The Promise of Public Interest Technology: In India and the ...

August 2019

The Promise of PublicInterest Technology: In India and the United Statesby New America's U.S.-India Fellows

Richard Abisla, Subhodeep Jash, Aditya K. Kaushik, Sylvia Mishra, Ananth Padmanabhan, Pranesh Prakash, Tanvi Ratna, Joshua Simons, Madhulika Srikumar, & Kaliya Young

Last edited on August 01, 2019 at 3:20 p.m. EDT

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/

2

About New America

We are dedicated to renewing America by continuing the quest to realize our nation’s highest ideals, honestly confronting the challenges caused by rapid technological and social change, and seizing the opportunities those changes create.

About the U.S.-India Fellowship

The India-United States Fellows Exchange is a collaboration between the Global Studies Program and the Fellows Program at New America. It aims to identify technologists from industry, government, and civil society; analysts of technology from academia and the media; and government regulators from state, local, and national levels to participate in a unique and timely fellowship exchange. This program will bring Fellows from India to the United States, and Fellows from the United States to India, in order to devise novel technology-based solutions to policy challenges. The aim of this program is to enable both countries to better harness technology to improve the lives of their citizens, and to improve and strengthen the bilateral relationship between India and the United States.

About Fellows

New America’s Fellows Program invests in thinkers—journalists, scholars, filmmakers, and public policy analysts—who generate big, bold ideas that have an impact and spark new conversations about the most pressing issues of our day.

About International Security

The International Security program aims to provide evidence-based analysis of some of the thorniest questions facing American policymakers and the public. We are focused on South Asia and the Middle East, extremist groups such as ISIS, al Qaeda and allied groups, the proliferation of drones, homeland security, and the activities of U.S. Special Forces and the CIA.

Acknowledgments

The India-U.S. Fellowship team would like to sincerely thank the Ford Foundation for its vision, trust, and support throughout this process. A sincere thanks to Pradeep Nair and Seema Sharma for their support and enthusiasm both before and during our fellowship.

Thank you to our partner in India, the Observer Research Foundation, for hosting our cohort while in New Delhi, and to the Selection Committee for supporting this year’s application process.

We would also like to thank a number of New America teams that helped to shape the experience of the 10 Fellows while they were in residence: Blockchain Trust Accelerator; Cybersecurity Initiative; Future of Property Rights; International Security; and Resource Security.

Open Technology Institute; Ranking Digital Rights; Political Reform; Public Interest Technology; and Resource Security. Thank you to your staff for making time to meet with the cohort of Fellows throughout the research period, further building out their network, and providing them with thought leadership.

Thank you to the wider New America team for supporting our Fellows by attending open events we had with them, joining us on our Fellows Day at New America, and helping answer any questions they had. A huge thank you to Anne-Marie Slaughter, Tyra Mariani, and Anish Goel for their collective support and encouragement throughout the entire fellowship.

Thank you to our colleagues supporting events, communications, production, and human resources. You carried us through the process, and we are extremely grateful for the time and effort you have put into supporting the fellowship, convening event, and final papers.

A huge thank you for the collaborative effort of a number of our current and former colleagues throughout this process: Catherine York, Emily Schneider, Afua Bruce, Joanne Zalatoris, Maria Elkin, Angela Spidalette, Narmada Variyam, Clarke Reeves, Dee Snyder with Connoisseur Travel, Robin Bradley, Elizabeth Pankova, and Sumaita Mulk.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 3

About the Author(s)

Richard Abisla is a 2019 India-U.S. Fellow at NewAmerica. Abisla is currently the Portfolio Manager forthe Americas at Caravan Studios, a division ofTechSoup.

Subhodeep Jash is a 2019 India-U.S. Fellow at NewAmerica, where he focuses on civic engagement thatcombines technology with active citizenship.

Aditya K. Kaushik is a 2019 India-U.S. Fellow at NewAmerica. Kaushik works as a project scientist atDivecha Centre for Climate Change at the IndianInstitute of Science (IISc) in Bangalore.

Sylvia Mishra is a 2019 India-U.S. Fellow at NewAmerica. Mishra will research civilian drones andIndia and the United States’ potential role in shapingnew drone applications, a project with applications inwider public interest issues.

Ananth Padmanabhan is a 2019 India-U.S. Fellow atNew America and a fellow at the Centre for PolicyResearch. His research interests are in the fields oftechnology policy, intellectual property rights, andinnovation scholarship.

Pranesh Prakash is a 2019 India-U.S. Fellow at NewAmerica. Prakash will spend his fellowship workingon policy and standards relating to the Indianparliament's record-keeping and legislative process.

Tanvi Ratna is a 2019 India-U.S. Fellow at NewAmerica. Ratna is a policy analyst and engineer,managing blockchain projects with a leading globalconsulting firm, based in India.

Joshua Simons is a 2019 India-U.S. Fellow at NewAmerica. Simons, a Sheldon Fellow in Government atHarvard University, is writing about the politics andethics of machine learning.

Madhulika Srikumar is a 2019 India-U.S. Fellow at New America. Srikumar will be working on India-U.S. data sharing for law enforcement and explore the underlying privacy standards for access to electronic data in the two countries.

Kaliya Young is a 2019 India-U.S. Fellow at New America. Young is one of the world’s leading experts on decentralized or self-sovereign identity technology

nited States Fe

ellows

wom indu

sts of tec

wship ews from

nechnology

o better h

eral relatates.


6

9

25

38

53

66

94

109

120

137

Contents

Foreword

The Development of Smart Water Markets Using Blockchain Technology(Aditya K. Kaushik)

Civilian Drones: Privacy Challenges and Potential Resolution (AnanthPadmanabhan)

The Privacy Negotiators: The Need for U.S. Tech Companies to MediateAgreements on Government Access to Data in India (Madhulika Srikumar)

Governing Data: Non-Discrimination and Non-Domination in Decision-Making (Joshua Simons)

Open Transit Data in India (Richard Abisla)

Blockchain Regulation in the United States: Evaluating the overall approach to virtual asset regulation (Tanvi Ratna)

Improving India’s Parliamentary Voting and Recordkeeping (Pranesh Prakash)

India and the United States: The Time Has Come to Collaborate onCommercial Drones (Sylvia Mishra)

Civic Futures 2.0: The Gamification of Civic Engagement in Cities(Subhodeep Jash)

Key Differences Between the U.S. Social Security System and India’s AadhaarSystem (Kaliya Young)


80

Foreword

New America and the Ford Foundation recognized a unique and timely

opportunity to create a fellowship exchange initiative between public interest

technology practitioners in India and the United States. The 2019 exchange

brought Fellows from India to the United States and sent Fellows to India from

the United States with the aim of enabling Fellows from both countries to better

harness technology to improve the lives of their citizens. The Fellows were

technology practitioners from industry, government, and civil society as well as

analysts of technology from academia and the media, and governmental

regulators.

Too often, technical experts who understand the details of how a technology

works lack the expertise or critical distance necessary to effectively evaluate, and

thoughtfully shape, the policy impact of their work. Developing a better

understanding of technology’s impact is a precondition for formulating effective

and just public policy.

Each Fellow we selected possessed unique experience and expertise, which

enabled them to devise novel technological solutions to public problems, and to

analyze the effects of technology and of technology policy in new ways over the

course of their eight-week research program.

Our first batch of applicants were diverse in talent, experience, education, and

physical location. 27 percent of our applicants were female, 95 percent had a

degree beyond a Bachelor’s or equivalent, and 62 percent of applicants came

from India. Most candidates put forward potential projects in technology policy,

privacy, blockchain, future of work, and biometrics. Through a robust selection

process, our final cohort consisted of 10 Fellows, four women and six men, and

seven were from India and three were U.S.-based.

We had a series of goals for this cohort:

1. To increase knowledge and awareness of technology policy challenges

and effective technological solutions to social problems in India and the

United States

2. To increase knowledge and awareness in India and the United States of

both the successes and failures of initiatives to apply data science to public

problems

3. To increase awareness within the United States and India of successful

local and regional technological tools addressing public policy challenges


https://www.newamerica.org/fellows/india-united-states-fellows-exchange/current-class/

https://www.newamerica.org/fellows/india-united-states-fellows-exchange/current-class/

Our 2019 cohort's projects, as you’ll see in the following research papers, focused

on a wide range of issues: Open data and public transit in India; civic engagement

through technology and gamification; blockchain-based solutions used for water

management; civilian drones and the role that India and the United States have

in shaping new drone applications; privacy in drone systems and evaluating the

implications of this technology on personal data; policy and standards relating to

the Indian Parliament’s recordkeeping and legislative process; designing

effective regulatory frameworks for blockchain; the politics and ethics of

machine learning; data sharing between India and the United States for law

enforcement purposes and the underlying privacy standards for access to this

electronic data; and the Aadhaar program in India.

Our approach to the fellowship was extremely hands-on and tailored to the

unique backgrounds of our cohort. We began with one week of programming at

the start of the fellowship in New Delhi, which included a full-day at the Ford

Foundation with moderated discussions about the Fellows’ work, as well as

keynote conversations. A second day was held at a partner organization—the

Observer Research Foundation—with high-level industry speakers from

organizations such as Facebook, Centre for Policy Research, The World Bank,

Dalberg, and Mozilla.

Through a series of activities during the research exchange period, we supported

the formation of a cohesive spirit of shared enterprise among the Fellows in the

cohort in a way that ensured that the whole was more than the sum of the

individual parts. We hosted events where the cohort met as a group with leading

policymakers, experts and analysts working on public policy issues, and we

organized individual meetings and interviews between Fellows and experts in the

United States and India who could help them make progress on their projects.

The second week of full programming for all 10 Fellows took place at the end of

the fellowship in Washington, D.C. Events included a full-day program for all

Fellows to highlight their research findings on moderated panel discussions at

New America with industry experts. In addition to the moderated discussions

with Fellows, invited speakers included U.S.-based policy experts for keynote

conversations. Fellows also participated in research workshops, and high-level

meetings.

Further, there were industry experts across New America, representing programs

and initiatives (Blockchain Trust Accelerator, Cybersecurity Initiative, Future of

Property Rights, International Security, Open Technology Institute, Ranking

Digital Rights, Political Reform, Public Interest Technology, and Resource

Security) that were available to meet with the cohort of Fellows throughout the

research period, further building their professional network.


https://www.newamerica.org/fellows/events/india-us-public-interest-technology-fellows-convening/

In addition to their research papers, Fellows wrote articles, participated on

panels, and took advantage of other media opportunities, and had meetings with

technologists and policymakers in both countries.

We hope that you will enjoy reading their research papers, and believe that this

anthology of work will prove helpful to India and U.S. policymakers and

researchers alike.

Peter Bergen, Vice President for Global Studies & Fellows, New America

Pradeep Nair, Regional Director, Ford Foundation


The Development of Smart Water Markets UsingBlockchain Technology (Aditya K. Kaushik)

Aditya K. Kaushik is a project scientist at Divecha Centre for Climate Change at the

Indian Institute of Science where his work revolves around developing applied research

initiatives and assisting in science policy communication in the area of water. Kaushik

holds a master of science degree in electrical engineering from the University of

Southern California and a master of arts degree in law and diplomacy from the

Fletcher School at Tufts University.

Acknowledgments : The author would like to thank New America for providing an

opportunity to part of the 2019 India-U.S. fellowship program. This paper would not

have been possible without contributions from Ahmed Jawad, Anik Bhaduri, Allison

Price, Awista Ayub, Christopher Mellon, Jennifer Brody, Keerthana Chandrashekar,

Melissa Salyk-Virk, Sharon Burke, Tomicah Tillemann, Yulia Panfil and the 2019

India - US fellows. The author would also like to express his gratitude to the New

America editing, publishing and the communications team for their support.

Introduction

A significant reduction in the quantity of freshwater and deterioration of its

quality has pushed the world towards a global water crisis. Lack of sufficient

water, defined as water scarcity, is exacerbated by current global trends of

rampant population growth, rapid urbanization, a rise in consumerism, and

climate change (see Figure 1). According to the United Nations World Water

Development Report 2018, about 46 percent of people in the world live in water

scarce regions at least one month per year. This figure is predicted to rise to about

51–55 percent by the year 2050. Meanwhile, the global population is estimated to

rise by 32 percent by the year 2050. Within this, the global urban population is

expected to increase by over 80 percent, thus, increasing the global water

demand, which is estimated to rise by 30 percent by the year 2050. Water

scarcity is inextricably interwoven with the health, food, and energy sectors

which has the capacity to significantly disrupt the economic, social,

environmental, and political landscape, extending the problem across multiple

development sectors.

Traditionally, the problem of water scarcity has been addressed by augmenting

the supply side through a structural approach, such as building dams and

reservoirs. Supply-side augmentation has yielded tremendous benefits vis-à-vis

access to water and water services but it has also been environmentally

damaging. Policymakers and city planners are increasingly looking at

nonstructural demand-side solutions, such as managing water allocations, to

ensure more efficient use of resources to complement the traditional structural

1

2

3

5


approaches. In water reallocation projects, the movement of water from

abundant areas to water-scarce areas tries to adjust the unequal demand for

water over a geographic jurisdiction. Typically, centralized governmental

institutions are responsible for water reallocation. These institutions are the main

suppliers of water and they predict demand-side responses and while also

determining supply and distribution costs. They respond to policies designed by

city planners and seldom to the needs of individual buyers. This is partly because

individual buyers are unable to signal their needs to the suppliers through such

centralized ecosystems. Incorrect mapping of supply and demand requirements

lead to the inefficient allocation of water resources. In addition, water

management and its use result in several negative externalities. It is susceptible

to problems related to collective action, free rider issues, and wastage.

Water markets where water assets are treated as a tradable commodity are cited

as a solution to better allocate water and address the problem of water scarcity.

Development of any market, especially to manage a good like water, is

susceptible to market distortions typically caused by information asymmetry and

high transaction costs. These market distortions lead to barriers to trade and thus

prevent markets to function efficiently. As water is unlike any other commodity

and is essential for life, these market distortions can incur a significant social

cost. Thus, water markets have been historically a complicated economic policy

instrument to implement. The purpose of this paper is to explore how

blockchain-based solutions, based on the cities of Los Angeles and Bengalaru as

case studies, can be used by regulators to reduce information asymmetry and

high transaction costs and help in the development of efficient and transparent

water markets.

Figure 1: Water scarcity in 2010 (upper image) and projected water

scarcity in 2050 (lower image)

6

7

8 9


Source: Burek, P., Y. Satoh, G. Fischer, M. T. Kahil, A. Scherzer, S. Tramberend, L.

F. Nava et al. "Water Futures and Solution: Fast Track Initiative (Final Report)."

IIASA, Laxenburg, Austria (2016). http://pure.iiasa.ac.at/id/eprint/13008/1/

WP-16-006.pdf

What are Water Markets?

A water market is a medium that allows buyers and sellers of a water-related

good (wastewater, rainwater, groundwater, water rights, or entitlements) to

interact and facilitate an exchange. The primary purpose of a water market is to

facilitate efficient allocation of water resources and provide a clear measure of

the value of water to incentivize conservation. The theory of water markets is

based on the principle that trading water allows for better economic efficiency

between buyers and sellers by allocating water resources in accordance with the

strength of the buyer’s water demand. It also allows for better accounting of

externalities like pollution and waste by allowing consumers to respond to

changes in the operating environment. Water markets allow users with high

marginal value to purchase water from users with low marginal value. In other

words, water is transferred from low water use areas to high water use areas,

allowing for allocation efficiency. The interaction between buyers and sellers and

traditional market forces determine the price of water. The price of water is

10

11


http://pure.iiasa.ac.at/id/eprint/13008/1/WP-16-006.pdf

http://pure.iiasa.ac.at/id/eprint/13008/1/WP-16-006.pdf

influenced by environmental and economic considerations. When markets are

functioning efficiently, the market price of water sends signals and thus

incentivizes buyers and sellers to increase or decrease their demand and supply.

Typically, water is managed as a service industry where the price of water is

determined by governing agencies who are unwilling to change the price based

on quantity or quality available. Thus, such a system leads to distortions where

water is being underpriced and over-consumed. Some of the more successfully

functioning water markets exist in the United States (California’s Central Valley),

in Australia (the Murray-Darling Basin), and in Chile (the National Market).

Water markets are typically created to either meet additional water demands, to

limit water use, to improve economic productivity and/or to protect natural

ecosystems.

Conditions Necessary to Create Efficient Water Markets

Symmetric information exchange between buyers and sellers

Information asymmetry revolves around decisions made during transactions. In

a water market setting, underlying gaps in the data ecosystem and institutional

mechanisms contribute to three kinds of information asymmetries. First, there is

a data inequality issue. For example, some participants might have better access

to data than others, or the data that is available is of bad quality, or data is

available but important data is hidden away, thus leading to adverse selection.

Adverse selection occurs when some participants are able to make better

decisions than others due to access to certain information. For instance, a seller

of a treated wastewater has more information about the product quality than the

buyer, thus putting the buyer at a disadvantage. The buyers will be unable to

decide whether the price quoted is optimal or not vis-à-vis the quality of water

supplied. Adverse selection can act as a barrier to entry for new buyers and can

also result in bad quality goods weeding out good quality goods over time.

Second, when the data ecosystem is susceptible to tampering and institutional

infrastructure does not have the necessary checks, balances, and penalty

enforcement mechanisms, it can lead to the problem of moral hazard. The

moral hazard problem occurs when entities participating in a trade transact in

bad faith, provide misleading information, or change behavior post-contractual

agreement. For instance, during a transaction, one of the parties can

misrepresent the quality of the product and the other party is unable to validate

the quality, thus promoting mistrust and perpetuating opaqueness in water

markets. Third, the creation of monopolies of knowledge can lead to severe

distribution effects. For instance, a large buyer of a water good, by virtue of

access to more and better information, can affect the price and quantity of the

water traded. Thus, such information asymmetries lead to market failures.

Symmetric information exchange between buyers and sellers is a necessary

condition for the creation of efficient water markets.

Low infrastructure and transaction cost

12

13

14

15

16


Development and maintenance of a water market come with associated costs.

Infrastructure costs include: 1) Initial cost of setting up an enabling mechanism

of water markets; 2) Development and deployment of water entitlements; 3)

Connecting buyers and sellers; 4) Monitoring and evaluation of water use and

externalities; and 5) Enforcement mechanisms for penalty and reward.

Transaction costs include: 1) Participation fees; 2) Information search costs of

willing buyers and sellers; 3) Negotiation and bargaining costs; 4) Cost of

registration for an exchange; 5) Enforcing contracts; and 6) Cost of checking the

veracity of the product. High infrastructure costs and associated maintenance

costs act as a barrier to setting up a water market. High transaction costs can

lead to thin markets.

Stringent regulation and distribution of water entitlements

Regulators set the framework and rules for establishing a water market. They

play a key role in identifying and vetting participants, issuing water rights,

administering trade, monitoring and evaluating water use, and externalities; and

developing enforcement mechanisms for deterring rule breakers. Regulation is

subject to bureaucracy and corruption that can prevent water markets from

functioning effectively. In a water market setting, if there are different rules for

different participants, and if the buyers and sellers do not perceive equal

opportunity gains from transactions, then a market failure can occur. A robust

regulatory mechanism with necessary checks and balances is necessary for

developing, implementing, managing, and sustaining a complex economic

instrument such as a water market.

Water entitlements are tradable rights held by users for the exclusive use of a

water resource as defined by the regulators. Clarity over water rights and a

history of water assets are a necessary condition for the functioning of a water

market. Information asymmetry and high transaction costs lead to significant

market distortions in any market. Its effects are even more magnified when

managing water assets in a market-based setting. A robust regulatory process

along with a clear system of water rights is necessary to overcome these

distortions in order to create a sustainable water market.

Blockchain Solution and Analysis

Traditionally, in a regulated market place, market distortions such as information

asymmetry and high transaction costs are tackled through a system of

institutional solutions such as: 1) The establishment of norms and standards that

act as binding rules and requirements vis-à-vis processes and quality of the

goods; 2) The disclosure and transparency mechanism that requires participants

in a market to report process adopted, quality of product produced, cost

associated, and so on; 3) The monitoring and traceability provisions that allow for

17

18

19


tracking of products, quality, and liability allocation; and 4) Contingent

contracts that allow for a trade to be completed when specific conditions are met.

However, the effectiveness of these institutional solutions depends on several

intermediaries, an individual’s ability to access these intermediaries, an ability to

leverage the available data, and the integration of several disparate systems and

stakeholders. In addition, these solutions are susceptible to inefficiencies,

corruption, bureaucracy, human errors, and tampering.

In order to make these institutional solutions more resilient and adaptive, as well

as make regulators more accountable, while also setting the conditions that

would allow participants to trade, blockchain-based solutions can address these

needs. These solutions can be used as a governing tool that can replace

intermediaries, modernize the regulatory processes, and act as an accounting,

auditing, interlinking and trading platform that enables water markets to

function effectively.

Blockchain Technology

20

21

22


As of late, blockchain technology seems like a short-term trend, but some hail it

as the best innovation since the internet. Even though the optimism should be

handled with caution, blockchain’s key features and potential applications seem

well worth the hype. Blockchain is a distributed, decentralized, peer-to-peer

database network that allows for fast, secure, and transparent transactions of

digital assets. It is a network of ledgers with the capacity to record information,

and compute and transact, with each ledger holding an up-to-date copy of the

entire network. Each ledger then acts as a node in a network. Unlike in a

centralized system, where transactions are validated by a single server acting as a

central authority, with blockchain, the veracity of transactions is validated by

distributed consensus. For example, if a majority of nodes verify and

authenticate a transaction, then the transaction is accepted. This updated version

of the transaction is stored in a block. Each block stores a series of transactions

and is linked to the previous block of transactions through hashing functions.

Through cryptography and complex mathematical puzzles, the blockchain

network is virtually immutable. Thus, it can be used to store information and

facilitate transactions in a transparent, efficient, and a tamper-proof manner.

Blockchain for Water Markets

Source: Narang, Shivika, Praphul Chandra, Shweta Jain, and Y. Narahari.

"Foundations of Blockchain Technology for Industrial and Societal Applications –

A Quarterly Publication of ACCS." A Quarterly Publication of ACCS. (2018).

https://acc.digital/foundations-of-blockchain-technology-for-

industrial-and-societal-applications/.

The capabilities of blockchain technology can be divided into three fundamental

features. First is a shared ledger system that is virtually immutable through a

combination of cryptography and distributed consensus algorithm. It protects

against the misuse of data and opens up several possibilities in domains where

privacy and trust are of critical importance. One of the obvious applications is in

securing digital identities. This allows for the creation of a common tamper proof

23


https://acc.digital/foundations-of-blockchain-technology-for-industrial-and-societal-applications/

https://acc.digital/foundations-of-blockchain-technology-for-industrial-and-societal-applications/

database that facilitates assembling data from multiple sources in a seamless

manner. Its distributed consensus mechanism and inherent traceability

provisions allow for checking the veracity of this data and validates data sharing.

This promotes trust amongst different stakeholders and participants, increases

transparency, improves data reliability and reduces audit time. This common

tamper proof database facilitates accounting for trades and transfers, prevents

double counting, and promotes efficiency in the system. The second feature is

tokenization, which is the ability to create coins or tokens that are a digital

representation of assets i.e. a unit of a token represents a specific amount of an

asset. This paves a path for token economics and allows for faster transactions

with better tracking, trading, and transferring of digital assets. The third feature

is a “smart” contract, which is a digital protocol that self-executes when certain

conditions are met. This allows disparate parties to transact in a transparent

and trusted manner without a need for an external enforcement mechanism or

intermediaries. It facilitates the compliance of participants, enforces negotiations

of contracts, and renders transactions traceable. Smart contracts can help reduce

transaction costs, human errors, and corruption through automation and thus

increase the robustness and resilience of the system.

Figure 4: Mapping of blockchain features with digital water requirements

In a water market setting, the convergence of the three features of blockchain—a

shared ledger to store information in an immutable fashion, the ability to create

currencies that paves a path for token economics, and smart contracts to execute

24


automated functions when certain conditions are met—makes it a useful tool to

reduce information asymmetry and transaction cost. To illustrate this, consider

the case of a blockchain based peer to peer trading platform called the Water

Ledger developed by an Australian based company called Civic Ledger.

Civic Ledger conducted a feasibility study on whether Water Ledger can increase

transparency and improve efficiency in the water trading market of Murray

Darling basin in Australia. The primary finding of the study was that the

complexities of the water market, such as complicated business and operational

rules, lack of available water information and presence of intermediaries,

excluded nearly 75 percent of potential users from participating in water trades.

Simply put, they did not have confidence and could not understand how these

markets functioned. The Water Ledger platform developed by Civic Ledger

provides a single ecosystem without intermediaries that bring buyers and sellers

together. The water trading mechanism in Murray Darling Basin allows for

buying and selling of water entitlements—permanent rights to share of water and

water allocation shares—seasonal rights to share of water distributed to an

entitlement holder. Through a system of tokenization i.e. by mapping a physical

asset such as allowable water allocation shares to a digital signature in the form

of a token, the Water Ledger platform provides clarity over the ownership and

history of such a water asset. This makes tracking, trading, and transferring of

water assets far more transparent. Through its system of consensus algorithms,

Water Ledger verifies all water trades and updates all shared digital ledgers and

public registries in real time. Having such a tamper-proof blockchain network

with robust traceability provisions prevents misrepresentation of transactions, or

participants from backing out of a trade after a contract is signed. This provides

the participants with confidence in the robustness of such a trading system and

tackles the problem of moral hazard. In addition to all trades being published in

real time, business and operating rules are built into the blockchain system. This

reduces uncertainties amongst participants. Any change in the rules of trade will

immediately be visible to all users. Thus by allowing equal access to

information and making all changes to the market rules visible to all, Civic

Ledger provides a platform that promotes trust and transparency in the water

market ecosystem. This, in turn, reduces the problem of adverse selection that

participants face in a water market and prevents the creation of knowledge

monopolies.

As demonstrated by Water Ledger, the intermediaries in a water market setting

play a variety of roles. They manage operations such as connecting buyers and

sellers, providing information, and registering trades. These intermediaries

charge a fee to manage these operations. The Water Ledger platform allows

buyers and sellers to come together in a single market place without any

intermediaries and all information is provided at no cost to participants. This

reduces the transaction cost and transaction time. The platform also integrates

with other related departments’ data that determine a buyer’s need such as

25

26

27

28

29

30

31

32

33


rainfall data and agricultural throughput. This provides buyers with a range of

options optimized to their needs. This reduces information search cost. The

process of trading is inexpensive and is simplified through a combination of

smart contracts and optimized choices based on the selection of specific

parameters that is presented to participants. Automatic execution, settlement,

and enforcement of contracts based on complex water market rules eliminates

costs associated with negotiating and enforcing trades. Finally, the platforms

allow for trades to be published in multiple ledgers simultaneously, thus reducing

the cost of maintaining and reconciling multiple ledgers.

Reduction of transaction cost and transaction time allows more users to

participate as well as allows for more transactions to actualize. This improves the

liquidity in the water trading market.

Thus, blockchain can be used as an effective tool to eliminate market distortions

and pave the way for “smart ” water markets to address the problem of water

scarcity. Blockchain would act as: 1) An accounting platform that maintains a

ledger of accurate tamper-proof information on water rights, quantity, quality,

buyers and sellers; 2) An auditing platform that allows regulators to quantify

water flows and quality and penalize rule violations; 3) A trading platform that

connects buyers and sellers and facilitates transactions of water assets; and 4) A

networking/interlinking platform that allows for seamless interaction among

different agencies and stakeholders.

Thus, blockchain can be used as an effective tool to

eliminate market distortions and pave the way for

“smart” water markets to address the problem of

water scarcity.

Challenges of Using Blockchain

Use of other technologies

There are several different types of databases that record digital transactions:

version control software packages that keep track of every change made to a file,

audit management packages to assist in continuous monitoring and

scrutinization, trading tools to facilitate transactions, and accounting tools for

book-keeping purposes. These individual tools offer specific features that can

rival or supplant blockchain. It is possible that these tools are individually cost-

34

35


effective and offer a faster execution speed. However, integration of multiple

such tools to operate across different functionalities, as in the case of water

markets, creates inherent complexities that can lead to inefficiencies and higher

costs. As illustrated in the previous section, the blockchain database, through its

decentralized shared ledger system, consensus algorithms to verify transactions,

and tokenization to track assets and smart contracts, provides an integrated

functionality of accounting, auditing, and trading and thus provides seamless

integration while adding value across the ecosystem.

High energy consumption and increased transaction time

Blockchains are divided into public or private based on who is allowed to

participate in the network. In public blockchains, anyone is allowed to participate

without permission;in the consensus validation process, in sending transactions

over the network, or in viewing all transactions. Thus, public blockchains offer

true transparency and decentralization. Such a blockchain system works well in

certain applications such as managing digital currencies. However, on the

downside, public blockchains increase transaction time and reduce the network

speed as there is significant cost vis-a-vis computational power and the time

associated with verifying transactions through a such a distributed consensus

protocol. As illustrated in the previous sections, blockchain does reduce costs

related to data storage, data capture, and search cost. But it also increases costs

significantly during the verification process. For public blockchain to function

efficiently and to scale, significant computational power will be necessary to

facilitate faster transactions. However, in a water market setting, selected

participants are allowed to engage in trade while regulators play a role in deciding

the rules of the trade. In such a setting, a private blockchain-based model with a

permissioned access setting that puts a limit on the number of participants would

be an ideal protocol to use. A system with limited players can reduce the inherent

cost associated with using blockchain and thus facilitate faster transactions and

provide better scalability options.

