📰 Supreme Court says new rules to regulate OTT platforms lack teeth
Court protects Amazon Prime Video India Commercial head Aparna Purohit from arrest in ‘Tandav’ web series row
•The Supreme Court on Friday said the government’s new rules to regulate OTT (over-the-top) platforms lacked teeth to punish violators or to screen offensive content even as it protected Amazon Prime Video India Commercial head Aparna Purohit from arrest in the ‘Tandav’ web series row.
•“We went through your Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules of 2021... these are merely guidelines. There is no provision for punishment or fine... What is the mechanism to control it [content]” Justice Ashok Bhushan, heading a Bench, asked Solicitor General Tushar Mehta.
Ready to submit new draft: SG
•Mr. Mehta agreed to consider drafting new regulations or even legislation to address the concern raised by the court about OTT platforms. “We can come out with it... We can come out with a draft and place it before the court,” he stated.
•The court recorded in its order that the new rules notified days back were “more in the nature of guidelines” and there was “no effective mechanism for screening or to take appropriate action” against violators.
•The court said the assurance given by Mr. Mehta to it that the government would consider taking “appropriate steps” for any “further regulations/legislation” as seen as fit. The Bench ordered that the regulations/legislation, once done, should be placed before the court.
•During the hearing, Amazon, represented by senior advocate Mukul Rohatgi, complained about an oral remark made by Justice Bhushan that some of the films featured on OTT platforms had pornographic content. Mr. Rohatgi said the remark had been picked up by the media and bandied about. “Amazon does not show pornography,” he said.
‘No pornography’
•Mr. Mehta intervened to say that Justice Bhushan did not mean “pornography” literally, but meant that some content was “almost pornographic”.
•“But Mr. Mehta, I can show you 10,000 movies on Amazon, there is no pornography in any of them. I myself watch these movies in the evenings... these are great movies,” Mr. Rohatgi exclaimed.
•Justice Bhushan intervened, saying the court never meant that the movies shown were not great. “We are not saying great movies are not shown...” he remarked.
•Turning to the specific case of Ms. Purohit, Mr. Rohatgi submitted that she was only an employee and was ready to cooperate with the investigation. He submitted that two offending scenes in ‘Tandav’ have already been removed.
•The court issued notice on her plea for bail and directed that the police should not arrest her as long as she cooperates with the investigation into complaints that the web series ridicules Hindu gods and the country’s political power corridors.
Through Sri Lanka’s over three decade-strife, India, and its military, have played a significant role.
•With the participation of the Indian Air Force Chief and 23 aircraft in the three-day event in Colombo to mark the 70th anniversary of the Sri Lanka Air Force (SLAF), India sought to reaffirm its strong defence cooperation with Sri Lanka. The last time Indian aircraft took part in such an event was in 2001, on the occasion of the SLAF’s 50th year, according to Captain Vikas Sood, Defence Adviser at the Indian High Commission.
•A team of 4 Sarang Advance Light Helicopters, Surya Kiran (Hawks), Tejas Fighter Aircraft, Tejas Trainer and the Dornier Maritime Patrol Aircraft from India were in Sri Lanka this week, to participate in a fly past and acrobatic display event with the SLAF, held by Colombo’s seafront. Air Chief Marshal Rakesh Kumar Singh Bhadauri called on Prime Minister Mahinda Rajapaksa, and met senior defence officials.
•“The engagement was very positive, we look forward to building on our strong ties,” Captain Sood said.
•During Sri Lanka’s over three decade-civil war, India has played a crucial role, politically and at times, using its military. While the controversial Indian Peace Keeping Force (IPKF) presence here, and ‘Operation Poomalai’ of 1987 — when the Indian Air Force dropped food supplies in Jaffna — drew criticism from sections, the Indian military’s “support” has been repeatedly acknowledged by Sri Lanka’s national leaders.
•In Sri Lanka’s post-war era, Indo-Lanka military partnership has focussed mostly on training and capacity building. According to Captain Sood, as many as 1,200 Sri Lankan military personnel are trained in India every year. “That is about 50% of the total training we offer, and shows the priority we accord to Sri Lanka,” he said, adding that Sri Lanka had “huge potential” to contribute to regional security.
Fire-fighting operation
•Last year, Indian Navy and Coast Guard personnel helped the Sri Lankan Navy in a crucial fire-fighting operation, when an oil tanker went up in flames, off the island’s east coast. Further, Sri Lanka’s strategic location makes it a crucial partner for all countries in the region. Pakistan’s Air Chief Marshal Mujahid Anwar Khan was also in Sri Lanka to attend the 70th year celebrations. “This visit signifies the strong bond and friendship between the two countries and their Armed Forces,” the Pakistani mission here said. Over the years, Sri Lanka is known to have maintained strong military ties with several partners in the region and beyond.
•Domestically, its defence sector is accorded high priority by all governments. A decade after the war, Sri Lanka allocates one of the biggest chunks of its annual budget to the defence sector — an estimated LKR 23,250 million for the year 2021. President Gotabaya Rajapaksa’s presidential campaign in 2019, months after the Easter terror bombings, was on the plank of national security.
