Examining the state of Anonymity

Three Relationships

• Citizen – Government
• Consumers – Businesses
• Employee – Employer

Citizen – Government Relationship

• What is the need for Anonymity? Pros and Cons
• In which circumstances is anonymity required?
• How technically feasible is to provide anonymity?
• What is the impact if anonymity on transactions with Government and its duties?

C2G

Why is anonymity required?

• Provides privacy, and allows actions, transactions etc to be kept private
• Ability to express oneself without being known
• Vital to protect freedom of expression without any threat of injury or harm
• Allows the government to provide protection to its officials through anonymity in the interest of national security
• Allows government officials to disseminate information without fear of political backlash 

C2G |Pros and Cons

Pros

• Whistle blowers are provided greater protection from harm
• Allowing complaints against government officials/departments to be filed anonymously
• Lowers the risk of abuse of information by government officials
• Seeking information from the government anonymously, eg. RTI Anonymous
• Protection of witnesses and preventing them from turning hostile
• Classified information for the purpose of national security

C2G |Pros and Cons

Pros

• Anonymity to victims of sexual offense, juveniles and suspects untill proven guilty
• Use of Internet and telecommunication services without fear of surveillance
• Availing healthcare benefits without the possibility of disclosure of private health information to any third parties
• Protection of identity and sensitive information of pregnant women while undergoing pre-conception, pre-natal and ultra-sonography tests.
• Protection of privacy of patients in psychiatric care

C2G |Pros and Cons

Cons

• Impedes the ability of the government to identify any threats
• Prevents efficient and targetted delivery of government services and policies
• Hinders prevention and identification of fraudulent financial transactions
• Lack of complete and accurate information to facilitate better relief during disasters and emergencies

C2G |Pros and Cons

Circumstances in which Anonymity is Required?

• Whistle-blowing
• Complaints
• Access to Telecom Services
• Healthcare
• Freedom of Expression
• National Security
• Justice System
• Financial Services
• Delivery of Government services

C2G | Required in which circumstances

Legislations

• Whistleblowers Protection Act, 2011
• Whistleblowers Protection (Amendment) Bill, 2​015​

C2G | Required in which circumstances | Whistle-blowing

C2G | Required in which circumstances | Whistle-blowing

Key Takeaways

• No definition of 'victimisation' in the Act. Vagueness about ways in which complainant may be vitimised.
• Exception to obligation of 'Competent Authority' to keep confidential identity of the complainant – If complainant has revealed his identity to any other office
• Amendment Bill adds a list of exceptions for matters involving national security, cabinet papers, privileged documents, or information threatening someone's life or safety.

C2G | Required in which circumstances | Whistle-blowing

C2G | Required in which circumstances | Complaints

Policies/Projects

• Guidelines by the Dept. of Personnel and Training, Ministry of Personnel, Public Grievances and Pensions, GoI on handling of complaints    
• GoI Resolution on Public Interest Disclosures and Protection of Informer (PIDPI) 
• Various initiatives taken of installing complaint boxes outside police stations and markets enabling anonymous complaints

C2G | Required in which circumstances | Complaints

Key Takeaways

• PIDPI Resolution and Guidelines only concern the Central Government Ministries and Departments. No such mandatory policies for states government
• Complaints filed anonymously or pseudonymously are not taken cognizance of.
• Departments/Ministries to keep confidential the identity of complainant
• Initiatives of complaint boxes lack any mechanism for complainants to follow up on their complaints

C2G | Required in which circumstances | Complaints

Policies/Projects

• Internet Registry for Internet Names and Number (IRINN) Policy 1.1
• IT (Guidelines for Cyber Cafe) Rules, 2011
• IDN Terms and Conditions for Registrants  
• .IN Terms and Conditions for Registrants

C2G | Required in which circumstances | Telecom Services

Key Takeaways

• Under the IT Rules, proof of identity needs to be provided before accessing the internet at a cyber cafe
• IRINN Policy requires identification documents like PAN for an individual to become an affiliate
• IDIN and .IN registration require proof of identity and address documents
• ISPs needs to keep maintain data logs of each IP address which may be traced back to the individual 

C2G | Required in which circumstances | Telecom Services

Policies/Projects

• Right to Information Act, 2005
• RTI Anonymous

C2G | Required in which circumstances | RTI

Policies/Projects

Text

C2G | Required in which circumstances | RTI

Key Takeaways

• Previously no RTI requests could be made anonymously
• In 2012, Calcutta HC made filing of RTI application anonymously using post box numbers permissible.
• Online portals allow RTI's to be filed anonymously.
• Intelligence agencies and Information relating to national security, or infringing privacy of a government official is exempted from the purview of RTI Act.