Not truly decentralized

Use of a permissioned blockchain system does not eliminate the role of a central

authority and thus is not truly decentralized. However, regulators and

institutions play a significant role in the management of water markets. They set

the rules of the water markets for participation, compliance, operation, and

trading. They also continuously monitor water use, take into account water

quantity and quality considerations, and observe externalities and third-party

effects. All this in addition to developing a penalty and reward system to ensure

compliance. In short, they play a role in preventing market failures. A

permissioned blockchain protocol offers a way to make the regulators more

accountable, make regulations more robust, and help reduce market distortions.

36


Exploring the Need for Water Markets in Los Angeles County andBengaluru

Los Angeles County

The water management infrastructure in Los Angeles County, with the help of

215 community water systems, serves over 10 million people. Each of the

community water systems is administered by government agencies or privately-

owned bodies. The water systems are of different capacities in terms of the

volume of water that they can hold and the number of customers they cater to.

Each of the water systems is unequally supplied with different water resources.

The supply of water to each of the water systems is not determined by need,

equity, efficiency or the environment, but rather by historical processes. Different

water systems are supplied with water from various sources (as seen in Figure 5)

resulting in differences in quality. Also, by being dependent on a particular water

resource, water systems are susceptible and vulnerable to shocks such as

droughts or contamination. In addition, due to an unequal allocation

mechanism, some water systems contain more water or less water than the other

systems. This results in different pricing mechanisms for each system. There are

some water systems that supply water at $2,000 per year for certain households

whereas comparable households in other water systems pay around $200 per

year.

These water systems in Los Angeles County differ in governance regimes,

jurisdictional boundaries, and regulations. They are completely decentralized in

37

38


their management, fragmented in their architecture, and disconnected in their

operations. The water systems act as a natural monopoly since consumers have

no ability to switch to other suppliers. In addition, there is no systematic or

standardized regulatory framework. There is a lack of standardized and

accessible databases. This results in a lack of supervision, transparency, and

accountability in the system, which can lead to an inadequate understanding of

water quality and distribution. Governing agencies make assumptions on how to

distribute water rather than adequately projecting for future demands and risks.

There is also a lack of coordination and oversight as each of the suppliers set their

own prices and policies.

Developing a regional blockchain-based water market that provides a robust

regulatory mechanism and an efficient trading platform can help: 1) Reduce

inequity by facilitating water systems with surplus water to trade with systems

that have a deficit; 2) Develop new revenue streams and local water sources by

incentivizing water systems to explore opportunities to tap into new supplies such

as rainwater, wastewater, and stormwater; 3) Improve resilience to climate

change impacts by facilitating water systems to diversify its supplies; and 4)

Creating incentives for water systems to recycle wastewater.

Bengaluru

The population of Bengaluru stands at over 10 million; similar in size to that of

Los Angeles County. However, unlike Los Angeles County, the major supplier

of fresh water is a centralized governmental agency called the Bengaluru Water

Supply and Sewerage Board (BWSSB). The BWSSB primarily imports water from

a single source, the Kaveri river. With growing demand and a changing climate,

reliance on a single source will make the water system infrastructure vulnerable.

The distribution of water by BWSSB is based on a piped water network. There is

inter-regional inequity in water distribution as a significant number of urban

communities in Bengaluru is not connected to a piped water supply managed by

BWSSB. Instead, they rely on water supplied by unregulated private companies.

These private companies typically extract and sell groundwater. Since they can

operate under an informal market setting, there is no systematic reporting or

regulatory framework to hold them accountable for the quality of water that they

supply or the environmental impacts (like falling water tables) that they inflict. In

the areas where BWSSB supplies water, the tariffs are low. Such an inefficient

pricing model leads to apathy and lack of awareness amongst consumers

resulting in overuse and wastage.

In order to reduce the dependence on a single source, there is a need to diversify

BWSSB’s water resource portfolio. Thus, there is an opportunity to develop

recycled wastewater, catchment and household-scale rainwater, and stormwater

as supplementary sources. Financial considerations and management

inefficiencies are usually an impediment to developing new local sources. But

developing a blockchain-based smart water market that provides a robust

39

40

41

42

43

44

45


accounting, auditing, and trading platform to manage these local sources will

bring in new revenue streams, provide access to newer and cheaper water supply

options to consumers, improve allocation efficiency, and reduce risk exposure

vis-à-vis imported water. These market-based instruments for local water

sources can be expanded to include private companies who manage

groundwater, thus formalizing the informal water market.

Policy Implications: Beyond Water Markets

Creation of a prosumer market

In light of current water scarcity problems, alternate sources are being tapped to

address water needs. Rainwater harvesting and wastewater reuse are popular

alternatives. A blockchain-based system can be used to create peer-to-peer

trading platforms, where water users can be incentivized to also act as producers.

This lays a foundation for a prosumer market, i.e. production by consumers.

Development of a prosumer market reduces dependence on surface and

groundwater, incentivizes consumers to use less water thereby assisting in

conservation, and creates a socially, economically, and environmentally

conscious citizenry.

Monitoring water quality levels


A blockchain system can be built to acquire water quality data from quality

measurement equipment and can be used by authorities to monitor the levels of

water purity in the distribution system. Through smart contracts, an automatic

system can be developed to send alerts to relevant authorities and citizens if

water quality level falls below permissible limits. Such a mechanism can help to

avoid a crisis related to water quality as seen in Flint, Michigan in the United

States where there was an unprecedented level of lead in water.

Facilitation of urban-basin interlinkage

The blockchain system can also be integrated with water meters installed at

basins to facilitate seamless information transfer to urban water systems. This

can help authorities to better design demand and supply models, assess risks and

opportunities, and develop a robust real-time disaster response mechanism.

Future Research

The future work will focus on the economic implications of a blockchain-based

water market on society. To illustrate this a bit further, one of the key findings of

this paper is that using blockchain as an underlying technology to manage water

markets reduces market distortions due to information asymmetry. An

interesting question that this finding unlocks is how will a water market operate

when buyers and sellers have access to perfect information? Based on the

“market for lemons” concept, when perfect information is available to buyers

regarding different grades of quality of goods that are available, over time poor

quality goods will be weeded out due to perfect signaling. This can result in

either fewer sellers participating in such a market or fewer products albeit higher

quality ones available to meet the demand. In a blockchain-based water market

context, with fewer goods available, the price of high quality water goods will

increase substantially. Such a scenario can lead to the creation of an exclusive

market with only a few participants who are able to afford the products. In

addition, sellers of poorer quality water goods will have an incentive to move to a

non-blockchain-based market, which will result in market segmentation. Thus,

the future work will focus on whether a blockchain based water market will

increase or decrease the welfare in society.

Conclusion

Water resources are finite and are becoming increasingly scarce in light of natural

and anthropogenic stressors such as extreme weather phenomena, population

explosion, rapid urbanization, and consumerism. Regulators who manage water

are faced with challenges such as inefficiencies in water allocation, apathy

amongst consumers, overexploitation of water resources, and pollution.

46


Water markets are cited as a solution to address the problem of water scarcity

and its associated problems. They are instruments that are used to dynamically

allocate water-related goods efficiently. However, water markets are a complex

economic instrument to implement, manage and sustain as they are susceptible

to market distortions especially due to information asymmetry and high

transaction cost. A robust regulatory mechanism is necessary to prevent these

market distortions. The research paper makes a case for a blockchain-based

system to be used by regulators as an accounting, auditing, trading and an

interlinking tool to reduce information asymmetry and transaction costs. This

paper also explores the potential of a blockchain-based water market to address

the inequitable distribution of water in the community water systems of Los

Angeles County; and, the underdeveloped local water sources and unregulated

private players in Bengaluru.

A blockchain-based smart water market will be able

to effectively allocate water resources.

A blockchain-based smart water market will be able to effectively allocate water

resources; empower consumers by providing economic and social value, and

incentivize conservation and provide positive environmental outcomes. Thus, it

will act as an effective policy instrument to reduce water scarcity.


Civilian Drones: Privacy Challenges and PotentialResolution (Ananth Padmanabhan)

Ananth Padmanabhan is a New America India-U.S. Fellow, 2019 and a Fellow at the

Centre for Policy Research in New Delhi.

Acknowledgements: The author extends heartfelt gratitude to Peter Singer, Arthur

Holland Michel, Rachel Stohl, Anand Murali, John Livingstone, Mugilan T.

Ramasamy, and Anirudh Rastogi for sharing their insights.

Introduction

From being a technology used predominantly by the military for years,

unmanned aerial vehicles (hereinafter referred to interchangeably as UAV, UAS,

or drones) have gradually moved into the public sphere by offering versatile

civilian uses. This is due to converging technological advances such as hardware

miniaturization, sophisticated software functionalities, and advanced sensors.

While several countries have seen this explosion of drone innovation in the

civilian airspace, China stands out with the dominance of Da-Jiang Innovations

(DJI) as the market leader. The United States has seen the rise and fall of many

drone start-ups, alongside a realization on the part of leading aircraft

manufacturers about the immense potential of the technology. U.S. dominance

in adjacent fields – artificial intelligence, robotics, and 3-D printing, to list some

here – is significant, making it a force to contend with in this sector. India has

primarily witnessed the proliferation of drone service companies that offer

solutions across a range of areas, from agriculture to event photography. But

Indian companies have not yet made a mark globally when it comes to the

manufacture of drones or supporting hardware elements. In short, the

innovation landscape and relative strengths and weaknesses are significantly

varied across countries.

In short, the innovation landscape and relative

strengths and weaknesses are significantly varied

across countries.

47

48

49

50


The regulatory landscape is similarly incongruent across jurisdictions. In an

earlier report, I examined this issue, comparing the regulatory responses across

key jurisdictions to the civilian use of this technology. This work arose in the

context of India’s initial regulatory responses, wherein the Ministry of Civil

Aviation (MCA) first declared, in 2014, a complete ban on civilian drone

operations and followed by a set of draft regulations that failed to support the full

potential of this technology when it came to commercial uses. As that report

argued, the fledgling industry could be permanently crippled under the weight of

security apprehensions that permeated that set of draft regulations. At the same

time, the draft had not considered several aspects of drone operations that

demanded regulatory attention, including property protections and safety

concerns. It was thus both over- and under-inclusive. But in an optimistic turn,

the new regulations that came into effect in December 2018 took a more

progressive stance, earning a dial-down of some of the earlier criticisms.

The newest set of regulations take seriously the challenges of compliance arising

from a licensing regime. They propose a reg-tech (regulatory technology)

solution to these challenges, namely Digital Sky, which operates as a platform for

convenient filing of paperwork to obtain unique identification numbers and

operators’ permits. These identification numbers and permits are a prerequisite

for most remotely piloted aircraft (RPA) operations under the regulations.

Appropriately titled Regulations 1.0, these regulations also present a window for

future innovation in this sector, including testbed locations for experimental

projects. Though delivery drones may presently appear a distant use case,

considering all operations must have a remote pilot operator for each RPA and be

within visual-line-of-sight (VLOS), there is a distinct possibility that the sector

would expand with time to accommodate fully autonomous, self-controlling

drones that operate without the presence of any manual operator and beyond

VLOS. The safety of drone operations has also merited significant attention,

including insistence on geo-fencing technological capabilities beyond a certain

height and for most weight categories, and the requirement of drone operator

insurance to compensate for any losses incurred because of commercial

operations.

However, despite privacy (of individuals, communities, and personal data) being

a critical concern, solutions have not found a place in the regulatory narrative

even as civilian use grows. Drone operators have also flagged concerns regarding

confidentiality of their operations but those are outside the scope of this paper.

Here, the focus is on end-user concerns, with the argument being advanced that

the challenges in this regard are common to the United States and India. These

challenges can be further subdivided into two sets, categorized here as

“traditional privacy challenges” and “big data privacy challenges.” These

challenges are explained more fully in the next section. On both counts, legal and

regulatory responses have been far from satisfactory. The aim of this paper is

51

52

53

54

55

56

57


threefold: descriptive for clearly identifying these challenges; explanatory for

demonstrating why they remain unresolved; and reformative to advance better

regulation in this area.

The discussion proceeds in three segments. The first segment captures the

present regulatory landscape in India on this issue and argues that privacy

concerns have been mostly ignored or at least unaddressed in any meaningful

way. The second segment discusses “traditional privacy challenges” and the

limitations of the law, including constitutionally guaranteed rights when it comes

to civilian drones and possible high-level responses. The third segment discusses

“big data privacy challenges,” current legal and regulatory limitations, and

possible high-level strategies and responses. A short conclusion follows.

The Privacy Challenge and Broad Regulatory Brushstrokes

The present Indian regulations only require that RPA operators be “liable to

ensure that privacy norms of any entity are not compromised in any manner,”

with nothing more by way of guidance on achieving this outcome. The RPAS

Guidance Manual accompanying these regulations, issued by the Directorate

General of Civil Aviation (DGCA), simply restates this liability. Additionally, no

technological requirements have found mention in the regulations, unlike with

safety concerns through the presence of geo-fencing and detect-and-avoid

systems. A supplementary document accompanying the regulations places full

responsibility on the RPA operator to come up with standard operating

procedures (SOP), including to protect the privacy of persons, without any

baseline that such SOP must meet in this regard.

Public documents on the Digital Sky project do not consider privacy an important

enough concern to be addressed through this reg-tech solution. The public tender

for this digital platform contains Annexure No. 8, which outlines its technology

architecture. It merely states that the “privacy of data should be fundamental in

the design of the system without sacrificing the utility of the state procurement

system” and reiterates that the handling of sensitive and critical data must not

remain an afterthought in a system of this scale. It also references the IndiaStack

– a system of Application Programming Interfaces built on top of India’s

centralized digital identities database, Aadhaar – as a model stack with privacy-

protected data sharing. This reference disregards the fact that the kind of data

gathering and processing that is facilitated by drones is far removed from the use

cases of personal data processing that IndiaStack can potentially resolve.

The vision for Digital Sky – no permission, no take-off (NPNT) – envisages setting

“rights for airspace permission access at a fine-tuned level (for example, the

ability to choose a polygon area of airspace at a particular altitude and for a

particular date and time) and … enforced digitally through … generation of

verifiable flight telemetry.” The DGCA will grant a “permission artefact” in the

58

59

60

61

62


form of a digitally signed XML format file that specifies the geographic area and

time of operations, and the identification details of the remote pilot. The RPAs

are meant to carry firmware that can authenticate these artefacts and confirm

that the flight parameters of the mission match those contained in the artefact.

Thus, to be NPNT compliant, any flight module must carry three important

features: a unique identifier to allow the end-to-end traceability of a flight

module, a system to obtain and verify a permission artefact, and the elimination

of any synthetic flight logs or external systems to provide simulated logs.

Compared with these elaborate specifications for regulatory compliance, the

Digital Sky Technology Standards go easy on privacy concerns. The primary

response is through an articulation of “privacy-by-design (PbD).” This is

included as a guiding design principle in the Standards, with its four key features

being: a) proactive, not reactive, and preventative, not remedial; b) privacy as the

default setting; c) visibility and transparency; and d) respect for privacy, of all

stakeholders. But there is no concrete direction, unlike with aspects such as key

management and identification of registered flight modules that find more

extensive detailing in the Standards. More recently, the MCA issued a Drone

Ecosystem Policy Roadmap, where it is reiterated that “for privacy, we require

manufacturers to adhere to a privacy by design standard, eliminating risks of

future privacy harms by operators.” Though not a legally binding document, the

roadmap captures the MCA’s vision for civilian drone businesses and their

regulation through Digital Sky and other means. Discussing fully autonomous

drone operations, an area identified as the next frontier of innovation in this

technology domain, the roadmap merely notes that “use of algorithms for

piloting may be permitted, but only if adequate safety, security and privacy

principles are demonstrated in the design of operations.” PbD is identified as an

area to which airworthiness standards for drone design could potentially extend,

such that privacy principles can be “embedded into the functional design … by

introducing technical measures that enable privacy as the default setting.” In

addition to these recommendations, the roadmap also envisages drone service

providers including “technical and organizational measures designed to

implement data-protection principles as part of any UAS operation that collects

personal data, and to integrate the necessary safeguards to protect the rights of

data principals” and “feedback and review mechanisms including requests to

access, anonymize, or erase the data of the data principal.” Remote pilot

operators are also expected to be trained in applicable privacy and data

protection laws of India before being approved to handle RPA operations.

The reference to PbD in the standards and roadmap is also relevant because

India’s newly proposed Personal Data Protection Bill, 2018 emphasizes reliance

on this concept. This bill resulted from extensive deliberations by an Expert

Committee of the Ministry of Electronics and Information Technology headed by

retired Justice B.N. Srikrishna (hereafter “Srikrishna Committee”). In relevant

part, it states that data fiduciaries shall implement managerial and organizational

63

64

65

66

67


policies, business practices, and technical systems that anticipate, identify, and

avoid harm to the data principal and ensure that the interests of the data principle

is accounted for at every stage of personal data processing. This provision must

be read in the light of deliberations by the Srikrishna Committee leading up to

this bill, captured in an initial white paper that was circulated for public

comments in November 2017. Here the committee has noted difficulties when

operationalizing the notice and consent framework for the internet of things

(IoT) and IoT-enabled applications that gather data ubiquitously. These

technologies do not present individuals with the opportunity to evaluate privacy

harms associated with specific use cases, and based on such evaluations, to either

accept or reject such instances and applications of personal data collection and

processing. Manufacturers of several “smart devices” used at homes and in

personal settings decouple privacy notices from such devices and make them

available instead on their respective websites. However, the Committee observed

that this is not a very effective method to inform users about the data collection

and use practices of such devices. The Committee therefore insisted upon the

need to develop better notice design or whether such notices are the right

solution for the privacy harms arising from the use of these “smart devices.” The

Committee also noted that standard responses such as de-identification

techniques do not work very well in many such cases. As an example, the white

paper cited gait analysis based on data processing by a wearable activity tracker,

where no amount of possible de-identification could secure foolproof privacy

protection.

At present, there are no straightforward responses to the new kinds of privacy

challenges posed by a combination of ubiquitous data gathering and advanced

data analytics. Drone operations can potentially gather significant amounts of

personal data, including facial images and location coordinates of individuals,

and analyze them to granular detail. These activities pose great risk to both

individual and community privacy, including re-identification of anonymized

datasets and extensive profiling. The “big data privacy challenges” arising from

these activities are discussed in Part III of this paper. Additionally, civilian drones

offer the capability to commit more traditional forms of privacy violations,

including intrusions upon spatial privacy and unlawful surveillance. The present

regulatory response in India needs to evolve to address these concerns in a

stronger way, as detailed in the following section.

Traditional Privacy Challenges and Responses

In the U.S., the Electronic Privacy Information Center (EPIC, a non-profit

research center) petitioned the Federal Aviation Administration during the rule-

making process for civilian UAS operations, providing an overview of traditional

privacy challenges. EPIC highlighted the increased capacity for domestic

surveillance offered by drones through high-definition cameras, real-time video

68

69

70


streams, a massive geographical sweep, heat and motion sensors, automated text

and facial recognition technologies, and the ability to operate undetected. It also

raised concerns regarding incentives for various kinds of businesses to develop

and deploy drones for a wide range of data gathering purposes, including

‘paparazzi drones’ to track and photograph celebrities, street-level drones to

enhance satellite imagery, and drones offered as market solutions for private

detectives. The FAA refused to consider these issues, leaving it to states to

respond appropriately to the various privacy concerns, resulting in a “patchwork”

of privacy protection. The FAA reaffirmed this stance in February, 2019, as part

of a fresh rule-making exercise.

Similarly, in the Indian context, the privacy jurisprudence does not offer clear

principles to adjudicate claims against private violators. The primary reason for

this – disproportionate focus on constitutional principles that are better

addressed to tackle privacy violations by the State, rather than the organic

evolution of privacy through tort law (as has happened in the United States) – and

other reasons, such as a weak civil justice system with long-pending cases and

minimal judicial guidance on evaluating and apportioning damages for tortious

claims, have been elaborated in my earlier report.

The “patchwork” in the U.S., which is comprised of not only state laws but also a

wide range of local ordinances, makes it difficult to pinpoint any legislation as the

ideal. At the same time, certain principles and regulatory approaches stand out.

Commonly restricted conduct includes operations over public property and

critical infrastructure; over private property without the owner’s consent; in

parks; and at large events. Criminal law and high monetary penalties are relied

upon to address intrusive behavior that makes use of drones, with the ability to

factor in the intent of the perpetrator when deciding on questions of guilt and

punishment. For instance, North Carolina prohibits using drones to photograph a

person with the intent to publish or distribute the photo, but exempts

“newsgathering, newsworthy events, or events or places to which the general

public is invited.” Similarly, Arkansas law criminalizes the use of drones for video

voyeurism, Indiana addresses “remote aerial harassment” and “remote aerial

voyeurism,” and the Californian legislation is targeted towards individuals who

knowingly enter air columns immediately above private property for taking

pictures or videos. South Dakota prohibits using a drone with a camera to take

photos of private property or a person on private property when the person has a

reasonable expectation of privacy.

Through all of these examples, an attempt to balance multiple values emerges:

the prospect of innovation using this new technology, the reasonable expectation

of privacy in certain settings, and fairness of criminal action. The American

Legislative Exchange Council has put out an easily comprehensible and

consistent model law in this regard, primarily focusing on harassment and

stalking activities that are met with criminal penalties of the same nature as “a

misdemeanor punishable by imprisonment for not more than 90 days or a fine of

71

72

73

74

75


not more than $500.00, or both.” The model law also proposes penalizing the

knowing and intentional operation of drones to “capture photographs, video, or

audio recordings of an individual in a manner that invades the individual’s

reasonable expectation of privacy.” Indian lawmakers could benefit from these

insights while avoiding the patchwork in the US, intervening at this early stage to

come out with drone legislation that sets the balance between criminal offenses

and civil liabilities, and clearly spells out different kinds of conduct to which they

apply.

The Indian legal system has also not been responsive to mass surveillance, partly

because, for several years, the status of privacy as a fundamental right in India

was ambivalent at best. But also, mass surveillance has not run into effective

legal and constitutional challenges because Indian courts have analyzed State

surveillance within the factual context of individual, rather than systemic,

surveillance. In fact, many of the contested instances involve individuals who

found their way into “history sheets” maintained by the police for reasons

justifiable or otherwise. Upon constitutional challenges against police action, the

Supreme Court has balanced out individual rights with social goals, such as

maintenance of public order, often prioritizing the latter. Even in cases that

apparently address systemic flaws, such as unauthorized telephone tapping, the

technical capabilities of the executive and the intent behind the contested State

action were both limited towards a subset of individuals. Therefore, the court laid

down procedural and substantive restrictions on the authority of the State to

carry out surveillance, which would operate on a case-by-case basis. The court’s

detailed directives against telephone tapping demanded specificity of State

action in the communications and persons and addresses intercepted; the

exhausting of alternate and less intrusive ways to acquire the information before

activating interception; or the limiting of intercepted material to the necessary

minimum. However, these directives are not adequate safeguards against mass

surveillance as they fail to conduct a robust review of the technology architecture

in place to gather and process data.

Shifting from this context to one of mass surveillance where technical capabilities

permit non-targeted gathering and processing of data without further action

from the political executive has been a steep learning curve for the Apex court.

The 2018 verdict in Justice Puttaswamy v. Union of India shows the challenges

when adjudicating the legality of such measures. This case involved an

omnibus constitutional challenge to Aadhaar, India’s biometric identities project

aimed primarily at de-duplication of identities to ensure that welfare benefits

from the State reach their rightful beneficiaries. Among the various grounds of

the challenge was a novel one that attacked the excessive seeding of Aadhaar

numbers in multiple databases, such as a pension, education, banking, and

telecom databases. The petitioners argued that this exercise would, in effect,

present the State with a mass surveillance tool. Additionally, they also pointed

out that various state resident data hubs (SRDHs) helped to offer a 360-degree

76

77

78


view of residents, as publicly acknowledged by the State governments – Haryana,

Andhra Pradesh, Tamil Nadu, Madhya Pradesh, and others – instituting them.

These SRDHs used the Aadhaar identity as their foundation without

incorporating the protections under the Aadhaar Act in respect to data security or

privacy. Thus, the SRDHs made it evident that the aggregation of data from

different silos, profiling, and consequential surveillance of residents was no

longer in the realm of conjecture; it had become reality. The Aadhaar numbers

made finding information much more convenient by serving as a unifying link

across various government departments and between their respective databases.

To articulate this threat in legal terms, the petitioners relied on important

decisions of the European Court of Justice that treated mass surveillance as a

separate category when up for judicial review. These cases focused on the

structural and architectural aspects of the respective surveillance programs. But

the Indian Supreme Court followed a more conservative approach, narrowly

balancing immediate individual harms and long-standing social goals rather than

assessing medium and long-term consequences of such unified databases. While

the majority opinion suggested several quick fixes for any immediate harms from

the workings of Aadhaar, they hardly addressed the long-term consequences of

SRDHs and other potential applications of Aadhaar for big data analytics and

profiling. In fact, the majority did not even reference SRDHs despite the

petitioners pointing out that, when combined with multiple databases, the view

that Aadhaar offered on citizens could be extremely invasive. The majority

observed that the averment of “a surveillance state created by the Aadhaar

project is not well founded, and in any case, is taken care of by the diffluence

exercise carried out with the striking down certain offending provisions in their

present form.”

For reasons best known to the State, it extensively relied during the hearing on a

powerpoint presentation by the Chief Executive Officer of the Unique

Identification Authority of India (UIDAI). This presentation mostly focused on

the security architecture in place to prevent data leaks and did not address the

surveillance threat or refer to the SRDHs. Yet, the majority verdict endorsed

these claims that were, at best, irrelevant to the surveillance challenge. This is

particularly disconcerting because secure systems can simultaneously be

extremely sophisticated surveillance machines. Instead, the majority would have

done well to follow the various European court decisions that consistently

opposed state-of-the-art mass surveillance architectures because their long-term

consequences, while not fully ascertainable, made them even more worrisome

and intrusive. All this goes to establish the case here that Indian courts have an

extremely limited vocabulary to address questions of mass surveillance. Because

of the widespread use of civilian drones in governance is a distinct possibility, it is

important that such vocabulary be developed immediately in order to address

concerns that are more architectural in nature. Digital Sky or enhanced security

systems cannot substitute the need for the same as their primary focus is on ease

of regulatory compliance and safety of drone operations.

79


The court could look to the “chilling effects” doctrine as developed by U.S. courts

as a possible solution here. It has, in fact, done so previously in a different setting.

In Shreya Singhal v. Union of India, a case dealing with free speech, the police

had invoked section 66-A of the Information Technology Act, 2000 against some

Facebook users for expressing their displeasure at a city-wide shutdown in

Mumbai in the wake of Shiv Sena supremo Bal Thackeray’s death. Striking down

this provision as being unconstitutional for its chilling effects on the freedom of

speech and expression, the court opened doors to the possibility of evaluating

structural power imbalances brought on by vaguely-worded criminal offenses.

Chilling effects can occur when a citizen apprehends that the State is watching

their activities and alters their behavior based on this belief. While immediate

criminal consequences may not necessarily follow, the mere existence of vague

and overreaching criminal liabilities could restrain individuals from expressing

themselves due to the fear of such consequences. As the court reasoned, “Section

66-A is cast so wide that virtually any opinion on any subject would be covered by

it, as any serious opinion dissenting with the mores of the day would be caught

within its net. Such is the reach of this section and if it is to withstand the test of

constitutionality, the chilling effect on free speech would be total.”

While this doctrine is not a perfect mechanism to scope out the limits of state

authority when undertaking mass surveillance, and can even be a conversation-

stopper in this context, the verdict in Shreya Singhal demonstrates the need to

evaluate possible long-term consequences of state action. To do so, the judiciary

must go beyond immediate cases of rights infractions to a critical scrutiny of the

architecture of data collection put in place, be it legal or technological. This is not

a point limited to rights reviews. Even cases involving the dilution of judicial

independence through the formation of tribunals, for instance, demand a similar

outlook – as do instances such as circumventing legislative scrutiny through

frequent resort to executive ordinances. In all these situations, the State’s usual

defense – that the scope for abuse is not grounds for striking down an executive

or legislative action – is weakened. These are all architectural questions, ones that

have a bearing on even the basic structure of the Constitution, but not in the

same way that surveillance orders against repeat offenders or individual

instances of telephone tapping impinge on individual rights.

