Naavi.org

In a high court proceeding in Delhi High Court challenging the Intermediary Guidelines WhatsApp has threatened that if the Government of India goes ahead with implementation of its Intermediary Guidelines, it may be forced to quit India.

WhatsApp is perhaps emboldened by the fact that Indian Judiciary including the Supreme Court have been naive enough in recent times to judicially accept WhatsApp messages for sending Court notices etc developing a dependency which would create some operational problems if WhatsApp quits.

The reason behind this is that the Government of India has for security reasons stated that if required and a proper notice is served, WhatsAPP should be able to provide the origin of messages in WhatsApp. This does not need decryption of the message but only the header information.

It is possible that in certain cases decryption of messages may be required for national security reasons. In such cases, whether it is WhatsAPP/Meta or Apple, there should not be an embargo that no such demand would be made.

At best, it can be made subject to a quasi judicial committee consisting of a special judge of Supreme Court along with the designated representatives of Meity and MOH for quick decision making in times of crisis.

According to this report in Hindustan Times Mr Tejas Karla, the counsel of WhatsAPP has told the High Court that without the concurrence of Whats App, Government of India has no right to introduce such rules.

The contention of WhatsApp which is a commercial entity owned by a US Citizen is in principle unacceptable. It is a rebellion against the sovereignty of India. It has no such fundamental rights and it has no right to represent the Indian citizens for their fundamental rights only to protect the commercial interests of the company.

WhatsApp has also threatened that

“Requiring messaging apps to ‘trace’ chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people’s right to privacy,… and such an action could a message could disturb the peace and harmony in the country and could pose public order issues.”

The Company has therefore admitted that a message when decrypted could pose public order issues meaning that it was inherently a message that was meant to destabilize public order within a community. It’s argument is that this conspiracy should be allowed to continue and not be exposed.

The Court should not only reject this argument but also castigate the company to have taken such a stand against the sovereign rights of the company.

In the meantime, Naavi.org has been suggesting companies to switch over to indigenous applications which may provide similar services in a “Cyber Law Compliant Manner”. There could be more than one such solution to be available and we have come across one such application called “Ledger Chat” which provides the functionalities of WhatsApp within the Indian legal jurisdiction. Presently it is being used for Corporate requirements and can be used by Supreme Court or the High Court.

Considering the volume of information to be handled in public domain, the app can be used by other intermediaries including network giants like Tata Telecom to develop a WhatsApp equivalent services without riding on the foreign powers like WhatsApp.

I hereby request Ledger Chat to

a) Implead in the suit in Delhi High Court and present its product as a solution to replace WhatsApp.

b) Provide the solution to Delhi High Court and Supreme Court for their use if necessary in association with a reputed company like Tat Telecom.

I request the advocates representing the Government not to yield to the WhatsApp arguments as they tend to do in the past. We are aware of the enormous financial muscle of WhatsApp to sway opinions but we hope there are still enough nationalists left in the Judicial system in India who will uphold that the country cannot be held to ransom by these companies.

I am aware that a bigger threat awaits if similar stand is taken by Google and Microsoft and we as a Country has to be ready to meet such challenges.

Hopefully if Modi is around, we can atleast demand this from the Government whether it is done or not. For advocates who represent such parties without remembering that their duty is to “Justice”, I would like to say that your first duty is to protect the nation and representing a client is only secondary.  For those advocates who still have a ethical mindset, kindly contact LegerChat company and offer to represent them in the Delhi High Court. Any IT solutions integrator who is interested in taking this solution to the Delhi High Court and Supreme Court should also contact them and offer help. In case there are any other similar solution providers they are welcome to contact Naavi.org so that their solutions can also be highlighted.  

More info on Ledgerchat is available here: https://ledgerfi.io/

Naavi

This video introduces a beautiful interpretation of economics and compares the Capitalism, Communalism and the unique concept which Dr Ankit Shah the speaker speaks about Sanatan Economics. 

The video has emerged consequence  of the Rahul Gandhi Concept of “Re-distribution  of wealth”. But what has emerged is a new knowledge which has application in many other fields.

The Concept revolves around “Dharma” and “Karma”…which is “Obligation” and “Duties”. The speaker also discusses how the “Temples” acted as an “Intermediary” to ensure that the society follows Dharma through the institution of Temples and how “Food Security” was ensured through the system of “Prasadam”.

I wish readers do not look at this as a political idea but appreciate the new concept.

Comments are welcome.

Naavi

The article published yesterday about “Digital Marketing” and its future in the society increasingly becoming sensitive to Privacy issues has evoked a few responses from other professionals.

One such response worth noting is the linked in article “Neuro Data, Capitalism & Privacy Regulation” by Deepti Bhatia. (Incidentally Deepti is the President of Delhi Chapter of FDPPI).

In this article, Deepti raises many issues requiring further debate. We shall take one issue issue raised in this article for discussion today and that is the “Apple Patent on a Bio sensor embedded air pods”.

We have discussed “Neuro Rights” extensively in this website in the past and highlighted how Brain Computer interfaces, Humanoid Robots and CyBorgs with AI could transform the society in directions that may not be desirable. In such discussions, we have factored the raise of technology in neuro science which can read brain waves either through electrodes fixed on a skull cap or a chip embedded surgically inside the human skull.

In using such devices there was a “Technology Barrier” that would restrict the wide use of such technologies.

However Technology has now progressed alarmingly with Apple applying their skills to develop a wearable which can perhaps read brain waves and claiming a patent.

