TechLaw Symposium at NALSAR University of Law, Hyderabad – Press Note

[Ed Note : The following press note has been authored by Shweta Rao and Arvind Pennathur from NALSAR University of Law. Do watch  this space for more details on the symposium!}

On the 9th of September NALSAR University of Law’s Tech Law Forum conducted its first ever symposium with packed panels discussing a variety of issues under the broad theme of the Right to Privacy. This symposium took place against the backdrop of the recent draft Data Protection Bill and Report released by the Srikrishna Committee.

read more

Mr. Shailesh Gandhi on Privacy

[Ed Note : The following is a guest post by Mr. Shailesh Gandhi, Former Central Information Commissioner under the framework of the RTI Act 2005, who has graciously agreed to express his views through this platform]

First Define ‘Privacy’

The problem with the nine-judge ruling is that after proclaiming privacy as a fundamental right, it has not defined what is privacy. It is now left to all adjudicators to give multiple interpretations in order to understand the term, writes Shailesh Gandhi.

read more

The Week That Was: 25/08/2017

In this second edition of The Week That Was, we find…

  • The 9 Judge Bench of the Supreme Court of India unanimously held that Privacy is a Fundamental Right under Part III of the Constitution of India and gave hope to the LGBT+ community, and may have implications for SEBI’s move to link with Aadhaar, the Beef Ban, among other things In their recent Valut 7 Publication, WikiLeaks published secret documents from the ExpressLane project of the CIA. The Office of Technical Services, a branch within the CIA, has a biometric collection system that is provided to liaison services around the world — with the expectation for sharing of the biometric takes collected on the systems. The core components of the OTS system are based on products from Cross Match, a US company specializing in biometric software for law enforcement and the Intelligence Community. CrossMatch had received certification from STQC India for India’s UID Program (Aadhaar)
    • See more on: BusinessWire, GreatGameIndia News, FactorDaily, WikiLeaks. CrossMatch Aadhaar Kits are one Google Search Away The Director General of Civil Aviation (DGCA) plans to introduce a remote pilot licence for operating drones and is expected to release draft norms for regulating the use of automated aerial vehicles (AAVs). Ahead of Gurmeet Ram Rahim’s rape case verdict where he was subsequently held guilty Mobile Internet Services remained suspended in Haryana, Punjab and Chandigarh for around 72 hours. Following the verdict, it has been reported that (at the time of writing this post) at least 30 people have been killed and more than 250 injured. The Punjab and Haryana High Court reportedly stated that losses incurred due to violence should be recovered from selling the properties of Ram Rahim Singh. Section 144 CrPC has been imposed in 11 districts of Delhi including New Delhi. Meanwhile, Internet Services continue to be blocked in Darjeeling, West Bengal for more than two months. Services had been blocked in the town following deaths of party supporters in violent clashes between the Gorkha Janmukti Morcha and security forces . Cardiotrack, a startup which claims to use Artificial Intelligence (AI) for predicting and diagnosing cardiac diseases, disorders and ailments has tied up with Columbia Asia Hospitals in Bangalore to predict heart condition. The National Payments Corporation of India (NPCI) instructed its member banks to ensure that their applications be equipped to read both UPI QR as well as BharatQR by 15th September 2017. The Electronic Frontier Foundation released a 10+ Year brief history on Activists being silenced on the Internet and Internet Intermediaries’ Long History of Censorship.
      • See more on: EFF.
      Berlin’s Südkreuz station has been investigating how well surveillance cameras and computers can automatically recognize the faces of passersby. It is claimed that this could track terror suspects and help prevent future attacks. Germany seeks to draw up legal guidelines for the operation of driverless cars. The guidelines observe that the software that controls such cars must be programmed to avoid injury or death of people at all cost, that in cases of an unavoidable accident, the software must choose whichever action will hurt people the least, even if that means destroying property or hitting animals in the road. A Russian regulation which requires Russian operators of communication networks (mobile operators and internet providers) to record and store records of communications between all users for at least six months, and provide such data to the authorities at their request, could be in EU’s General Data Protection Regulation 2016/679. Internet overuse could lead to individuals becoming vulnerable to many neuropsychiatric dysfunctions such as irritation, anxiety, obsessive compulsion according to a report by research by Etiologically Elusive Disorders Research Network (EEDRN) which is an umbrella body of medical/research institutes of India including All India Institute of Medical Sciences, New Delhi, National Brain Research Centre, Haryana, and Ambedkar Centre for Biomedical Research, Delhi. FBI arrested a Chinese national who is facing charges related to the malware used in the 2015 data theft from the Office of Personnel Management computer systems — a breach that exposed the personal information of millions of people — according to US officials briefed on the investigation The Department of Justice used a Search Warrant to get data on all information available to DreamHost (a webshost) on all information available to it on an Anti-Trump Site, a website that organized participants of political protests against the current United States administration. The new warrant parameters exclude most visitor logs from the demand, set a temporal limit for records from July 1, 2016 to January 20, 2017, and also withdraw the demand for unpublished content, like draft blog posts and photos. The D.C. Superior Court stated that the government must disclose to the court who will search the material and what process they will use, That information seized by prosecutors not be shared with other federal agencies, and that data not related to the investigation be put under seal with the court and not accessible to the government without additional permission. Free Speech activists however believe some concerns remain See more on: Politico, SCMedia,Popehat, DreamHost,