Big Data Privacy Challenges and Some Responses

Besides their low-altitude operations, with direct spatial privacy and surveillance

concerns, drones also gather considerable amount of data. Drone platforms –

often consisting of in-flight software to help command the aircraft, high-

resolution Light Detection and Ranging (LiDAR) imagery solutions, digital

orthomosaic technology to stitch together varied images and present a composite

picture, photogrammetry to calculate distance and volume measurements, and

data analytics solutions – offer critical actionable insights to several industries

80

81


today. This capability has resulted in business models where such platforms are

offered as services. In addition to the new kinds of sensors and data that drones

can gather, they also transmit the standard types of data that any internet-of-

things solution can potentially channel to a central server— - mobile phone data,

radio frequency identification data, location, weather and temperature data.

A significant part of such data would fall within the legal definition of sensitive

personal information. No special case needs to be made here for the privacy risks

associated with such data, evident as they are from the strict legal mandate that

prior written consent of the data-holder is required to collect and process the

same Apart from the stand-alone risks of such data in the hands of private

entities, these pieces of data are often combined with personal data categories –

social media behavior, biometric information, financial data – gathered from

other sources, to heighten the risk. These “big data privacy challenges” are

however less obvious as compared with risks highlighted in the previous section,

and we remain relatively underinformed about them even in settings outside of

the civilian drone context.

Often, the challenges there are not with the gathering of data, but rather with

how it is processed and the associated risks. As digital activities grow

exponentially, so do the electronic tracks left behind by individuals. The

semantic web and other data analytic solutions permit such crumbs to be

aggregated by intelligent machines and algorithms to provide a comprehensive

picture of an individual’s preferences, personality traits, and values, as well as

predict her next move and suggest specific, relevant choices. Yet such practices

run the risk of being reductive, incomplete, and often divorced from the context

in which the data was originally gathered. Because of the efficiency involved in

algorithmic perception, prediction, and suggestion, and the recombinant nature

of data, private actor incentives are aligned towards the unhindered amassing

and processing of huge swaths of personal data, often for purposes unidentifiable

at the time of the original transaction or data exchange. As noted by the Indian

Supreme Court, these privacy invasions often go undetected because of the non-

rivalrous and invisible nature of data access, storage, and transfer.

Unstructured streaming data presents new challenges for state-of-the-art

anonymization strategies developed to deal with static, structured, and well-

defined datasets. Re-identification techniques have evolved in parallel,

combining multiple Personally Identifiable Information (PII)-excluded databases

to arrive at near identical results as those emerging from the processing of a PII-

inclusive database. The newly created database can then be linked with other

databases, even PII-excluded ones, to compromise anonymity. These techniques

present a cautionary tale: against the ubiquity of “data fingerprints” left by

individuals, and the excessive linking of multiple databases, PII protection can do

much less than before. Therefore, the legal mandate on big data handlers must

go beyond anonymization and de-identification strategies that exclude PII.

82

83

84

85

86

87


Finally, much like the issue with surveillance identified in the previous section ,

i.e. refocusing attention from targeted to mass surveillance, big data processing

demands refocusing attention from individual to group privacy and the

simultaneous development of policy positions on handling community data.

Individuals, while not personally identifiable in many such cases, may still be

“reachable” on account of being within a group targeted for prejudicial action

based on data-driven inference and prediction. To illustrate, individuals

practicing a certain faith can be targeted either by identifying them individually

or through a larger group consisting of several individuals practicing this faith. In

the latter scenario, while the individual remains unidentified, she is vulnerable to

any action taken against the group. Often, individuals are even unaware of such

memberships because the aggregated datasets and groups emerging therefrom

do not perfectly align with pre-existing real-world groupings, constructed as they

are by algorithmic black boxes. The excessive linking of multiple datasets also

enables group profiling without any personally identifiable information being

breached. Of particular concern is the possibility of constructing

“demographically identifiable information,” which then enables the

classification, identification, and/or tracking of a specific categorization based on

ethnicity, religion, gender, age, health condition, location, or any other

demographically defining factor. Though aware of these risks, the Srikrishna

Committee did not propose any immediate solutions for community data

protection, perhaps because it did not strictly fall within its mandate. Noting

the need for a “principled basis for according protection to an identifiable

community,” “class action remedies for certain kinds of data breaches involving

community data,” and “tools like group communication and sanction,” the

Committee strongly recommended that the Government of India address them

through appropriate legislation.

Many of the solutions to these threats are within the ambit of personal data

protection and regulations thereof, but it is unclear how effective they could be in

balancing the multiple values at stake. With new modes of gathering and

processing data, such as internet-of-things and remote cloud servers, privacy

notices that are predominantly available on websites and mobile apps are fast

losing their relevance. The pervasiveness of digital technologies and

applications has also resulted in “consent fatigue” due to the increasingly large

number of requests for consent and the disproportionate time required to

meaningfully assess such requests by the user on a routine basis. Meaningful

consent is further vitiated by a substantial number of companies adopting a “take

it or leave it” approach to privacy notices, with no room for negotiation. Privacy

notices also often suffer from verbosity and dense legalese. Moreover, the draft

bill proposed by the Srikrishna Committee does not address many situations

where it is difficult to register consent because of technological or interface

limitations. Consequently, the notice-and-consent foundations of this bill can

diminish the flexibility needed for new data technologies to scale and grow.

88

89

90

91

92

93

94

95

96

97

98


Therefore, solutions on offer at present, especially the idea of privacy self-

management, need to be customized to the specific context of civilian drone use.

Here, responses could include integrating a notice dashboard as part of Digital

Sky. The public then can access information about the geographic locations and

purposes served by drone operations, the sensing and data gathering

technologies onboard the unmanned system, the kinds of data potentially

captured, and technical specifications relating to the granularity and accuracy of

the data collected and processed, from such dashboard. By providing this option,

the DGCA can effectively compel drone operators to carry out privacy impact

assessments and publicize them before undertaking such operations. Data

minimization can also be achieved because these assessments and disclosures

make it possible to evaluate whether the data operations are proportionate with

the stated purposes, thereby disincentivizing drone operators to gather or process

disproportionate amounts or types of data. Many of these recommendations

are reflected in a set of voluntary best practices that the National

Telecommunications and Information Administration (NTIA) released in 2016.

Concluding Remarks

The traditional privacy challenges raised by drone technology – fitting drones

with devices that can capture personal and private information at very close

range, using the technology for mass surveillance, causing discomfort to human

beings through their intrusive nature – are concerns totally ignored by the present

regulatory response in India, except to place liability on drone operators for any

such harms. Criminal law responses similar to those present in many of the state

legislations in the U.S. need to be introduced to penalize rogue actors with

wrongful intent to intrude upon privacy. In parallel, strengthening the civil tort of

privacy through clear delineation of principles for quantification of damages, and

the constitutional tort of privacy through appropriate legal standards to restrain

mass surveillance projects, is required to safeguard individual interests against

such traditional privacy harms.

These are basic steps that must be implemented

soon to keep pace in an area where law and

technology will continue to evolve.

99

100


The Indian State must also move ahead to create appropriate personal and

community data protection regimes that place limits on the processing of such

data using drone technology. This framework should make use of a co-regulation

framework that incentivizes private actors to adopt voluntary codes of conduct

and places responsibility on appropriate state authorities to evaluate such codes,

suggest suitable modifications, and monitor compliance with the same. The

Digital Sky platform, a state-of-the-art solution for regulatory compliance as well

as drone tracking, should be expanded to publicize privacy impact assessments

carried out by drone operators. These are basic steps that must be implemented

soon to keep pace in an area where law and technology will continue to evolve.


The Privacy Negotiators: The Need for U.S. TechCompanies to Mediate Agreements onGovernment Access to Data in India (MadhulikaSrikumar)

Madhulika Srikumar is attending the graduate program at Harvard Law School as a

2019 Inlaks Scholar. She was previously an Associate Fellow and Programme

Coordinator with the Cyber Initiative at Observer Research Foundation in New Delhi.

Acknowledgments: The author extends sincere thanks to Sharon Bradford Franklin,

Andrew Woods, Greg Nojeim, Heather West, Jennifer Daskal, Tim Maurer and

William Carter for their valuable insights. This paper would not have been possible

without the kind support of New America and the invaluable guidance provided by

Awista Ayub and Melissa Salyk-Virk. The author would also like to thank the 2019

India-US Fellows. All errors in this paper are the author's alone.

Introduction

Apple’s clash with the FBI in 2016 was touted as an “American Revolution” and a

reminder of “why we (Americans) have the fourth amendment.” Indeed,

Apple’s challenge signified the pivotal role that tech companies play in defining

the parameters of government surveillance. It did so by publicly challenging a

court order requiring the company to break the encryption built into its iPhone

device.

Cut to 2018: to the chagrin of privacy advocates everywhere, Apple announced

that it would move the data of Chinese users to servers owned by a state-run

company to comply with China’s data localization law. The company later

announced that they would host the encryption keys in China; and that the

Chinese partner would “have access to all data” of users registered in the

country.

An emerging body of scholarship has now examined the role that tech companies

play in instances like Apple’s clash with the FBI – where “surveillance

intermediaries” constrain government surveillance, as Alan Rozenshtein argues.

Scholars have examined the incentives and tools that tech companies use to

resist the government (U.S. government in most analyses) and the net positive

effect that it has ushered in for users against surveillance excesses by law

enforcement.

What these scholarly attempts have omitted, however, is taking the latter reality

into account – where tech companies accede to (sometimes regressive)

government demands. The number of internet users in India and China is over

101

102

103

104

105

106


four times larger than the United States excluding the number of future users.

This fact alone introduces finer nuances that dismantle the existing

understanding of financial and policy incentives that drive intermediary

behavior.

I lay out in the following sections why tech companies must instead be treated as

privacy negotiators – not only advocating for user privacy but negotiating the

tradeoff between cooperation or resistance in the short term vs. compliance with

unintended regulatory consequences in the long term. Over the past year, the

scales have tipped in favor of the latter outcome. The difficulty of obtaining

electronic data from U.S. tech companies combined with the historic resistance

put forth by these companies has been recognized as the primary reason behind

the onerous regulation introduced in India.

In response, tech companies are increasingly relenting to government pressure

thereby complying with regulation that is not only poorly designed but one that

could pose serious consequences to the privacy of Indian users.

I argue that as privacy negotiators, tech companies are in a unique position in the

surveillance architecture to reform cross-border access to data for law

enforcement in a manner that secures the privacy interests of Indian (and all

foreign) users. Given that these tech companies are privy to the nature of

requests and have the legal standing to pushback against the requests- their role

as privacy negotiators is established firmly.

In earlier work, I examined the challenges in the current cross-border regime

where Indian government requests data from U.S. tech companies, arguing that

the respective governments must consider an India-US executive agreement

under the Clarifying Lawful Overseas Use of Data Act or CLOUD Act. I argued

that such a bilateral agreement would not only ease cross-border access to data

and make it more efficient but also safeguard user privacy in the process and

ultimately strengthen the overall case against mandatory data localization.

This article takes off from there – given that there is an alternative on the table,

there are still no significant advances being made in the conversation. This article

explores why. Even while the challenge arising out of the conflict of laws is

undeniable, I argue that there is an emerging “conflict of interests” which has

resulted in tech companies acceding to Indian government’s demands for

localization. The article, therefore, addresses the gap between current literature

that examines the challenge of cross-border access to data and the growing

scholarship on governing tech companies as “information fiduciaries.”

In Part I, I briefly lay out the challenge of Indian government access to data

highlighting how U.S. tech companies have fallen into the role of privacy

negotiators. The section also briefly addresses the significant normative

turnaround that an India-US executive agreement on data sharing can bring

about.

107

108


In Part II, I examine how the push for data localization from the Indian

government came about and the competing incentives of tech companies that

may ultimately drive them to comply with a larger localization mandate.

In Part III, I explore how the recognition of tech companies as data fiduciaries

under Indian law may enhance the legal responsibility of privacy negotiators –

requiring them not only to pushback against localization but also push for more

privacy protecting alternatives such as the CLOUD Act. In the final section, I

argue that private tech firms indeed have the clout to push for an executive

agreement between India and the U.S. to raise the privacy standards of law

enforcement access to data.

This article is limited to examining the regulatory responses stemming from the

cross-border conundrum when Indian law enforcement agencies (LEA) request

user data from U.S. tech companies whose services are widely used in the

country. Any reference to “tech companies” in this paper is limited to prominent

U.S. tech service providers that are operational worldwide. Their function as

privacy negotiators, therefore, is emblematic of the role they carry out in the

current surveillance regime – and as I argue later in the article, also indicative of

the duty they must discharge towards all users. Developments in India present a

compelling lens to examine this contention since companies’ recent actions in

the country exhibit a decisive turnaround in the incentives that earlier drove their

resistance in the surveillance regime worldwide.

Conflict of Laws

The system for cross-border access to electronic data for criminal investigations

between India and the United States has often been criticized for being outdated

and time consuming, sometimes taking as long as three years. At the heart of

the issue is the conflict of laws between where the user is located, where the

company is headquartered and in some cases, where the data is stored.This has

led to fragmentation of legal frameworks across jurisdictions and reliance on

slow inter-governmental processes like Mutual Legal Assistance Treaties

(MLAT).

Access to electronic data – specifically communications content – has become

instrumental not just for crimes committed online but also to further

investigations where these crimes cause ‘real-world’ harm. U.S. tech companies,

governed by the Stored Communications Act, disclose non-content data to

government agencies that honor the rule of law and respect fundamental rights.

Companies only voluntarily disclose content data during exigent circumstances

involving danger of death or serious physical injury to any person

109


Under normal circumstances content data can only be shared in response to a

warrant issued in the U.S. As a result, in most cases investigating officers in India

must obtain a warrant meeting the probable cause standard from a U.S. court

through the India-U.S. MLAT to access content data. Due to delays and

uncertainties associated with the MLAT process, Indian law enforcement

officials often express their dissatisfaction of having to comply with a foreign law,

especially while tackling crucial cases. One such instance is the recent case of

disinformation spread through WhatsApp that resulted in mob violence and

deaths of 27 people.

Given this reality, the Indian government in the past year has called for data to be

localized or stored within India’s borders. The mandate to store data locally

either completely or in the form of “mirror servers” is a harmful and ill-suited

policy approach for two reasons.

First, mandating data to be localized is especially dangerous to user privacy since

police officials in India rely on legacy laws to access electronic data which require

no prior authorisation by courts. Legacy laws in India provide that any court or

police officer in charge of a police station can compel the production of any

“document or other thing” that is necessary or desirable for the purposes of an

investigation or trial. Not only has this power been interpreted broadly but in

practice it is only police officers who issue notices to companies requesting user

data. This imposes a much lower threshold than the U.S. Probable Cause

standard that is currently enforced on Indian users through the MLAT process

where the court issues a warrant.

Second, data localization is ill-suited for the stated purpose of law enforcement

access. Major service providers may not be able to comply with user data requests

from the Indian government since U.S. law still effectively bars these companies

from disclosing user data to foreign law enforcement authorities. Even if U.S.

companies comply, only data of Indian citizens can be provided. In cases of

transnational crimes such as online radicalisation, money laundering and

cybercrimes, Indian police will have to continue to rely on cooperative models

like the MLAT process.

It is crucial that a common framework is devised that eases the existing conflict

of laws and increases institutional cooperation between states to discourage

further fragmented developments such as mandatory data localization. Access to

electronic data, therefore, must be determined on the basis of where the user is

located and not where the data is stored. States must strive towards enacting

direct data sharing arrangements between foreign LEAs and technology

companies to operationalize this. The CLOUD Act signed into law last year by the

U.S. Congress can actualize this for the first time and decentralize control over

data from U.S. authorities where popular technology companies are located.

110

111

112

113

114

115

116

117


Even while the CLOUD Act is an imperfect solution – the Act by allowing

executive agreements between states to bypass the existing conflict of laws

provides a workaround that was earlier unavailable. In effect, an India-U.S.

executive agreement under the CLOUD Act would establish a higher standard of

privacy protection for Indian users that is currently unavailable under Indian law

such as limiting the scope of requests and judicial review.

Conflict of Interests

Push for Data Localization

Calls for mandatory data localization by the Indian government over the past

year have emerged as the overwhelming bone of contention. Far from mere

rhetoric, the Reserve Bank of India (RBI) has already made it mandatory for all

payment service providers to store copies of data locally.

India’s first draft data protection law imposes mandatory data localization –

requiring all data fiduciaries operating in the country to store at least one serving

copy of data on a local server. The draft law further empowers the government

to recognize certain categories of data which must not only be stored but also

processed exclusively in the country.

Admittedly, this push for data localization is part of a larger strategy that the

government is rolling out to reassert their sovereignty in the digital economy.

However, in no uncertain terms, the committee drafting the law has cited the

difficulty that law enforcement faces in accessing user data during criminal

investigations and prosecutions as the primary motive behind the move. The

committee reasons that forcing companies to localize data, even just a copy, can

enable “quick and easy access.”

The government directive to command cooperation from companies on

surveillance is not limited to data localization. The draft amendment rules to the

Information Technology Act imposes an obligation on intermediaries to respond

within 72 hours of receiving a request from any government agency; preserve

data upon requests for 180 days or longer; and enable “tracing” the originator of

the messages shared on their platforms.

Forcing companies to store data locally – even just copies– has been widely

panned by stakeholders in India and abroad. Broadly, enforcing data localization

is criticized as a regulatory tool that can lead to unchecked surveillance, impose

significant costs on companies, ironically on local startups, compromise security,

and as per the U.S. government be discriminatory and trade-distortive.

It is undeniable that the Indian government has a legitimate interest in regulating

tech companies, especially given their growing strategic importance. A case can

118

119

120

121

122

123

124


even be made that a carefully nuanced localization law – that is backed by

evidence and least obstructive in practice – can be an appropriate regulatory

response in some cases.

It is undeniable that the Indian government has a

legitimate interest in regulating tech companies,

especially given their growing strategic importance.

However, the current data localization directive is driven by the government’s

waning patience in eliciting compliance from tech companies across issues –

from online speech to taxation. Even in the absence of a consensus across

agencies on the extent, indeed the rationale behind data localization, the

government is hurtling towards a point of no return. The government’s

frustration stems from private and foreign companies wielding public power and,

consequently, opposing state sovereignty.

Compliance with such a law would run wildly contrary to the public stance that

tech companies have long held on this issue. If passed in its current form, this law

will also be counterproductive defeating the government’s intended purpose,

likely hurting law enforcement efforts, undermining user privacy in the process.

First, as I mentioned above, it is unclear whether a mandate to relocate data

locally will translate into easier access for Indian law enforcement. Given that

U.S. law effectively bars these companies from disclosing user data to foreign law

enforcement authorities, companies are in a position to legally refuse to comply

with requests. As is current practice, companies can continue to demand a

judicial order from a U.S. court to comply with a request for content of any online

communications.

Second, even if localizing data could assuage fears of foreign surveillance, it

could easily lend itself to domestic surveillance. The Committee has sought to

localize data for law enforcement but “categorically refused to afford this data

any procedural protection”. The Committee has instead placed the onus on

Parliament to enact another comprehensive legislation for surveillance reform.

In other words, the government is enacting data localization in the absence of

any, let alone strong, data protection laws and enforcement mechanisms. Some

have gone on to argue that the mandate may therefore not fulfill the standard laid

out by the Supreme Court on what constitutes a reasonable restriction on an

individual’s right to privacy. This reasoning is compelling since the

125

126

127


government can just as easily adopt less onerous regulations that could serve the

purpose adequately and proportionately.

Competing Incentives of Tech Companies

Developments over the past year conclusively indicate that tech companies are

relenting to Indian government demands to forcefully localize data. While these

demands are not new, the RBI made a decisive move towards enacting this

mandate for the first time targeting big tech companies – posing an existential

peril to the payment ecosystem in the country. The principal banking regulator

made it mandatory for all “payment system providers” to store payments data

locally and ensure “unfettered supervisory access” to the data stored within a six-

month period. Eighty percent of the players, including Google, Amazon, and

Whatsapp, have reportedly either complied with the regulation or are planning

to.

Undoubtedly, the RBI notification has a far-reaching impact – not only because it

is the first policy of this kind, but more importantly for what it signals lies in store.

It has been reported that the Central Bank is relying on the localization

regulation to “prepare ground” for a stringent data protection law that would be

applicable across sectors not limited to financial data. Further, the close

involvement of the central government in seeking compliance with the RBI

regulation firmly indicates the emergence of a “whole-of-government” approach,

laying the foundation for a wider localization requirement under the upcoming

data protection law.

Admittedly, big tech companies have complied with data localization laws in

Russia and China previously. However, I argue here, that submitting to an Indian

regulation (and thereby a mandate issued by a democratic state) represents a

turning point in the incentives that drive their behavior in emerging economies.

Take Facebook, for instance. The company recently not only acknowledged that

choosing where to build data centers is “one of the most important decisions”

they make, but also committed to not storing sensitive data in countries with

weak human rights records or lacking security safeguards. Meanwhile,

Facebook’s subsidiary Whatsapp is on the final stretch before storing all

payments-related data within India in the absence of adequate checks and

balances under Indian law.

It may be unclear, even unnecessary, to characterize these actions of tech

companies as hypocrisy or doublespeak. Tech companies have been and will

continue to strike a balance between cooperation with, and resistance to lawful

surveillance across jurisdictions.

In effect, however, the added complexity of responding to foreign governments

has contributed to their resistance over time. This, in turn, has resulted in heavy-

handed policies in growing markets such as India, which has distorted the

128

129

130

131


incentives that earlier drove their actions. Companies are increasingly either

adhering to these policies or showing a willingness to. Even while companies are

incentivized by a profit motive, and understandably so, as privacy negotiators

their acquiescence or pushback plays an outsized role for the privacy rights of

Indian users. This alone demands an exercise in breaking down what incentives

drive them.

Launch of new services: The launch of WhatsApp’s first-ever payments service

coincided with the RBI localization notification. The RBI’s directive to all

payment system providers to store payment data of the Indian leg of a transaction

exclusively in India was issued in April 2018. In addition to the local storage

requirement, the stated purpose behind the regulation was for providers to

establish a mechanism to allow the Central bank to monitor this data end-to-end.

The regulation was applicable to all payment providers including international

card networks such as Mastercard and Visa, and operators of pre-paid wallets

including WhatsApp Payments, Amazon Pay and Google Pay.

The consequent resistance to this regulation by global payment firms including

big tech companies illustrated not only how their pushback was unsuccessful, but

also the stakes involved for these companies as they were vying to expand in the

Indian market. Tech companies view India as the “next frontier of growth” –

fighting to capture the sizable and growing digital payments market, which is

expected to be worth a reported $500 billion by 2020. Google Pay is reported

to have 30 million users on the platform in India alone. With over 200 million

monthly active users, India is the biggest market for WhatsApp – justifying why

the company has been testing its payments service first in the country.

Even while complying with the RBI regulation heralded significant costs and an

overhaul of existing operations; and is inconsistent with their previous policy

positions on this issue, tech companies ultimately relented. Google, for instance,

agreed to abide by all RBI requirements while at the same time maintaining that

they promote cross border data flows since they generate more economic value.

Apple, on the other hand, has reportedly stalled the launch of Apple Pay in India

in light of RBI’s localization mandate.

Even under mounting pressure from industry bodies, U.S.-India trade

organizations and U.S. senators, the Indian government has been

unwavering in its demand. The Central Bank refused to extend their six-month

deadline for compliance; did not concede to a less onerous alternative such as

a “mirror server” requirement; and did not open up to public consultation.

While companies challenged the RBI directive, it is clear that none of them

pursued a legal challenge, though the reasons why remain unclear. Combined

with the whole of government approach that the current administration in India

has adopted, we see that tech companies acceded to the localization request

given their significant growing interest in the market.

132

133

134 135

136

137 138


Localization as the “less bad” option: Increasingly, tech companies operating

in India are seen to be viewing a localization mandate as a less bad option. First,

tech companies across the board have agreed to comply (some at the first

instance) with the RBI notification to exclusively store payment data arising out

of the country locally. The majority of the global payment firms including

Amazon and Google have abided by the law and satisfied the regulator’s

requirements. This differs significantly from how some of the companies have

responded to Russia’s 2014 data localization law, with some either ignoring the

obligation altogether and the rest failing to fully comply.

Second, it appears increasingly unlikely that the companies would continue to

rely on U.S. law as a crutch to resist or delay responding to requests from Indian

agencies. In effect by complying with the RBI requirement to store data

exclusively in India, the companies have ceded to the regulators’ supervisory

powers. Especially given the presence of physical infrastructure or personnel in

the country, companies might consider the risk of not attracting punitive action

more seriously.

Third, tech companies might be willing to acquiesce to data localization to stave

off demands that could fundamentally alter their technological design. Over the

past year, while WhatsApp has been under government pressure to localize data,

the company was also fighting the fire to contain the spread of viral rumors on its

platform. False videos of child abduction shared on the messaging app triggered

a spate of mob-related killings that resulted in over 30 reported deaths.

The company’s plan to launch its payment service stalled as they came under

intense scrutiny from the government to “not evade responsibility” and were

being pressured to introduce technology changes to their service. This

pressure culminated with the Ministry of Electronics and Information

Technology (MeitY)’s draft intermediary guidelines late last year that

mandatorily required companies to enable “tracing out the originator” of

messages upon requests and to respond within 72 hours. While the company

made changes to its messaging service to limit forwarding of messages, they

pushed back on the tracing requirement as it could entail breaking the end-to-

end encryption deployed by the platform. We see that while the company was

willing to alter its architecture by storing data locally for its payment service, they

were at the same time unwilling to alter a critical facet of its business model in

encryption.

Responsibility of Tech Companies as Privacy Negotiators

U.S. tech companies operating in India are therefore caught up in what can best

be termed as an identity crisis. At the crux of it, the aforementioned incentives

muddy the waters for tech companies, making it difficult for them to push for a

139

140

141

142

143

144

145


workaround to adequately address the challenge of Indian law enforcement

access to data.

Since U.S. tech companies play a unique role when responding to government

surveillance, acting both as the first and last line of defense, I argue that only

companies can and must negotiate to protect the long-term privacy interests of

Indian users. Especially given that these tech companies will soon be recognized

as “data fiduciaries” in the Indian market, I argue that companies indeed have an

additional legal responsibility to protect their users’ privacy interests. Through

the CLOUD Act, tech companies can counteract the demands for data

localization while upholding high standards of due process and privacy

protections for Indian users that are currently unavailable under Indian law.

As current literature has exhaustively outlined, tech companies are the only

actors privy to the nature of requests they receive from government agencies.

Not only can tech companies afford the resources to comply with requests, but

they can also cooperate more actively, and even pushback through a legal

challenge when required. Ultimately it is only companies who have the

resources or the legal standing to fight a request – further entrenching the role

that they play as privacy negotiators.

The question that then arises is what role do companies discharge as privacy

negotiators? Are there any obligations, legal or otherwise, on these companies to

safeguard user rights within the larger surveillance architecture?

To predict the route that technology companies will adopt in the tussle between

advocating for user privacy and acceding to lawful surveillance, it is necessary to

distill the specific interests that tech companies have in going either way. Viewed

as pure corporate actors following rational self-interest, it may seem unwise for

the companies to assume any additional burden of resisting requests for access to

data, even when requests may be overbroad or vague. This holds doubly true

when American companies undertake the collective responsibility of addressing

requests from foreign governments and are called on to find a fix to the current

overburdened cross-border regime for data sharing.

Largely, the current scholarship falls on one of two sides of this debate. The first,

popularized by Rozenshtein, adopts an empathetic view that companies as

surveillance intermediaries have brought about an overall positive change or

“disciplining effect” on the surveillance regime—through pushback in courts and

mobilizing public opinion for the benefit of user privacy. Rozenshtein goes so far

as to argue that tech companies have never before relied so significantly on a

foreign user base and resisted government surveillance this aggressively in part

due to their “intense libertarian aversion to government invasions of privacy.”

The second is more cynical in its outlook where scholars argue that tech

companies shielding or delivering information to law enforcement is all

146

147

148

149

150

151


happenstance and purely an outcome of their pervasiveness in our digital

economy. Users should have no expectations to think a “technology company

can and should be responsible for its users’ rights.” Regardless, the consensus

across the two schools is loud and clear. Tech companies post 2013 Snowden

disclosures have a commercial incentive to challenge lawful government

surveillance and advocate for users rights; and indeed on the whole until now,

companies’ actions support this contention.

However, this contention overall no longer holds any water. As I have outlined

above, the incentives of tech companies are no longer aligned with the interests

of users – at least Indian users. By conceding, indeed, complying with the Indian

government’s mandate to store data locally in the absence of adequate privacy

safeguards, tech companies’ interests have conclusively aligned with the

government and regulatory interests and no longer appear aligned with those of

Indian users; and by extension users in all emerging markets. The incentive to

launch a new service in a crucial market or the act of conceding to localization in

order to not attract other adverse regulatory mandates are compelling reasons for

companies to abandon their seemingly voluntary role as privacy negotiators.

Instead, the assertion that companies often choose to fight for user privacy

because of their profit motives and not in spite of them—as advanced by the

above mentioned cynical school—does a better job of explaining the turn of

events helmed by tech companies in the country. Simply put, tech companies find

themselves in a conflict of interests—advancing their market priorities versus

prioritizing user privacy.