C2G | Required in which circumstances | RTI

Policies/Projects

C2G | Required in which circumstances | Justice System

• Consultation paper by Law Commission of India on witness identity protection and witness protection programmes, August 2004
• Indian Penal Code, 1860 
• Indian Evidence Act, 1882
• Juvenile Justice Act, 2000
• Terrorist and Disruptive Activities Act, 1985
• Unlawful Activities (Prevention) Amendment Act, 2004
• National Investigation Agency Act, 2008

Key Takeaways

• No dedicated law or guidelines to provide for witness protection.
• Provisions under Terrorist and Disruptive Activities Act, Unlawful Activities (Prevention) Amendment Act and National Investigation Agency Act, 2008
• Provisions to criminalize disclosure of victim's identity and protection of rape victims under Evidence Act and IPC.
• Absence of provisions to provide anonymity to defendants in such offences until convicted.
• Prohibition of publication of details of a juvenile to ensure anonymity under the JJ Act.

C2G | Required in which circumstances | Justice System 

C2G |Required in which circumstances | Financial Services

Policies

• Master Circular on Know Your Customer (KYC) norms /Anti Money Laundering (AML) standards / Combating of Financing of Terrorism (CFT)/Obligations of Banks under PMLA, dated July 2015
• Master Circular on Customer Service in Banks, 2013
   

C2G |Required in which circumstances | Financial Services

Key Takeaways

• KYC norms enable banks keep a check on all transactions (even if suspicious) and share such information with law enforcement agencies.
• Information derived from KYC is confidential.
• Any additional information to be collected on voluntary basis.

C2G | Required in which circumstances | Financial Services

C2G | Required in which circumstances | Healthcare

Policies

• Medical Termination of Pregnancy Act, 1971
• Health data under UID Project
• Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994
• "Save the Baby Girl" Project, 2009
• PNDT Rules, 1996
• Mental Health Act, 1987
• IMC (Professional conduct, Etiquette and Ethics) Regulations, 2002 (Code of Ethics Regulations, 2002)
• Ethical Guidelines for Biomedical Research on Human Subjects, 2006
• National Policy for Persons with Disabilities, 2006

C2G | Required in which circumstances | Healthcare

Key Takeaways

• Medical confidentiality promotes autonomy, however disclosure is required at various stages.
• Obtaining a disability certificate requires disclosure of sensitive and personal information.
• Disclosure of information to undergo pre-natal diagnostic testing and ultra-sound is mandatory.
• Legislations ensure data of women undergoing abortion/such tests is kept confidential & Physicians required to keep patient's information confidential
• However, in practice, a lot of medical information is revealed by healthcare organisations for various government initiatives 

C2G | Required in which circumstances | Healthcare

Key Takeaways

• Inspection of records in psychiatric hospitals and nursing homes to be allowed only by State Government authorized officers
• Compliance with Principles when conducting research on humans: Principle of Informed consent, Privacy, Confidentiality, Accountability, Transparency and Compliance.
• UID Scheme has potential to facilitate breach the anonymity of health data collected

C2G | Required in which circumstances | Healthcare

C2G | Required in which circumstances | Delivery of Government Services

Policies/Projects

• Collection of Statistics Act, 2008
• PAN Card
• UID Scheme (Aadhaar card)
• Ration/PDS Card
• NREGS job card
• Pensioner photo card
• CGHS / ECHS photo card
• Kissan photo passbook

C2G | Required in which circumstances | Delivery of Government Services

Key Takeaways

• Providing information to avail services and benefits of Government schemes and policies
• Identification becomes important in times of national emergencies like natural disasters, epidemics etc for better provision of relief and aid

C2G | Required in which circumstances | Delivery of Government Services

Whistle Blowing and Complaints

C2G | Technical solutions and feasibility

Whistle Blowing and Complaints

• Technical solution like Wikileaks which publish classified information from anonymous sources
• Use of data encryption and decryption progarms like PGP and GnuPG 

C2G | Technical solutions and feasibility

Whistle Blowing and Complaints

• Solutions like Wikilieaks can have standards to authenticate the source along with security and policy standards that protect the identity of the informant
• Use of data encryption software will provide cryptographic privacy and authentication for data communication

