Three Relationships

• Citizen – Government
• Consumers – Businesses
• Employee – Employer

Citizen – Government Relationship

• What is the need for Anonymity? Pros and Cons
• In which circumstances is anonymity required?
• How technically feasible is to provide anonymity?
• What is the impact if anonymity on transactions with Government and its duties?

C2G

Why is anonymity required?

• Provides privacy, and allows actions, transactions etc to be kept private
• Ability to express oneself without being known
• Vital to protect freedom of expression without any threat of injury or harm
• Allows the government to provide protection to its officials through anonymity in the interest of national security
• Allows government officials to disseminate information without fear of political backlash 

C2G |Pros and Cons

Pros

• Whistle blowers are provided greater protection from harm
• Allowing complaints against government officials/departments to be filed anonymously
• Lowers the risk of abuse of information by government officials
• Seeking information from the government anonymously, eg. RTI Anonymous
• Protection of witnesses and preventing them from turning hostile
• Classified information for the purpose of national security

C2G |Pros and Cons

Pros

• Anonymity to victims of sexual offense, juveniles and suspects untill proven guilty
• Use of Internet and telecommunication services without fear of surveillance
• Availing healthcare benefits without the possibility of disclosure of private health information to any third parties
• Protection of identity and sensitive information of pregnant women while undergoing pre-conception, pre-natal and ultra-sonography tests.
• Protection of privacy of patients in psychiatric care

C2G |Pros and Cons

Cons

• Impedes the ability of the government to identify any threats
• Prevents efficient and targetted delivery of government services and policies
• Hinders prevention and identification of fraudulent financial transactions
• Lack of complete and accurate information to facilitate better relief during disasters and emergencies

C2G |Pros and Cons

Circumstances in which Anonymity is Required?

• Whistle-blowing
• Complaints
• Access to Telecom Services
• Healthcare
• Freedom of Expression
• National Security
• Justice System
• Financial Services
• Delivery of Government services

C2G | Required in which circumstances

Legislations

• Whistleblowers Protection Act, 2011
• Whistleblowers Protection (Amendment) Bill, 2​015​

C2G | Required in which circumstances | Whistle-blowing

Key Takeaways

• No definition of 'victimisation' in the Act. Vagueness about ways in which complainant may be victimised.
• Exception to obligation of 'Competent Authority' to keep confidential identity of the complainant – If complainant has revealed his identity to any other office
• Amendment Bill adds a list of exceptions for matters involving national security, cabinet papers, privileged documents, or information threatening someone's life or safety.

C2G | Required in which circumstances | Whistle-blowing

Policies/Projects

• Guidelines by the Dept. of Personnel and Training, Ministry of Personnel, Public Grievances and Pensions, GoI on handling of complaints    
• GoI Resolution on Public Interest Disclosures and Protection of Informer (PIDPI) 
• Various initiatives taken of installing complaint boxes outside police stations and markets enabling anonymous complaints

C2G | Required in which circumstances | Complaints

Key Takeaways

• PIDPI Resolution and Guidelines only concern the Central Government Ministries and Departments. No such mandatory policies for states government
• Complaints filed anonymously or pseudonymously are not taken cognizance of.
• Departments/Ministries to keep confidential the identity of complainant
• Initiatives of complaint boxes lack any mechanism for complainants to follow up on their complaints

C2G | Required in which circumstances | Complaints

Policies/Projects

• Internet Registry for Internet Names and Number (IRINN) Policy 1.1
• IT (Guidelines for Cyber Cafe) Rules, 2011
• IDN Terms and Conditions for Registrants  
• .IN Terms and Conditions for Registrants

C2G | Required in which circumstances | Telecom Services

Key Takeaways

• Under the IT Rules, proof of identity needs to be provided before accessing the internet at a cyber cafe
• IRINN Policy requires identification documents like PAN for an individual to become an affiliate
• IDIN and .IN registration require proof of identity and address documents
• ISPs needs to keep maintain data logs of each IP address which may be traced back to the individual 

C2G | Required in which circumstances | Telecom Services

Policies/Projects

• Right to Information Act, 2005
• RTI Anonymous

C2G | Required in which circumstances | RTI

Policies/Projects

Text

C2G | Required in which circumstances | RTI

Key Takeaways

• Previously no RTI requests could be made anonymously
• In 2012, Calcutta HC made filing of RTI application anonymously using post box numbers permissible.
• Online portals allow RTI's to be filed anonymously.
• Intelligence agencies and Information relating to national security, or infringing privacy of a government official is exempted from the purview of RTI Act.