This relationship between tech companies and users stands fundamentally

altered with the growing recognition of tech companies as fiduciaries. India’s

upcoming draft data protection bill may well be one of the first few legislations

that articulates this duty of care for tech companies – recognizing any individual,

state, company, or juristic entity who determines the purposes and means of

processing personal data (either alone or in conjunction with others) as data

fiduciaries.

The constitutional law scholar Jack Balkin first proposed extending the common

law doctrine of fiduciary relationships to the digital economy – and coined the

term “information fiduciaries”. This proposal has gained wide acceptance,

with the drafters of India’s data protection bill adapting it to develop a “fourth

path” to deliver a data protection regime, distinct from the U.S., EU and China –

relevant not just to India but to “all countries in the Global South”.

As information fiduciaries, tech companies including social media, search

engines, etc. will have to discharge duties of care, confidentiality and loyalty

towards users whose data they collect, store and use. This fiduciary

responsibility bestowed on companies is over and above the contractual rights

that users are entitled to and further confers the duty on companies to adopt a

152

153

154

155

156

157

158


professional code of ethics to protect the data principal’s or user’s interests.

Balkin likens this duty to that of a doctor’s or lawyer’s:

Suppose that a doctor, lawyer, or accountant sold personal information

about their clients to a data broker. Suppose that they used personal

information to manipulate a client’s actions for the doctor, lawyer, or

accountant’s benefit. Or suppose that they simply disclosed it in order

to gain a business advantage at the expense of their client. If they did

any of these things, they would likely be liable for a violation of

professional conduct … Even absent an express promise not to reveal,

use or sell information, there is a duty not to do so in ways that will

harm the interests of the client, or that pose a conflict of interest.

The fiduciary relationship between users and companies, however, is not

extended to all online service providers who operate in the digital economy.

Instead, four criteria must be met for a company to be considered an information

fiduciary; whether users are placed in a position of significant vulnerability,

whether users disclose personal information to the company in return for gaining

access to important online services; and finally whether the company holds

disproportionate volumes of data about the user which can be used against her

interest. Admittedly, India’s draft data protection bill adopts a broader

sanction, indeed conferring the fiduciary duty on all actors who process personal

data in the digital market.

The criteria set out above, however, are wholly met by private tech firms in the

current surveillance ecosystem for the reasons I stated above – that tech

companies are the first and last line of defense. While the above excerpt

suggests that tech companies must be able to avoid conflicts that harm the

interests of clients, or in this case users, altogether – the reality is not as wishful.

Instead, with the statutory recognition of their fiduciary duty, tech firms have an

obligation to carry out their duty of loyalty by resolving any conflict of interest to

the benefit of their users’ interests and not their own. Therefore, as privacy

negotiators, tech companies must respond to surveillance by not endangering the

privacy of their users by localizing data in the absence of adequate safeguards,

but instead work towards a sustainable workaround. Commentators have argued

that the government’s push towards data localization in the data protection bill

(and companies acceding to this demand) undermines the fiduciary relationship

laid out in the very same bill – increasing not just privacy but the security risks of

users located in India.

Indeed, the duty of loyalty translates into fiduciaries ensuring that they use data

“only in ways that are consistent with users’ expectations.” Expectations of

Indian users can be easily traced in the submissions to MeitY during the recent

public consultation process on the data protection bill. Not only has a significant

159

160

161

162


section of civil society and industry opposed the localization mandate but there is

also a growing consensus that an India-U.S. agreement under the CLOUD Act

must be considered as a policy alternative. Therefore, as privacy negotiators

bestowed with a fiduciary duty, tech companies must strive to leverage their clout

to push for such an agreement.

Resolving Conflicts

The whole-of-government approach adopted by Indian policymakers combined

with the support from the law enforcement and national security community has

all but cemented the government’s single-minded objective of demanding U.S.

companies to store personal data locally. This move cannot be seen in isolation

– only stemming from the challenge that the Indian government currently faces

either in accessing user data or enforcing domestic regulations. The government

recognizing that data is a “strategic asset” is motivated to level the playing field

between Indian and foreign players in the digital economy; even appointing

industry representatives with reported conflicting interests to policy drafting

committees. While there is acknowledgement that localization is not a silver-

bullet solution for all of these multifarious concerns, law enforcement access is

viewed as the only challenge that will definitively be solved by localizing data

within Indian borders. With the lines between global tech companies and their

Indian counterparts drawn, Indian companies have thrown their support behind

localization; expecting that it will give them a competitive advantage against the

outsized resources that the technology giants command.

Other developments over the past year have also contributed to a confrontation

between foreign tech companies and the Indian government. The reveal, for

instance that the Cambridge Analytica leaks had led to sharing of personal

information of 560,000 Indians with the political consulting firm. And more

recently, Twitter initially declining to appear before the parliamentary standing

committee on information technology.

From the perspective of the users, however, there is a dawning realization that

critical safeguards for privacy may be lost in this battle for compliance between

the government and companies. Especially in the surveillance regime it is

ultimately only companies that may have a legal standing to resist requests for

excessive collection of user data – further cementing the role that they can play as

privacy negotiators. In effect, global technology companies wield significant

bargaining clout that,at least until now,as been used sparingly when user privacy

has coincided with their commercial interests. On the face of it,that seems to be

changing.

Major U.S. tech companies have openly supported President Trump’s signing of

the CLOUD Act. Microsoft, for instance, has committed to additional privacy

protections on top of the CLOUD Act including the requirement for prior-judicial

163

164

165

166

167

168


sanction before responding to request. Apple is contributing to making the

process more transparent by training law enforcement officials from around the

world in lawful data collection and by creating a web portal for requesting user

data and tracking the status of these requests. More recently, Amazon Web

Services joined the list of prominent technology companies that have lent support

to the CLOUD Act as the answer to data collection for law enforcement.

This support is not insignificant. With their sheer size, near complete integration

with the digital economy and transnational operations, the companies have

begun to resemble nation states in multilateral negotiations and as such will have

a huge bearing on whether the new framework succeeds or fails.

However, as I have examined in Part II of the article, even as companies openly

voice support for frameworks such as the CLOUD Act, their actions in response

to regulatory pressure in India suggest otherwise. A critical consideration in this

equation, however, is users’ trust in the companies’ ability to protect their data

and privacy. This trust is not limitless and for it to persist, companies will need to

walk the talk of safeguarding user privacy.

Frameworks like the Cybersecurity Tech Accord, signed by over 100 global

companies committed to protecting users against malicious cyber threats (even

those emanating from state actors), are symbolic of the clout that global tech

companies can leverage – an initiative that need to be encouraged in

conversations around law enforcement access to data.

Conclusion

Law enforcement demands for access to data have coincided and intensified with

the evolution of electronic communications. And yet, the contours of this access

are more fluid today than they have ever been and will only get murkier in the

coming years. Two paradoxical trends in technology lend credence to this fact:

even as larger and more complex data sets become available, a pivot towards

anonymising technologies is likely to make more and more data inaccessible to

law enforcement.

Law enforcement demands for access to data have

coincided and intensified with the evolution of

electronic communications.

169

170

171


Earlier this year, Facebook – arguably the most important arbiter of user privacy –

announced the eventual merging of its three messaging services and the creation

of an ecosystem where the chat app essentially becomes a web browser. The

more significant part of the announcement, however, was the deployment of

WhatsApp-like encryption across all its services. The company would store no

content data and would therefore not be in a position to share it with law

enforcement. This pivot towards universal encryption is likely to intensify the

present demands for data access and a resurgence of the dichotomous debate

around user privacy versus national security.

At the same time, as emerging technologies like facial recognition, wearables,

and smart assistants become commonplace, they will create highly sophisticated

datasets including behavioral data – compounding both the volume and types of

data that can be available for criminal investigations.

While encryption will further frustrate law enforcement attempts to access data,

new and emerging datasets will increase their dependence on technology

platforms. Reconciling these two demands will need fixing the problems that

currently plague cross-border data sharing. An important realization that has

emerged in the context of controversies surrounding content moderation and

speech regulation by social media platforms has been that centralization of these

complex politico-legal decisions in the hands of a few actors.

Competing priorities around ensuring national security, investigating crimes and

protecting user privacy have long evaded any meaningful reconciliation. In many

ways, recent developments like India’s data localization mandate have forced

technology companies and privacy advocates into a corner. At the same time,

new policy frameworks like the CLOUD Act have, for the first time, thrown up an

opportunity to arrive at a sustainable and privacy-strengthening solution.

The pivot that technology companies make in their public policy posture now will

determine the way in which this debate will be resolved. It is critical that they

step up and not only bargain for stronger user protection, but also highlight to

countries like India how a cooperative and not compulsive framework will better

serve all stakeholders in the long run.

172

173

174

175


Governing Data: Non-Discrimination and Non-Domination in Decision-Making (Joshua Simons)

Joshua Simons is a Sheldon Fellow in Government at Harvard University, and is

writing about the politics and ethics of machine learning. His research argues that

machine learning is political.

Introduction

This paper is about how modern democracies should govern data-driven

decision-making. It examines the goals that democracies might require different

institutions to embed in their decision-making procedures, including those that

use machine learning. I compare the public philosophies and constitutions of

America and India to contrast such goals, the elimination of discrimination and

domination respectively.

The present is a critical moment in the governance of data-driven decision-

making. Across the world, the debate about the governance of data and the

technology companies is gaining pace. In India, the government has begun to

develop a ‘data marketplace’ for private sector institutions to stimulate

innovation. India is also on the cusp of adopting a comprehensive legislative

framework to govern data-driven decision-making. The draft Data Protection

Bill, built on the conceptual foundations of the Srikrishna Report, will be the first

significant legislation to draw on the data fiduciary concept developed by

American lawyers.

At such a moment, it is important to pause to ask fundamental questions about

what the governance of data should aim to achieve. This paper goes beyond

familiar concerns about privacy to compare two ideas that might underpin such a

governance framework: discrimination, which I associate with American law and

politics; and domination, which I associate with Indian law and politics. The U.S.

places on institutions only the negative requirement not to discriminate in their

decision-making procedures. This limited goal does not address the ways in

which, without intent or malpractice, decision-making procedures can

compound and entrench patterns of inequality.

India’s approach in politics and law to addressing structural social inequality is

founded on the concept of domination. In particular, the ambition to eliminate

relations of domination is central to the Constitution of India and the writings

and speeches of B.R. Ambedkar. India requires society’s most important

institutions to embed in their decision procedures the goal of eliminating

persistent structures of power between social groups, a goal that extends beyond

simply the pursuit of efficiency and non-discrimination.

176

177

178

179

180


Other democracies can learn much from India’s traditions, including the U.S. The

Indian idea of domination treats equity as a policy to be pursued in the name of

democracy. This recognizes that pervasive and persistent inequalities of power

—of resources and income, education and health, social status and respect—

ultimately undermine democracy itself. The promise of political equality, the

foundation of collective self-government, becomes a mirage. Because

domination is a threat to democracy, institutions across the social, economic, and

political spheres must embed the goal of eliminating it in their decision-making

procedures.

India’s current approach to governing data neglects these ideas. Instead of

drawing fromIndia’s own constitutional and philosophical traditions, the draft

Data Protection Bill imports several flimsy concepts from American and

European privacy law, including from the EU’s General Data Protection

Regulation (GDPR). India should instead pursue its own approach, built on the

idea of non-domination, rather than the shaky foundations of privacy. The

governance of data should aim not just to protect privacy, but to promote equity.

This paper applies these ideas about non-domination to the governance of data-

driven decision-making. It explores how the responsibilities of data fiduciaries,

the conceptual pillar of India’s recent Data Protection Bill, might be extended to

include responsibilities to address structural injustice. This could be done in a

context-sensitive way, that varies across institutions and sectors.

The great strength of the non-domination principle is that it forces us to ask: Who

decides? It focuses on who gets to make choices about the design of data-driven

decision procedures that will shape the contours of our societies. As we march

rapidly towards an algorithmic world, the question of what principles should

underpin the governance of data-driven decision-making, will be among the

most important political questions in the data-drenched twenty-first century.

181


The Challenge: Data and Decisions

Data-driven decision-making operates at three levels. First, society itself.

Societies are characterized by differences and inequalities of all kinds. Some we

do not regard as important, such as what brand of raincoats different groups

choose to wear, what humor they prefer, or how they dance. Some are the result

of persistent structures of power, such as the way that race, gender, caste and

class shape educational and employment opportunities, access to healthcare or

credit, or the ability to be seen and heard in public with dignity and respect.

Second, data. Data sets almost always reflect these differences and inequalities.

They show us not only which clothes or humor different groups prefer, but also

the complex ways in which race, gender, caste, and class condition the

opportunities certain groups are afforded. If African Americans or Dalits are

routinely excluded from educational opportunities, property in safe and

prosperous locations, or valuable jobs and promotions, then a large and complex

dataset will reflect how being an African American or Dalit conditions—and

therefore correlates with—the opportunities an individual is afforded in life. Data

encodes social inequalities and the structures of power that produce them.

Third, the decision-making procedure. Data sets can be used to make decisions

in a number of ways. These range from simple linear models to sophisticated

forms of machine learning. When an institution develops its decision-making

182

183


procedure, it makes choices about how to structure that procedure. These include

choices about the data-driven model itself: which data to train it on, which

features to include, what to train it to predict, rank, or classify. These also include

choices about how to combine the model with human decision-making, such as

what kind of human oversight, if any, to impose.

There are conflicting ideas about how data makes decisions different. On the one

hand, data offers the opportunity to eliminate intractable human prejudice. On

the other, data threatens to reinforce existing prejudices and inequalities.

Wealthy, white, men are better represented in data. Using that data to make

decisions—without human reflection or intervention—will simply reproduce

those injustices.

The truth is that we have choices about how we use data to make decisions. Data

gives us control over our decision-making procedures, especially machine

learning. It enables us to be explicit about the goals we wish to prioritize, the

values we wish to promote, and the trade-offs we are willing to make. We can

decide to impose a definition of fairness. Or we can decide to ignore issues of

justice and equality, and blindly pursue accuracy and efficiency.

Data raises the stakes of these choices, about which values to embed in our

decision-making procedure. Data-driven decision-making operates on a vast

scale. This means that the choices an institution makes as it designs decision-

making procedures will, over time, shape the lives of large numbers of people.

Especially in India where data-driven programs operate on a caste scale. Aadhar,

India’s national identification system, is now reported to cover almost 1.2 billion

citizens.

To understand the kinds of choices involved, consider an example. Imagine an

online advertising tool that recommends job adverts to individuals. The

recommendations reflect the past online behavior of users seeking job postings,

in particular, which advertisements they clicked on and applied to. Suppose

women on average clicked on lower paid jobs than men; the tool then

recommends lower paid jobs to women compared to men. The institution

designing the tool has three options, each with quite different technical and legal

implications.

First, the institution could establish a decision-making procedure that reflects the

world (read: data) as it is. This tool would show women lower paid jobs because

that’s the data users have given them. Second, the institution could impose some

fairness metric on their decision-making procedure. For example, they could

impose a maximum difference between average incomes in job postings for men

and women within a specified geographic area. Computer scientists have

developed a series of sophisticated individual and group-based definitions

of fairness (some of which cannot simultaneously be achieved) which could be

imposed on the model. Third, the institution could use their decision-making

184

185

186

187

188 189

190


procedure to change the world (read: data). They could show women higher paid

jobs on average, subject to some reasonable constraint.

What choice should the institution designing the jobs recommendation tool

make? What should our governance framework say about which choice the

institution should make? This paper compares two ideas in the U.S. and India

about the kinds of burdens that should be placed on institutions as they make

these choices: discrimination and domination.

Governing in America: Non-Discrimination

Over the past five decades, non-discrimination has become among the most

important principles for governing decision-making procedures in the U.S. It is

broadly accepted that institutions should ensure their decision-making

procedures do not discriminate, including procedures that use data. Let us

examine this principle by focusing on one particular law, Title VII of the Civil

Rights Act of 1964, which prohibits discrimination against employees and

applicants on the basis of race, color, sex, national origin, and religion.

Recall our tool that recommends job adverts to users. The company who designs

it has three possible choices: To reflect the world as it is and show women lower

paid jobs on average, because those are the job postings they tend to click on; to

impose some fairness constraint, such as specifying some maximum difference

between the average income of jobs postings between men and women; or to

change the world and show women higher paid jobs on average than men, subject

to some reasonable constraint.

U.S. discrimination law would not require this company to pursue either of the

final two strategies. To require the company to pursue these would, in effect,

would require institutions in their decision-procedures to take affirmative action

on behalf of protected groups. This extension of the non-discrimination principle

has never gained broad purchase in the United States. To see why, let’s focus in

more detail on Title VII. This will clarify the ideas and concepts that actually

underpin the non-discrimination duty—and most importantly, their limits.

Two kinds of legal cases can be brought under Title VII, disparate treatment and

disparate impact. Disparate treatment concerns direct discrimination in which

similar people are formally treated differently, usually when there is

demonstrable intent to discriminate. More important for our purposes is

disparate impact, which is indirect discrimination that does not concern intent.

A disparate impact case involves three questions. First, is there a disparate impact

of this policy on members of a protected class? The plaintiff has to show that the

decision-making procedure causes a disparate impact with respect to a protected

191

192

193

194


class. Second, is there some business justification for this disparate impact? This

has historically been the most important part of a disparate impact case. The

defendant has the opportunity to show there is a legitimate business case for this

procedure and thereby avoid liability. In data-driven decision-making, the

answer is usually likely to be that the procedure accurately predicts something

useful to the defendant. Third, is there a less discriminatory means of achieving

the same ends? This may become the most important component of a Title VII

case in relation to data-driven decision-making. The plaintiff can show that there

is another decision-making procedure that achieves the same goal, but produces

less discriminatory outcomes across a protected group.

In most cases, efficient data-driven decision-making procedures will not fall foul

of Title VII discrimination law as currently constituted. This is because the

principle of non-discrimination on which the law is developed does not capture

cases in which data-driven decision-making procedures reinforce existing

structures of inequality and disadvantage.

Consider two goals that have driven the development of U.S. discrimination law,

anti-classification and anti-subordination. The anti-classification goal aims to

combat unfairness for individuals in certain protected classes that results from

the choices of decision-makers. This mostly concerns formal or intentional

discrimination. The anti-subordination goal aims to eradicate inequalities based

on membership in protected classes; not just procedurally, but substantively. On

the anti-subordination view, the purpose of disparate impact law is not only to

unearth well-hidden cases of intentional discrimination, it is also to cover cases

of unintentional discrimination which entrench existing patterns of inequality.

Legal theorists and courts have reached consensus only on the anti-classification

goal. The law is not now thought by most to serve the purpose of addressing the

complex structural inequalities to which disadvantaged groups are subject.

Without the anti-subordination grounding, U.S. discrimination law has no basis

on which to impose on institutions the requirement to address structural injustice

in their decision-making procedures. “As a society,” the historian Michael

Selmi argues, “we have never been committed to eradicating racial or gender

inequality beyond immediate issues of intentional discrimination.”

The problem with the non-discrimination principle is this. It reinforces the idea

that beyond efficiency, the sole responsibility of institutions is to pursue

neutrality or blindness in the design of their decision procedures. Institutions

have no obligation to ensure that their procedures do not entrench existing

structures of inequality. Non-discrimination constrains attempts to embed

equity in the decision-making procedures of important institutions. It does not

support the goal of transforming underlying structures of power or confronting

persistent patterns of domination. As the feminist scholar Nancy Down argues,

“discrimination analysis is designed to ensure that no one is denied an equal

195

196

197

198

199


opportunity within the existing structure; it is not designed to change the

structure to the least discriminatory, most opportunity-maximizing pattern.”

I believe that non-discrimination, and the ideas of neutrality or blindness it

entails, obscures the politics of debating and deciding between substantive aims,

and the trade-offs required to achieve them. Negative duties of non-

discrimination are not a satisfactory basis on which to develop a framework for

governing data-driven decision-making. We must think explicitly about how

we should treat individuals differently on the basis of the disadvantages

associated with protected groups. The rest of this paper explores how the

constitution of India and the arguments of B.R. Ambedkar might enable us to

reason through that challenge. They explore another idea to underpin the

governance of data-driven decision-making: non-domination.

Governing in India: Non-Domination

In 1950, India adopted a constitution that represented a new social and political

experiment. On the eve of independence, most of those who became citizens

could not read or write. India was a society characterized by profound hierarchies

of power and deep differences of language, education, and culture. The

constitution aimed to harness the power of the state to transform these

entrenched hierarchies. This was to be achieved, in part, by imposing on

institutions a wide range of responsibilities to directly address structural social

injustices.

India’s constitution directly challenged the liberal idea that underpins the

approach to non-discrimination in the United States, “that every attempt to

resolve social question of inequality and material destitution by political means

would lead to terror and absolutism.” As Sunil Khilnani explains, democracy in

India promised “to bring the alien and powerful machine like that of the state

under the control of human will...to enable a community of political equals

before constitutional law to make their own history.” The Constitution, as K.

G. Kannabiran describes it, particularly the Social and Economic Directives,

expressly places “the state under obligation to eliminate inequalities in status,

facilities, and opportunities between people.”

These ideas were in large part B.R. Ambedkar’s. Ambedkar’s primary concern

was with the relationship between the political sphere, on the one hand, and the

social and economic spheres, on the other. His work explored what burdens the

pursuit of political equality in a democracy placed on different actors to address

manifest social and economic inequalities.

Introducing the Constitution in 1949, Ambedkar issued a warning to India’s

Constituent Assembly. He warned his comrades, “not [to] be content with mere

200

201

202

203

204

205


political democracy. We must make our political democracy a social democracy

as well.” He continued:

On the 26th January 1950, we are going to enter into a life of

contradictions. In politics we will have equality and in social and

economic life we will have inequality. In politics we will be recognizing

the principle of one man one vote and one vote one value. In our social

and economic life, we shall, by reason of our social and economic

structure, continue to deny the principle of one man one value. How

long shall we continue to live this life of contradictions? How long shall

we continue to deny equality in our social and economic life? If we

continue to deny it for long, we will do so only by putting our political

democracy in peril. We must remove this contradiction at the earliest

possible moment or else those who suffer from inequality will blow up

the structure of political democracy.

The contradiction between formal political equality and social and economic

inequality is, in the end, a threat to democracy. For Ambedkar, if the equal worth

of each citizen in politics stands in stark contrast to persistent inequalities in the

economic and social spheres, political equality becomes a mere formalism. The

idea of democracy becomes a mirage. Since patterns of domination reproduce

persistent inequalities, democracy itself depends on the practical and continuous

goal of eliminating patterns of domination.

This prompts a series of important political questions: Who has what burdens to

eliminate non-domination? How should they be imposed? Ambedkar’s

reflections on these questions formed the basis of some of the most ambitious

provisions in India’s Constitution. The idea was to embed social transformation

into the aims and procedures of society’s most important institutions. Powerful

institutions were explicitly required to direct their efforts towards the

transformation of society. These were the politics of confronting a long history of

injustice.

There are two relevant parts of the constitution. In Part III on Fundamental

Rights, Article 14 establishes equality before the law; Article 15 prohibits

discrimination on the grounds of religion, race, caste, sex, or place of birth;

Article 16 establishes equality of opportunity in public employment; and Article

17 prohibits the practice of untouchability. Second, Part IV the Directive

Principles of State Policy, which cannot be enforced in law, establish “equality as

a policy aimed at bringing about…changes in the structure of society.”

The implications of these provisions for public sector institutions are reasonably

clear: their decision-making procedures must contribute to the elimination

patterns of domination. For instance, in 1980, the Supreme Court ruled the

policies of reservation and affirmative action of the Indian Railway Board to be

206

207

208


consistent with the constitution’s aims and purposes. The Court argued that the

State was in fact required to pursue policies of affirmative action—that is, to treat

individuals differently based on their membership of groups historically subject

to patterns of domination. Issuing the judgment, Justice Krishna Iyer wrote: “the

Indian Constitution is a National Charter pregnant with social revolution, not a

Legal Parchment barren of militant values, to usher in a democratic, secular,

socialist society which belongs equally to the masses hungering for a human deal

after feudal colonial history’s long night.”

The implications for private institutions are less clear. Case law is still

developing. Consider the scope of Article 15 (2), which states that no citizen can

be restricted on protected grounds from access to “shops, public restaurants,

hotels and places of public entertainment, as well as places of public resort

dedicated to the use of the general public.” In a 2011 case, the Army College of

Medical Services (ACMS) in New Delhi devised its own merit-based admissions

procedure. The Court found the procedure to be unconstitutional. Its reasoning

stated that private sector institutions were subject to the provisions of Article 15.

“If a vast majority of our youngers, especially those belonging to disadvantaged

groups, are denied access in the higher educational institutions in the private

sector,” argued the judgment, “it would mean that a vast majority of youngers…

belonging to disadvantaged groups would be left without access to higher

education at all.”

The court drew on Ambedkar’s arguments in the Constituent Assembly debates,

to expand the scope of the word “shop” to include private educational

institutions. The ACMS admissions procedure, the Court found, produced

disparate impact, reinforcing the disadvantage of students from disadvantaged

backgrounds. Since ACMS was subject to the provision of Article 15 (2), and its

admissions procedure produced demonstrable disparate impact against

disadvantaged students, it was unacceptable.

More interesting was the Court’s interpretation of the word “only” when

referring to the prohibited grounds of discrimination. They interpreted the word

not to prohibit merely explicit or intentional discrimination on the grounds of

some protected trait, as courts tend to in the U.S. Instead, the word meant that

“the private establishment” must “ensure that the consequences” of its “rules of

access . . .do not contribute to the perpetration of the unwarranted social

disadvantages associated with the functioning of the social, cultural and

economic order.” In other words, India’s Supreme Court has been willing to

extend constitutional provisions beyond the requirements of non-discrimination.

These provisions require private sector institutions to embed the aim of

eliminating patterns of domination in their decision procedures.

209

210


Non-Domination in Decision-Making

How far this provision will extend remains to be seen, but the underlying idea is

clear. Democracy depends on the promise of political equality. This promise is

undermined by entrenched patterns of domination. These patterns can be

reproduced not only by the state, but by institutions that perform public

functions or that distribute important goods, such as employers, landlords,

banks, telephone networks, and so on. When these institutions establish their

decision-making procedures—hiring and firing, promoting and demoting, setting

rent and granting mortgages—they must bear some of the burdens of eliminating

patterns of domination.

As Justice Bhagwati, the 17th Chief Justice of India, wrote: “In a hierarchical

society with an indelible feudal stamp and incurable actual inequality, it is absurd

to suggest that progressive measures to eliminate group disabilities…are

antagonistic to equality on the ground that every individual is entitled to equality

of opportunity based purely on merit.”

Let’s explore the implications of the non-domination principle for the

governance of data-driven decision-making. Recall the example with which this

essay began: the tool that recommends jobs adverts. I argued that that the U.S.

non-discrimination principle provides no grounds for placing any responsibility

on a public or private institution to either impose some fairness constraint, such

as limiting the difference between the average incomes of job posting seen by

men and women, or to show women higher average incomes than men, on the

grounds that doing so would be to pursue some defensible aim of social justice.

The non-domination approach provides grounds for imposing the responsibility

to pursue both of these more ambitious aims. It could require public and private

institutions to impose some kind of fairness constraint on their data-driven

decision-making procedures, or to construct that procedure to specifically

eliminate patterns of domination. The Indian non-domination approach provides

a conceptual and legal basis for applying many of the technical approaches to

fairness developed in the computer science literature.

India could develop an approach to governing data built on this non-domination

principle. This could be done by broadening the responsibilities of data

fiduciaries, established in the draft Data Protection Bill. The fiduciary concept

rests on the idea of a relationship of trust. Banks are custodians of customers’

money; internet companies are custodians of customers’ data. That relationship

of trust entails responsibilities for the fiduciary to act in the best interests of

consumers. For instance, processing data is permitted only for purposes that the

consumer might “reasonably expect.” In a country where citizens expect

institutions to bear the responsibility of eliminating patterns of domination,

211

212

213

214

215


the concept of trust might plausibly impose quite significant burdens on grant

fiduciaries. They might be required to identify and raise important trade-off

choices as they design and develop data-driven decision-making procedures,

especially those that bear on entrenched social inequalities. Those choices could

then be subject to meaningful public oversight, through explicit regulatory

provisions, civil society organizations, and public debate.

Incorporating the non-domination principle into these fiduciary requirements of

trust may stretch the idea of trust to its limits. This is not because non-

domination is too ambitious an aim, but because the governance of data is about

more than privacy. If trust cannot incorporate ideas like non-domination,

fairness, and justice, the data fiduciary concept may prove limited in a world of

algorithmic decision-making and machine learning. Jack Balkin, who first coined

the information fiduciary concept, has written about this challenge.

Instead, more comprehensive structural regulation may be required. Such

regulation must leave room for flexibility and variation. Eliminating patterns of

domination may be part of the pursuit of political equality (essential in any

democracy), but considerable variation should be permitted in terms of how this

aim is embedded into decision-making procedures. Overly prescriptive and

specific regulatory requirements would undermine the institutional innovation

that is required to achieve the overall goal.