•Meanwhile, residents in the former war zone highlight continuing militarisation in the north and east, seen in the several military check points and land still held by the military. Following President Rajapaksa’s election, at least 28 serving or former military and intelligence personnel were appointed to key administrative posts, UN High Commissioner for Human Rights Michelle Bachelet noted in her recent report. The Sri Lankan army is also in the forefront of the country’s Covid-19 response since March last year.
📰 New space: On ISRO’s first dedicated commercial mission
ISRO must take advantage of the market opportunities from space applications
•With the launch of Brazil’s Amazonia-1 satellite last week from Sriharikota, a new chapter has begun in India’s space history. The satellite, a 637-kilogram entity, was the first dedicated commercial mission of NewSpace India Limited, a two-year-old commercial arm of the Department of Space. This is not the first time that NSIL has organised a launch of foreign satellites aboard an Indian Space Research Organisation (ISRO) launch vehicle. The organisation has had launches last November as well as in December 2019. However, the primary satellites aboard both these missions were Indian satellites — the RISAT-2BRI and the EOS-01 — with smaller satellites from several other countries, as well as India, piggybacking on them. The Amazonia mission also saw 18 other satellites being launched and was the first fully commercial mission. India has so far launched 342 foreign satellites from 34 countries using its Polar Satellite Launch Vehicle platform and many of them have involved ISRO’s first commercial entity, the Antrix Corporation. There is still confusion on how exactly the responsibilities of NSIL differ from those of Antrix. But with the formation of the Indian National Space Promotion and Authorization Center (IN-SPACe) — a regulatory agency — as well as plans of an independent tribunal to adjudicate disputes among private space entities, there is a potential explosion of market opportunities from space applications on the anvil. Though the private sector plays a major role in developing launch and satellite infrastructure for ISRO, there are now several companies that offer myriad services. Many of these companies want to launch their own satellites, of varying dimensions, and the experience with ISRO has not been smooth always. The most conspicuous has been the controversy involving Devas Multimedia, to which the Government of India owes nearly $1.2 billion going by an order of a tribunal of the International Chamber of Commerce and upheld by a United States federal court last year. NSIL, it is said, is also a move by India’s space establishment to insulate the prospects of the space industry in India from repercussions of the Devas-Antrix imbroglio.
•Much like unfettered access to the Internet has spawned industries that were inconceivable, similarly, space applications and mapping have barely scratched the surface in terms of the opportunities that they can create. NSIL has a broad ambit and will be involved in collaborations spanning from launches to new space-related industries. NSIL is also expected to be more than just a marketer of ISRO’s technologies; it is to find newer business opportunities and expand the sector itself. NSIL must endeavour to not be another Antrix but be continuously in start-up mode. It must conceive of ways to aid space start-ups reach out to rural India and facilitate more recruits from India’s young to facilitate careers in space applications and sciences. It must see itself both as an Indian ambassador and disruptor in the space arena.
📰 Patching the gaps in India’s cybersecurity
Doctrinal clarity and institutional coherence are essential for a robust cybersecurity posture
•On Sunday, February 28, there was a sensational report in The New York Times, China appears to warn India: push too hard and the lights could go out, based on investigations by a United States-based cybersecurity firm. It raised the possibility that the power outage in Mumbai, on October 13, 2020, could have been the result of an attack by a Chinese state-sponsored group. Maharashtra’s Home Minister acknowledged that a report by the Maharashtra Cyber Cell showed that the grid failure was potentially the result of “cyber sabotage”. Meanwhile, the Union Power Ministry denied that the grid failure was linked to any cybersecurity incident, and blamed human error for it. We cannot say who is right since not enough information is available in the public domain. And therein lies the rub.
•While Maharashtra’s Home Minister has promised to table the report in the Assembly, this would be the first time, to our knowledge, that a cybersecurity incident has been discussed this openly by government officials.
India has been a target earlier
•India has been attacked by suspected Chinese state-sponsored groups multiple times in the past. In 2009, a suspected cyber espionage network dubbed GhostNet was found to be targeting, amongst others, the Tibetan government in exile in India, and many Indian embassies. By pursuing the leads from that discovery, researchers found what they dubbed the Shadow Network, a vast cyberespionage operation which extensively targeted Indian entities, including military establishments, news publications, and even the National Security Council Secretariat itself, with clear evidence that confidential documents had been accessed by the attackers. In response to a question raised in Parliament, the then Minister Sachin Pilot noted an investigation was under way. There were a number of subsequent attacks that targeted India, including Stuxnet, which had also taken down nuclear reactors in Iran; Suckfly, which targeted not just government but also private entities including a firm that provided tech support to the National Stock Exchange; and Dtrack which first targeted Indian banks, and later the Kudankulam nuclear power plant (Tamil Nadu) in 2019. However, neither the report from the Shadow Network investigation, nor any other, has ever been tabled in Parliament, nor even a redacted version made public. Even when parliamentarians have raised serious questions, the government’s responses have only been perfunctory. Appraising lawmakers of the scale and depth of the damage wrought is critical to enabling meaningful public discussions and crafting a robust response. Further, doing so will enable the government to be able to own the narrative around these incidents.