C2G | Required in which circumstances | RTI

Policies/Projects

C2G | Required in which circumstances | Justice System

• Consultation paper by Law Commission of India on witness identity protection and witness protection programmes, August 2004
• Indian Penal Code, 1860 (Section 228 A, Disclosure of identity of victim of sexual crimes)
• Indian Evidence Act, 1882 (Section 146 - Unlawful questions in cross-examination)
• Juvenile Justice Act, 2000
• Terrorist and Disruptive Activities Act, 1985
• Unlawful Activities (Prevention) Amendment Act, 2004 (Section 44 - Protection of witnesses)
• National Investigation Agency Act, 2008 (Section 17 - Protection of witnesses)

Key Takeaways

• No dedicated law or guidelines to provide for witness protection.
• Provisions under Terrorist and Disruptive Activities Act, Unlawful Activities (Prevention) Amendment Act and National Investigation Agency Act, 2008
• Provisions to criminalize disclosure of victim's identity and protection of rape victims under Evidence Act and IPC.
• Section 21 Prohibits publication of details of a juvenile to ensure anonymity under the JJ Act.

C2G | Required in which circumstances | Justice System 

Policies

• Master Circular on Know Your Customer (KYC) norms /Anti Money Laundering (AML) standards / Combating of Financing of Terrorism (CFT)/Obligations of Banks under PMLA, dated July 2015
• Master Circular on Customer Service in Banks, 2013
   

C2G |Required in which circumstances | Financial Services

Key Takeaways

• KYC norms enable banks keep a check on all transactions (even if suspicious) and share such information with law enforcement agencies
• Information derived from KYC is confidential
• Any additional information to be collected on voluntary basis

C2G | Required in which circumstances | Financial Services

Policies

• Medical Termination of Pregnancy Act, 1971
• Health data under UID Project
• Pre-Conception and Pre-Natal Diagnostic Techniques (Prohibition of Sex Selection) Act, 1994
• "Save the Baby Girl" Project, 2009
• PNDT Rules, 1996
• Mental Health Act, 1987
• IMC (Professional conduct, Etiquette and Ethics) Regulations, 2002 (Code of Ethics Regulations, 2002)
• Ethical Guidelines for Biomedical Research on Human Subjects, 2006
• National Policy for Persons with Disabilities, 2006

C2G | Required in which circumstances | Healthcare

Key Takeaways

• Obtaining a disability certificate requires disclosure of sensitive and personal information
• Disclosure of information to undergo pre-natal diagnostic testing and ultra-sound is mandatory
• Legislations ensure data of women undergoing abortion/such tests is kept confidential & Physicians required to keep patient's information confidential 

C2G | Required in which circumstances | Healthcare

Key Takeaways

• Inspection of records in psychiatric hospitals and nursing homes to be allowed only by State Government authorized officers
• Compliance with Principles when conducting research on humans: Principle of Informed consent, Privacy, Confidentiality, Accountability, Transparency and Compliance
• UID Scheme has potential to facilitate breach the anonymity of health data collected

C2G | Required in which circumstances | Healthcare

Policies/Projects

• Collection of Statistics Act, 2008
• PAN Card
• UID Scheme (Aadhaar card)
• Ration/PDS Card
• NREGS job card
• Pensioner photo card
• CGHS / ECHS photo card
• Kissan photo passbook

C2G | Required in which circumstances | Delivery of Government Services

Key Takeaways

• Providing information to avail services and benefits of Government schemes and policies
• Identification becomes important in times of national emergencies like natural disasters, epidemics etc for better provision of relief and aid

C2G | Required in which circumstances | Delivery of Government Services

Whistle Blowing and Complaints

• Technical solution like Wikileaks which publish classified information from anonymous sources
• Solutions like Wikilieaks can have standards to authenticate the source along with security and policy standards that protect the identity of the informant
• Use of data encryption and decryption progarms like PGP and GnuPG 
• Use of data encryption software will provide cryptographic privacy and authentication for data communication