At this critical moment in the development of regimes to govern data, we must

pause to ask fundamental questions about the ideas and aims that should

underpin them. The American approach, guided by the principle of non-

discrimination, does not impose on institutions the obligation to transform

entrenched social inequalities through their decision-making procedures. In an

algorithmic society, in which decisions are ever more often made or informed by

algorithmic procedures, there is a risk that these structures of injustice are

reproduced on a vast scale that becomes ever harder to adjust. A giant form of

path dependency.

The Indian approach, guided by the principle of non-domination, holds that

decision-making procedures, in both private and public institutions, are the right

place to intervene to address structural injustice. Many difficult questions—about

the extent of the responsibilities that different institutions should bear—remain

unanswered and profoundly under-theorized.

But what the Indian approach makes clear is that a comprehensive approach to

governing data-driven decision-making cannot simply address issues of privacy.

Such an approach must confront intractable questions about the burdens of

pursuing political equality. After all, as Ambedkar argued, nothing less than the

future of democracy is at stake. This has never been truer than in a world in

which data-driven decision-making is pervasive.

216

217


Conclusion: Who Decides?

I would like to end by drawing attention to perhaps the most significant strength

of the Indian approach and the non-domination principle on which it rests. It

brings to the surface the politics of decision-making. It makes visible the

inevitable trade-offs involved in establishing a decision-making procedure. It

therefore forces us to confront the choices we have about the burdens we wish to

impose on institutions as they establish those decision-making procedures. It

forces us to ask what we wish to achieve and how.

This is an important strength in an algorithmic world. Too often, political choices

are buried in the technical details of decision-making procedures. In machine

learning, for instance, they are buried in choices about the construction of the

dataset, choices about the outcome of interest or target variable, or which

variables to include in the model. The risk is that a great many of the political

choices necessary in a democracy are buried in the technical decision-making

procedures of institutions, beyond the reach of legislative action and political

debate. The pursuit of justice is moved slowly but imperceptibly outside the

sphere of democratic politics.

Too often, political choices are buried in the

technical details of decision-making procedures.

Avoiding this outcome will require comprehensive legislation. That legislation

must not only set out the responsibilities of different institutions to address

structural injustice in their decision-making procedures. It must also take on an

even harder task: establishing the right institutional structure to enforce those

provisions. There is a difficult balance to be struck. Regulation should not aim to

specify precisely who has which burdens in every case; regulatory overreach can

stifle democracy, as well as protect it. Yet without regulation, there can be no

democratic oversight at all. This is not a tension specific to algorithmic decision-

making, but rather, one that characterizes the relationship between democracy

and the modern administrative state. But as ever, data and algorithms raise the

stakes.

The great strength of the non-domination principle is that it forces us to ask: Who

decides? The risk is that we pretend that nobody decides. In practice, this means

218


that institutions will decide unilaterally, often in secret and without public

oversight, which priorities and values to build into their decision-making

procedures. In the case of our example of the job recommendations tool, Google

and Facebook decide, without accountability, whether they wish to pursue

efficiency, fairness, or non-domination. With the right framework, Google and

Facebook may decide first, but their decisions would then be subject to

regulatory provisions. And those provisions would, in turn, be subject to the

oversight of democratic institutions.

As our societies make more and more important decisions using data,

democracies must make choices about how they wish to distribute the burdens of

pursuing justice. Ignoring these choices will simply narrow the possibilities of

political action, producing a kind of political atrophy, eroding the capacity of

citizens to govern themselves in democratic politics. To stimulate their thinking

as they confront these choices, democracies all over the world should draw on

the writings of B.R. Ambedkar and the provisions of the Constitution of India.

This Indian approach, founded on the principle of non-domination, can provide

an approach to governing data-driven decision-making that diverges from the

familiar provisions of late twentieth century Anglo-American liberalism.


Open Transit Data in India (Richard Abisla)

Richard Abisla is the Portfolio Manager, Americas at Caravan Studios, a division of

TechSoup.

Acknowledgments: The author extends sincere thanks to Kate Owens, Andrea Rizvi,

O.P. Agarwal, Charru Malhotra, Srinivas Kodali, Jackie Klopp, Catherine Hurd

Johnson, Marnie Webb, Niranjan Krishnamurthi, and to all those who provided

invaluable guidance and information for this project. The author is grateful to New

America, in particular, Awista Ayub, Melissa Salyk-Virk, and the 2019 India-US

Fellows, and to Caravan Studios and TechSoup for this opportunity. All errors and

omissions in this paper are the author’s alone. All information was accurate at the time

of submission/publication.

Introduction

Hundreds of millions of people worldwide rely on public transportation daily,

yet only a tiny proportion of those users have access to accurate information

about when their transport will arrive or where it is going. This lack of

information is not solely customer-facing: the majority of transit operators,

whether public or private, do not collect automated data that would allow them to

make more informed business decisions. This lack of data creates a vicious cycle

in which commuters, tired of wasting time as they wait for their bus or train,

abandon mass transit and seek lower-capacity vehicles, like taxis, rideshares,

two-wheelers, or autorickshaws, which increases congestion and air pollution.

Both transit riders and operators would benefit from access to data about public

transportation; on the user side, accurate information increases rider satisfaction

and ridership, while on the operator side, data can be used to improve offerings

and better meet the needs of local communities.

Technological innovation and the transparency movement have spurred and

spread the adoption of open transit data over the past 13 years. In 2006, the

creation of a worldwide open standard for transit data, the General Transit Feed

Specification (GTFS), provided an interoperable format for transit agencies of all

types and modalities to share data that can be displayed on mobile apps, or used

to create maps and schedules. A growing worldwide transparency movement,

demonstrated by the 2011 launch of the Open Government Partnership and the

institution of open data policies in the United States (2013), Britain (2010), and

India (2012), have provided frameworks and policy assurances that citizens can

access data collected by their governments. Despite the proliferation of

technological solutions that can promote mass transit ridership and satisfaction,

many countries lag in their adoption of open transit data, preventing their

219

220

221

222

223


residents from accessing readily available tools to use transit more efficiently,

save time, and reduce their dependence on lower-capacity vehicles.

This paper seeks to explain barriers to collecting, organizing, and sharing this

data in the Indian public transport context, and will provide four case studies of

transit data projects that are working to overcome these barriers. These

successful projects provide examples of stakeholder engagement that can be

replicated in other regions, such as Latin America, and countries where large

portions of the population depend on mass transit. The paper will examine

opportunities to include public transit data into existing data and transport

policies, and will investigate opportunities to increase capacity-building efforts so

that local transit authorities have adequate information to make decisions that

favor open transit data.

Methodology

In order to investigate transit data organization and publication in India, I

interviewed 40 people over the course of seven weeks and made site visits in

Delhi, Mumbai, Kochi, Bangalore, and Hyderabad. All interviewees have

participated in the Indian mass transit ecosystem by providing, studying,

innovating, or using public transit. The interviewees include representatives from

central, state, and local government, transit corporation employees,

representatives from civil society organizations, and academics; many are also

regular public transit riders. I reviewed the existing literature on open data and

transit data in India and examined the issue via local press coverage. The

objective of the four case studies that follow are to illuminate the different

environments and sets of stakeholders that have allowed these projects to

develop and garner support within local government and transit corporations.

Case Studies

Kochi: NGO leadership and resources together with a forward-thinking government

In March of 2018, Kochi Metro Rail Limited (KMRL) was heralded as the first

metro agency in India to open its data by publishing their GTFS feed on their

website. KMRL’s open feed was developed with assistance from the World

Resources Institute (WRI), a global research organization active throughout India

that works to “turn big ideas into action at the nexus of environment, economic

opportunity, and human well-being.” Kochi had initially approached WRI for

help with their open data, and WRI was able to lend significant mentoring and

technical assistance to KMRL staff. KMRL publishes a static GTFS feed,

which, in their case, is as good as real time data due to vehicle management

software that ensures trains run on schedule.

224

225 226


KMRL, despite only operating the metro, currently acts as an interim Unified

Metropolitan Transport Authority, leading other transportation modalities to

organize and share their data. Other stakeholders include private bus operators, a

network of 15,000 autorickshaw drivers, and the Rajagiri School of Engineering

and Technology (RSET). RSET is developing a data dashboard for KMRL,

allowing the agency to analyze their data in more sophisticated ways. This will

become increasingly important—and useful—as open data practices spread to

other modalities in the Kochi transportation ecosystem. KMRL has helped to

organize 950 privately-operated buses that are under contract from the

government of the State of Kerala. These bus owners have been organized into

seven companies that have agreed to have GPS devices installed on their buses

and pay for monthly maintenance. The 450 government-owned and operated

buses do not yet have GPS installed, as they have yet to go through the required

procurement process for the GPS devices. KMRL was also a key player in

organizing a cooperative of 15,000 autorickshaw drivers that will engage in a

variety of activities focused on drivers’ welfare and economic success. Most

notably, the cooperative will begin offering transportation to Metro stations on a

ticketed basis, and will develop a mobile application that will provide on-demand

access to members that utilize the GPS installed in their fare boxes. KMRL

officials note that organizing the bus companies into clusters and helping with the

organization of the 15,000 autorickshaw drivers into a cooperative have been the

most challenging parts of the project.

In order to provide arrival data for transit riders, Kochi has partnered with the

Chalo mobile application to display metro, ferry, and bus data, and will soon

add autorickshaws. Chalo has over 50,000 downloads and over 7,000 daily

users, a modest amount for a city of over 2 million people. Because Kochi’s

data is “open,” or hosted online and available for use, Kochi’s transit system is

also displayed in Google Maps, which has over 1 billion active monthly users

worldwide. As more buses and ferries are added to the GTFS feed, more

developers may elect to build products using the feed. Access to the static GTFS

files are free, and a link to the files are sent to the requestor’s email after inputting

a name and email address.

Kochi officials have a clear vision that promoting ease of access to public

transportation, such as providing first and last mile connectivity to metro stations

and providing access to digital schedules and journey planners will both increase

equity and improve environmental outcomes. KMRL officials have noted that if

transit is faster and cheaper, poorer residents will have more economic

opportunities and more disposable income, which can lead to better

opportunities for their children and a better quality of life for families. This

equity lens is unsurprising considering Kerala’s communist-leaning governance

history. In a similar vein, the Kerala Minister for Transport has publicly noted

that the shift of commuters to private, lower capacity vehicles are increasing

pollution, traffic, and accidents. Retaining transit riders, and creating new

227

228

229

230

231

232


ones, is key to addressing these concerns. Additionally, the Kochi Smart Cities

mission shares administration with KMRL, resulting in a close relationship that

has also influenced KMRL’s commitment to open data.

Delhi: Political will and academic leadership

In November of 2018, Delhi became the first city in India to provide static and

real-time bus data feeds. Delhi’s bus open transit data project was initiated in

2016, with the formation of an advisory committee that included a broad swath

of stakeholders in the urban mobility space, including government officials, the

Delhi Transport Commissioner, staff from both Delhi bus corporations,

university professors, and industry representatives, like Google, and ride-hailing

companies Uber and Ola. The Committee was a joint initiative of the

Indraprastha Institute of Information Technology Delhi (IIITD) and the Delhi

government, which is run by the Aam Aadmi Party, a new party that won on an

anti-corruption platform and had made campaign promises to improve life in

Delhi. As a result of the committee’s work, the Delhi Government signed a

memorandum of understanding with IIITD to build a portal to share real time

information publicly. IIITD, working with a group of student interns, unveiled a

portal after five months. Both static and real-time GTFS feeds are available on

the open transit data portal after a simple registration that includes contact

information and explanation of the intended purpose of accessing the data use.

The Delhi GTFS feeds currently include the 1,700 buses that are under the

control of the Delhi Integrated Multi-Modal System (DIMTS), a joint venture of

the Delhi National Capital Territory Government and the IDFC Foundation.

Known as “cluster buses,” these orange buses are monitored by DIMTS, who also

manages the contracts with individual private bus operators. All cluster buses

have GPS installed, which allows them to be monitored from a central control

center. Presently, only DIMTS-administered buses feed real-time data into the

control center and the GTFS Real Time feed, as the remaining 3,800 buses

managed by the Delhi Transport Company (DTC) are not currently participating

due to broken or missing GPS devices.

DIMTS has developed a proprietary transit application, PoochhO. In addition

to arrival times for the 1,700 cluster buses, PoochhO estimates bus seat

availability on buses and provides proximity and contact information for nearby

autorickshaw drivers. Both DIMTS and DTC buses are visible on Google Maps,

with cluster buses providing real-time information and DTC buses offering

schedule data. However, Delhi’s bus data will be of limited use until the entire

bus system’s data is available.

Barriers in the Delhi data project include funding constraints and nonfunctional

or missing GPS units on the fleet of 3,800 DTC buses. Initially, limited

knowledge of open data practices posed a challenge, but the strong partnership

with IITD helped Delhi overcome this challenge. Furthermore, the partnership

233

234

235

236

237

238

239

240

241


allowed the project to succeed without a large financial investment. One of the

project’s biggest successes has been cultivating buy-in from the Delhi local

government, the Department of Transportation, and DIMTS. And, now that the

data is online and open data activists are able to use it for their own analyses.

Bangalore: Academic influence, strong activism, and press coverage

Despite publicly announcing in 2017 that open bus data would be released

imminently, as of early 2019 Bangalore has not published open static nor real-

time GTFS feeds. Early excitement and positive press coverage of Bangalore

Municipal Transportation Corporation’s (BMTC) open data commitment has

transformed into frustration for many civil society stakeholders, including local

tech workers who use a higher tier, yet still public, level of service known as “AC

buses.” These are commuters who may shift to lower capacity vehicles when

they are left waiting at the bus stop too long, adding to congestion and air

pollution. A major fear of BMTC officials is that providing data on the AC bus

lines, which are profitable, would open up those lines to competition from

ridesharing companies Uber and Ola, reducing ridership and revenue.

Another challenge has been buy-in from leadership at BMTC. In 2016, BMTC’s

Managing Director supported open data, but soon left the organization, and her

replacement wanted to monetize the data. This monetization push is a central

barrier to open data provision in Bangalore, as BMTC has struggled to find

financial resources to support the creation of both static and real-time GTFS

feeds. Central to the desire to monetize the data is the reality that BMTC receives

little in the way of subsidies from the Karnataka state government, and is run

more like a for-profit business than a public service. However, many civil

society actors and activists take exception to this line of thinking, strongly

maintaining that mobility is a right and should be supported by the state

government. These activist voices have been highlighted in the local press, and

have provided positive pressure on BMTC leadership to make data available to

riders.

In September 2018, a new IT Director took charge at BMTC and began to actively

engage with civil society stakeholders. She began working with local NGOs to

organize a static GTFS feed, often the first step to getting more useful real-time

data. Working with the NGO Fields of View in a voluntary capacity allowed

BMTC to experiment with GTFS without incurring costs or undergoing lengthy

procurement processes, both of which could have derailed the project. The

new BMTC leadership reports that they are committed to providing open transit

data, and are actively trying to figure out how they can work with civil society and

academia to organize and provide the data. While BMTC does provide their own

proprietary mobile application, usage rates and user satisfaction are low.

Bangalore’s vibrant stakeholder community continuously advocates for open

data, putting pressure on BMTC to address the demand and need for open data.

242

243 244

245

246

247

248

249

250

251

252

253 254


Central to the stakeholder community are academics like Dr. S. Rajagopalan of

the International Institute of Information Technology-Bangalore, who served on

BMTC advisory committees to help select Intelligent Transportation Systems

(ITS), which include the GPS devices and bus management software that can be

used to create real-time GTFS feeds. BMTC adopted an ITS in 2016, and now

every bus has GPS and can be monitored from a central control center. Dr.

Rajagopalan also helped to create BMTC’s draft Data Sharing Policy, which has

yet to be formally adopted. The policy is based on both the National Data

Sharing and Accessibility Policy and Transport for London’s Open Data Policy.

The Data Sharing Policy supports opening transit data for use by urban planners,

educational institutions, businesses, transportation companies, and trip planning

websites and portals. In addition to academics like Dr. Rajagopalan, the

involvement of activist groups like DataMeet and Bangaluru Bus Prayaanikara

Vedike (Bangalore Bus Commuters Forum), coupled with interest from the

local press, have elevated the conversation in Bangalore and put public pressure

on BMTC. While these groups are not solely focused on bus data, they do make

arguments in favor of better trip planning and for using the data to understand

how bus routes provide access to jobs and other resources from across the

socioeconomic spectrum. In particular, groups like the Bangaluru Bus

Prayaanikara Vedike are interested in making sure that lower-revenue bus lines

that go to poorer areas are not terminated.

Hyderabad: State open data policy leading the way

In 2016, the Telangana State Government unveiled a state open data policy based

upon the National Data Sharing and Accessibility Policy (NDSAP), becoming the

second state in India to adopt an open data policy. The policy provides clear

directives to state government departments to open up non-sensitive datasets,

going as far as saying that “opening up the government is the new world order.”

The policy indicates that datasets should be in “human readable and machine

readable formats, using open standards, and under open license.” The creation

of Telangana as a new state after splitting from Andhra Pradesh in 2014 provided

a special opportunity for the government to reflect on their practices, and “it was

realized that a lot of government decisions were not data-driven.” Leadership

from top state ministries have paved the way for Telangana state services,

including the Telangana State Road Transport Corporation (TSRTC), to

implement open data using open standards.

In order to organize GTFS feeds of TSRTC buses that provide services to

Hyderabad, the state capital, the Telangana government is working with both

WRI and Factly, a local startup that focuses on creating platforms and

infrastructure to support open data and “strengthen democracy through

engagement.” Factly and WRI will create static GTFS feeds for both TSRTC

buses and the Hyderabad Metro Rail Limited (HMRL). The first step in

organizing the TSRTC data was to identify all bus stops by their latitude and

255

256

257

258

259

260

261

262

263

264

265

266

267


longitude coordinates; this was done by combining several data sets that had

been compiled over several years from multiple civil society actors, including

Hyderabad Urban Lab, Engineers Without Borders, Mufkhamjah College of

Engineering and Technology, Shakti Sustainable Development Foundation, and

WRI. From these multiple efforts, more than 8,000 bus stops were mapped,

more than twice the number of actual bus stops.

Factly and WRI designed a process to validate the bus stop data so that it can be

used as a basis for a static GTFS feed. First, spelling inaccuracies had to be

corrected and geo-locations had to be cross-checked, with names assigned to the

GPS coordinates of the 3,900 bus stops. A developer hired by WRI built a fuzzy

mapping algorithm to check and de-duplicate this data, which was then sent to

TSRTC to be verified and audited manually . The verification process has taken

over two months, and is still ongoing as of March 2019. Once complete, TSRTC

will update schedule data, and Factly and WRI will create the GTFS feed, as well

as a mechanism that TSRTC staff can use to make future changes in schedules

and routes. Once completed, the data will be ready to be shared in the public

domain.

Thanks to buy-in from top state officials there has been little staff resistance to

organizing the GTFS feed. The main barriers have been a lack of validated

information and a glut of bus stop information, which have been solved through

both machine and human validation processes. TSRTC buses do not currently

have GPS devices installed, so there are no immediate plans to organize a real-

time GTFS feed. However, the involvement of Factly and WRI certainly bodes

well for future developments, should TSRTC endeavor to install GPS devices on

their vehicles.

Figure 1: Table of public transit data for case study locations in India

City Population* Metro: Static Metro: Real Time Bus: Static Bus: Real Time

Kochi 2.81M Yes, open No, in process No Partially, closed

Delhi 28.1M Yes, closed Yes, closed Yes, open Partially, open

Bangalore 11.25M Yes, closed Yes, closed In process Under negotiation

Hyderabad 9.58M Yes, closed Yes, closed In process No

* Demographia World Urban Areas,” Demographia, April 2019, accessed March

10, 2019, http://www.demographia.com/db-worldua.pdf

268

269

270

271

272


Case Study Discussion

Stakeholder Engagement

These case studies illustrate the importance of vocal stakeholders, local

leadership, and progressive policy. In each city, local champions have emerged

from civil society or from within the transit corporation to help lead and shepherd

the projects. In Kochi, Bangalore, and Delhi, NGOs or academic institutions have

provided labor and technological resources for free or at a very low cost, helping

authorities avoid lengthy procurement processes and finding money in already

stretched budgets. In Bangalore and Delhi, academics played key roles in

influencing city officials to move towards open data, educating officials on the

benefits of open data and open standards like GTFS. Both Delhi and Kochi

benefitted from political leadership who wanted to show positive change in

government services and to increase transparency. In Bangalore, a well-

organized civil society is clamoring for transit data, and has the ear of the local

press. In Hyderabad, barriers experienced by other cities, such as lack of political

will, interest, or budget, have been roundly avoided by the implementation of a

state-wide open data policy. These examples show how the leadership of civil

society can be a powerful tool in embracing open transit data, and how important

of an official state policy it can be with financial resources behind it.

Uses of Open Data

Once data is open and available, agencies can use it to understand their systems

and improve their offerings. Transit data can be overlaid with other geospatial

data, including population density and housing development, job availability,

and employment and education centers. In Hyderabad, transit data has been

used to show that public transportation options are “infrequent or nearly absent”

in the areas of the city where residents are least likely to own or have access to

private vehicles, and that they are missing near the city’s slums. This analysis

of publicly available data shows how transit can be an economic development

tool that can break the cycle of poverty. Lack of access to public transportation

excludes certain portions of the population from opportunities, making their

lives more difficult and expensive, and keeping them in poverty.

Open Transit Data: Not a universal solution

While providing transit data is critical to improving the rider experience, it is not

a panacea to solve all transit-related ills. In many cases, comprehensive bus

reform is needed to provide drastic improvements in markets where ridership is

declining, rider satisfaction is low, and entrenched problems seem

insurmountable. In Delhi, it is the poor who are most dependent on cheap

public transportation, yet they spend 25-30 percent of their income on moving

273

274

275


around the city. Simply providing these transit riders with more information

about when the bus is coming may make their commute less frustrating, but the

majority of Delhi’s bus riders do not have the purchasing power to switch to

another modality if they get tired of waiting. Rather, they will wait for the bus

as long as they have to,however crowded it may be. For these riders, knowing

when the bus is coming might not be the biggest change they’d request from their

transit operator; given the choice, they would probably prioritize more vehicles,

more frequent departures, and cheaper fares over digital signage or a

smartphone app that communicates arrival times.

Transit Data: Open best, closed still good

It is also important to note that transit data does not need to be “open,” or

publicly available online for free in order to be used for analysis or trip planning.

Many agencies choose to organize a GTFS feed, but keep it closed for their own

internal analysis and to provide a proprietary mobile or web applications that

riders can use to access schedules and trip planners. Transit riders are then only

able to use the proprietary application, which provides one point of failure and

may be of lower quality than other transit applications. One reason for varying

quality is that several of the top transit applications, such as Google Maps and

Moovit, are private companies that have invested multiple millions of dollars in

their products. It makes sense that the user experience, design, and performance

of these applications would be superior to an application created by a city transit

agency, no matter the talent and skills of the in-house developers. Additionally,

there is little need to reinvent the wheel of building an in-house transit

application when publishing a GTFS feed online allows consumers to access

multiple applications. It is important to note that smartphone applications are not

the only option to provide transit data to consumers, and transit data can be used

to create resources like maps and timetables, as well as text or voice-based

applications for feature phone users. While open data allows for customers to use

more products and researchers to perform more analyses, the first goal should be

providing access in order to promote ridership, whether the data itself is open or

not.

Suggested Policy Interventions

Despite strong research that shows the benefits of transit data to riders and

operators, and organized civil society that clamors for access, too many local

governments lag in their provision of data to their communities. What follows are

recommendations for policy and capacity building interventions that could help

cities provide useful data, thereby promoting the use of mass transit.

National Data Sharing and Accessibility Policy

276

277

278


There are several opportunities to weave transit data into existing policies. First,

the National Data Sharing and Accessibility Policy (NDSAP) was implemented in

March 2012, and soon thereafter the Open Government Data Platform India

was launched. Despite the NDSAP setting clear expectations for all

government agencies to share data in an online format for use by civil society, the

policy is not mandatory, and only provides guidelines to central government

agencies, and not to state or city government agencies. In India, cities have a

much closer relationship to the state government than the central government,

and city services are often managed by the state government. For this reason, the

most effective way to influence urban policy is to influence state policy.

State Open Data Policies

The case of Telangana shows that adapting the NDSAP into state policy provides

a clear pathway for open transit data. According to the Centre for Budget and

Governance Accountability, as of August 2018, only five of 29 states have

instituted their own state-level policy that corresponds to NDSAP or have

adopted the NDSAP as state policy. While enforcement might be difficult to

ensure, given that the national policy itself lacks enforcement mechanisms,

expressly including transit data in state open data plans provides clear

expectations to cities that transit data be open and freely available. Codifying

these expectations into state-level policy will also strengthen the position of both

transit activists (like commuters’ groups) and open data organizations and

activists (like DataMeet), giving them a policy to refer to as they work to hold

local governments and transit operators accountable.

Local, Transit-Specific Open Data Policies

In the absence of a state policy, local, transit-specific open data policies, such as

BMTC’s draft policy, would provide a pathway for cities to embrace open data

without the express support of the state government. Such policies have the

potential to provide leadership from below, and could lead to a visible “win”

that could demonstrate the value of open data to the lives of everyday residents.

Releasing transit data on an open standard like GTFS provides the benefit of

harnessing the imagination and brainpower of many actors, such as the robust

developer and startup community. GTFS also enjoys strong support and interest

from civil society, including academics, and large multilateral institutions. Even

those who don’t necessarily support GTFS, like Rajarshi Sahai, the former India

country manager for transit app startup TRAFI, believe in localized policy:

“Policy must evolve out of unique experiences of each city than following

templates/exemplars.” Codifying open transit data into local public policies

would have the dual impact of supporting commuters and transit riders and

supplying the potential to spread open data practices amongst all levels of

government.

279

280

281

282

283

284

285


Smart Cities Mission

Transit data could also be couched in existing, and future, Smart Cities policies

and projects. Transit on the whole is a focus of the burgeoning Smart Cities

movement in India. The focus is to support “urban development through

capacity building, research, service, and infrastructure innovations and citizen

engagement,” and the central government is actively working with State-level

departments and agencies to implement Smart Cities programs. A key

opportunity to spread the technology tools key to creating open GTFS feeds is the

National Urban Innovation Stack (NUIS), a platform to share cloud-based

technology services amongst all participating Smart Cities. The NUIS could

easily include GTFS creators and management software, in addition to targeted

training on open data practices. The NUIS is well positioned to include existing

data creation tools, like scripts that convert a city’s transit data from KML or

JSON files into GTFS, and GTFS management software. The monetary savings of

providing this software centrally would be significant, and would immediately

provide tools to 100 cities that would encourage and enable them to organize and

publish their transit data. This would also contribute to creating a “culture of

data” that other cities, such as Medellín, Colombia, have found useful in

becoming more data-driven. Cities that have invested public funds into

developing their own mobile apps could choose to share the source code of these

applications, resulting in further savings for cities that want to provide

proprietary mobile apps.

National Urban Transport Policy

Lastly, transportation policy itself provides an avenue to compel state and city

governments to organize and provide transit data. In the context of rapid urban

growth, the Government of India instituted the National Urban Transport Policy

(NUTP) in 2006, and updated it in 2014. A main tenet of the policy is to

encourage residents to use public and non-motorized modes through offering

financial assistance to state government agencies, as well as providing leadership

in order to “guide State-level action plans within an overall framework.” The

plan acknowledges that state-level policy and laws are the way to improve urban

transport, and provides significant financial resources for states to plan and

implement public transportation systems. While the NUTP does not explicitly

mention open transit data, it does encourage the installation of GPS devices on

buses, which make it possible to provide GTFS-Real Time data. A customer-

facing data provision that ensures transit riders have access to scheduled and

real-time information in a digital format would work towards the ultimate goal of

reducing the number of cars on the road, lessening congestion and air pollution.

Significantly, the NUTP recommends that each city with more than one million

inhabitants set up a Unified Metropolitan Transport Authorities (UMTA).

These agencies will be charged with integrating different transportation

modalities – such as bus, metro trains, and autorickshaws. A key benefit will be

286

287

288

289 290

291

292


the coordination amongst the agencies, solving problems like a bus stop that is

200 meters from the Metro entrance, or a bus line running along the same route

as the metro. UMTAs can support open data by setting standards around data

provision and publication, and by requiring all public transportation providers in

the metropolitan area to make data available. When systems are fully integrated,

it may be possible that some services that make money may subsidize services

that are not profitable.

Capacity Building

Alongside policy, stakeholders agree that capacity building amongst local transit

corporation staff could have an enormous impact on the provision of open transit

data. Capacity building should focus on the dual audiences of decision-makers,

who will engage with cost-benefit analyses and budget considerations, and

technical staff, who will create, manage, and maintain GTFS feeds. O.P. Agarwal,

the CEO of WRI India, believes that officials want to do the right thing, but often

don’t have a good understanding of what open data means and entails, despite

the phrase being a popular buzzword. Helping leaders understand open data,

the required effort and cost to convert existing data to open data, and the benefits

to ridership, revenue, and rider satisfaction would help these staff to make more

informed decisions that would benefit riders. Likewise, more technical

training and capacity building is needed, as some IT staff lack the knowledge to

build an API to provide their data, and others are uninterested in providing data

to startups or end users. Strong policy, however, will provide both the incentive

and reason for capacity building, and will provide a nationwide goal of transit

data provision.