•On a side note, while there is much evidence to show that Chinese state-sponsored groups were responsible for many of these attacks, Chinese cybersecurity agencies have also helped the security community in dismantling the infrastructure behind some of these attacks. And it must also be remembered that documents released by WikiLeaks show that groups such as the Central Intelligence Agency’s UMBRAGE project have advanced capabilities of misdirecting attribution to another nation-state (“false flag attacks”) by leaving behind false “fingerprints” for investigators to find. Given this, questions of attribution are always murky when it comes to cyber attacks — necessitating a robust institutional posture and political acumen in publicly dealing with these issues.
Institutional security
•Over the past two decades, India has made a significant effort at crafting institutional machinery focusing on cyber resilience spanning several government entities. The Prime Minister’s Office includes within it several cyber portfolios. Among these are the National Security Council, usually chaired by the National Security Adviser (NSA), and plays a key role in shaping India’s cyber policy ecosystem. The NSA also chairs the National Information Board, which is meant to be the apex body for cross-ministry coordination on cybersecurity policymaking. The National Critical Information Infrastructure Protection Centre established under the National Technical Research Organisation in January 2014 was mandated to facilitate the protection of critical information infrastructure. In 2015, the Prime Minister established the office of the National Cyber Security Coordinator who advises the Prime Minister on strategic cybersecurity issues.
•India’s Computer Emergency Response Team (CERT-In), which is the nodal entity responding to various cybersecurity threats to non-critical infrastructure comes under the Ministry of Electronics and Information Technology (MEITY). The Ministry of Defence has recently upgraded the Defence Information Assurance and Research Agency to establish the Defence Cyber Agency, a tri-service command of the Indian armed forces to coordinate and control joint cyber operations, and craft India’s cyber doctrine. Finally, the Ministry of Home Affairs oversees multiple similarly-named “coordination centres” that focus on law enforcement efforts to address cybercrime, espionage and terrorism, while the Ministry of External Affairs coordinates India’s cyber diplomacy push — both bilaterally with other countries, and at international fora like the United Nations.
•This institutional framework, while seeking to create an ‘all of government’ approach to countering and mitigating cybersecurity threats at the national level, has also resulted in concerns around effective coordination, overlapping responsibilities and lack of clear institutional boundaries and accountability. This needs to be clarified in India’s National Cyber Security Strategy, which has been drafted by the NSC — a much-needed update to the National Cyber Security Policy 2013 — but is yet to be released. Ensuring coherence and coordination between these different actors should be its primary goal.
Doctrine on cyber conflicts
•India is also yet to clearly articulate a doctrine that holistically captures its approach to cyber conflict, either for conducting offensive cyber operations, or the extent and scope of countermeasures against cyber attacks. While reports indicate that India too engages in targeted cyber-attacks, the rules of engagement for that too are unclear. This is unlike India’s approach to other global security regimes. For example, the ‘No First Use’ nuclear posture has been critical in preventing a nuclear armageddon in a region fraught by political and military tensions, and continues to further India’s global reputation as a responsible nuclear state.
•Is it fair to argue that ‘cyber’ is different? Could secrecy and ambiguity surrounding a nation’s doctrine and capabilities provide a tactical advantage when engaging in cyber operations? This is hardly the case in today’s increasingly unstable geopolitical scenario. The existing asymmetry in capabilities does not currently favour India. The absence of a credible cyber deterrence strategy means that states and non-state actors alike remain incentivised to undertake low-scale cyber operations for a variety of purposes — espionage, cyber crime, and even the disruption of critical information infrastructure.
Define the red lines
•The same argument must be made for India’s contribution to global regimes crafting norms for responsible state behaviour in cyberspace. India has been an active participant at processes within the First Committee of the United Nations General Assembly dealing with issues of disarmament and international security. While the Indian delegation has made public some of their intervention, India’s long-term strategic thinking on core issues of debate at these fora remains relatively unknown, barring a few statements by public officials, including Shivshankar Menon and Arvind Gupta. A key opportunity herein is a precise articulation of how international law applies to cyberspace, which could mould the global governance debate to further India’s strategic interests and capabilities. In particular, this should include positioning on not just non-binding norms but also legal obligations on ‘red lines’ with respect to cyberspace-targets that should be considered illegitimate due to their significance for human life, such as health-care systems, electricity grids, water supply, and financial systems.
•Clearer strategy and greater transparency are the need of the hour to improve India’s cybersecurity posture. To better detect and counter threats from both state actors and their proxies as well as online criminals, improved coordination is needed between the government and the private sector, as well as within the government itself — and at the national and State levels. A clear public posture on cyber defence and warfare boosts citizen confidence, helps build trust among allies, and clearly signals intent to potential adversaries, thus enabling a more stable and secure cyber ecosystem.