C2G | Technical solutions and feasibility

Telecom Services

• Currently identification information needs to be provided at every stage for availing telecom services
• Identity brokers - third party service providers who vouch for the individuals and organizations and enable them to avail services without having to disclose their data

C2G | Technical solution and feasibility

RTI

• Solutions like RTI Anonymous allows filing of RTI applications without revealing one's identity
• The response from the government is made available on the website and is easily accessible
• Solutions like RTI Anonymous will facilitate seeking of information without the fear of retribution by exposing one's identity

C2G | Technical solution and feasibility

Justice System

• Potential solutions like In-camera testimony of witnesses over secure networks like TOR which cannot be traced back to the individual would be useful
• This will require authenticating mechanisms like security keys provided to the witness to ensure reliability

C2G | Technical Solutions and Feasibility

Healthcare Services

• For tests that lead to sensitive information like HIV and STDs, provision for dropping of bottles, and samples with only serial number, and facility to check the results on public display that reveal the results against the serial number are needed
• Systems that facilitate greater anonymity for sensitive information will prevent discrimination
• However, in absence of proper education in how to provide blood and other samples, risk of inadequate information to provide definitive results

C2G | Technical Solutions and Feasibility

Financial services

• Almost impossible to conduct financial transaction without revealing identity
• Only possible in case of offline cash transactions
• Use of Bitcoins may allow anonymity in limited spheres

C2G | Technical solution and feasibility

Delivery of government services

• Most benefits and services provided by the government require identity
• Schemes like food coupons may be used instead of identity linked rations
• Government tracks identity linked data for insights to improve its services 
• This will be prevented in case of schemes which are not identity linked.

C2G | Technical solution and feasibility

Employee – Employer Relationship

• What is the need for Anonymity? Pros and Cons
• In which circumstances is anonymity required?
• How technically feasible is to provide anonymity?
• What is the impact of anonymity?

E2E

What is the need for anonymity?

• At the time of an individual providing data for availing some services/benefits such as:
• Use of Social Networking Sites, blogs, newsletters, archives
• Email and other modes of communication
• E-commerce
• Use of Data collected by Government, Corporates, Businesses for purposes other than agreed at the initial collection point
    

E2E |Pros and Cons

Pros

• Benefits both employer and employee
• It helps in creating innovation and boost morale of our employees
• An effective tool to identify pool of human resources talent
• Global platform for employees to collaborate amidst diverse cultures

E2E |Pros and Cons

Cons

• Cyber Bullying
• Compromising one’s privacy
• Huge administration cost to manage grievances and breaches
• Lack of specialized professionals
• Stringent laws and regulations 

E2E |Pros and Cons

Examples

• Secret – revamped its application, borrowing ideas from apps like Yik Yak and Snapchat and others in order to introduce new features like location based posts and disappearing private messages.
  
• Yik Yak –  combines anonymity with location based networking, cyber bullying became so bad this year that the company had to implement technology

E2E |Pros and Cons

Circumstances in which Anonymity is Required?

• Reporting of Incidents
• Fraud allegations
• Whistleblowers

E2E | Required in which circumstances

Technical Feasibility

• Right to anonymity by an employee is waived when Organization’s business interest is threatened – When employer’s proprietary information is breached, or Contractual obligations agreed with the Client is violated
• Client is King for employers
• Lack of user awareness in using the social networking platforms and online media 

E2E |Technical Feasibility

Technical Feasibility

• Stringent laws and regulations that embraces monitoring as a tool limits right of an user to avail full anonymity
• Increasing crimes at Cyber Space and paradigm shift in the technological landscape
• Current method of handling anonymity breaks at the public level doesn’t apply well on social networking web sites. 
• Use of Privacy Enhanced Technologies (PETs)

E2E |Technical Feasibility

Anonymouse

• Web search portal hosted on an island off the coast of Somalia
• Allows you to access any webpage without leaving a trace.

E2E |Technical Feasibility | PETs

I2P

• Mixed-license, free and open source project 
• anonymous network that other applications can use to anonymously and securely send messages to each other
• Uses include anonymous surfing, chatting, blogging and file transfers.

