The Age of Neuro Rights Dawns in India

Posted on May 3, 2022 by Vijayashankar Na

India entered the domain of Cyber Laws on 17th October 2000 with the notification of the Information Technology act 2000 (ITA 2000). Several amendments were passed on this act in 2008 effective from 27th October 2009. These amendments gave a strong “Information Security and Data Security” posture to ITA 2000. Concepts of “Reasonable Security” and “Due Diligence” became part of the law and gave a compliance direction to the law.

With the concept of “Due Diligence”, the compliance goal post became a moving target with every advancement in technology and global laws. It was therefore possible for Courts to start picking ideas from PDPB 2019, a bill pending in the Parliament and discuss the “Right to forget” in some judgements. For the same reason, even though DPA 2021 is still a bill to be passed, it is considered as a due diligence guideline to be incorporated in the compliance framework for a company.

Despite this flexibility with which we can interpret ITA 2000 for new scenarios arising out of technological advancement, there is always a demand for law to be more specific. Hence there is a need to replace Section 43A and its notification with a whole new act-DPA 2021. There is also a demand now for a major amendment to the ITA 2000 itself to accommodate issues arising out of AI, Crypto assets etc.

While we can interpret several aspects of AI or Crypto Assets or any other technological developments including cyber crimes such as ransomware by suitable interpretation of the current laws itself, there is always a preference in judicial circles to bring a specific legal provision to bring in more uniformity of interpretations.

In this context, we can deliberate if India needs to think on “Neuro Rights Law” as a separate law or work with interpretations of ITA 2000 and DPA 2021 to meet some of the requirements related to the same.

In the DPA 2021, “psychological manipulation which impairs the autonomy of the individual” has been defined as a “Harm” and therefore the entire Act applies to any activity that could cause such a “Psychological Manipulation”. It would be interesting to see if this concept of “Psychological Manipulation” can be extended to the concept of “Neuro Rights” which primarily address manipulation of the functioning of human brains with electronic impulses.

Chile is credited to be the first Country in the world to pass a law on “Neuro Rights” in September 2021 to protect the “Mental Privacy”, free will and non-discrimination in citizens’ access to neurotechnology. The stated aim is to give personal brain data the same status as an organ, so that it cannot be bought or sold, trafficked or manipulated.

There is one view that the development of such law is a little premature since the “Neuro Manipulation Technology” (NMT) is still in its infancy.

There is no doubt that NMT has many positive applications related to medical science for treatment of Alzeimer’s decease or even impairments of hearing or vison. But the possibilities of the technology becoming another “Bhasmasura” cannot be ruled out. Today the technology of Crypto Currencies is threatening to destroy our economy. AI and Humanoids may turn into rogue applications and devices like of which are seen in today’s movies. Similarly NMT has the potential to transform the human race into a hybrid entity which is ethically and morally questionable.

So far “Manipulation” which is recognized as Cyber Crimes relate to data residing inside a computer which has a recognized owner. When data is changed without the permission of the owner, it is recognized as a “Cyber Crime”. Even our Privacy law is built on “Right of Choice” where a person opts-in or opts-out of a data collection and processing environment out of his own free will.

The thought of adding “Psychological Manipulation” as a part of “Harm” was perhaps driven by the Cambridge Analytica experience where  a powerful coordinated messaging campaign could brainwash the audience into a chosen behaviour. Inducing a hypnotic state of mind through audio suggestions and visual imagery has been effectively tried in some games such as the “Blue Whale”. The new immersive technologies like the Meta Verse have made this hypnotization techniques more sophisticated.

We have also developed and accepted technologies of “Implants” within the body which can regulate heart beatings or blood sugar. Essentially we are already intruding into the human body to interpret the electro chemical changes happening in our organs and convert them into some action. The artificial limbs technology have gone beyond attaching an extendable arm or leg to responsive hand where artificial fingers can be managed with twitches in the arm. In a way these technologies already convert muscular impulses into guiding the fingers to grab or hold an object  and otherwise substitute the normal movements of the human fingers.

The new technologies that are triggering the concern for a new law on Neuro Rights is the development of “Chips” which can be implanted on a human which will directly interact with the brain and create sensory perceptions within the brain. These sensory perceptions may be gathered from the sensory devices or otherwise.

