Method

Testing URLs on an Unrestricted Internet Connection

To test if all entries in the list were functioning, we first accessed them using an India IP address on an unrestricted 4G connection. The ones that were not functional were categorised as:

1. Invalid URL: 4 URLs are invalid. One (www.hajcommitee.gov.in) contains a typographical error. 3 others are badly formed (https://www.google.com > Gmail; https://oppo-in; www.google.com > chrome [sic]).
2. Duplicate URL: 13 URLs were found to be duplicates of other entries. 3 URLs are present on the list along with their respective redirected versions. For instance, www.trivago.com redirects to https://www.trivago.in, both of which are present on the whitelist. We excluded the former from our analysis and considered the redirected version. The other two instances are Airtel.in and Cleartrip.com.
3. Entries with no URL specified: We have excluded 8 entries that are names of services and not URLs. 7 of these are media services providers such as Netflix and Amazon Prime.
4. Inconclusive entry/indeterminate URL: 6 URLs returned an error message and were excluded. 3 of those — Gov.in, Nic.in and Ac.in ⸺ did not include a protocol (http:// or https:// or the www. prefix). The DNS registration for Gov.in and Nic.in had also expired as indicated by WHOIS at the time of writing this analysis.

The results have been logged and categorised according to this schema in the detailed analysis (available here):

Is the URL accessible?	This column logs the results of a preliminary check for URLs that lead to error messages, such as broken links and websites/ webpages that are misconfigured. The results are categorised as:Yes: The URL is accessible invalid URL; Duplicate URL; No URL specified; Inconclusive entry/ Indeterminate URL: The URL or whitelist entry is not accessible for reasons described above.
Does the URL redirect to another?	The column indicates whether a URL redirects to another URL by default. Categorised as: Yes/ No
Redirects to	This column specifies the redirect target URL if it exists. Categorised as:No redirect https: The initial URL on the whitelist either contains http or no protocol is specified. It redirects by default to its https version, with the rest of the URL being identical.For example, www.moneycontrol.com on the whitelist redirects by default to https://www.moneycontrol.com.<URL>: The initial URL on the whitelist redirects by default to a URL with a different path or prefix. In such cases, the redirect target URL is specified here.For example, https://www.icicidirect.com redirects to https://www.icicidirect.com/idirectcontent/Home/Home.aspx
Remark/Observation	Observations based on the testing so far.

Whitelist Testing

The 270 URLs that remained were put through whitelist testing via a Chrome browser extension called Whitelist Manager, via a 10 Mbps connection. This extension can be configured to restrict users from accessing any URLs except whitelisted ones.The results have been logged and categorised according to this schema (available here):

Page Layout	This column logs how the page appears visually to the viewer. Classified as either Intact or Broken. Intact: The website was visually identical with and without the whitelist restriction in place. Broken: Its appearance was significantly altered when accessed with the whitelist restrictions. Inaccessible due to redirects: The website automatically redirected to another domain that was not on the whitelist. No further analysis was possible in such cases.
Images loading?	Categorised as Yes/ No/ Partial. Yes: All Images appeared on the website even with the whitelist restrictions. No: No images appeared on the website with the whitelist restrictions. Partial: Some images on the website loaded with the restrictions.
Has sign-in?	This column logs whether the website provides its users with an option to sign-in for its services or for personalised content. Categorised as Yes/No.
Sign-in section visible?	This records if the sign-in page accessible or the sign-in section on the website is functional with the whitelist restrictions in place. Yes: Sign-in page was under the whitelisted domain OR sign-in section of the website was responsive even if the page layout was broken No: Sign-in required accessing a non-whitelisted domain OR sign-in section of the website was non-responsive. Partial: The website also provided 3rd Party authentication options via Facebook/Google etc. which were not accessible. Note: The actual sign-in process was not tested for every website. There is potential for additional website failures if this relies on calls to non-whitelisted domains.
Other functions affected?	A subjective assessment of whether other parts of the website were impacted by the whitelisting restrictions. If any were found, these were listed in the ‘Specify’ column. This assessment should be considered indicative and not exhaustive.
Practically usable?	A subjective assessment of whether the website could still be used or not. Yes: Main features were not affected OR the website offered limited functionality, to begin with that wasn’t impacted. No: Website is unusable as some key features are not functional OR visual elements were missing/ broken to such an extent that it could not be used in any meaningful way. Partial: Some features (mainly textual information) were still functional.

Limitations of Our Method

1. We tested the whitelisted entries for usability via a whitelist management extension for the Chrome browser. Results may differ if another whitelist management software were used on a different browser. However, the difference will not be large and significant enough to change our final assessment of whether the website was usable or not.
2. We conducted the tests on a 10 Mbps connection. We did not use the bandwidth throttling feature on Chrome since the primary intent was to determine whether the sites were accessible or not. In the actual use case, people will visit the whitelisted entries via 2G connections with which the websites that we were able to access may not be reachable in a reasonable amount of time.
3. We did not sign-in to any of the websites, try to write and send an email, carry out a financial transaction or upload a document such as a tax filing. Doing these activities may significantly alter the final assessment regarding their usability.
4. 94 URLs (http or no protocol specified) redirect by default on an unrestricted connection to their https version. We have thus tested the https versions only. This was done due to a limitation of the Chrome browser extension we used for the testing. (Refer to Column E entitled “Does the URL redirect to another?” in the spreadsheet containing detailed analysis.) However, these 94 URLs may not function in the actual use case in Kashmir depending on the ISPs’ implementation of the whitelist.
5. We focused on visual elements and usability only. We ignored the impact on analytics, monitoring tools as long as it did not impact the ability of an end-user to navigate the website. This is, however, bound to be a matter of concern for website operators.

