Examining the state of Anonymity
Three Relationships
- Citizen – Government
- Consumers – Businesses
- Employee – Employer
Citizen – Government Relationship
- What is the need for Anonymity? Pros and Cons
- In which circumstances is anonymity required?
- How technically feasible is to provide anonymity?
- What is the impact if anonymity on transactions with Government and its duties?
C2G
Why is anonymity required?
- Provides privacy, and allows actions, transactions etc to be kept private
- Ability to express oneself without being known
- Vital to protect freedom of expression without any threat of injury or harm
- Allows the government to provide protection to its officials through anonymity in the interest of national security
- Allows government officials to disseminate information without fear of political backlash
C2G |Pros and Cons
Pros
- Whistle blowers are provided greater protection from harm
- Allowing complaints against government officials/departments to be filed anonymously
- Lowers the risk of abuse of information by government officials
- Seeking information from the government anonymously, eg. RTI Anonymous
- Protection of witnesses and preventing them from turning hostile
- Classified information for the purpose of national security
C2G |Pros and Cons
Pros
- Anonymity to victims of sexual offense, juveniles and suspects untill proven guilty
- Use of Internet and telecommunication services without fear of surveillance
- Availing healthcare benefits without the possibility of disclosure of private health information to any third parties
- Protection of identity and sensitive information of pregnant women while undergoing pre-conception, pre-natal and ultra-sonography tests.
- Protection of privacy of patients in psychiatric care
C2G |Pros and Cons
Cons
- Impedes the ability of the government to identify any threats
- Prevents efficient and targetted delivery of government services and policies
- Hinders prevention and identification of fraudulent financial transactions
- Lack of complete and accurate information to facilitate better relief during disasters and emergencies
C2G |Pros and Cons
Circumstances in which Anonymity is Required?
- Whistle-blowing
- Complaints
- Access to Telecom Services
- Healthcare
- Freedom of Expression
- National Security
- Justice System
- Financial Services
- Delivery of Government services
C2G | Required in which circumstances
Legislations
- Whistleblowers Protection Act, 2011
- Whistleblowers Protection (Amendment) Bill, 2015
C2G | Required in which circumstances | Whistle-blowing
Key Takeaways
- No definition of 'victimisation' in the Act. Vagueness about ways in which complainant may be victimised.
- Exception to obligation of 'Competent Authority' to keep confidential identity of the complainant – If complainant has revealed his identity to any other office
- Amendment Bill adds a list of exceptions for matters involving national security, cabinet papers, privileged documents, or information threatening someone's life or safety.
C2G | Required in which circumstances | Whistle-blowing
Policies/Projects
- Guidelines by the Dept. of Personnel and Training, Ministry of Personnel, Public Grievances and Pensions, GoI on handling of complaints
- GoI Resolution on Public Interest Disclosures and Protection of Informer (PIDPI)
- Various initiatives taken of installing complaint boxes outside police stations and markets enabling anonymous complaints
C2G | Required in which circumstances | Complaints
Key Takeaways
- PIDPI Resolution and Guidelines only concern the Central Government Ministries and Departments. No such mandatory policies for states government
- Complaints filed anonymously or pseudonymously are not taken cognizance of.
- Departments/Ministries to keep confidential the identity of complainant
- Initiatives of complaint boxes lack any mechanism for complainants to follow up on their complaints
C2G | Required in which circumstances | Complaints
Policies/Projects
C2G | Required in which circumstances | Telecom Services
Key Takeaways
- Under the IT Rules, proof of identity needs to be provided before accessing the internet at a cyber cafe
- IRINN Policy requires identification documents like PAN for an individual to become an affiliate
- IDIN and .IN registration require proof of identity and address documents
- ISPs needs to keep maintain data logs of each IP address which may be traced back to the individual
C2G | Required in which circumstances | Telecom Services
Policies/Projects
- Right to Information Act, 2005
- RTI Anonymous
C2G | Required in which circumstances | RTI
Policies/Projects
Text
C2G | Required in which circumstances | RTI
Key Takeaways
- Previously no RTI requests could be made anonymously
- In 2012, Calcutta HC made filing of RTI application anonymously using post box numbers permissible.