The Smart Cities Mission provides an excellent opportunity to include capacity

building around open transit data, due to the existing inclusion of both urban

mobility as a thematic priority, and a capacity-building mechanism. The new

National Urban Learning Portal will provide an online portal for city officials to

participate in ongoing trainings relevant to Smart Cities. Providing a structure

for local officials to participate in centrally-endorsed training programs is a good

start to spreading good open data practices. As part of the Smart Cities mission,

every city has a Chief Data Officer, who could act as a key resource for city staff

who are deputized to organize and publish public data. Mobilizing existing

resources to help promote open transit data would be relatively low-cost, yet

could easily impact hundreds of millions of people.

Lastly, many sources have noted that there are few national convenings that

bring together decision-makers from transit corporations, government officials,

NGO representatives, activists, and community groups to discuss and learn

about these issues. A forum for all stakeholders could help spur innovation and

operationalize some of the research and innovation into the mass transit systems.

293

294

295

296

297

298

299

300


These events provide space for each stakeholder group to understand the

needs and challenges of the other, and to start to address issues and challenges

together. As one Delhi transit official shared, the more minds there are involved

in solving a problem, the better the ideas.

Conclusion

In the absence of a central policy or law with clear flow-down requirements to

states and clear enforcement mechanisms, transit data provision will continue to

be ad hoc and dependent on civil society’s leadership and resources. In

conversation with several transit authority leaders, it became clear that central

policies with clear incentives and enforcement mechanisms would spur local

transit providers to organize and publish transit data. One official highlighted the

importance of buy-in from the highest level of public hierarchies, stating that

“water can only be poured from the top.” Funding should not be overlooked as

part of the policy push, as many civil society groups become involved in open

transit data due to financial constraints within the public transit corporation.

These NGOs are often able to marshal their own resources, or use related grant

funding, to perform tasks that ideally would be the responsibility of the local

transit corporation. Capacity building efforts that dovetail with existing

government programs can help to socialize information about open data and

build comfort and interest amongst both decision-makers and technical staff who

will implement open data practices in their organizations.

In order to promote public transit usage and better

transit systems in general, cities should invest in

transit data.

This paper provides suggestions on amendments to existing policies to include

open transit data, proposals on capacity building provision, and technology tools

geared to state and city transportation corporations. While civil society has

proven to be effective in engaging stakeholders and guiding transit corporations

towards understanding the value of open transit data, policy interventions would

help to shift the responsibility from NGOs, civic hackers, commuter’s groups, and

universities to the government agencies themselves. And while NGOs do a great

job spurring transit agencies to adopt open data practices, it is not feasible for

them to act as the back office for transit agencies in perpetuity. In order to

301

302

303

304

305


promote public transit usage and better transit systems in general, cities should

invest in transit data. Not only will this increase rider satisfaction, ridership, and

revenue, but it will decrease congestion and pollution, bettering the quality of

life for residents of Indian cities, and cities worldwide.

306


Blockchain Regulation in the United States:Evaluating the overall approach to virtual assetregulation (Tanvi Ratna)

Tanvi Ratna is a policy analyst and engineer, managing blockchain projects with a

leading global consulting firm, based in India. She helped design the blockchain policy

framework of the Government of Karnataka, home to India's Silicon Valley, and helps

advise the central government in India on blockchain regulation. Her research focuses

on designing effective regulatory frameworks for blockchain.

Introduction

Blockchain technology and cryptocurrencies have received more hype and

regulatory attention than perhaps any other emerging technology in recent times.

There are both private blockchains, where access to the network is permissioned,

and public blockchains, where access is open. Public blockchains are powered by

virtual currencies or cryptocurrencies. They are different from Distributed

Ledger Technology (DLT), in that they have a consensus layer powered by

cryptography, and the whole system sustains itself with an incentive structure,

which is the cryptocurrency. Blockchain, for the purposes of this paper, primarily

refers to public blockchains unless otherwise specified, as the bulk of the

regulatory and policy focus has been around public blockchains.

Blockchain offers a highly compelling case of futuristic regulation and the ability

of governments to cope with rapid technological developments for the following

reasons:

• Technology with in-built economic model: Public blockchains are

different from other technological innovations so far, in the sense that

they are more than just a technology, but also more than just a currency or

financial instrument. Blockchains are networks with an unorthodox peer-

to-peer economic model. This makes it difficult to define a policy

precedent or approach.

• Multi-faceted and global instrument: Cryptocurrencies can behave as a

currency or equity, they are global by nature, and cut across the fields of

technology, finance, and business. Traditionally, all these aspects of

economic behavior are regulated in silos.

• Paradigm shift for society and business models: Because of their

networked and peer-to-peer nature, blockchains can reorganize existing


silos in systems and processes, and have far reaching effects on existing

social, business and governance structures.

Blockchain is an interesting test of how governments cope with emerging

paradigms, as it is a challenge to traditional mindsets and systems across the

board. As phrased in a recent report by Don Tapscott, the challenge is to create a

regulatory environment that “simultaneously protects investors and consumers,

sustains innovation, grows the economy, and cultivates a new kind of society.”

This study is a brief survey of regulatory actions and capacity building efforts

undertaken by different agencies of the U.S. federal government towards

cryptocurrencies and blockchain technology, and some perspectives from the

ecosystem and state government levels. The aim of this study is to assess the

overall government strategy being adopted towards this technology in the United

States.

The Overall Approach to Blockchain Regulation in the United States

The definition of cryptocurrencies is still an evolving debate in the United States,

with many calls for over-arching definitions and clarifications. Even at the time of

publication of this paper, a taxonomy act had been introduced in the U.S.

Congress to address this precise issue. The government, at least at the level of

federal financial regulators, applies the following system of classification towards

cryptocurrencies, or their preferred moniker the “digital asset.”

307

308


Figure 1: Classification of Virtual Assets by U.S. Financial Regulators

Source: Multiple officials, U.S. Department of Treasury, personal interviews, Feb.

2019, Washington, D.C.

There are many other agencies involved, outside of the three major regulators,

even at the federal level. These include the U.S. Congress, which has a

Blockchain Caucus; criminal enforcement agencies such as the FBI, Department

of Justice, and Homeland Security; and a host of inter-departmental task forces.

For the purpose of this study, we explore in some detail the actions of the three

major regulators who are the main drivers of activity, as well as some

perspectives from the ecosystem and state government levels.

Activity by Major Federal Regulators

Securities and Exchange Commission (SEC)

The SEC has been one of the two most active agencies on cryptocurrency

regulation in the United States; the other being the Commodity Futures Trading

Commission (CFTC), which will be discussed later. The SEC is not one of the first

agencies to begin regulating but it became more active with the growth of Initial

Coin Offerings (ICOs) and security issue related activity in the blockchain


ecosystem around 2016. The SEC views (some) virtual assets as securities, and

recently issued guidance to that effect.

Regulatory Action: From 2014 to 2017, the SEC was cautious of

cryptocurrencies. From 2013 to 2014, the agency issued investor alerts on Ponzi

schemes and fraudulent activities in virtual currencies. The focus was on

investor education and fraud prevention.

The DAO hack of 2016 was a major turning point in shifting the attention of

the SEC towards the classification of cryptocurrencies into securities and non-

securities. In 2017, the SEC issued an in-depth investigative report definitively

classifying the DAO as a security. This spurred intense deliberation globally on

security vs. utility tokens, and different countries such as Switzerland, Singapore,

South Korea issued classification frameworks.

ICOs proliferated in 2017-2018 and the cryptocurrency market reached some of

its highest valuations by the end of 2017. In the wake of concerns about scams

and an unregulated ICO market, the SEC undertook heavy enforcement action in

Feb 2018. Over 80 firms that had undertaken ICO offerings were subpoenaed.

In 2018-20119 the explorations of asset classes deepened with the submission of

proposals to launch a Bitcoin exchange traded fund (ETF) to boost institutional

investment. The SEC rejected nine of these proposals. Some major decisions on

new submissions are expected in 2019.

On April 3, 2019 the SEC released its most definitive guidance to date, providing a

framework for identifying whether a token was an investment contract or not.

The SEC has now set a precedent of issuing “no-action letters” to startups after

studying their business models. The no action letter lays out conditions to be met

and serves as an assurance of no action by the SEC against the startup, for the

actions it has disclosed in its application. The SEC issued its first “no-action

letter” after 11 months of deliberation and discussion with the Florida-based

startup, TurnKey Jet, Inc. after examining it through the Howey Test, and

deciding that their token offering was not a security, but closer to crypto-based

store credit.

Capacity Development: The first in-depth activity by the SEC on blockchain

was the DAO investigation in 2016, and they have been steadily increasing their

capacity on the subject ever since. In January 2018, Hester Peirce, a leading

champion of blockchain technology, was appointed as one of the five

Commissioners of the SEC. The agency already had active working groups

looking at the technology, such as the distributed ledger working group.

In June 2018, a new senior advisory position was created at the SEC to coordinate

efforts across all SEC divisions and offices regarding the application of U.S.

securities laws to emerging digital asset technologies and innovations, including

309

310

311

312

313

314

315

316


initial coin offerings and cryptocurrencies. Valerie Szczepanik was appointed to

this role.

Similar to the model of LabCFTC, in October 2018 the SEC set up a dedicated

team, called the Strategic Hub for Innovation and Financial Technology (Fintech

Finhub), with a sizeable staff to serve as the focal point for tracking and

interacting with fintech issues and innovators. The Finhub is also in the process

of hiring a crypto securities lawyer at the time of this writing.

Commodity Futures Trading Commission (CFTC)

The CFTC has been one of the two most active federal agencies in the regulation

of cryptocurrencies. It is also widely considered to be the most supportive of the

innovation.

Virtual currencies have been determined to be commodities by the CFTC under

the Commodity Exchange Act. While its regulatory oversight authority over

commodity cash markets is limited, it maintains general anti-fraud and

manipulation enforcement authority over virtual currency cash markets as a

commodity in interstate commerce.

Regulatory Action: The CFTC adopts and advocates for a “light touch”

approach towards cryptocurrencies. It refrained from issuing any directives or

taking any enforcement action until late 2018.

During peaking bitcoin prices, ICOs, and an SEC crackdown, the CFTC also

undertook enforcement actions from early 2018. It issued a first full ban for

fraudulent trading activity to the company CabbageTech in August 2018, and

issued the arrest of a cryptocurrency trader for fraud in November 2018.

Capacity Building: The CFTC has been quick to embrace the incoming

changes brought about by a host of emerging technologies, including blockchain

and machine learning, and focuses on staying on top of developments and

innovating its own processes.

In 2017, they pioneered a forward-looking regulatory model with the launch of

LabCFTC, a focal point to make the CFTC more accessible to fintech innovators

and serve as a platform to inform the Commission's understanding of new

technologies. The lab aims to promote responsible FinTech innovation to

improve the quality, resiliency, and competitiveness of U.S. markets, and to

accelerate CFTC engagement with fintech and regtech solutions.

The lab has grown to a six-member core team with law and technology

backgrounds and serves as an internal platform and think tank for the CFTC. It is

structured in a hub and spoke model, with staff from operating divisions who

serve as subject matter experts. LabCFTC has an open door policy and pursues

active engagement with the startup and stakeholder community including

317

318

319

320

321

322

323


through hosting office hours in cities across the U.S. It also has international

partnerships with governments in the United Kingdom, Australia, and Singapore.

In 2017, the Agency launched a podcast series, the first of its kind for a

government regulator, to educate consumers and bring in wider perspectives

from government, private sector, and civil society on a range of topics, including

FinTech. Over five podcasts, four consumer advisories, and two primers were

released by the CFTC LabCFTC, and the Office of Customer Education and

Outreach on the topics of cryptocurrencies and smart contracts between 2017

and 2018. The lab recently issued a Request for Information on Ether in order

to help inform the Agency on aspects of crypto-asset markets and mechanics.

The U.S. Department of the Treasury

The U.S. Department of the Treasury and its associated agencies play a host of

important roles in setting the direction and coordination on digital asset

regulation.

The U.S. Treasury has been looking into cryptocurrencies through its own

divisions, the most visible of which have been three of its specialized agencies:

the Internal Revenue Service (IRS), Financial Crimes Enforcement Network

(FinCEN), and the Office of Foreign Assets Control (OFAC). The Treasury and

their agencies look at virtual assets in their role as a currency, though as an

exception, the IRS define them as property for tax purposes.

Financial Crimes Enforcement Network (FinCEN) and Office of Foreign

Assets Control (OFAC)

One of the most active areas of guidance and enforcement by the Treasury has

been around anti-money laundering (AML), know your customer (KYC), and

Counter Terrorism Financing and Sanctions.

With a mandate to safeguard the U.S. financial system from illicit use and combat

money laundering, the FinCEN was one of the first regulators to become active

on cryptocurrencies in the United States. As early as 2013, the FinCEN issued

guidance that virtual currency exchangers and administrators would be

considered money transmission businesses (MSBs). In a letter to Congress in

2018, FinCEN reiterated that stance with clarifications regarding who would be

required to comply.

As a result, virtual currency exchangers and administrators are required to

register with the FinCEN, comply with existing AML/KYC requirements, and the

Bank Secrecy Act (BSA), including suspicious activity reports (SARs) and

currency transaction reports (CTRs).

324

325

326

327

328


As of 2018, there are approximately 100 virtual currency exchangers and

administrators that have registered as MSBs with FinCEN. FinCEN has

examined one third of these MSBs and has brought several enforcement actions.

In 2018, FinCEN and OFAC both released guidance on virtual currencies

compliance with sanctions on Iran. OFAC added a set of blacklisted digital

currency addresses to their Specially Designated Nationals And Blocked Persons

(SDN) list.

Internal Revenue Service (IRS)

In 2014, the IRS issued Notice 2014-21 in the form of FAQs to describe how

existing tax principles would apply to transactions using virtual currencies. In

this notice, the IRS stated that virtual currencies would be treated as property for

federal tax purposes and provided some information on taxation for some

activities such as mining, self-employment, contracting, and third party

settlement. However, the technology has matured significantly since then,

leaving many questions still unanswered. There have been an increasing number

of calls from the community, from lawyers, and even from Congress for the

IRS to issue updated information and clearer guidelines.

Capacity Building: There are two aspects of capacity building in the Treasury:

one, at the level of coordination of overall financial regulation; and two, in terms

of internal capacity.

At a high level, the Treasury Secretary has the authority to convene all financial

regulators. Through the Financial Stability Oversight Council (FSOC), a working

group on digital assets was convened in 2017. It was comprised of several

regulators, including the SEC, CFTC, the Consumer Financial Protection Board

(CFPB), the Federal Reserve, the Office of the Comptroller of the Currency

(OCC). After 18 months of deliberation over new technologies, including

blockchain, the FSOC came out with a seminal report on recommendations for

FinTech in general, which included aspects such as the streamlining of state and

federal money transmission laws and experimentation with regulatory

sandboxes. In recent remarks, a senior official also said the Treasury supported

the idea of a federal charter for streamlining regulation.

The Treasury leads the FSOC digital asset working group and the Treasury and

FinCEN participate in a host of inter-agency working groups such as the FBI-led

Virtual Currency Emerging Threats Working Group, the FDIC-led Cyber Fraud

Working Group, and the Terrorist Financing and Financial Crimes-led Treasury

Cyber Working Group. These groups provide a consistent platform for capacity

building and exchange amongst U.S. financial regulators on blockchain and

virtual assets.

329

330

331

332 333

334

335

336


Unlike the other agencies, the FinCEN does not have a public-facing focal point

of contact for the blockchain community. It does, however, have a network of

dedicated officers for virtual currency in its relevant offices and bureaus, such as

the Office of Terrorist Financing and Financial Crimes.

In terms of internal capacity building, a unique tool developed by the Treasury is

the FinCEN Networking Bulletin that was launched in March 2013. The bulletin

provides a more granular explanation of virtual currency movement to law

enforcement, and assists them in following the money as it funnels between

virtual currency channels and the U.S. financial system.

Among other things, the bulletin addresses the role of traditional banks, money

transmitters, and exchangers that come into play as intermediaries by enabling

users to fund the purchase of virtual currencies and exchange virtual currencies

for other types of currency. It also highlights known records processes associated

with virtual currencies and the potential value these records may offer to

investigative officials.

More recently, the bulletin has been expanded from only U.S. financial regulators

to include some international partners as well. The bulletin has a crowd-sourcing

feature and asks the readers to provide ongoing feedback on what they are

learning through their investigations.

This bulletin has helped the FinCEN create a forum to quickly learn of new

developments. Furthermore,based on this information, the FinCEN has issued

several analytical products of a tactical nature to inform law enforcement

operations.

Perspectives of Other Stakeholders

State Governments

State governments within the United States have their own jurisdiction over

money transmission and enforcing financial laws, as well as in designing

corporate licensing and registration and other incentives to attract startups and

investment in their state. New York was the pioneering state in starting these

experiments in 2014, and since then several states have come out with their own

bills and frameworks.

In 2014, the New York Department of Financial Services created the ‘BitLicense’,

a business license for virtual currency activities applying to activities involving

New York State or its residents. It included regulation around money

transmission, custody, exchange services, and other aspects. Although New

York had a first mover advantage and followed a thorough consultation process,

the eventual regulation was seen as onerous and not well suited to the needs

337

338

339 340


of the startup community. Since then, several states have developed bills and

legislation to incentivize blockchain startups, including Arizona, Delaware,

Nevada, Massachusetts, Washington, and others. The most comprehensive

and innovative reform to date has, interestingly, come from the state of

Wyoming.

In early 2019, Wyoming passed a monumental 13 bills to provide one of the most

comprehensive legal frameworks for blockchain startups in the United States.

Unique protections granted under this legal framework are direct property rights

for individual owners of digital assets, a state chartered depository to provide

banking services to blockchain startups, a series LLC corporate structure,

qualified digital asset custodians, and a regulatory sandbox. This framework is

the most comprehensive till date in the United States.

Startups and Ecosystem Perspective

The blockchain developer and start-up ecosystems in the United States have

faced stark consequences in terms of federal regulations and have their own

perspective on how legislation should be created. The significant drop in token

prices starting in 2018 led to a period of contraction in the industry (termed

“Crypto Winter”) that was, in part, attributed to regulatory crackdowns. The

author undertook a series of interviews with blockchain startups and venture

capital funds in tech hubs on the West Coast to gauge the impact that regulatory

action was having on start-up growth in the space. This revealed a number of key

points of concern.

• Investment has slowed down considerably for crypto-based

blockchain projects based in the United States: Multiple startups

spoke of capital becoming very difficult to secure for crypto-based

blockchain projects in the United States. While funding does come in for

private blockchain startups, and in trading activity, large scale investment

into public blockchain protocols has slowed considerably. Regulatory

action has slowed both retail and institutional funding into public

blockchain projects, and also impeded the flow of private money. Some

startups with innovative products were almost on the verge of shutting

down because they were unable to find funding. Many budding startups

spoken with in the Seattle area had shut down over the last year because

of funding shortages.

• Public blockchain firms tend to adopt foreign domiciles: Some

venture funds commented that even if they wanted to invest in public

blockchain startups and have them based in the United States, the lawyers

would advise strongly against domicile in the U.S. Multiple startups

commented that it was a “no-brainer” for them to domicile their crypto-

based startups outside of the U.S., which they saw as “unfriendly to

341

342

343

344

345

346


cryptocurrencies.” A strong sentiment amongst both startups and funds

interviewed was that they believed the U.S. government viewed

cryptocurrencies negatively and did not support or understand the

transformative potential of public blockchains.

• The regulatory landscape is too confusing for startups: Almost all

the startups interviewed found the proliferation of regulators confusing to

navigate and said that under current guidelines, they were never sure of

when they were under threat of enforcement action. Many startups had

taken the initiative of reaching out to their Congressperson and spending

significant sums on hiring lawyers. However, they were quickly

overwhelmed by jurisdictional confusion between who was setting

guidelines and policy standards and who was responsible for

enforcement. Practitioners and product developers said that despite best

efforts, they were left without a clear understanding of how to legally

secure themselves according to continuously emerging guidance

measures. As a result, the preference was to domicile their start-up in

another country with simpler rules.

• Enterprise experiments are becoming larger: Juxtaposed against a

shrinking public blockchain start-up scene were also comments of “Big

Tech” experiments in blockchain growing larger and more ambitious.

There were multiple mentions of Facebook’s upcoming blockchain

product, of the IBM and Walmart’s blockchain project, and Microsoft and

other Big Tech firms’ experiments gathering scale and momentum. Some

concluded that enterprises would outpace disruptive platforms such as

Bitcoin and Ethereum in blockchain adoption, which was in some ways

inimical to the disruption of blockchains to monopolistic power.

Overall Conclusions on the U.S. Approach

The U.S. federal government’s approach has been almost entirely regulatory-led.

Legislation and policy are absent from federal government action on virtual

assets so far. As a quick note, the Congressional Blockchain Caucus has a small

number of members, and although they have introduced three bills, it is unlikely

that these will pass anytime soon without wider support in Congress.

An overall assessment of the federal regulatory approach so far highlights the

following concerns:

The U.S. federal approach is highly fragmented

The most obvious aspect of the federal approach is the highly fragmented nature

of regulatory action. In the absence of directives by Congress or the White

House, regulators have taken the lead in government action in the sector. This

347

348

349


has created the risk of patchwork regulation due to a highly proliferated financial

regulatory system. To their credit, as seen in this paper, federal agencies have put

in place many mechanisms for coordination. However, as also seen, this

approach has created a lot of confusion and uncertainty on the ground for

startups and investors, and has led to the U.S. being seen as an unfriendly

destination for crypto-based startups. The model of regulation-by-enforcement,

rather than a light touch approach, has deepened this perception and created a

clamor for clear rules and guidance before harsh enforcement.

The U.S. federal regulatory approach is missing the paradigm-shifting nature of the

technology

Financial regulators have taken a risk-based approach that is technology-neutral.

As a result, virtual assets, in their examination by the federal government, have

been reduced to their financial functions. This is unfortunate, because

blockchain technology powered by cryptocurrencies has transformative

implications, not just as a currency or payment medium, but as a business model,

as a capital formation model, and as a new protocol for transactions that form the

basis of the economy and can impact institutional power and social structures.

There is no agency in the federal government that is looking at blockchain

technology as a whole. ICOs, for example, have been reduced to whether or not

they are security offerings, but no examination has been done of the model with

regard to capital formation laws. No examination has been done of banking laws

for blockchain business models at a federal level.

Federal regulators have not undertaken any new rule-making on the issue. This is

exacerbated by the lack of federal legislative or executive action. The overall

approach of the government has been to extend the application of laws, in many

cases from the 1960s, to regulate innovations in the space. This can work in the

short term; however, this is increasingly getting entrenched as the federal

approach. It started with the FinCEN extending the application of MSB laws in

2013 and continues with the latest SEC guidance furthering the application of the

Howey Test in 2019.

It is understandable that since blockchain technology is not used on a major scale

yet, federal regulators need not engage in a lengthy and expensive rule making

process. However, there are also no signals that such thinking is underway. The

internet boom taught us that technology may take time to develop, but it

proliferates and gets too big to ignore very fast. The world still faces regulatory

challenges from the internet revolution, for example, by not thinking ahead

around the use of data in business models. However, these technologies are now

too big and deeply embedded in the social fabric to be changed drastically. It

would be irresponsible to make similar mistakes with blockchain, as many are

referring to it as the second internet.


The U.S. federal regulatory approach is possibly entrenching intermediaries and

existing power structures

U.S. regulators, to their credit, have been vocal and careful about wanting to

regulate abnormal activity without hampering innovation. However, perhaps

unintentionally, regulatory action so far has had the effect of entrenching

existing power structures and business models, rather than supporting

innovation. This has happened on two fronts.

The first front is entrenched money flows. Blockchain startups had developed an

innovative fundraising and user acquisition model with Initial Coin Offerings

(ICOs). However, this needed a new regulatory framework, in the absence of

which fraudulent activity proliferated. Some countries chose to regulate this by

using a sandbox approach. However, the United States undertook a regulation-

by-enforcement route, with no clear legal guidelines to hold ICOs. While this did

stop fraudulent activity, it also stopped a lot of legitimate activity by scaring away

investors and startups, who chose to domicile elsewhere. SEC released its

guidelines for ICOs only in February 2019, a year after the wave of enforcement,

by which time several other countries had come out with ICO frameworks and

startups had relocated. The other effect this had was to reinforce the existing

fundraising structures of private, venture capital and institutional money, many

of whom were themselves getting disrupted by the ICO model, which had

created an alternative avenue of fundraising. It also limited public offerings to

traditional listing rules which are notorious in the difficulty they create for

startups to list. After the JOBS Act and Section D, the ICO model was a second

alternative to startup funding that should have received greater attention as an

innovation that needed to be fenced in by appropriate rules rather than stopped

completely by enforcement.

The second front is entrenched advantage for enterprise and large tech firms.

Regulatory action against cryptocurrencies has created a preference for private or

enterprise blockchain activity. Prescient industry watchers have already pointed

out that true disruption is in public blockchains, that siloed private blockchain

experiments would not sustain in the long term and would eventually have to

move into a semblance of inter-operable public blockchains. The shift to

enterprise blockchain has been to the benefit of existing industry leaders in

enterprise solutions, and also spurred Big Tech giants such as Facebook,

Amazon, and Microsoft to develop blockchain solutions. This is not a bad

development, but juxtaposed with a slowdown of funds for public blockchain

startup projects, it also implies that we might see further consolidation of Big

Tech over a technology that could have disrupted them.

The U.S. regulatory approach is creating opportunities for regulatory arbitrage

globally

350


The U.S. regulatory approach has been seen by many in the ecosystem as

onerous, confusing, and unsupportive, and there is unlikely to be a clear directive

from Congress or the White House soon to move towards a single window or

more coordinated approach. These conditions have created a ripe environment

for global regulatory arbitrage as a lever to attract and retain talented startups

and shape the way forward in blockchain technology. Several countries such as

Singapore, Malta, and Switzerland have taken a lead in creating sandboxes and

other incentives to attract startups and investors, and now have thriving

blockchain ecosystems. The timeline for this technology to mature is not too

long, and it is likely that mature and scalable solutions will emerge in about five

years. Unless the regulatory paradigm changes significantly in the United

States, other geographies will take a lead in this technology.

Conclusion

The United States’ approach to the regulation of virtual assets has been highly

fragmented. Due to the proliferation of federal financial regulators, and the lack

of policy oversight, different regulatory agencies have taken the initiative. While

from a regulators perspective, this approach is understandable as they are

carrying out their respective economic mandates, blockchain is a multi-faceted

technology, where financial regulation has direct implications on technological

development and business models. Blockchain startups could have served as a

disruptor to the centralized influence of large firms in technology and finance.

However, the current regulatory framework is not supportive of this disruption,

as discussed before.

The United States’ approach to the regulation of

virtual assets has been highly fragmented.

The patchwork and regulation-by-enforcement nature of government action is

confusing for startups and has deterred U.S. investment into the public

blockchain space. Most startups that were working in the public blockchain space

have relocated to other countries, and many that stayed are facing funding

shortages. This has created a large opportunity for regulatory arbitrage globally,

and countries such as Singapore, Switzerland and Malta have made themselves

leaders in the space very quickly with progressive regulation and robust startup

ecosystems.

351


There are positive aspects of increased capacity building and inter-agency

coordination among federal regulators in the United States. States are also

developing innovative frameworks. However, virtual assets remain borderless

global assets. Regulating them effectively, while harnessing their innovative

potential, will require coordinated action at the national level in terms of both

regulations and incentives. However, the White House and Congress remain

loosely engaged in the process, and such coordination might not materialize

soon.

While America remains a leading player in the technology, competition is

increasing globally. In the absence of a holistic policy and regulatory approach,

the United States might not fully harness its potential in the long run.


Improving India’s Parliamentary Voting andRecordkeeping (Pranesh Prakash)

I would like to thank Alex Howard, Ashok Hariharan, Heather Hurlburt, Jim

Magnificio, PDT Achary, Srijoni Sen, and TK Vishwanathan for talking to me at

length and sharing their immense knowledge so freely, and to Chakshu Roy and Eric

Mill for the valuable inputs and pointing me in the right direction. I would also like to

thank the 2019 cohort of New America’s India-US Public Interest Technology

Fellowship for their valuable feedback, and New America—particularly Awista Ayub

and Melissa Salyk-Virk—for providing me the fellowship that allowed for this paper,

and for their patience. All errors and omissions remain mine.

Parliamentary Voting

Every democratic assembly requires a way of gauging the opinion of the

gathering. The most common way to do this in a parliament is through voting.

However, there is no standard way of voting. And even when voting is used, as

James Carey notes in his book on parliamentary voting, “in most countries, it [is]

exceedingly unusual to record how each legislator voted on a given proposal.”