*Rohini Lakshané is a researcher and technologist. She is Director (Emerging Research), The Bachchao Project.Prateek Waghre is a Research Analyst at The Takshashila Institution, a centre of education and research in public policy.

The outbreak of the novel coronavirus infection emanating from the wildlife and seafood markets in China’s Wuhan city reminds me of the severe acute respiratory syndrome, or SARS, epidemic that hit the world 17 years ago. I lived in Singapore at that time, and it was a traumatic experience.

The SARS virus, like the Wuhan coronavirus, originated in China and spread around the world through air travel. The Singapore economy depends on tourism, trade, and business travel, so closing the borders was not an option. When it emerged that the SARS virus transmits through humans, it looked like Singapore would be severely affected. The city-state is densely populated, most people take crowded buses and trains to work, and a lot of places — offices, shopping malls, schools, public buildings — are centrally air-conditioned. We went through weeks and months of anxiety and paranoia.

Read more

Amid CEO Jeff Bezos’s visit to India, Amazon’s India website displayed a full-page letter highlighting how Amazon was committed to its small and medium scale business partners. Bezos also announced that Amazon will invest an “incremental US $ 1 billion to digitise micro and small businesses in cities, towns, and villages across India, helping them reach more customers than ever before”. However, as Bezos tried to bring on his ‘charm offensive’ to India, stating how he was inspired by the “boundless energy and grit” of the Indian people, not everyone seemed amused. On the one hand, we had the Union Commerce Minister stating that “Amazon is not doing India a favour by investing..it is probably because it wants to cover its losses incurred to deep discounting”, on the other hand, we had small and medium retailers protesting against the visit holding posters of ‘Go Back Amazon’. The retailers claimed that Amazon was doing more damage to their business than good.What is the truth?A typical brick and mortar retailer’s capability to sell is constrained by its access to consumers which in turn is confined by geography. The retailer’s market is restricted to people living in the vicinity of the shop. On the other hand, Amazon offers retailers access to millions of consumers across India. This expansion of the market is not only beneficial to the retailers but also to the final consumers who now have a plethora of products to choose from.   However, Amazon, apart from being a marketplace connecting sellers and buyers, is also a player on its own platforms. It sells various products from soaps, shirts, and underwear to tech accessories, and kitchen supplies of its own private label brands such as Solimo, Amazon Essentials, Symbol, Amazon Basics, among others. This violates the neutrality of the platform.Think of the last time you went to the second page of Amazon listings to buy a product. Can’t remember, right? Most of us tend to buy products, especially the standard, and low-value ones from the first five or six listings shown. Amazon has an incentive to and has been accused of favouring its own products above the ones sold by sellers. The reduction in traffic and sales observed by the sellers forces them to buy listing advertisements on Amazon. The protests were a manifestation of the low-bargaining power that individual sellers have against the world’s biggest e-commerce company.Now consider the information that Amazon has in terms of what products are sold where, at what price points, which are the major players in different segments, and so on. Studies show that Amazon uses its marketplace as a tinkering lab and leverages the information asymmetry to launch the most successful products on the platform, under its own label. Once, Amazon’s private-label launches the product, it undercuts the retailers on price and favourably places the products on the website effectively killing competition.  The current standard of ‘consumer welfare’ pegged on short-term price effects is inadequate for managing the above results. The de-facto ‘consumer welfare’ standard popularised by Robert Bork through his book, ‘The Antitrust Paradox’ argues that the goal of antitrust laws should be maximising consumer welfare and protecting the competition, not the competitors. Since, there is no clear evidence of Amazon raising prices in the short-term after launching a product, proving consumer harm is difficult. Therefore only considering the consumer welfare standard would be insufficient. As Lina M Khan points out that the structure of companies such as Amazon “create anti-competitive conflicts of interests” and provides opportunities to “cross-leverage market advantages across distinct lines of business.” Also, with Big-Tech companies such as Amazon, backed by ever-flowing streams of venture-capital money, many ill-effects might be seen in the longer term. We should also be cognisant of the fact that sellers are also customers for Amazon. Therefore, consumer welfare should also apply to sellers.As the Competition Commission of India conducts its investigations, it should examine all the new challenges posed by the likes of Amazon and be cautious in its approach and propose a path where the penalties laid down for Amazon are not a slap on the wrist. Instead, the way forward is where healthy competition can be sustained as well as the bargaining power of the sellers on the platforms is increased. This article was originally published in the Deccan Herald.