- Online portals allow RTI's to be filed anonymously.
- Intelligence agencies and Information relating to national security, or infringing privacy of a government official is exempted from the purview of RTI Act.
C2G | Required in which circumstances | RTI
Policies/Projects
C2G | Required in which circumstances | Justice System
- Consultation paper by Law Commission of India on witness identity protection and witness protection programmes, August 2004
- Indian Penal Code, 1860 (Section 228 A, Disclosure of identity of victim of sexual crimes)
- Indian Evidence Act, 1882 (Section 146 - Unlawful questions in cross-examination)
- Juvenile Justice Act, 2000
- Terrorist and Disruptive Activities Act, 1985
- Unlawful Activities (Prevention) Amendment Act, 2004 (Section 44 - Protection of witnesses)
- National Investigation Agency Act, 2008 (Section 17 - Protection of witnesses)
Key Takeaways
- No dedicated law or guidelines to provide for witness protection.
- Provisions under Terrorist and Disruptive Activities Act, Unlawful Activities (Prevention) Amendment Act and National Investigation Agency Act, 2008
- Provisions to criminalize disclosure of victim's identity and protection of rape victims under Evidence Act and IPC.
- Section 21 Prohibits publication of details of a juvenile to ensure anonymity under the JJ Act.
C2G | Required in which circumstances | Justice System
Policies
C2G |Required in which circumstances | Financial Services
Key Takeaways
- KYC norms enable banks keep a check on all transactions (even if suspicious) and share such information with law enforcement agencies
- Information derived from KYC is confidential
- Any additional information to be collected on voluntary basis
C2G | Required in which circumstances | Financial Services
Policies
- Medical Termination of Pregnancy Act, 1971
- Health data under UID Project
- Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994
- "Save the Baby Girl" Project, 2009
- PNDT Rules, 1996
- Mental Health Act, 1987
- IMC (Professional conduct, Etiquette and Ethics) Regulations, 2002 (Code of Ethics Regulations, 2002)
- Ethical Guidelines for Biomedical Research on Human Subjects, 2006
- National Policy for Persons with Disabilities, 2006
C2G | Required in which circumstances | Healthcare
Key Takeaways
- Obtaining a disability certificate requires disclosure of sensitive and personal information
- Disclosure of information to undergo pre-natal diagnostic testing and ultra-sound is mandatory
- Legislations ensure data of women undergoing abortion/such tests is kept confidential & Physicians required to keep patient's information confidential
C2G | Required in which circumstances | Healthcare
Key Takeaways
- Inspection of records in psychiatric hospitals and nursing homes to be allowed only by State Government authorized officers
- Compliance with Principles when conducting research on humans: Principle of Informed consent, Privacy, Confidentiality, Accountability, Transparency and Compliance
- UID Scheme has potential to facilitate breach the anonymity of health data collected
C2G | Required in which circumstances | Healthcare
Policies/Projects
- Collection of Statistics Act, 2008
- PAN Card
- UID Scheme (Aadhaar card)
- Ration/PDS Card
- NREGS job card
- Pensioner photo card
- CGHS / ECHS photo card
- Kissan photo passbook
C2G | Required in which circumstances | Delivery of Government Services
Key Takeaways
- Providing information to avail services and benefits of Government schemes and policies
- Identification becomes important in times of national emergencies like natural disasters, epidemics etc for better provision of relief and aid
C2G | Required in which circumstances | Delivery of Government Services
Whistle Blowing and Complaints
- Technical solution like Wikileaks which publish classified information from anonymous sources
- Solutions like Wikilieaks can have standards to authenticate the source along with security and policy standards that protect the identity of the informant
- Use of data encryption and decryption progarms like PGP and GnuPG
- Use of data encryption software will provide cryptographic privacy and authentication for data communication
C2G | Technical solutions and feasibility
Telecom Services
- Currently identification information needs to be provided at every stage for availing telecom services
- Identity brokers - third party service providers who vouch for the individuals and organizations and enable them to avail services without having to disclose their data
C2G | Technical solution and feasibility
RTI
- Solutions like RTI Anonymous allows filing of RTI applications without revealing one's identity
- The response from the government is made available on the website and is easily accessible
- Solutions like RTI Anonymous will facilitate seeking of information without the fear of retribution by exposing one's identity
C2G | Technical solution and feasibility
Justice System