This is true of India as well: individual legislators’ votes are not usually recorded.

It is a common misconception that one can review the voting record of one’s

representative in parliament. Voting records cannot serve as a means of

accountability for individual members of parliament, nor for the member of the

legislative assembly and the local city councillor.

Voting Procedures in the Indian Parliament

Before getting into the whys and wherefores of parliamentary voting, it is

instructive to look at the law in India and to understand how voting currently

happens in India’s Lok Sabha (House of the People) and Rajya Sabha (Council of

States). Voting procedures are codified in the “Rules of Procedure and Conduct

of Business” that are framed by each House of Parliament. While the Lok Sabha

and the Rajya Sabha frame their rules of business and procedures independently,

they are similar, if not identical, on most important matters.

All issues that need to be decided by the Lok Sabha and the Rajya Sabha take the

form of “motions” proposed by individual members. All motions require

voting, as mandated by the Constitution of India, art. 100(1), which states:

Save as otherwise provided in this Constitution, all questions at any

sitting of either House or joint sitting of the Houses shall be determined

352

353

354


by a majority of votes of the members present and voting, other than

the Speaker or person acting as Chairman or Speaker.

However, the constitution does not define what a “vote” is, nor how a

determination of a “majority” is to be made.

Voice Votes

The most common form of voting is the voice vote, and it is the default followed

in all cases where counted voting is not mandatory. In this form of voting, the

Speaker (in the Lok Sabha) or the Chairman (in the Rajya Sabha) puts forth the

motion, and asks those who agree with the motion to say “Aye,” and those who

disagree to say “Nay.” Whichever group seems to have more voices (i.e., is

louder) is proclaimed by the speaker to “have it.” After making the declaration

once, the Speaker is, in theory, supposed to wait to see if there is any objection. If

there is not any objection, she repeats either “the Ayes have it” or “the Noes have

it” two more times, after which the motion is considered voted upon.

While the sense of the House as a whole may be determined through a voice vote,

it is clear that the views of each member is not. Further, when one watches the

proceedings of Parliament as relayed on television, one realizes that this is a

mechanical invocation since there is usually no pause between the Speaker

asking those who oppose to motion to say “No” and her declaring thrice: “the

ayes have it, the ayes have it, the ayes have it,” all in a single go.

Counted Votes

If a member of Parliament objects after the first declaration of the voice vote, the

Speaker may, if she so chooses, opt to put the motion to a counted vote. This can

take one of four forms: a head count, a vote using a voting machine, a vote by

going into “lobbies,” or a vote by “aye” or “no” slips (this form is only available in

the Lok Sabha).

In a head count, those who agree with the motion will stand up when asked to

and the number of members standing will be counted, and similarly for those

who oppose the motion. While the numbers are recorded (unlike in a voice vote),

the names of the voters are not. If the Speaker wishes, she may order a “division.”

It is up to the Speaker as to which form of counting to hold, or indeed if counting

is required at all.

“Division” is parliamentary parlance for counted voting. When a division is

ordered by the Speaker, the Secretary-General of the House starts the ringing of

the division bell (which rings intermittently for division in the Rajya Sabha, and

continuously for division in the Lok Sabha). This bell rings for 3½ minutes,

after which the doors to the inner lobby of the house are shut, preventing the

entry or exit of Members of Parliament (MPs). The Speaker takes one more voice

355

356

357

358


vote and declares the results. If the results are challenged a second time, she has

to order that votes be counted. The most common form of counted voting in

India is through the “automatic vote recorders,” which were introduced in 1956.

To use it, the MP presses a “vote activation button” along with a button

indicating their vote—“Aye,” “No,” or “Abstention”—for ten seconds (and the

results are shown on a board before being declared as final). Otherwise, the

division may be undertaken by “lobby,” where the ayes and the noes go to

opposite sides of the room and a division clerk counts them by name. In the Lok

Sabha, one additional method of division is permitted, whereby MPs take “aye”

or “no” slips, write their division number on it and sign it, and then hand it to a

division clerk. In all cases, members who for some reason cannot vote using the

prescribed method (e.g., for reasons of infirmity) are allowed alternative forms of

voting as long as they are within the lobby. Further, before the division results are

announced, each MP has the opportunity to correct her vote in case she did not

cast it correctly, or cast it from the wrong seat. Once the result of a division is

announced, however, it may not be challenged.

While the totals of the ayes and noes from a division are provided when the

“unedited” version of the debates are put up on the Lok Sabha and the Rajya

Sabha websites the day after a debate, the names of the individual members and

the way they voted is not provided until the edited version appears, which may

take up to a few weeks.

When are Divisions Mandatory?

There are two situations in which voting by division is provided for under the

rules. First, when a member of the house disputes the Speaker’s declaration of a

voice vote, and the Speaker using her discretion, opts to order a division.

Second, if a vote requires the assent of at least two-thirds of the members of the

House of Parliament. In this latter case, a division is mandatory. This is only

required for seven distinct kinds of matters: for amendments to the Constitution

of India, for removal of the President or judges of the Supreme Court, for

limiting the powers of autonomous tribal states, for the power to legislate on

behalf of the States, for the establishment of all-India services, or for the

approval or extension of a proclamation of emergency. Needless to say, all of

these are infrequent occurrences, with constitutional amendments being the

most common among them.

Secret Ballots

There are some circumstances in which the votes are recorded secretly. The

election of the President and the Vice-President are both done through a “system

of proportional representation by means of the single transferable vote and the

voting at such election shall be by secret ballot.”

Voting Procedures in the USA and the United Kingdom

359

360 361 362

363

364 365

366

367


The U.S. Constitution has a specific provision on voting that not only talks about

voting, but specifically speaks of recorded votes by stating, “the Yeas and Nays of

the Members of either House on any question shall, at the Desire of one-fifth of

those present, be entered on the Journal.” Given this provision, the default in

both the House of Representatives and the Senate is voice votes, with counted

votes being the exception. Counted votes in the House can take the form of a

division (where names are not counted, only totals), recorded teller votes and

‘yea and nay’ votes (where names and totals are counted in both cases, and both

happen electronically). In the Senate, counted votes happen either through a

“division” vote or by a roll-call vote, with roll-calls being the official way of

deciding contentious issues. The rules in the Senate even allow a motion to be

passed without a vote if it is “without objection.”

In the United Kingdom, the procedure is similar to India, with a voice vote being

the default, and divisions by going into separate lobbies (chambers to the left and

the right of the main room) being held when MPs dispute the Speaker’s

assessment of a voice vote.

In the U.S. Congress, the rules provide 15 minutes as a minimum between the

announcement of a roll-call/recorded vote and its conduct. In the United

Kingdom, eight minutes is provided from the time the division bell starts ringing

to when the lobby doors are closed. Both the United States and the United

Kingdom allow for deferred voting, thus allowing a number of different votes to

be held together in a cluster at a pre-announced time, thus simplifying voting

significantly.

Voting Freedom

Should a legislator vote in accordance with her conscience, or in accordance with

what she believes her constituents (or the majority thereof ) want, or in

accordance with what her party leadership wants? This is an inescapable and

central issue in all party-based democratic systems. Carey dubs this the

“fundamental tension between individualism and collectivism,” and explains

that “individual accountability implies that legislators answer to the specific

demands of citizens in their behavior, including voting. Collective accountability

implies that teams of legislators—mainly parties and coalitions, in most

legislatures–act collectively to promote a policy agenda and are evaluated by

citizens as a group according to their effectiveness in advancing it. Where

constituents—even supporters of the same party or coalition—put diverse

demands on legislators, the demands of individual accountability can contradict

the collective action on which collective accountability is based.”

This tension also has one other basis, which is the question of who voters and

constituents would wish to hold accountable: parties or individual MPs. Do

voters vote on the basis of parties, regardless of who is standing for election for

368

369

370

371

372

373

374

375


that party, or do they vote on the basis of individuals, even if that individual shifts

between parties? Or does it lie somewhere in between, and if so, closer to which

end of the spectrum? There are no clear answers to these questions, and indeed,

there might not be one universal answer.

Whips

In different parliaments, the term “whip” is used to mean different things. In

the following discussions, the term is mainly used to refer to instructions issued

by a political party to its legislators. The negative consequences for disobeying a

whip are quite different in India from countries like the United States or the

United Kingdom. In the U.S. Congress, “disciplinary action for voting against the

views of party leaders is rare, although Senators and Representatives may

indirectly be sanctioned by denial of assignment to, or leadership positions on

important committees.” Whereas in the United Kingdom, the measures for

disobeying a whip “can include a written reprimand from the party chief whip

(also communicated to the Member’s constituency party organization),

temporary suspension from the party organization in Parliament, or a

”withdrawal of the whip," a formal expulsion from the party organization."

However, in India, the anti-defection law passed in 1985 allows an MP to be

disqualified from her parliamentary seat upon disobeying a party whip! In the

Supreme Court case of Kihoto Hollohan v. Zachillhu, the anti-defection law was

upheld. However, in doing so, the court also limited the application of the law

to no-confidence motions and motions on “integral policy and program of the

political party on the basis of which it approached the electorate.” This might

seem a reasonable limitation, however, it has not worked out in practice since the

Supreme Court has also held that the Speaker can unilaterally decide whether a

legislator has voluntarily given up her seat or has gone against party directions.

There is no clear way in which a Speaker can distinguish between disobeying a

party on a trifling matter and on an “integral policy and program” since many

parties don’t release election manifestos, and even then it is difficult to say which

policies and programs are “integral” to the party and which ones aren’t.

Voting Practices Compared

There is a clear historical trajectory to the idea of recorded voting, as David

Beetham notes:

[…] the idea of accountability implies a more focused and systematic

‘account-giving’ after the event, to which the public can respond. As we

have already seen, constituents are increasingly interested in learning

how their representatives have voted on key issues before parliament,

and interrogating them about their actions. For members to have their

voting record published, and to be able to give a reasoned defense of

their record, is of the essence of political accountability. The extension

376

377

378

379

380

381

382


of the Internet makes this requirement much more readily realizable,

and it is now a standard feature in many parliaments.

This seems to suggest that recorded voting is now seen as a bare minimum.

Importantly, recorded voting by itself does not include justification of MPs’ votes

to their constituents, nor does it include reporting by MPs to their constituents on

other forms of parliamentary activity.

In 2018, the U.S. House of Representatives had 500 recorded votes, and the

Senate had 274 (in both cases, not including committees). In 2017, the numbers

were 710 and 325 respectively. Since the 2017 general elections in the United

Kingdom, there have been 353 divisions in the House of Commons. By

comparison, in India, in the 16th Lok Sabha (2014-2019), there have been 90

divisions, 55 of which were mandatory and 35 were non-mandatory. But only 11

bills were voted upon. This is despite the far lengthier and cumbersome

processes for recorded voting in both the United States and the United Kingdom.

There is a clear indication that India’s anti-defection law is responsible for this.

An insightful study by Shalaka Patil shows that there was a dramatic drop in the

number of divisions held in the Lok Sabha after 1985, when the anti-defection

law was enacted. The 3rd Lok Sabha (1962-67) had 330 divisions, whereas the

14th Lok Sabha had only 20 divisions.

While voice votes implicitly introduce a presumption that the government will

carry the motion, the anti-defection law has implicitly introduced a presumption

that all the members vote in line with their party even if a division were to be

held.

Interestingly, whips are not recorded in the United States, nor in the United

Kingdom, though educated guesses can be made by looking at voting records.

Voting Reforms

Recording of Votes

The various forms of voting reveal different information to different actors. Voice

votes and head counts are forms of “signal votes” where individual MP’s

positions are not revealed to their constituents or the public, but are revealed to

their party leaders. Division votes are “open votes” that show the MP’s position to

the public. Less than 2 percent of the bills considered by the Lok Sabha are

decided by counted votes. This needs to change. One cannot sufficiently

evaluate an MP’s legislative and representative roles without voting records.

At the very least, the most important votes in Parliament—all motions related to

bills and subordinate legislation, as well as no-confidence motions which

determine whether a government survives or falls—ought to be voted on through

divisions. There have been multiple instances of governments, with the help of

383

384

385

386

387

388


partisan speakers, refusing to hold divisions even on no-confidence motions, as

was the case in the state of Maharashtra in 2014, and last year in Sri Lanka.

These are indeed cases of parliamentary procedures being used to undermine

democracy in a way that the framers of the procedures never contemplated.

One problem that arises with the recording of votes is that MPs are not always

present for votes. To improve attendance and engagement during votes on bills

and subordinate legislation, the practice of deferred/clustered divisions should

be introduced, allowing Parliamentarians to vote on a number of laws and

amendments at the same time. These two sets of changes would need the

amendment of Parliamentary rules of procedure.

Recording of Whips

While many political scientists have focused on analyzing votes by legislators in

various countries and their public nature, not many have studied the public

availability of instructions issued by political parties. While this is useful in all

democracies with political parties, it is essential in countries like India where

disobeying whips issued by political parties can have very serious consequences.

Even if one argues that in a weak parliament (where the legislature largely votes

in accordance with the executive’s will) the voting record of individual legislators

does not matter, one cannot say the same about political parties. Since the whips

that political parties issue to their MPs can have consequences, there ought to be

a clear record kept of them. While Patil suggests that whips ought to be conveyed

to the Ministry of Parliamentary Affairs, it is better for whips to be conveyed to

Speaker or the Secretary-General of each House of Parliament, since that

would serve two distinct functions. First, since it is the Speaker who has the

power to disqualify an MP, whips ought to be available to the Speaker. Second,

whips are an important aspect of parliamentary functioning, and as such should

form part of the record of Parliament and be published by the same authority that

publishes debates and the votes of legislators.

Manifestos by Political Parties

Even if one disagrees with Kihoto Hollohan v. Zachillhu, one would agree that in

order for any reasonable application of that decision, all political parties should

have to indicate to voters what policies and programs are “integral” to the party

through a separate section of their manifesto issued in multiple languages before

a Lok Sabha election. Currently, many political parties do not even release

manifestos. Without this, it will be left to the Speaker to judge what issues were

advertised to the electorate as “integral” to a party.

Beyond Voting

Voting is only one part of the duties of an MP. While it is clear that an

individual MP does not have too much leeway to influence governmental policy

389 390

391

392

393

394

395


through votes in Parliament, it is far from clear that MPs don’t have influence

over governmental policy. Most important laws (though not all) are usually

referred to standing committees and the inputs of those standing committees,

which generally have representation from multiple political parties, are often

taken seriously by various ministries and laws are often re-written to address the

concerns of the standing committees. As a general practice, standing committee

reports are issued collectively (with allowances for dissents) and are helmed by

the MP chairing each committee. This makes it harder for MPs to use standing

committees as a location for signaling their work to their constituents, and

perhaps also accounts for their low attendance rates. But this lack of signaling

also means that there can be cross-party cooperation, rather than mere

contention, in standing committees, which is harder to achieve on the floor of

Parliament.

When it comes to legislating from within Parliament, but from outside the

government, i.e., what are known as “Private Member’s Bills,” the record is so

abysmal in terms of them being passed that it is noteworthy that some MPs

continue to introduce private members’ bills. It seems that MPs do so to push

discussions on a topic and gain the attention of the government (as happened

with MP Kanimozhi’s Transgender Rights Bill, which failed, but led to the

government taking up the issue and introducing its own bill), or to engage in

signaling to their constituents or their party leaders.

Apart from work within Parliament, MPs undertake much constituency-related

work, including the disbursement of the MP local area development (MPLAD)

funds and working with various levels of government to implement

developmental programs in their constituency.

A few MPs have started issuing reports of their own performance in and outside

of Parliament. It would be welcome if the press highlighted such reports, and

created peer pressure for other MPs to start issuing progress reports to their

constituents.

Parliamentary Recordkeeping

Parliamentary functioning can only be judged by the records it keeps, and thus

parliamentary records are a critical part of parliamentary accountability.

What kinds of records does parliament generate? There are at least the following

forms of records:

• Debate Records, with speaker’s and members’ names and timings

• Voting records, vote counts, and quorum counts

396

397


• Questions and answers, including corrections

• Bills and acts

• Subordinate legislation

• Amendments

• Committee meeting records

• Committee reports, including dissents

• Resolutions, references, announcements, statements, and special

addresses

• Summary of work reports

• Reports of elections, inductions, and resignations, and deaths of members

• Rules of procedure and conduct of business

• Stand-alone books, pamphlets, and reports

Technology Use Within Parliament

Is there a uniform and efficient process for handling these records and for making

them public? In 2016, an additional director of the Lok Sabha Secretariat noted

that “presently, a digitization project is under progress for the creation of PDF

files of the proceedings of Lok Sabha, including Questions and Debates.” This

makes it clear that there is no digital workflow for these documents. While the

Lok Sabha and Rajya Sabha websites are updated on a daily basis, their site

architecture, their abysmal search functionalities, and the less-than-useful

format of the records on the sites make it clear that the records are both hard to

find, and hard to make use of by researchers and citizens.

In the Rajya Sabha’s 2017 annual report, the chapter dedicated to LARRDIS (the

parliamentary information retrieval system) has a dismal section on

achievements related to computerization, where they list only four

achievements: “using the Internet” for research, communications being “sent

through email,” “soft copies” being emailed, and “all typing work” being “done

on computers.”

398

399


While the National Informatics Centre has a “Parliament Information Division,”

which seems to be responsible for maintenance of the Parliamentary websites,

there is not much information available about its functioning.

While there are a few Parliament-related files on data.gov.in, the central

government’s open data portal, there are no datasets relating to Parliamentary

debates. In response to an email asking for bulk access to the digitized debate

dataset, the data custodians (as listed on data.gov.in) for both the Lok Sabha and

the Rajya Sabha explained that whatever was on the website was all that was

accessible.

How Open Standards Can Help

One technical way to improve the accessibility of parliamentary records, and

consequently improve the work of parliamentarians, bureaucrats who work with

parliamentary records, and researchers, is to use a structured and

semantically marked-up format for recordkeeping and to establish a digital

workflow for both houses of Parliament. There is an open standard for

parliamentary (and judicial) records called Akoma Ntoso (“AKN”), which is an

XML-based semantic structured format standardized within an international

standards body called OASIS. All of the different forms of records produced by

the Indian Parliament can be represented in the AKN format.

Ashok Hariharan, a software developer who was a coordinator of the Africa i-

Parliaments Action Plan within the U.N.’s Department of Economic and Social

Affairs, noted that there were several benefits to going in for a semantically

marked-up structured format, including efficiency; improved collaboration

among institutions; preservation; interoperability; cost-effectiveness; value

addition; and ease of comparative research.

Producing Revised Versions of Laws

Various ministries and departments often do not have the latest version of the

laws relating to their work on their website, instead opting to put up the base

(unamended) statute, with each of the amendments listed separately rather than

offering an integrated view of the law. They do this because integrating all the

amendments is not easy in the formats they use (PDF and DOC/DOCX), and the

integration has to be done manually. By contrast, if a format like AKN were used

for the original statute and the subsequent amendments, then any suitable

software can be used to automatically create the integrated version of the law.

Dated Versioning of Laws

At times, especially for judicial cases, government departments (who often file

the cases) and courts need to know what the precise content of a law was on a

particular date. In order to have this, the department or court needs to keep an

400

401

402


integrated version of the law after each amendment. For laws that get amended

frequently—e.g., regulations by the Central Board of Direct Taxes and the

Reserve Bank of India—this would be quite cumbersome. If AKN were used, then

an accurate version of the law as on a particular date could even be generated

dynamically.

Tracking Changes During Amendments

One problem that many legislators face is that of keeping track of the

amendments proposed for the bills that they are considering. The amendments

often take the form of a document which contains cryptic declarations such as,

“on page 5, line 17 substitute […].” Neither the Ministry of Parliamentary Affairs,

nor the parliamentary secretariats produce redlined versions of the law with all

the proposed amendments incorporated. That job is left up to the offices of each

parliamentarian, and can be very cumbersome since all the data for doing this

has to be entered manually. If AKN were used with a digital workflow

management software, such redlined versions could be created automatically.

MPs would even be able to directly edit a copy of the proposed bill and automate

the generation of the amendments they wish to propose in forms easily

understood by both the software as well as by the parliamentary secretariat.

Making Complex Research Easier

Usage of a structured format like AKN allows for complex structure-aware

searches to be conducted, enabling research that otherwise would have been

difficult to carry out.

Examples of Usage of Akoma Ntoso

The European Union uses AKN internally for many purposes, apart from using a

platform called AT4AM, which also uses AKN, for handling amendments, and

which is tightly integrated with their work-task allocation, budgeting, and

translation systems. AKN is also used in South Africa, the United Kingdom, Italy,

the U.S. state of California, and a host of other jurisdictions. In 2017, a U.N. inter-

agency Working Group on Document Standards recommended the formation of

a “Semantic Interoperability Framework,” which included the usage of Akoma

Ntoso localized for the U.N.’s needs (AKN4UN) as one of the two prongs.

Many NGOs that work on legislative transparency use a free/libre/open source

platform named Indigo, which provides a convenient interface for writing laws

in AKN, including transforming existing laws into AKN. In India, an NGO named

Nyaaya had already converted more than 800 Indian laws into AKN.

In India, the use of an XML-based format called XBRL is mandated for the

submission of all company financial reports to the Ministry of Corporate Affairs.

Given this, there is precedent for using XML-based semantically-marked up and

structured formats within government. Indeed, the National Policy on Open

403

404

405

406

407


Standards mandates the use of open standards for e-governance, and the

Interoperability Framework for e-Governance (IFEG) lists a number of

standards, but unfortunately, the IFEG does not list Akoma Ntoso as one of the

standards since it doesn’t take legislation or parliamentary records as a separate

e-governance domain.

Judicial Interventions

An important case in this regard has emerged from a right to information (RTI)

query by a law student, wherein he asked the Legislative Drafting Department of

the Ministry of Law to provide him a copy of the Indian Christian Marriage Act,

1972 since the version available on IndiaCode.nic.in was not readable. Later, this

case was filed as a public interest litigation (PIL) in the Delhi High Court, noting

that Section 4 of the RTI Act mandates the proactive uploading of laws by the

government. In this regard, Justice Manmohan of the Delhi HC quoted the CIC

order:

“Section 4 [of the Right to Information Act] mandates the Ministry of

Law to place the texts of enactments. It is the duty of Legislative

Department to provide information about access of every updated

enactment. It is not just a recommended obligation under Section 4(1)

(a) of RTI Act, but a constitutional mandate, a legal necessity, and an

essential requirement for peace.”

In one of his orders, Justice Manmohan even asked the Ministry of Law to

convene a meeting to consider, among other issues, whether Akoma Ntoso could

be used as a standard. Unfortunately, the minutes from the meeting convened

by the Ministry of Law do not mention Akoma Ntoso. It would seem that even

this judicial intervention did not suffice to put India on the path to the

modernization of parliamentary recordkeeping.

Costs

The Indian Parliament is one of the most underfunded parliaments in the world,

getting an annual budget in 2017-18 of 0.049 percent of the total government

expenditure, whereas the worldwide average is ten times higher at 0.49 percent.

I asked one of the original authors of Akoma Ntoso, who has a long history of

consulting on legislative standards transitions, for a cost estimate given the

Indian scenario. The largest cost, he noted would be for proof-readers for the

digitization of existing legislation. Writing the software for parsing of laws is not

very expensive, coming to only six to seven months of work for a single person

(i.e., six to seven man-months), even taking into account the customizations

required. The search functionality with a public-facing website would be

another six man-months. Automating the production of new documents would

be a bit more complicated. Overall, he estimated a cost of around $2-5 million

408

409

410

411

412


USD, which, even on the higher end of the estimate, is less than three percent of

the annual Parliamentary budget of $150 million USD.

Even with this comparatively low overall importance given to parliamentary

budgeting, the amount needed for a transformation of records in a minuscule

percentage, and even less given the spread of the developmental costs over a

multi-year period. Given this, improving the technology on which our Parliament

is built is not in the least a difficult choice.

Conclusion

There are multiple aspects to what makes a parliament democratic and

legitimate: its representative character, openness and transparency, accessibility,

accountability, and effectiveness. In this paper, I have focused solely on

openness, transparency, and accountability in the form of parliamentary voting

and parliamentary records. I have demonstrated that both the practices as well as

the rules of procedure covering voting in the Indian parliament require a serious

overhaul if we are to have meaningful accountability of Parliamentarians to their

constituents for their legislative functions.

We must mandate counted voting on all motions related to bills and delegated

legislation, as well as no-confidence motions. The lack of such provisions

currently contributes to a lack of legislative accountability, as well as opening up

the possibility of a Speaker misusing her powers during a no-confidence motion.

Further, we need parliamentary recording of whips issued by political parties to

their members in order to enable a Speaker to know when a whip has been

disobeyed by a member, as well as for accountability of political parties to those

who voted for them. We also need to mandate pre-election declaration of

“integral” policies and programs by each political party to ensure that it is clear

when there’s a violation of such a policy or program by a member of parliament

who got elected on the party ticket.

However, I have also argued that it is insufficient, as Parliamentarians perform

many functions beyond legislation. There is a need for greater transparency and

reporting by Parliamentarians themselves, in the absence of any other systematic

means of reporting to the electorate about their promises and accomplishments.

In relation to recordkeeping, I have pointed out the harms caused by the non-

usage of a semantic and structured open standard for legislative records, and the

manifold benefits of adopting a format like Akoma Ntoso alongside an

appropriate digital workflow, including for bureaucrats, parliamentarians,

researchers, and voters. I have also provided a cost estimate for the development

of and transition to an Akoma Ntoso-based platform in a way that covers both

past and current records.

413

414


Finally, I have also pointed out multiple avenues for further research on

parliamentary accountability and recordkeeping in the Indian context.

Appendix 1: Examples of Akoma Ntoso

Here is a snippet of the Aadhaar Act (2016) marked up in Akoma Ntoso:

<akomaNtoso xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns="http://www.akomantoso.org/2.0" xsi:schemaLocation="http://

www.akomantoso.org/2.0 akomantoso20.xsd">

<act contains="originalVersion">

<preface>

<p class="title">

<shortTitle>Aadhaar (Targeted Delivery Of Financial And Other Subsidies,

Benefits And Services) Act, 2016</shortTitle>

</p>

</preface>

<preamble>

<p>A Bill to provide for, as a good governance, efficient, transparent, and

targeted delivery of subsidies, benefits and services, the expenditure for which is

incurred from the Consolidated Fund of India, to individuals residing in India

through assigning of unique identity numbers to such individuals and for matters

connected therewith or incidental thereto.</p>

<p>Be it enacted by Parliament in the Sixty-seventh Year of the Republic of India

as follows:--</p>

</preamble>

<body>

<chapter id="chapter-I">

<num>I</num>

<heading>Preliminary</heading>

<section id="section-1">

<num>1.</num>

<heading>Short title, extent and commencement.--</heading>

<subsection id="section-1.1">

<num>(1)</num>

<content>

<p>This Act may be called the Aadhaar (Targeted Delivery of Financial and

Other Subsidies, Benefits and Services) Act, 2016.</p>

</content>

</subsection>

</section>

</chapter>

</body>


</act>

</akomaNtoso>

Example of Akoma Ntoso snippet recording the presence of a quorum and a vote

in a debate, and then to include that in a summary analysis by linkage:



<debateSection eId="dbsect_2" name="... ">

<summary eId="summary_1">(Question carried by <quantity eId="quantity_2"

normalized="72" refersTo="#ayes">72</quantity> to <quantity

normalized="34" eId ="quantity_3" refersTo="#noes"> 34</quantity> votes)</

summary>

</debateSection>



<parliamentary>

<voting eId="voting_1" href="#summary_1" refersTo="#voting"

outcome="#approved">

<quorum eId="voting_1__quorum_1" refersTo="#majority" value="80"/>

<count eId="voting_1__count_2" refersTo="#ayes" href="#quantity_2"

value="72"/>

<count eId="voting_1__count_3" refersTo="#noes" href="#quantity_3"

value="34"/>

</voting>

</parliamentary>

India and the United States: The Time Has Come toCollaborate on Commercial Drones (Sylvia Mishra)

Sylvia Mishra is a Scoville Fellow and her research focuses on nuclear strategy and

nonproliferation, Southern Asian security and nuclear dynamics, U.S. policy in Indo-

Pacific, and emerging and disruptive technologies.

This paper is written from an exploratory strategic lens underscoring why India and

the United States ought to focus on bolstering partnership on commercial drones. The

paper immensely benefited from interviews and discussions with Peter W. Singer,

Arthur Holland Michel, Rachel Stohl, Sharon Burke, Bhaskar Kanungo, Allegra

Harpootlian, and Col. Dennis Wille.