To understand the nature of this new technology, we can look at the following example.

Let us assume that there is a computer application that requires a password for access.  In the simplest case, the password is entered into the computer in plain text and it may go to the secured application which already has a copy of the password and matches the two to open the access gates.

In a more secured method, the secure application may not store the password in plain text. The plain text password may be converted into a hash at the user’s end and the hash is presented to the application which matches it with the hash already in its store and grants access.

In such a hash based authentication system, knowing the hash of a password is sufficient to access the server since the server responds when the right hash is provided. The application may not be able to distinguish if the hash was calculated in real time after the user entered the plain text password in his computer or was replayed from a hash store. Such stored password attacks have been successfully carried out even when biometric was used though technology has now been updated to check if the finger print recognizes an underlying living hand or not etc.

The fact is that access to the secured application can be gained through the input device or directly at the entrance of the secure application.

The “Chip” method of access to the human brain involves an electro magnetic link with which the Chip may be able to communicate with the neurons of the human brain and make the brain think it is seeing some thing or hearing some thing which is not there in the physical world.

This sort of “Brain Signal Manipulation” impairs the functioning of the human brain to see things or hear things which are not real. This is a manipulation of the free will of a person and makes the discussion of “Right of Choice”  etc completely meaningless.

The legal issues that are being raised by the NMT is different from the issues arising on the Metaverse, where a person has accused another of inappropriate touch of an avatar causing mental trauma equivalent to rape in the physical society. Here the interaction is between two digital avatars in a digital platform and its equivalence to a physical society action is being debated. But here the perception of the victim is an induced feeling of the pain of the digital avatar as imagined by the victim.  It is more in the mind of the victim than otherwise but the perception of shame felt by the victim in a virtual rape of her digital avatar may be as real as the experience of the Blue Whale game player.

Philosophers may however ask what is the difference if you can see things which are not real? As long as the perception is real, it is an experience. For example if you are in the  3D Trick Art Museum in Dubai or the 7D hologram show, the perceptional experience may be as real as it can get. A person may get frightened enough to have a heart attack though the snake he sees may only be an image.

The NMT with embedded chips is much more than the current technologies such as the 7D hologram show since in these technologies, the perception is captured by the normal human eye or ear and transmitted to the brain. In the NMT embedded chip technology, the perception is created directly in the brain and hence it is indistinguishable from real experience.

Once the embedded chips can respond to WiFi signals or the technology advances to the extent that brain manipulating waves can be transmitted through air, brain hacking becomes easier and can be achieved without the need for an embedded chip and a wiring between the chip and the neuro channels within the body.

In the Indian law, under ITA 2000 there is a provision under Section 11 that any electronic record shall be attributed to the person who programs a system to behave in a specific manner. Hence the “Induced Experience” can be attributed to the person who caused the Chip to send the specific signal which induced the experience.

By combining the provisions of ITA 2000 as well as the concept of “harm” under DPA 2021 it is therefore possible to consider that “Inducing mental experiences” is nothing different from introducing a “Computer contaminant” into a computer system. Hence hacking of human brain may be equivalent to hacking of a computer.

The analogy of human brain being considered as a computer is also corroborated by the neuro science. According o neuro science, sensory perceptions travel as electrical impulses and gets transmitted from the nerve edges through the nerves to the receptors in the brain. There after the brain interprets the impulse based on its memory where similar impulses are stored earlier. The Eyes, ears, nose tongue or skin or are like input devices and the mouth may be an output device. The processing in the spinal cord may be similar to the RAM response. The arms, legs and other muscles are like various mechanical devices that may be taking the output from the brain and converting into physical actions.

In view of the above, the “Neuro Rights” in India may be exercisable even under the current laws. However, a thought process has been sown where by a debate on whether a separate Neuro rights law is required in India.

Naavi would invite thought leaders in this domain to contribute to the development of Neuro Rights Jurisprudence in India so that Judiciary can be provided with necessary guidance when required.

Naavi

Reference Article

We need to regulate mind-reading tech before it exists

A Critical perspective on Neuro Rights: Comments  regarding Ethics and law

Mind the Gap: Lessons Learned from Neurorights

New Dimensions of Privacy… Mental Privacy or Neuro Privacy Rights

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.