- Potential solutions like In-camera testimony of witnesses over secure networks like TOR which cannot be traced back to the individual would be useful
- This will require authenticating mechanisms like security keys provided to the witness to ensure reliability
C2G | Technical Solutions and Feasibility
Healthcare Services
- For tests that lead to sensitive information like HIV and STDs, provision for dropping of bottles, and samples with only serial number, and facility to check the results on public display that reveal the results against the serial number are needed
- Systems that facilitate greater anonymity for sensitive information will prevent discrimination
- However, in absence of proper education in how to provide blood and other samples, risk of inadequate information to provide definitive results
C2G | Technical Solutions and Feasibility
Financial services
- Almost impossible to conduct financial transaction without revealing identity
- Only possible in case of offline cash transactions
- Use of Bitcoins may allow anonymity in limited spheres
C2G | Technical solution and feasibility
Delivery of government services
- Most benefits and services provided by the government require identity
- Schemes like food coupons may be used instead of identity linked rations
- Government tracks identity linked data for insights to improve its services
- This will be prevented in case of schemes which are not identity linked.
C2G | Technical solution and feasibility
Employee – Employer Relationship
- What is the need for Anonymity? Pros and Cons
- In which circumstances is anonymity required?
- How technically feasible is to provide anonymity?
- What is the impact of anonymity?
E2E
What is the need for anonymity?
- At the time of an individual providing data for availing some services/benefits such as:
- Use of Social Networking Sites, blogs, newsletters, archives
- Email and other modes of communication
- E-commerce
- Use of Data collected by Government, Corporates, Businesses for purposes other than agreed at the initial collection point
E2E |Pros and Cons
Pros
- Benefits both employer and employee
- It helps in creating innovation and boost morale of our employees
- An effective tool to identify pool of human resources talent
- Global platform for employees to collaborate amidst diverse cultures
E2E |Pros and Cons
Cons
- Cyber Bullying
- Compromising one’s privacy
- Huge administration cost to manage grievances and breaches
- Lack of specialized professionals
- Stringent laws and regulations
E2E |Pros and Cons
Examples
- Secret – revamped its application, borrowing ideas from apps like Yik Yak and Snapchat and others in order to introduce new features like location based posts and disappearing private messages.
- Yik Yak – combines anonymity with location based networking, cyber bullying became so bad this year that the company had to implement technology
E2E |Pros and Cons
Circumstances in which Anonymity is Required?
- Reporting of Incidents
- Fraud allegations
- Whistleblowers
E2E | Required in which circumstances
Technical Feasibility
- Right to anonymity by an employee is waived when Organization’s business interest is threatened – When employer’s proprietary information is breached, or Contractual obligations agreed with the Client is violated
- Client is King for employers
- Lack of user awareness in using the social networking platforms and online media
E2E |Technical Feasibility
Technical Feasibility
- Stringent laws and regulations that embraces monitoring as a tool limits right of an user to avail full anonymity
- Increasing crimes at Cyber Space and paradigm shift in the technological landscape
- Current method of handling anonymity breaks at the public level doesn’t apply well on social networking web sites.
- Use of Privacy Enhanced Technologies (PETs)
E2E |Technical Feasibility
Anonymouse
- Web search portal hosted on an island off the coast of Somalia
- Allows you to access any webpage without leaving a trace.
E2E |Technical Feasibility | PETs
I2P
- Mixed-license, free and open source project
- anonymous network that other applications can use to anonymously and securely send messages to each other
- Uses include anonymous surfing, chatting, blogging and file transfers.
E2E |Technical Feasibility | PETs
Privacy Bird
- Free software designed to automatically read full P3P privacy policies of websites and compare them to your personal privacy preferences
- Provides warning messages when a site's policies do not match your own
E2E |Technical Feasibility | PETs
Privacy Box
- Used primarily by journalists, bloggers and other publishers
- Allows the possibility to offer non-tracked (and also anonymous) contact forms
E2E |Technical Feasibility | PETs
Privacy Choice Opt-Out
- Gathers opt-out cookies from over 150 ad companies, with an optional Firefox add-on to preserve and automatically update preferences
- Opt-out from all companies or opt-out selectively based on industry certifications and policy terms.