      read more

The Supreme Court of India unanimously holds in a 9-0 verdict that Privacy is a Fundamental Right

The Supreme Court of India in a welcome decision today held that Privacy is a Fundamental Right under Article 21 in Part III of the Constitution in a unanimous 9-0 decision.

Detailed comments will come soon.

You can find the judgment here, or alternatively here.

read more

The Week That Was: 11/08/2017

In this first edition of The Week That Was, we find…

  • Marcus Hutchins, the white-hat hacker known for stopping the WannaCry worm was charged with creating the Kronos banking trojan, a widespread piece of malware used to steal banking credentials for fraud and is accused of selling it to cybercrime market sites. He has denied any wrongdoing and pleaded not guilty.
    • See more on: ArsTechnicaWired, IndianExpress, Engadget, Telegraph, TechBeacon
      • Find the full indictment here
      The Californian Court of Appeal in a majority rule in Cross vs. Facebook held the plaintiff could not claim a violation of his right of publicity; the plaintiff could neither demonstrate that the advertisements used his name or likeness, nor could he demonstrate that any of the advertisements were created by, or advertised, Facebook – that the advertisements only appeared in content posted to Facebook by third parties. Facebook was held not liable.
      • See more on: EFF, Eric Goldman’s Technology and Marketing Law Blog.
        • Find the case here.
        The DC Circuit recognised that in a situation where “an unauthorized party has already accessed personally identifying data”, substantial risk of harm could be said to exist, that this risk of future injury, of identity theft, was sufficient to give the plaintiffs standing under Article III.
        • See more on: JDSupra
          • Find the case here [Attias v. CareFirst, Inc., No. 16-7108 (D.C. Cir. 2017)]
            • See also similar decisions by Contrarily see opposing decisions by Senators in the United States seek to pass a bill to regulate the Internet of Things requiring vendors to provide “the internet-connected equipment to the U.S. government to ensure their products are patchable and conform to industry security standards.” The function-creep that is Aadhaar could soon be linked to Voter IDs. A notification recently mandated Aadhaar numbers for obtaining Death Certificates.
              • Re: Voter ID, See more on MediaNama
              • Re: Death Certificate, See more on LiveMint.
              • Further, more than 20,000 Aadhaar numbers were [inadvertently or otherwise] published on a Punjab Govt. website India blocked access to Internet Archive’s Wayback machine. This was due to Court Orders obtained by Bollywood Studios
                • See more on: MediaNama,  EconomicTimes. Further, as per the Minister of State for Electronics and IT, in 2017, till June, as many as 735 social media URLs and 596 websites had been blocked. Biologists at USENIX Security claim that encoding malicious software into physical strands of DNA is possible; such that when it is analysed by a gene sequencer, the resulting data would become a program that would corrupt the gene-sequencing software and take control of the underlying computer. The UK Govt announced a Data Protection Bill which introduces a “right to innocence” which would allow individuals to instruct social networks to delete anything they posted before the age of 18 ‘Self-driving cars’ might be common in the future, but we can already see some of the issues that could arise. Security researchers at University of Washington have found ways which could cause the computer vision systems to misidentify the road signs. See more on: 


                  read more