Research institutions around the world on average have 28.4 percent women employees. Indian research institutions have been unable to make even this poor benchmark. Women make up only 14 percent of 2.8 lakh scientists, engineers, and technologists in research and development institutions in India. In the past few decades, while the number of women enrolled in science higher education has steadily increased, the number of women entering the science workplace has not shown a commensurate rise. This suggests that women are either not willing to continue in science jobs or are not being provided suitable opportunities to do so.

Pros of gender-balanced in scientific campuses

There is a school of thought that women bring a distinctly different perspective to science than men. Studies have shown that diverse groups have more collective intelligence than groups made up of men only. The implication is that gender-balanced teams are likely to be more productive and “smarter” as compared to all-male teams. It, therefore, makes sense that we would like more laboratories to try and achieve an equal male: female ratio. (Read more)

India’s position on the Huawei question should be closer to that of the US and Japan (a ban from 5G critical infrastructure) rather than that of Kenya or the Netherlands (a conditional yes to Huawei). That’s because China is, after all, India’s adversary and its biggest strategic challenge. Given this situation, handing over critical communications infrastructure to companies closely connected with the Chinese party-state does not make any strategic sense.Even if Huawei is serious about commitment to mitigate security concerns, bestowing an adversary with geopolitical leverage is a poor strategy. Just like India is unlikely to give control of its major ports infrastructure to any Chinese company, our critical communications infrastructure also needs to be guarded.From the economic angle, it’s probably true that banning Huawei and ZTE will result in some economic costs to India and Indians. To reduce this impact, India can consider a two-fold strategy. When it comes to critical network infrastructure, Chinese companies could be banned. On the other hand, India could welcome Huawei/ZTE 5G mobile phones with open arms because cheap 5G phones will benefit crores of Indians.What needs to be internalised is that the question of 5G network infrastructure is too important an issue to be left to a DoT decision alone. It requires a holistic assessment of security, economic, and strategic concerns and must be taken by the cabinet committee on security. In our view, strategic concerns far outweigh the economic benefits and security fears.Read the full article on The Telegraph here.(Image source: Christoph Scholz on Flickr)

Even if we ignore the fact that the Indian economy is in a severe slowdown, we should not forget even for a moment that India’s per capita GDP is around $2000, it needs to create around 2 crore jobs every year, and needs every little point of economic growth that it can get.So, in terms of the level of income, India is in the same league as Congo, East Timor, Nicaragua, and Nigeria. Two of India’s subcontinental neighbours, the Maldives and Sri Lanka, are far ahead of us. At around $10,000, the average income in China is 400 per cent higher than India’s. Given our tax/GDP ratios, the Indian government’s combined expenditure on everything — including health, education, defence, rural development, and social welfare — is a paltry $300 per year.Read more

Let’s first parse what Ambedkar had warned against in his final speech to the Constituent Assembly in November 1949: “We must…hold fast to constitutional methods of achieving our social and economic objectives. It means we must abandon the bloody methods of revolution. It means that we must abandon the method of civil disobedience, non-cooperation, and satyagraha. When there was no way left for constitutional methods for achieving economic and social objectives, there was a great deal of justification for unconstitutional methods. But where constitutional methods are open, there can be no justification for these unconstitutional methods. These methods are nothing but the Grammar of Anarchy and the sooner they are abandoned, the better for us.” (Emphasis mine.)The key sentence in this important paragraph is the one where he points out that when there is no way left for constitutional methods, public protests are justified. After the Supreme Court repeatedly failed to uphold basic fundamental rights and balance the Narendra Modi government’s overreach, there is a question mark on whether there is any way left for constitutional methods. The religion-based criteria in the CAA is unconstitutional. When citizens wanted to protest against the bill, many state governments imposed prohibitory orders under Section 144 of the IPC and arrested protesters. Internet access was shut down in many places across the country. In some places, police action was blatantly unconstitutional.Read more

The accepted conventional wisdom is that economic reforms in India happen only in a crisis or by stealth. The big example of the former is the 1991 reforms, when the country faced a huge foreign exchange crisis, resulting partly from the fiscal profligacy of the previous decade. Another example is from 1999 when the telecom sector was in near bankruptcy, and that crisis led to the shift away from fixed fee for spectrum to revenue sharing. In both cases, there was considerable opposition to those reforms, but they were pushed through because the crisis left no other choice. Otherwise, more often than not, it has been economic reform by stealth. These are introduced without fanfare, often in the form of an executive decision rather than legislation. For instance, the expansion of the list of items under the Open General Licence for imports, which is a reform of protectionism, or the reduction in the set of industries reserved for small-scale businesses. A more recent example of a contentious reform was the insertion of an electoral bond scheme in the Finance Bill of 2018. There was hardly any debate. Reform by stealth offers the advantage of going in either direction. In 2013, faced with a potential currency crisis, the Reserve Bank of India (RBI) quietly retracted the limits on the liberalized remittance scheme (LRS), a reversal of an earlier step towards capital account convertibility, the journey towards which was also characterised by stealth. We might as well accept that India will never have reforms backed by conviction or ideology. Mostly, the moves are reluctantly made and the resistance is from industry or trade unions, not politicians.Read More