Online surveillance: Seeking user info a rising global phenomenon

India 2nd in seeking user information after the US with 6,324 such requests to Facebook alone in H1 2016

Written by Pranav Mukul | New Delhi | Updated: December 30, 2016 8:28 am
india, india online surveillance, online surveillance, facebook data, twitter, google, privacy, online privacy india, india online privacy, india news (Illustration: C R Sasikumar)

During the first half of calendar year 2016, social networking site Facebook removed access to 2,034 pieces of content based on requests by the Indian government and other agencies. This was starkly lower than the 14,971 content restricted during the six-month ago period, and 15,155 in the year-ago period.

To justify content restrictions, Facebook has said: “We restricted access to content in India in response to legal requests from law enforcement agencies and the India Computer Emergency Response Team (CERT-In) within the Ministry of Communications and Information Technology. The majority of content restricted was alleged to violate local laws against anti-religious speech and hate speech.”

The Section 79 (3)(b) of the Information Technology Act, 2000, requires all stakeholders to take down or block access to content when demanded by the government.

Watch Video

However, in March 2015, the SC laid down the interpretation of the aforementioned section: “Section 79 is valid subject to Section 79 (3) (b) being read down to mean that an intermediary upon receiving actual knowledge from a court order or on being notified by the appropriate government or its agency that unlawful acts relatable to Article 19 (2) are going to be committed then fails to expeditiously remove or disable access to such material.”

Facebook also said that following the court order, it ceased acting on legal requests to remove access to content unless received by way of a binding court order and/or a notification by an authorised agency which conformed to the constitutional safeguards as directed by the SC.

However, India still requests major technology companies such as Facebook, Twitter, Google, and Apple for data
about certain users.

In the January-June period of 2016, Facebook received 6,324 requests from India about its users, and in 53.59 per cent of the cases, the social networking company yielded with some data. This is higher as compared with 5,561 in the second half of 2015, and 5,115 requests in the first half of 2015. According to the latest available data, India was the second in requests that went to Facebook, behind the US with 23,854 requests and closely followed by the UK with 5,469 requests.

Most major technology companies have been making this data public under their ‘transparency reports’ periodically after, in 2013, Edward Snowden leaked files revealing global mass surveillance being conducted by governments through these websites.

So, why do governments seek information about the internet users?

Facebook has said: “As part of official investigations, government officials sometimes request data about people who use Facebook. The vast majority of these requests relate to criminal cases, such as robberies or kidnappings. In many cases, the government is requesting basic subscriber information, such as name and length of service. Requests may also ask for IP address logs or account content.”

The company has also said that it checks for the legal sufficiency in every request, and often shares only “basic subscriber information”. Sometimes, these firms also receive fake court orders. Google has claimed it received four fake court orders from India in 2012 alone.
“From time to time, we receive falsified court orders. We do examine the legitimacy of the documents that we receive, and if we determine that a court order is false, we will not comply with it,” Google said.

Similarly, in case certain content posted on websites such as Facebook, Twitter and Google is in contravention of the local laws, the governments send requests to these firms asking them to restrict such content.

For instance, the global content restriction requests spiked during the first half of 2016, compared with the second half of 2015 due to one such reason. Chris Sonderby, Facebook’s deputy general counsel, said: “As for content restriction requests, the number of items restricted for violating local law decreased 83 per cent from 55,827 to 9,663. Last cycle’s figures had been elevated primarily by French content restrictions of a single image from the November 13, 2015, terrorist attacks.”

The processes of responding to government requests for user data also vary from country to country. In the US, where the highest number of requests were received by most platforms during January-June 2016 — 23,854 to Facebook, 2,520 to Twitter, 1,363 to Apple — several legal processes are used at the federal, state, and local levels with most common ones being search warrants and subpoenas.

“Outside the US, we ask the request to be properly issued, for example, through a mutual legal assistance treaty or a form of international process known as a letter rogatory, except in the case of certain emergencies,” professional networking platform LinkedIn said.

But, what are considered as emergencies?

“In rare circumstances involving imminent serious bodily harm or death, we will consider responding to an emergency request for data. These requests must be submitted using the Emergency Disclosure Request Form included in LinkedIn’s Law Enforcement Data Request … and must signed under penalty of perjury by a law enforcement agent,” LinkedIn said. Apart from these corporate giants, there are other independent organisations as well that release regular reports and databases about requests made by governments for user information and content removal from websites.

A website called Lumen publishes requests and notices sent, by various stakeholders to companies, including those with claims of copyrighted content.

While some of the technology companies have a policy to notify the users about their information being shared with the government, exceptions to these policies also remain.

“Twitter’s policy is to notify users of requests for their account information, which includes a copy of the request, prior to disclosure unless we are prohibited from doing so. Exceptions to prior notice may include exigent or counterproductive circumstances (e.g., emergencies regarding imminent threat to life; child sexual exploitation; terrorism). We may also provide post-notice to affected users when prior notice is prohibited,” micro-blogging website Twitter has said.

For all the latest Technology News, download Indian Express App