E2E |Technical Feasibility | PETs

Privacy Bird

• Free software designed to automatically read full P3P privacy policies of websites and compare them to your personal privacy preferences
• Provides warning messages when a site's policies do not match your own 

E2E |Technical Feasibility | PETs

Privacy Box

• Used primarily by journalists, bloggers and other publishers
• Allows the possibility to offer non-tracked (and also anonymous) contact forms 

E2E |Technical Feasibility | PETs

Privacy Choice Opt-Out

• Gathers opt-out cookies from over 150 ad companies, with an optional Firefox add-on to preserve and automatically update preferences
• Opt-out from all companies or opt-out selectively based on industry certifications and policy terms. 

E2E |Technical Feasibility | PETs

Others

• Internet Proxy - Free internet web based proxy. Conceals your IP address from visited sites. 
• Java Anonymous Proxy - Free, cross-platform proxy system designed to allow browsing the web with revocable pseudonymity
• JonDoNym - German-based software that encrypts and mixes Internet communications to render them anonymous.

E2E |Technical Feasibility | PETs

Consumer - Business Relationship

Why is anonymity required

• “If you kill the messenger, you won’t hear the bad news”- whistle blowers
• For research purposes – studies for sexual behavior, criminal behavior 
• “I wanted the book to be reviewed. Not the author” – Artistic expressions
• Encouraging stigmatized individuals to communicate, share their experiences for expert or professional help – AIDS, alcohol, pregnancy, etc.
  
• “It’s none of your business” - Online Profiling

C2B |Pros and Cons

Cons

• "Being anonymous means you never have to say you are sorry" 
• Lack of Accountability
• Inability to do Online Profiling

C2B|Pros and Cons

Pros

• Hotlines and other means of communication for whistle blowers
• Keeping personal information provided for research purposes confidential
• Studies for medical, sexual or criminal behavior for which anonymity is preferred 
• Protection id identity of donors
• Protection of one's time, space and person from unwanted intrusions

C2B |Pros and Cons

Circumstances in which Anonymity is Required?

• Research and data mining where personal identifiers are unnecessary
• Anonymous communication
• Behavioral targetting/Online profiling

C2B | Required in which circumstances

Behavioral targetting / Online Profiling

• Personal choices and preferences of their past, present and future customers are captured and analyzed to provide tailored services. 
• An individual's IP address, browser type, pages viewed, and the date and time of use becomes easily and readily available
• On mobile, the data collected is more elaborate and accurate - including a user's location, device type and contact list
• Section 43A of IT Act, 2000
• Self-regulation

C2B | Required in which circumstances

IoT and Big Data

• IoT connects digital life to 'real' life 
• Faustian bargain – willing to sacrifice anything to satisfy a limitless desire for knowledge and power
  
• Making a 'Faustian bargain' can be interpreted as making a deal with the devil - it may seem like a good deal, but there is always a catch, and that catch is usually very, very bad
• It's much harder to opt out of data collection when you're dealing with physical sensors
  

 

C2B | Required in which circumstances

Sometimes it's good to not know!

• Data protection laws provide support to anonymized dataset in UK and Singapore
• From business perspective – Trust building becomes easier, but robust technologies can always be penetrable
• ICANN follows a questionable process
• It registers domain only after gathering personal information
• Violates many data protection laws and regulations

C2B | Technical Feasibility

Legally done!

• Banking laws - KYC guidelines issued by the Reserve Bank of India
• Telecom laws - provide access to law enforcement agencies to call records and SMS histories of their subscribers on request

What can be done?

• Follow certain standards while collecting PIIs
• Using codes instead of identities, encryption, removing face sheets.
• Limited access to information, assign security codes to computerized records, etc.

C2B | Technical Feasibility

DuckDuckGo.com

C2B | Technical Feasibility

Current Practices

• Aadhar - Brilliant or Blunder?
• Chui – a smart doorbell - uses facial recognition technology to turn your face, and the faces of those you allow, into keys that unlock a door – unlock through smartphone
• Bitcoin - Alternative or Substitute
• Scanalytics by Microsoft’s IoT accelerator an intelligent floor mat called the SoleSensor, which measures foot traffic. It works like a touch screen for the floor and the company claims that it can measure 100% of foot traffic in an area, down to each individual step. 

C2B | Technical Feasibility

Technical Solutions

• Follow certain standards while collecting PIIs
• Using codes instead of identities, encryption, removing face sheets.
• Limited access to information, assign security codes to computerized records, etc.

C2B | Technical Feasibility