The US patent number US20230225659 titled “Biosignal sensing device using dynamic selection of electrodes” is a dangerous patent that makes the common discussions on “Deceptive Privacy Invasion techniques through Dark Pattern” look absolutely childish.

This device is being designed as “Airpods” looking just like normal airpods and hiding all the electrodes that make the earlier devices clumsy.

Further the Apple device can be used for deceptive marketing since it can capture signals such as brain waves, muscle movements etc. It can be much more than the wearables like the Watch and interact directly with the brain activity to read the “Neuro-data” generated by the humans.

The background of the invention states:

Brain activity can be monitored using electrodes placed on the scalp of a user. The electrodes may in some cases be placed inside or around the outer ear of the user. Measuring of the brain activity using electrodes placed in or around the outer ear may be preferred due to benefits such as reduced device mobility and decreased visibility of the electrodes when compared to other devices that require electrodes to be placed on visible areas around the scalp of the user…”

In this context the invention is designed as a wearable where the electrodes are invisible. Hence this is eminently suited for deceptive marketing and taking over of human brain activity through remote influence exercised on the human brain.

Imagine that a person wearing this airpod is taking a buying decision. The airpod server knows the buying intention and can broadcast it to vendors who can instantly bid for neuro messages to be sent to influence the purchase in favour of one supplier over the other. This would be like the dynamic advertisement that would be displayed when you search for a product on google.

The society should recognize the potential for misuse of this technology and take steps that such technologies are killed in the bud.

I urge Indian law makers and particularly Mr Rajeev Chandrashekar (expected to be back as IT Minister) to ensure that this AI device should be banned for sale in India or made subject to very strict licensing.

The IPR authorities should also re-consider if they should provide IPR protection to such devices.

In most of the new Privacy laws, IPR is always respected and granted an exemption. But the time has come to put reigns on IPR through other laws. Forget the international treaties on IPR, it is time to reign in IPR laws in preference to laws that are meant to protect the human society.

Let us remember that Technology can be disruptive but not destructive.

Naavi

Refer also:

Wearable system for bio signal acquisition and monitoring…

One of the industries which is directly under threat of survival after DPDPA is the “Digital marketing industry”.

Marketing requires understanding the consumer’s buying behaviour and creating a communication that convinces the prospective customer that a given product or service satisfies the requirement of the consumer.

The principle of AIDAS namely, Creating Awareness, Generating Interest, Eliciting a Desire, making the product available and achieving satisfaction in the post sale scenario is the formula for successful marketing of any product or service.

If Marketing does not exist, then the products and services will wither away.

An excessive importance to placing restrictions on Consumer Marketing will eventually increase the cost of the product which will fall on the consumer. If the consumer is vary of bearing this cost, he will reject all offers other than the existing brands about which he already has some information. This means that “New Products” and “New Companies” will have a tough time to promote their existence.

Have we as Privacy professionals thought about the difficulties in “Profiling” and “Targeted Advertising” that any privacy law considers as abhorring?

Has the Digital Marketing Industry thought of how they will survive the post DPDPA scenario in India? . If they try any tricks to hood wink the consumer, they may be accused of practicing “Dark Patterns”. If they are too open and ask for consents, they need to be ready for about a response which will be not more than 1% .

If we look at the responses for “Pay Per Clicks” advertising vs “Banner Ads” and the responses in specific sites like Linked in vs advertising in Blogs we will understand that the Clickthrough rate for social media is around 1.36 % (Q2 2023 statistics). This is for a product which is advertised. If we consider “Request for Consent” as an advertisement, then the click through could be even less.

This means that to get 1 consent, an organization may have to spend cost of 100 notices. Currently the “Privacy Policies” as a “Declaration” does not require a specific consent.

This scenario is an existential threat to Digital Marketing Companies.

As consultants it is difficult for us to either advise an organization to ignore this risk or to provide a suitable compliance solution.

Unfortunately the Digital marketing industry and Internet advertising industry in India has not woken up to the problems and designing a sectoral approach to counter the business risks.

I invite industry professionals to write back and let us know what can be done in this aspect.

Naavi

India has been discussing the Data Protection Law for last several years and finally arrived at the DPDPA 2023.

The act has been notified with Presidential approval but the notification of an effective date and some rules are pending. We hope this is within the 100 days agenda of the Modi 3.0 Government.

We donot know how generous would be the Government in giving time for implementation. At the same time we also donot know how much time each organization takes to be compliant. However one thing is certain, any organization which starts early is likely to meet the dead line more effectively than others who keep procrastinating.

A question however arises how can any organisation starts compliance program before the rules are notified.

It is true that the rules can make a difference to the compliance program. But a large part of time consuming compliance activities are already identified and we donot need any mor clarification.

It is in this context that the framework DGPSI (Data Governance and Protection Standard of India) which has been designed and developed by Professionals of FDPPI emerges as the Gold standard of DPDPA compliance.

For those who donot know DGPSI, it is time to make efforts to know DGPSI Lite and DGPSI Full versions of framework that meets the compliance levels expected in the Act and ready to meet the needs of the emerging rules.

In fact during DGPSI implementation, accredited auditors of FDPPI use procedures which would be more than sufficient to meet the requirements of the rules.

The probability of compliance to the rules is extremely high if one follows the DGPSI framework and the manual of DGPSI implementation.

We are sure that there will be other frameworks which will come forth from different organizations but DGPSI shall remain the Gold standard since it is future ready and adaptable.

It is not enough if Naavi says that DGPSI is the “Gold Standard”.  You need to check and be  satisfied.

I invite professionals to raise any questions they have on DPDPA compliance and how DGPSI addresses it and we will be happy to answer each one of them. 

Naavi