“The freedom of a country can only be measured by its respect for the rights of its citizens, and it’s my conviction that these rights are in fact limitations of state power that define exactly where and when a government may not infringe into that domain of personal or individual freedoms that during the American Revolution was called “liberty” and during the Internet Revolution is called “privacy.” ― Edward Snowden, Permanent Record
In October this year, a UK-based technology research firm named Comparitech released a report which pointed out that social media platforms and global technology companies such as Facebook, Twitter, Google, and Microsoft have received 77,620 takedown content requests from the Indian government over a decade ranging from July 2009 to July 2018. India accounted for 19.86% of the 390K-plus removal requests during this time.
The report stated that India had the most content removal requests to Facebook from July 2013 to December 2018. Among all requests generated from India, 91.23% of them are directed to Facebook.
The company was quoted by the report saying, “We received a request from law enforcement in India to remove a photo that depicted a sketch of the Prophet Mohammed. – The content didn’t violate Facebook’s Community Standards but was made unavailable in India where any depiction of Mohammed is forbidden. (Jun 2016)”
Here’s a look at the history of content removal requests Facebook has received from the Indian government.
On average, Facebook accepted about 53% of the requests made by the Indian government from July 2013 to December 2018, of which 54% were made in relation to some legal processes while the rest 46% were emergency requests.
Facebook publicly states that it responds to government requests for data in accordance with applicable law and their terms of service. “Each and every request we receive is carefully reviewed for legal sufficiency and we may reject or require greater specificity on requests that appear overly broad or vague.”
Google was the pioneer in drafting the bi-annual transparency report in 2009 which reveals content removal request data by countries. The trend was followed by companies like Facebook, Twitter, Apple, Microsoft, and others. Requests made by the Indian government to the company show a significant hike over the years, especially since 2017.
Google responded to Inc42 saying, “When it comes to user data requests, respect for the privacy and security of data that users store with Google underpins our approach. Before complying with a government request, we make sure it follows the law and Google’s policies.”
The internet giant publicly mentioned, “There are many reasons we may not have removed content in response to a request. Some requests may not be specific enough for us to know what the government wanted us to remove, and others involve allegations of defamation through informal letters from government agencies, rather than court orders.”
It added that the percentage of requests including a court order or from law enforcement and government agencies where some content is removed.
However, the overall acceptance rate of content removal requests by Google went down, barring cases of judicial requests. The overall acceptance rate of requests has come down to 17% in December 2018 from a high of 53% in June 2010. Judicial request acceptance has also come down but stands at 48% in December 2018 from a high of 63% in June 2010.
Google also mentions that some governments and government agencies choose to block specific services as a means of controlling access to content in their jurisdiction. The content removal numbers reported do not include any data on government-mandated service blockages.
Popular microblogging platform Twitter has been in the news for many controversies this year, not least of which is the allegation of being casteist in its approach to verified accounts. The company also rolls out a bi-annual transparency report for content removal requests by governments, which suggests a drastic increase in the number of requests by the Indian government over the years. However, the acceptance rate of these requests by the platform depicts a downward trend.
The US tech giant has positioned itself as a champion of privacy in recent years, but it too has complied with an increasing number of requests from India over the years. In its transparency report, Apple splits government requests into three categories — account requests, emergency requests, and financial identifier requests. The first of the three involves information about the Apple ID users, such as account holder name, address, connections to Apple services for law enforcement investigations.
Account requests may also seek data related to content such as photos, email, device backups, contacts or calendar entries. The acceptance rate of such requests by Apple has increased over the years, however, it fell in 2018.
Emergency requests, which relate to circumstances involving imminent danger of death or serious physical injury to any person, generally seek information regarding a customer’s connections to Apple services. These are used for instances where law enforcement believes a person is missing or in danger. Emergency requests observed a decline in acceptance rate from 100% in 2017 to 82% in 2018.
Finally, financial identifier requests include data such as credit or debit cards, iTunes Gift Cards and, presumably, Apple Pay. Financial identifier requests generally seek information regarding suspected fraudulent transactions. These requests observed an increase in the acceptance rate from 65% in 2017 to 75% in 2018.
State Of Online Privacy In India
Inc42 reached out to Google, Facebook, Twitter and Apple in relation to the increased number of government requests.
While Facebook and Twitter are yet to respond, Apple denied an official comment on the issue and Google requested more time to look into the questions of government surveillance and monitoring.
What is important to understand here is the grey area between the public and the private sphere. Other countries have also faced similar issues. For example, in the US, individuals have contested the use of their tweets without permission, while courts in the US have ruled that tweets, private and public, can be obtained by law enforcement only with a subpoena, as technically the information has been shared with another entity, and is therefore no longer private.
Currently, what governs jurisdiction in India over such matters is the Information Technology Act (ITA) 2000. The act contains a number of provisions that can, in some cases, safeguard online privacy, or in other cases, dilute online privacy. Provisions that serve to dilute user privacy include access by law enforcement to user’s personal data or information stored online, internet traffic data and real-time monitoring, interception, and decryption of online communications.
As India’s internet ecosystem expands, concerns around data privacy have gathered a lot of momentum — especially in the light of the Aadhaar data leaks from government websites — There have been increasing concerns about governmental projects involved with collecting, processing, and using personal data, despite the fact that the government is looking to protect data of Indian internet users through data localisation policies.
The implementation of a central monitoring system by the Indian government is another example of how the government is seeking greater access to online communication. This system removes the need for the government to go through service providers such as social media platforms or internet providers and directly taps into all online communication.
Activists across the nation allege that such steps taken by the government are being taken to control and suppress free speech, while the government on the other side has always kept a stand where it says that the steps are being taken in interest of national security or to restrict the spread of misinformation, hate speech and child abuse content.
Government involvement in online surveillance was brought to the fore again with the WhatsApp Pegasus spying controversy, enabled by spyware created by Israel’s NSO Group. NSO has claimed that it only provides its snooping tools to government customers, so while the transparency reports above might indicate the extent of government’s official requests, there’s a lot more surveillance and monitoring happening under the surface.