C2G | Impact of Solutions

Telecom Services

• Currently identification information needs to be provided at every stage for availing telecom services
• The KYC norms may be rolled back to allow for greater anonymity

C2G | Technical solution and feasibility

Telecom Services

• Rolling back of KYC norms shall allow for greater anonymity, less fear of surveillance under the LIM schemes, and better privacy protection
• This will also increase risks of cyber-attacks, cyber-bullying and impede efficient delivery of justice for cyber-crimes

C2G | Impact of Solutions

RTI

• The Calcutta HC ruled that RTI's can also be filed using a post box number without disclosing identification information
• Solutions like RTI Anonymous allows filing of RTI applications without revealing one's identity
• RTI Activists across the world can collaborate without revealing their true identities 
• The response from the government is made available on the website and is easily accessible

C2G | Technical solution and feasibility

RTI

• Since the RTI Act has been in place, various cases of victimisation of RTI activists have been reported
• Solutions like RTI Anonymous will facilitate seeking of information without the fear of retribution by exposing one's identity

C2G | Impact of Solutions

Justice System

• Suspects and Victims often require physical protection and the solutions for their anonymity are predominantly offline
• However, more and more people have digital personas, and for better protection, there needs to be systems to anonymize those as well.

C2G | Technical Solutions and Feasibility

Healthcare Services

• While there are provisions and codes to ensure confidentiality, no solutions to ensure anonymity of patient from doctor
• For tests that lead to sensitive information like HIV and STDs, provision for dropping of bottles, and samples with only serial number, and facility to check the results on public display that reveal the results against the serial number are needed

C2G | Technical Solutions and Feasibility

Healthcare Services

• Systems that facilitate greater anonymity for sensitive information will prevent discrimination
• However, in absence of proper education in how to provide blood and other samples, risk of inadequate information to provide definitive results

C2G | Impact of Solutions

Financial services

C2G | Technical solution and feasibility

Financial services

• Almost impossible to conduct financial transaction without revealing identity
• Only possible in case of offline cash transactions
• For greater anonymity, the KYC norms prescribed by banks will have to be rolled back
• Use of Bitcoins may allow anonymity in limited spheres

C2G | Technical solution and feasibility

Financial services

• Limited spheres in which cash transactions may be used
• Rolling back of KYC norms will allow financial fraud and impede efficient prevention of white collar crimes

C2G | Impact of Solutions

Delivery of government services

• Most benefits and services provided by the government require identity
• Schemes like food coupons may be used instead of identity linked rations

C2G | Technical solution and feasibility

Delivery of government services

C2G | Impact of Solutions

Delivery of government services

• Schemes like food coupons allows greater exercise of choice and have less stigma attached to them
• Government tracks identity linked data and relies on this data for insights to improve its services and aid.
• This will be prevented in case of schemes which are not identity linked.

C2G | Impact of Solutions

Employee – Employer Relationship

• What is the need for Anonymity? Pros and Cons
• In which circumstances is anonymity required?
• How technically feasible is to provide anonymity?
• What is the impact of anonymity?

E2E

What is the need for anonymity?

• At the time of an individual providing data for availing some services/benefits such as:
• Use of Social Networking Sites, blogs, newsletters, archives
• Email and other modes of communication
• E-commerce
• Use of Data collected by Government, Corporates, Businesses for purposes other than agreed at the initial collection point
    

E2E |Pros and Cons

Pros

• Benefits both employer and employee
• It helps in creating innovation and boost morale of our employees
• An effective tool to identify pool of human resources talent
• Global platform for employees to collaborate amidst diverse cultures

E2E |Pros and Cons

Cons

• Cyber Bullying
• Compromising one’s privacy
• Huge administration cost to manage grievances and breaches
• Lack of specialized professionals
• Stringent laws and regulations 

E2E |Pros and Cons

Examples

• Secret – revamped its application, borrowing ideas from apps like Yik Yak and Snapchat and others in order to introduce new features like location based posts and disappearing private messages.
  
• Yik Yak –  combines anonymity with location based networking, cyber bullying became so bad this year that the company had to implement technology

E2E |Pros and Cons

Circumstances in which Anonymity is Required?

