19 Jan India’s Supreme Court reviews biometric database program, lawmakers in Vietnam consider data localization bill, investors push Facebook and Twitter about content policies

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

India’s Supreme Court reviews biometric database program

A woman receives an iris scan to enroll in the Aadhaar database (Photo by Biswarup Ganguly, licensed CC BY 3.0)

This week, India’s Supreme Court began its final hearings to consider the legality the government’s controversial biometric database program, reviewing nearly 30 petitions filed against the program over the past several years. Under the program, known as Aadhaar, individuals must enroll in a database—which requires submitting scans of their fingerprints and irises—in order to obtain a variety of government services, including paying taxes or receiving government subsidies. The Department of Telecommunications also requires telecommunications companies to collect Aadhaar numbers for new mobile customers, and has given current mobile phone users until March 31, 2018 to re-verify their SIM cards with their Aadhaar number to continue to receive service.

Privacy advocates have raised concerns over Aadhaar, especially after recent news highlighting privacy and security issues relating to the program. In December 2017, Bharti Airtel’s license to carry out Aadhaar-based SIM verification was suspended after it was discovered that it had been using this process to open bank accounts for mobile customers without their informed consent. The Tribune, an Indian newspaper, recently revealed that reporters were able to gain access to the database after paying about $8 USD to an anonymous individual who was selling access online. The Tribune reported that after entering an individual’s Aadhaar number they were able to view his or her personal information including name, address, postal code, photo, phone number, and email.

As noted in the 2017 Corporate Accountability Index recommendations, governments should work with the private sector and civil society to ensure that legal and regulatory frameworks make it possible for companies to respect digital rights. This includes respecting the right to anonymous online activity. Governments should refrain from requiring companies to document users’ identities when it is not essential to the provision of service. As UN Special Rapporteur for Freedom of Expression David Kaye has stated, anonymity is essential for individuals to exercise their right to freedom of expression, and deserves strong protections. (more…)

12 Jan France plans to regulate “fake news,” tech companies respond to security flaws, U.S. Senate to vote on FCC’s decision to repeal net neutrality

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

France plans to regulate “fake news” during elections

Russian President Vladimir Putin and French President Emmanuel Macron (Image via Kremlin.ru, licensed CC BY 4.0)

In the latest push in Europe to regulate social media content, French President Emmanuel Macron has announced a new bill to regulate the spreading of “fake news” during elections. In an annual speech to the press, Macron said the bill will be submitted to the parliament in upcoming weeks. The bill specifically targets sponsored content, and if adopted it would require social media platforms to “make public the identity of sponsors and of those who control them,” and to impose limits on the amount of money paid to sponsor such content.

Macron added that others measures targeting “fake news” would include the deletion of content, blocking sites for spreading false news or deleting them from the results of search engines, and the closure of accounts of infringing users, following judicial orders. A draft of the bill is yet to be released, and it remains unclear how French authorities will coordinate with technology companies to regulate such content, and what kind of actions will be taken against platforms that do not comply the future rules.

Internet, mobile, and telecommunications companies should be transparent about how they handle government requests for content restrictions and publish transparency reports on such requests that include data on the number of requests received, the number they complied with, the types of subject matter associated with these requests. Most companies evaluated in the 2017 Index lacked transparency about how they handle government requests to restrict content or accounts, and did not disclose sufficient data about the number of requests they received or complied with, or which authorities made these requests.   

(more…)

05 Jan Iran restricts internet access, Tencent denies collecting messaging chats, Germany cracks down on offensive speech

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

Iran restricts internet access

Photo yeowatzup on Flickr (CC BY 2.0)

The Iranian government has blocked multiple social media and messaging apps in an attempt to disrupt protests that have grown and spread throughout the country over the past week, according to multiple news outlets. Iranians have reported being unable to access services including social network Instagram and the messaging app Telegram. The protests are said to be the largest anti-government demonstrations in Iran since the 2009 Green Movement demonstrations.

Iran has one of the most complex internet censorship regimes in the world, which involves blocking and filtering websites, surveillance, and targeting citizens and activists for political speech. Internet users in recent days are reporting difficulties reaching previously-accessible foreign websites and services, according to the Center for Human Rights in Iran. Although there have been no reports of a nationwide internet shutdown, The New York Times reports that “internet access has been sporadically cut off” in several cities where large protests have taken place.

Shutting down networks and restricting access to online communications violate human rights, and can also risk the safety of citizens. A 2015 declaration from a joint declaration by intergovernmental organizations states that “using communications ‘kill switches’ (i.e. shutting down entire parts of communications systems)…can never be justified under human rights law.” Authorities should commit to protect human rights principles and refrain from ordering network shutdowns, acknowledging that network shutdowns can pose a threat to public safety and have significantly detrimental economic effects. Telecommunications companies should also disclose information about how they handle government network shutdown demands, including under whose authority a shutdown is ordered, so that those responsible can be held accountable. None of the telecommunications companies evaluated in the 2017 Corporate Accountability Index disclosed sufficient information about how they handle government network shutdown demands. (more…)

08 Dec U.S. net neutrality repeal moves forward, internet companies remove extremist content, and Uber pays hacker to hide 2016 data breach

Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.

U.S. proceeds with rollback of net neutrality protections

2014 net neutrality protest at the White House. Photo Joseph Gruber (CC BY-NC-ND 2.0)

U.S. regulators are moving forward with plans to undo current net neutrality protections despite strong public opposition. On December 14, the Federal Communications Committee (FCC) plans to vote to repeal the rules adopted in 2015, which provide strong net neutrality protections that prevent ISPs from blocking, throttling, or offering paid prioritization for certain types of content. Several major internet companies, including Google, Facebook, Netflix, and Reddit, have spoken out in support of keeping the existing net neutrality protections, and a coalition of NGOs and activists have organized over 700 protests in all 50 states this week to oppose the FCC’s plan. Verizon, however, has asked the FCC to preempt any state laws regulating net neutrality, in the event that individual states pass their own net neutrality rules, and Comcast deleted a net neutrality pledge from its website the same day the rules repeal was announced, according to Ars Technica. The FCC has been criticized for ignoring strong public support for net neutrality, and for proceeding with its plan despite evidence that many of the public comments submitted about the repeal were spam or used stolen identities.

Telecommunications companies should not prioritize or block certain types of network traffic, and should publicly disclose a commitment to not prioritize or block traffic. A free and open internet depends on the ability for all users to have equal access to content and services, which is not possible if ISPs block or delay certain types of content or apps. However, it is often unclear whether companies use these types of network management practices, which is why strong net neutrality protections can help ensure that users have equal access to internet content. As 2017 Corporate Accountability Index research shows, most of the world’s leading telecommunications companies fall short of making such a public commitment. Of the ten telecommunications companies evaluated in the 2017 Index, Vodafone was the only one to clearly disclose that it does not prioritize, block, or delay certain types of traffic, applications, protocols, or content for reasons beyond assuring quality of service and reliability of the network. (more…)