E2E |Technical Feasibility | PETs
Others
- Internet Proxy - Free internet web based proxy. Conceals your IP address from visited sites.
- Java Anonymous Proxy - Free, cross-platform proxy system designed to allow browsing the web with revocable pseudonymity
- JonDoNym - German-based software that encrypts and mixes Internet communications to render them anonymous.
E2E |Technical Feasibility | PETs
Consumer - Business Relationship
Why is anonymity required
- “If you kill the messenger, you won’t hear the bad news”- whistle blowers
- For research purposes – studies for sexual behavior, criminal behavior
- “I wanted the book to be reviewed. Not the author” – Artistic expressions
- Encouraging stigmatized individuals to communicate, share their experiences for expert or professional help – AIDS, alcohol, pregnancy, etc.
- “It’s none of your business” - Online Profiling
C2B |Pros and Cons
Cons
- "Being anonymous means you never have to say you are sorry"
- Lack of Accountability
- Inability to do Online Profiling
C2B|Pros and Cons
Pros
- Hotlines and other means of communication for whistle blowers
- Keeping personal information provided for research purposes confidential
- Studies for medical, sexual or criminal behavior for which anonymity is preferred
- Protection id identity of donors
- Protection of one's time, space and person from unwanted intrusions
C2B |Pros and Cons
Circumstances in which Anonymity is Required?
- Research and data mining where personal identifiers are unnecessary
- Anonymous communication
- Behavioral targetting/Online profiling
C2B | Required in which circumstances
Behavioral targetting / Online Profiling
- Personal choices and preferences of their past, present and future customers are captured and analyzed to provide tailored services.
- An individual's IP address, browser type, pages viewed, and the date and time of use becomes easily and readily available
- On mobile, the data collected is more elaborate and accurate - including a user's location, device type and contact list
- Section 43A of IT Act, 2000
- Self-regulation
C2B | Required in which circumstances
IoT and Big Data
- IoT connects digital life to 'real' life
- Faustian bargain – willing to sacrifice anything to satisfy a limitless desire for knowledge and power
- Making a 'Faustian bargain' can be interpreted as making a deal with the devil - it may seem like a good deal, but there is always a catch, and that catch is usually very, very bad
- It's much harder to opt out of data collection when you're dealing with physical sensors
C2B | Required in which circumstances
Sometimes it's good to not know!
- Data protection laws provide support to anonymized dataset in UK and Singapore
- From business perspective – Trust building becomes easier, but robust technologies can always be penetrable
- ICANN follows a questionable process
- It registers domain only after gathering personal information
- Violates many data protection laws and regulations
C2B | Technical Feasibility
Legally done!
- Banking laws - KYC guidelines issued by the Reserve Bank of India
- Telecom laws - provide access to law enforcement agencies to call records and SMS histories of their subscribers on request
What can be done?
- Follow certain standards while collecting PIIs
- Using codes instead of identities, encryption, removing face sheets.
- Limited access to information, assign security codes to computerized records, etc.
C2B | Technical Feasibility
DuckDuckGo.com
C2B | Technical Feasibility
Current Practices
- Aadhar - Brilliant or Blunder?
- Chui – a smart doorbell - uses facial recognition technology to turn your face, and the faces of those you allow, into keys that unlock a door – unlock through smartphone
- Bitcoin - Alternative or Substitute
- Scanalytics by Microsoft’s IoT accelerator an intelligent floor mat called the SoleSensor, which measures foot traffic. It works like a touch screen for the floor and the company claims that it can measure 100% of foot traffic in an area, down to each individual step.
C2B | Technical Feasibility
Technical Solutions
- Follow certain standards while collecting PIIs
- Using codes instead of identities, encryption, removing face sheets.
- Limited access to information, assign security codes to computerized records, etc.
C2B | Technical Feasibility
Copy of Anonymity v2.0
By Centre for Internet and Society
Copy of Anonymity v2.0
- 2,076