• Reporting of Incidents
• Fraud allegations
• Whistleblowers

E2E | Required in which circumstances

Technical Feasibility

• Right to anonymity by an employee is waived when Organization’s business interest is threatened – When employer’s proprietary information is breached, or Contractual obligations agreed with the Client is violated
• Client is King for employers
• Lack of user awareness in using the social networking platforms and online media 

E2E |Technical Feasibility

Technical Feasibility

• Stringent laws and regulations that embraces monitoring as a tool limits right of an user to avail full anonymity
• Increasing crimes at Cyber Space and paradigm shift in the technological landscape
• Current method of handling anonymity breaks at the public level doesn’t apply well on social networking web sites. 
• Use of Privacy Enhanced Technologies (PETs)

E2E |Technical Feasibility

Anonymouse

• Web search portal hosted on an island off the coast of Somalia
• Allows you to access any webpage without leaving a trace.

E2E |Technical Feasibility | PETs

I2P

• Mixed-license, free and open source project 
• anonymous network that other applications can use to anonymously and securely send messages to each other
• Uses include anonymous surfing, chatting, blogging and file transfers.

E2E |Technical Feasibility | PETs

Privacy Bird

• Free software designed to automatically read full P3P privacy policies of websites and compare them to your personal privacy preferences
• Provides warning messages when a site's policies do not match your own 

E2E |Technical Feasibility | PETs

Privacy Box

• Used primarily by journalists, bloggers and other publishers
• Allows the possibility to offer non-tracked (and also anonymous) contact forms 

E2E |Technical Feasibility | PETs

Privacy Choice Opt-Out

• Gathers opt-out cookies from over 150 ad companies, with an optional Firefox add-on to preserve and automatically update preferences
• Opt-out from all companies or opt-out selectively based on industry certifications and policy terms. 

E2E |Technical Feasibility | PETs

Others

• Internet Proxy - Free internet web based proxy. Conceals your IP address from visited sites. 
• Java Anonymous Proxy - Free, cross-platform proxy system designed to allow browsing the web with revocable pseudonymity
• JonDoNym - German-based software that encrypts and mixes Internet communications to render them anonymous.

E2E |Technical Feasibility | PETs

<To be added>

E2E | Impact of Solutions

Consumer - Business Relationship

• Pros and Cons
• In which circumstances is anonymity required?
• How technically feasible is to provide anonymity?
• What is the impact if anonymity on transactions with Government and its duties?

C2B

Why is anonymity required

• “If you kill the messenger, you won’t hear the bad news”
• For research purposes 
• “I wanted the book to be reviewed. Not the author”
• Encouraging stigmatized individuals to communicate, share their experiences for expert or professional help
• “It’s none of your business” 
  

C2B |Pros and Cons

Cons

• "Being anonymous means you never have to say you are sorry" 
• Lack of Accountability
• Inability to do Online Profiling

C2B|Pros and Cons

Pros

• Hotlines and other means of communication for whistle blowers
• Keeping personal information provided for research purposes confidential
• Studies for medical, sexual or criminal behavior for which anonymity is preferred 
• Protection id identity of donors
• Protection of one's time, space and person from unwanted intrusions

C2B |Pros and Cons

Circumstances in which Anonymity is Required?

• Research and data mining where personal identifiers are unnecessary
• Anonymous communication
• Behavioral targetting/Online profiling

C2B | Required in which circumstances

Behavioral targetting / Online Profiling

• Personal choices and preferences of their past, present and future customers are captured and analyzed to provide tailored services. 
  
• An individual's IP address, browser type, pages viewed, and the date and time of use becomes easily and readily available
• On mobile, the data collected is more elaborate and accurate - including a user's location, device type and contact list
• Section 43A of IT Act, 2000

C2B | Required in which circumstances

How feasible is anonymity?

• Data protection laws provide support to anonymized dataset in UK and Singapore
• From business perspective – Trust building becomes easier, but robust technologies can always be penetrable
• ICANN does it all wrong
• It registers domain only after gathering personal information
• Violates many data protection laws and regulations

C2B | Technical Feasibility

Current Practices

• Aadhar - Brilliant or Blunder?
• Bitcoin - Alternative or Substitute
• TrulyMadly / Ashley Madison - Discreet or Immoral
• Lessons - Anonymous or Identifiable?

C2B | Technical Feasibility

Technical Solutions

• Follow certain standards while collecting PIIs
• Using codes instead of identities, encryption, removing face sheets.
• Limited access to information, assign security codes to computerized records, etc.

C2B | Technical Feasibility

Title Text

Text

C2G | Impact of Solutions