Introduction

On December 1, 2018, flying commercial drones became legal in India as the

Directorate General of Civil Aviation’s (DGCA) put forward guidelines on how

unmanned aircraft can operate within the country. The opening up of the

drone, or unmanned aerial vehicles (UAV), market is expected to improve

efficiency and create jobs in certain sectors like agriculture, forestry, media,

construction, and disaster management while also expanding the culture of

innovation. Commercial drones are among the fastest growing segments in India

and their demand is growing exponentially. In some of the public sectors, such as

infrastructure, transport, agriculture, and disaster management, drones are

already being utilized for land surveillance, improvements to infrastructure,

precision agriculture, 3-D digital mapping, and tracking a variety of issues of river

erosion and deforestation. At the World Economic Forum Annual Meeting in

Davos in 2019, the Indian state government of Andhra Pradesh announced that it

will start testing a policy framework—Advanced Drone Operations Toolkit

developed in partnership with 41 government agencies and private enterprises to

enable state-wide drone delivery operations aimed at bringing key medical

supplies to communities across the state. The open source guide was developed

in collaboration with the governments of Rwanda andSwitzerland, and leverages

the work of the Drone Innovator’s Network (DIN) to roll out socially impactful,

advanced drone operations.

415

416

417


As the utility of drones in the commercial sector

grows, several market reports indicate that the

Indian commercial drone market will reach $885.7

million by 2021.

The adoption of commercial drone applications is on the rise across sectors. As

the utility of drones in the commercial sector grows, several market reports

indicate that the Indian commercial drone market will reach $885.7 million by

2021. India has been one of the top drone-importing nations, accounting for

22.5 percent of the world’s UAV imports. Israel and the United States have

emerged as top drone exporters to India as the focus has been on expanding its

armed drone inventory. In 2018, the Indian government approved the purchase of

Heron TP missile-armed drones from Israel. The United States will export the

General Atomics MQ-9 Guardian/Predator-B long-range unmanned combat

aerial vehicle (UCAV) to India, making it one of the most significant defense sales

between the United States and India. The sale of drones with military

applications has become an important part of bilateral defense ties between

India and the United States, and both countries operate under the Defense

Technology and Trade Initiative. Breaking away from the dominant narrative

that focuses on India-U.S. collaboration on drones for military purposes, this

paper aims to underscore that India and the United States have a unique

opportunity to partner on commercial drones. Over the coming years, drones will

become an integral element to a better standard of living. India and the United

States. should partner to harness the benefits of commercial drones by leveraging

the technological prowess and culture of innovation that exist in both countries.

The paper aims to develop a framework where India and the United States can

cooperate to promote greater use of drone technology in the commercial sector

to transform working practices, bring significant economic benefits, and boost

prosperity. This paper benefited from interviews conducted with several experts

in Washington, D.C. and New Delhi, and takes the position that a partnership on

commercial drones is essential. It outlines how India and the United States can

collaborate on a multilateral level, a bilateral government-to-government level,

and an industry-to-industry level. As and how the global airspace becomes

congested and increasingly contested, the development of counter-drone

technologies is also inevitable. The paper also discusses counter-drone

technologies, their evolution and use in the U.S. market, and use by law

418

419

420


enforcement agencies. It outlines how India can learn how some of the counter-

drone technologies are being utilized by law enforcement agencies in the United

States.

Why Does India-U.S. Cooperation on Commercial Drones Matter?

As India and the United States continue to bolster their bilateral partnership, one

facet of their relationship that remains understudied, and mandates greater

attention, is commercial drones and their use for public benefit. As the oldest and

largest democracies, the United States and India also need to focus on using

drone technologies to drive positive social change, proactively shape demand for

commercial drone technology and its applications across various sectors and

domestic growth opportunities. India and the United States have a rich pool of

resources and talent, the spirit of innovation to build an ecosystem that depends

more heavily on the civic use of drone tech. Drone technology is rapidly

advancing. Even though the commercial drone sector in India is still evolving and

regulations are being formed, this industry has the potential to transform

societies. Not to mention that as commercial drones proliferate, the surrounding

industry would also grow; jobs in analytics and data processing are just an

example. A McKinsey report indicated that the value of the commercial drone

industry and activity has risen from $40 million in 2012 to about $1 billion in 2017

. It is expected that by 2026, commercial drones—both corporate and

consumer applications—will have an annual impact of $31 billion to $46 billion

on the country’s GDP. Despite the drone market in India being in a nascent

stage, the paper offers an overview of how India and the United States can

cooperate to incentivize the use of drones for a variety of purposes. Several

industries in India will be greatly enhanced, and will enable smarter employment

of people with the use of drones as force multipliers in the agriculture,

construction, energy and logistic sectors. In much the same way that the Federal

Aviation Administration’s (FAA) Part 107 rules have facilitated the spread of

commercial drone operations in the U.S., the Directorate of Civil Aviation

(DGCA) in India needs to undertake incremental steps to relieve the indigenous

commercial drone industries from the scourge of regulations that curtails the

sector to flourish. It is important that the DGCA undertakes policies that

ensure both safety and security of drones, but also gradually encourages

operations beyond the current limit of 400 feet of Beyond Visual Line of Sight

(BVLOS).

Three Levels of Cooperation on Commercial Drones

The two countries can cooperate on three levels: multilateral, bilateral, and

industry-to-industry.

421

422

423


1) Multilateral Cooperation for Responsible Drone Use: There are wide variations

in drone laws amongst countries. In fact, even within the United States, drone

laws vary from state to state and work on a sort of drone federalism. In 2018, the

International Standard Organization (ISO) proposed international standards for

drone operations with the expectation that these standards will be adopted by

countries globally. The objective of the ISO’s international standards is to

establish drone regulation that every country can agree on, and will help

normalize drone operations and responsible use throughout the world. The ISO

standards focus primarily on data security, air safety, privacy, and facilitating

ways where UAVs can be used in a variety of commercial scenarios.

It is imperative that both India and the United States at a multilateral level push

for the spread of safe and responsible practices of common drone laws. While

several countries are trying to grapple with this challenge, it is important for the

architects of India’s drone ecosystem to keep in mind that adopting the ISO

standards needs to be swift and smooth. If the United States and India are able to

both converge to the ISO standards and also encourage other countries to join, it

will allow for great cross-pollination among businesses across countries. For

example, U.S. companies that have already matured in commercial drone

technologies would not have to bear a huge cost to restructure their operations in

India for compliance. Moreover, the manufacturing of drones and the import and

export of hardware and software can become globalized. This means that drone

hardware can be manufactured in one country, software developed in another

country, and the final product can be used in another country. In a globalized and

an integrated economic environment, India and the United States adopting ISO

standards would make cooperation between them and with other countries

easier.

2) Partnership at the Government Level for a Cause: Humanitarian Assistance

and Disaster Relief (HADR): In the past decade, India has been a first responder

in several humanitarian disasters and international crises. It demonstrates India's

commitment as a responsible actor in the global order and willingness to become

a net security provider in the region. New Delhi has contributed its resources to

prevent and mitigate regional and international crises. India’s leadership role

and India-U.S. efforts following the devastating earthquake in Nepal have been

noteworthy. Drones have been at the forefront of India’s increased efforts in

HADR. Humanitarian organizations and several governments across the world

have mobilized drones to collect vital information about collapsed buildings,

locate survivors, and supply victims with relief packages. The National Disaster

Management Authority (NDMA) helped in Nepal’s relief efforts using the Netra

drone for aid. Similarly, the NDMA has been using the resources of several

indigenous drone manufacturing companies in India. For example, Airpix, a

company that specializes in aerial photography and video production, was used

in a campaign to rebuild Uttarakhand and to spread awareness about

infrastructural deficiencies in the mountainous state. India has also been

424

425

426

427


sending medicine to remote areas in Rwanda, Malawi, Uganda and other places

with the delivery of medical services using drones.

While India and the U.S. government have their own mechanisms in dealing with

HADR, cooperation on HADR is featured in the New Framework for the U.S.-

India Defense Relationship (2005) and was reiterated in the 2015 framework. As

India and the United States develop frameworks and models of cooperation and

burden-sharing in the Indo-Pacific, collaboration on HADR using drones is a

good starting point. Both countries can benefit from the complementary nature

of their efforts and interests in the region.

There are already a few examples of India-U.S. cooperation on drones with a

focus on HADR. Under the Defense Technology and Trade Initiative (DTTI),

India and the United States are working on an air-launched unmanned system

which would have HADR as one of the targeted uses. Another example of

cooperation between the two countries on drones is that in the wake of a polio

outbreak, a U.S.-based company, WeRobotics, was asked by the Center for

Disease Control and Prevention (CDC) to organize training on medical cargo

drones in Papua New Guinea (PNG). WeRobotics partnered with two Indian

companies,Soli Consultancy and Redwing Labs India, to ensure the project’s

completion and success.

3) Industry-to-Industry Cooperation to Boost India’s Commercial Drones Market:

China has emerged as the leading civilian drone exporter. India has not been

able to become an exporter of commercial drones, and there are several

challenges that have stymied the commercial drone ecosystem in India. One

factor is the lack of clarity on the drone manufacturing licensing process from the

Department of Industrial Policy and Promotion (DIPP). Another challenge is

import restrictions on the components (motors, propellers, batteries) for

assembling a drone. The export of drones also goes through an inter-ministerial

panel due to restrictions under the SCOMET list.

Under the Civil Aviation Regulations, the DGCA has launched the Digital Sky

platform, which is built around the principle of “No Permission, No Takeoff.”

While Digital Sky will be in charge of handling flights permissions, to give an

impetus to the commercial drone industry, some of the issues such as “Beyond

Visual Line of Sight” (BVLOS) and Autonomous Operations need to be resolved.

Set against some of these challenges and uncertainties are the regulatory

framework in India, which are still evolving, and a sweeping cross-pollination

between Indian and U.S. industries may not be possible. However, the Indian

drone industry will find it beneficial to partner with U.S. drone industries on

building the software. There are few examples of such cooperation. For instance,

Precision Hawk is a U.S. company working in partnership with the FAA and the

National Aeronautics and Space Administration (NASA) on Low Altitude

428

429

430

431

432

433


Tracking and Avoidance Systems (LATAS). The LATAS platform will show pilots

of manned aircraft where UAVs are in the airspace before they become a safety

hazard. For this project, Precision Hawk is collaborating with a technology

partner in India called Webonise on the simulation of drones in a virtual

environment to aid the development of this platform.

Challenges

To foster India-U.S. partnership at the three proposed levels, there are several

challenges that the Indian commercial drones’ ecosystem will need to overcome

at the policy and regulatory level.

As drones are gradually incorporated into the Indian airspace, there are several

long-standing liability issues and privacy laws that the DGCA will need to clarify.

Remotely controlled drones are increasingly cheap, and more widely available,

but they pose real privacy risks. Some of the examples include surveillance

drones violating property rights, and pervasive surveillance. A research survey,

reported by Forbes in early 2019, indicated that flying drones 24/7 generated

fears of the police. The way commercial drone technology is progressing, it

seems quite likely that corporate giants like Amazon, Google, UPS, and Alibaba

will be stepping up efforts to enable drones to play a significant role in the “last-

mile” delivery – transporting items from the warehouse to the customer’s

doorstep.

Policymakers will be required to ensure a balance between the benefits of

commercial drone use and its privacy costs. Any framework that provides

impetus to a new technology is required to ensure that that spirit of innovation is

sustained, while individual rights to privacy and freedom of expression are also

maintained. For instance, a Rand report indicates that a team of researchers

explored the hidden or indirect costs and potential consequences, both positive

and negative, of adopting commercial delivery drones. The study revealed that

regulators around the world are struggling to keep pace with new drone delivery

technology and some countries are banning the use of commercial drones as

regulating a technology which is still evolving is a challenge. Moreover, as there

are security implications of this technology, regulators are erring on the side of

cautious by banning the delivery applications of commercial drones.

While some of the current regulations in place cover licensure for pilots,

registration, restricted fly zones, and insurance, one of the primary challenges of

using delivery drones is a requirement that drones stay within the pilot’s line of

sight (which almost defeats the purpose of commercial delivery drones).

India’s Ministry of Civil Aviation’s framework for Civil Aviation Regulations (2.0)

still does not provide specifics for several issues such as current imports and

permission structures, or drone licensing and registrations, among other things.

The authorities will also need to devise a regulatory response and guidance for

mid-air collisions and injury to property and persons.

434

435

436

437

438

439


To increase bilateral partnership on commercial drones, India will first need to

fine-tune some of its regulatory policies and also look at international

standardization of commercial drone laws. One positive development that will

spur interest and investments in the Indian drone ecosystem is that the

government has allowed for 100% foreign direct investments in manufacturing

commercial drones.

While the Indian government and industry leaders will grapple these regulatory

challenges for the commercial drone ecosystem, it is important to remember that

drone technology will only advance worldwide. The number of people and

industries that sees value in utilizing drones as force multipliers increase.

Therefore, India cannot afford to stay behind the curve or stymie talent and

technology in this industry.

Counter Drone Technology and Operations

Research indicates that most drone operators fly in good faith; however, there are

some actors that can do a lot of damage using commercial drones. There are an

increasing number of reports that state that extremist groups, militias, and drug

cartels are using commercial drones as weapons. The proliferation of drones

and the possibility of their use for malignant purposes, such as use of drones by

organized criminals to run counter operations against law enforcement, plan

robberies and other crimes, have led to the development of counter-drone

technologies. Industries are investing in developing counter-drone

technologies for law enforcement agencies to prevent unwarranted use of

commercial drones and to ensure the safety and security of civilians. Counter-

drone technology, also commonly known as counter-UAS (C-UAS) or counter-

UAV, refers to systems that are used to detect and intercept unmanned aircraft.

Drones are dual-use and can pose threats in both civilian and wartime

environments. Concerns regarding the weaponization and use of commercial

drones in conflicts, most notably by non-state actors, are growing. Drones have

been used in conflicts in Syria, Iraq, and Ukraine. For instance, the Islamic State

(ISIS) was able to import and construct several hundreds of inexpensive drones

and use them in battlefields in Iraq and Syria. According to a report from the

Center for a New American Security, more than 90 countries and non-state

actors operate drones and their increasing use will have an impact on the future

of conflict, crisis stability, and escalation dynamics. Non-state actors are

increasingly able to transform commercial/hobby drones into military hardware

and in the future, this trend will only grow as it provides non-state actors access

to the kind of operational awareness that was previously held only by state

militaries.

It is in the context of these developments and security concerns that commercial

industries are rapidly investing in counter-drone technologies to keep people safe

440

441

442

443

444

445


from rogue drones. A report calledCounter-Drones System by the Center for the

Study of Drone at Bard College found out that there are at least 235 counter-

drone products either available on the market or are in various stages of

development. Several detection, identification, and neutralization

technologies are being employed and developed by leading defense contractors.

Some of the most prominent counter-drone technologies for detection and

tracking include scanning for radio frequency, electro-optical, infrared, acoustic,

and combined sensors. Other technologies and methods used for interdiction of

drones involve radio frequency jamming, spoofing, laser, nets, and projectiles.

The global counter-drone market size is expected to reach $1.85 billion by

2024 as incidences of unauthorized use of UAVs and acts of terror using drones

rise.

Given that major proliferation of drones is underway in the Subcontinent, India

needs to devote adequate attention to developing and mainstreaming counter-

drone technologies. India has a unique opportunity to learn some of the lessons

of how counter-drone technology is evolving in the United States and being

utilized by federal law enforcement agencies. Given C-UAS technologies are

dependent on innovation, industries in India can collaborate with counter-drone

tech companies in the United States and become part of the global supply chain

of C-UAS tech.

On February 1, 2019, CNBC reported that by 2022 the Federal Aviation

Administration (FAA) expects that there will be 2.9 million drones flying in the

United States. While commercial drones are beneficial to the national

economy, the rapid multiplication of drones in the skies poses significant security

risks. As greater numbers of drones are flying dangerously close to commercial

and private aircraft, there have been several near misses between drones and

aircraft. While reining in rogue drones has received significant attention

during the last five years, there are several outstanding challenges as all counter-

drone technologies need to reconcile with legal and safety mechanisms. The FAA

considers drones to be aircraft and does not allow shooting down an aircraft, thus

making shooting down drones illegal and a federal crime in the United States.

Only the federal government’s law enforcement agencies have been granted the

authority to employ C-UAS technologies, thus his suggesting that counter-

drone adoption measures will take place in close coordination with FAA laws.

In July 2018, the FAA updated its guidance on “Unmanned Aircraft Systems

(UAS) Detection and Countermeasures” and underscored that successful

mitigation of rogue drones is reliant on accurate detection. One of the major

findings of the FAA report is that the “low technical readiness of C-UAS systems,

combined with a multitude of other factors, such as geography, interference,

location of the majority of reported VAS sightings, and cost of deployment and

operation, demonstrate this technology is not ready for use in domestic civil

airport environments.” The report emphasized the challenges of C-UAS

446

447

448

449

450

451

452


technologies and the potential risks of targeted UAS when engaged in airport

environment, which can introduce greater hazards than it is intended to mitigate.

Despite the slow pace of adoption of counter drone tech, it is pertinent that law

enforcement agencies and security officials will need to be prepared, trained, and

equipped to counter hostile drones. The U.S. Congress recognized that the need

for counter-drone tech will only grow and, therefore, in the 2017 and 2018

National Defense Authorization Acts (NDAAs) enabled limited C-UAS authority

to the Department of Defense and Energy. Notwithstanding these challenges,

there are several companies, such as SkySafe, DeDrone, Fortem, that are working

with the Department of Defense (DoD) to keep unwanted drones in check;

though the real challenge continues to be the regulatory battle. For instance,

SkySafe does not only track drones but also intercepts them, but hacking and/or

intercepting drones is illegal in the United States. It is, therefore, important

that companies, local and federal government agencies have a greater level of

coordination when it comes to counter drones technologies.

With an increasing boom of the commercial drone market in India, drones are

becoming cheaper, smaller, more agile, and stealthier. After several incidents of

drone sightings around Indian airports, the government is investing in the

development of reliable, safe and secure C-UAS technologies. For example, the

Defence Research and Development Organization (DRDO) has taken up the

development of high-intensity laser weapons. Additionally, the Indian

government’s Bureau of Civil Aviation and Security (BCAS) has been engaging

with two Israeli companies to develop drone disabling technologies around

Indian airports. This technology primarily looks at two categorization of skills –

soft kill (a drone which flies into a secured airspace can be destabilized and its

system frozen) and hard kill (the drone can be destroyed).

The growth in the market of counter-drone technology is another area where the

industry in both India and the United States can cooperate. The BCAS can work

with the U.S. industries and federal law enforcement agencies to navigate the

policies adopted and the regulatory challenges involved in the lawful elimination

of drones.

There is also a major component of learning lessons from the United States and

applying them in the Indian context to foster a culture of safety and responsibility

throughout the drone industry. For instance, to mitigate rogue drones near the

National Nuclear Security Administration’s (NNSA) sites, the Office of Defense

Nuclear Security has deployed its first C-UAS platform. The NNSA worked in

partnership with the FAA for the designation of Los Alamos Lab as a “No-Drone

Zone” and to set up a system to detect, identify, track, and intercept

unsanctioned drones at Los Alamos National Laboratory. It would be in India’s

security interest to draw upon the lessons from the NNSA-FAA collaboration to

better understand the capabilities, functional efficacy, and ease of handling of

anti-drone technology. Additionally, training a specific team – either the Central

453

454

455

456

457


Industrial Security Force (CISF) personnel or the Air Traffic Controllers (ATC) –

staff at airports would be highly beneficial for the Indian security establishment.

Some Key Considerations for the Way Forward

The use and utility of commercial drones are on the rise and expectedly will

continue to grow. As there are some significant developments for new regulatory

frameworks for drones in India, there is an opportunity for New Delhi to increase

partnership with the United States on commercial drones. India will need to fine-

tune its regulatory policies on commercial drone laws according to international

standards. The increasing number of drones in the sky and the growing number

of violations – accidental or criminal – also incentivizes Indian and American

industries to collaborate on counter-drone tools to keep out unwanted drones.

Drone technology in the commercial sector has the potential to create

tremendous impact with regard to job creation, increasing productivity, and

efficiency. However, there will be considerable concerns about both the promise

of the technology and its ability to carry out tasks while ensuring safety, security

and privacy of citizens. Expectations regarding drone technology in the

commercial sector need to be more pragmatic and rooted in reality.

Expectations regarding drone technology in the

commercial sector need to be more pragmatic and

rooted in reality.

Despite the rapid advances of drone technology, there needs to be significant

progress in several aspects of the technology: autonomous flights (this

technology is still developing but it allows drones to fly without a user directing

their flight); and battery performance (improvements in battery technology are

expected to boost drone flight time). Though some of these improvements will

allow commercial drones to fly for longer durations without battery recharging,

the drone technology can fall short of the promise. It is important for industry

players and policymakers to temper expectations of what drone technology as a

whole can achieve, given it is still evolving and is not a fully mature technology.

Drones are not horizontal technology (i.e. the movement and transfer of this

technology from one sector to the other is not easily possible.) The most

disruptive technologies that have made huge impacts on consumer use are

horizontal technologies like e-commerce. However, since drones are not a

458


horizontal technology, there would be significant expenditure on R&D in every

sector where drone applications are envisioned. For example, the last-mile

delivery drones will require a very different approach than farm surveillance by

drones. Last-mile delivery will require precision, timeliness, accuracy, interaction

with humans, and an understanding of potential obstacles. Farm surveillance

applications will require imaging technology, stability in dire environmental

conditions, and autonomy. This again indicates that there needs to be a

management of expectations on the commercial drones’ impact across sectors.

In the Indian context, it is clear that the development of the commercial drones

sector will happen in close coordination with the Indian government. However,

experts warn that stiff regulations could stifle the commercial drones sector from

flourishing. There must be a balanced approach where the government is able to

safeguard an individual’s privacy, monitor drones that could harm national

security, but simultaneously encourage policies that enable the commercial

drones sector to flourish.

To conclude, it is important to highlight that although much of the recent debate

on drones has centered on the state’s use of drones for surveillance and military

purposes, the use of drones by and for civil society deserves attention. For any

underlying opportunity in the case of the commercial drone market in India,

there is a vital need for enabling policies and handholding between India and the

United States. For a smooth launch and progress of the commercial drone

industry in India, there needs to be policy consensus and coordination among the

Ministry of Defense, the Ministry of Home Affairs, the Ministry of Commerce

and Industry, the Ministry of Civil Aviation, the Department for Promotion of

Industry and Internal Trade, and Niti Ayog, among others. Moreover, there also

needs to be significant investment from the government on drone education –

training pilots, capacity building for manufacturing, registration and tracking of

drones, certification of remote pilots and other professional drone services. The

time is right and ripe for India to collaborate with the United States on the

development of its commercial drone sector, setting and strengthening the

regulatory landscape to allow commercial drones to be used effectively and

safely and also for the scalability of the technology.


Civic Futures 2.0: The Gamification of CivicEngagement in Cities (Subhodeep Jash)

Subhodeep Jash is a Senior Consultant with FTI Consulting Asia’s Strategic

Communications Practice at New Delhi. The idea for this research stemmed from his

stint with the WZB Berlin Social Science Center.

Acknowledgements: I would like to express my gratitude to Charru Malhotra, Perry

Nunes, Liav Orgad and Jess Riegel for their valuable insights. I wish to express my

appreciation for the kind support and guidance of Awista Ayub and Melissa Salyk-Virk

at New America. Last, but not the least, I thank the entire cohort of the 2019 India-

U.S. Fellows for their feedback towards refining the contours of this paper.

Executive Summary

Citizenship is a fundamentally political institution. This research focuses on the

intersection of technology and active citizenship, which is a central component of

a republican conception of citizenship where citizens are expected to engage in

political deliberation and contribute to the common good of the community. This

paper is a primer on the newer forms of civic interactions that emerge when

gaming elements (such as points, badges, rankings, rewards, etc.) are introduced

into a non-game setting like civic engagement. Further, it maps current trends

and variations around the gamification of civic engagement. It begins with two

unique use-cases from Boston (United States) and Tlalnepantla (Mexico) that

illustrate how gamification can encourage greater participation in governance

processes and possibly address gaps in efficiency facing democracies. Finally, the

research attempts to form a typology of the various civic innovation projects in

Europe and the Americas, and Subsequently, examines the broad level societal

benefits and ethical challenges that arise from these interventions.

The closing section of the paper introduces the context of civic engagement in

one of the world’s largest digital demos, India and what a potential for

gamification in that socio-political context could imply. While this potential for

gamified governance looks encouraging, its use is being examined more as a

complementary tool to existing approaches surrounding citizen participation and

interactions.

Pokemon Gov and “Points” of Kindness

Digital technology is increasingly used to experiment with new forms of

encouraging citizen engagement. The spectrum of such experimentation ranges

from chatbots that drive interactions between government officials and citizens


in Jersey, (an island located in the English Channel), to points-based systems

such as catalogues of good deeds (in Mexico) to motivate active citizenship. A

common thread behind such ideas is to provide incentives that motivate civic

activism, with the hope that, over time, such incentives will create a culture of

communal activism. Two such salient use-cases for gamification emerging in the

U.S. city of Boston and the Mexican city of Tlalnepantla are discussed hereunder

that illustrate successful deployment in these new civic interactions.

Digital technology is increasingly used to

experiment with new forms of encouraging citizen

engagement.

In 2016, the city of Boston in the state of Massachusetts launched a spring-time

campaign called “SpotHoles” as a way to encourage constituents to generate

more pothole reports during the snow-melt month of March when potholes are

especially prevalent. Prior to this campaign, residents could call a helpline to

report such civic grievances. However, a major challenge existed within the

helpline reporting system: the ability to situate these potholes within the

neighborhoods.

Subsequently, the SpotHoles campaign was deployed to report potholes with

better accuracy across the city by using a mobile application-based scavenger

hunt akin to the augmented reality mobile game, Pokémon Go. After creating a

branded campaign with associated digital assets, SpotHoles netted more than

300 percent higher citizen-reported potholes than the same period in the

previous year. And even better, the increased reports were accompanied by an

accurate location because of the mobile reporting application’s ability to geo-

locate issues, allowing users to snap a picture and send a note to the city.

The success of the initiative led to a partnership between Niantic Inc., the

developer of Pokémon Go and the Boston Mayor’s Office of Urban Mechanics to

institute a participatory Pokémon Go initiative with school students. The

initiative developed “PokéStops,” which provided a way of incorporating real-

world locations into the game build. For example, the potential locations for

PokéStops could be small parks or historic buildings. Students were asked to

make short videos explaining why these locations should be included in the

game. Then, a youth-led selection jury would pick the winning locations. The

idea of involving citizens into this curation exercise was identified as a way to

459

460

461


celebrate meaningful and accessible locations in the city and raise civic

awareness among youth.

As another example, Tlalnepantla de Baz, a city in Mexico, suffered from low

civic engagement and its residents were indifferent to neighborhood problems.

There was little interest even in filing reports of criminal acts, which prevented

the authorities from taking action. This indifference threatened the city’s social

fabric, making citizens feel disconnected and insecure. In 2016, an initiative from

the Mayor’s office encouraged local citizens to participate in the community by

choosing a “good deed” from a catalog. Examples of good deeds included voting,

assistance to the elderly, job training, first-aid courses, safety training,

professional consultations, organizing cultural events, and self-employment

workshops. Good deeds could be municipal, but also universal—for example, the

promotion of environmental activities. Each good deed that was performed was

recorded and given a score, and citizens were able to claim benefits according to

their score from a parallel “Catalogue of Municipal Benefits.” Municipal benefits

included bike rental and public transportation, scholarships, tickets to cultural

events, and reduced municipal housing. The goal is to motivate civic activism,

with the hope that, over time, such incentives will create a culture of communal

activism. In the past few years, there have been suggestions to use technology to

motivate more active citizenship.

The Tlalnepantla city officials were inspired by community network projects that

promoted a sense of collaboration in other cities but felt that those projects were

too narrowly focused. The city’s Mayor, Guillermo Alfredo Martínez González,

said that the initiative led to a closer interaction among residents by promoting

good deeds, and had a transformative effect on the entire society by “allowing for

greater collective development, conflict resolution, stronger identity, and

reconstitution of the social fabric.”

Both these endeavors highlight how game elements such as a points based

system or a scavenger hunt akin interface can reinvigorate the interactions

between citizens and public policy. This paper examines a range of such similar

experiments that brought about this emergence in the gamification of civic

engagement.

Defining Gamified Civic Engagement

New forms of civic interactions have been driven by the incorporation of game

elements (i.e. points, badges, levels, rankings, rewards) into the non-game

context of citizen engagement and have created conditions for gamified civic

engagement. In recent years, there has been a growing appeal of the

gamification of civic engagement as a possible solution to reshaping participatory

regimes among residents in cities similar to the cases of Boston and Tlalnepantla.

462

463

464


It is important to distinguish gamification from “mere games”—since the use of

game mechanics does not necessarily make a product a (video-) game. While

the main scope of games is pure entertainment, gamification is aimed at

transmitting features that leverage elements of role play, story, and agency.

According to some authors (Landers et al., 2018), this happens under three

conditions:

• The perception of a non-trivial goal that can reasonably be pursued

• The desire to pursue that goal under behavioral rules that differ from the

behavioral rules that one would normally apply

• The voluntary nature of the decision to pursue that goal

Background

An increasing number of cities, including a large number in the developed world,

suffer from low civic participation, an absence of social solidarity, and a feeling of

apathy in creating solutions to common problems. Harvard-based sociologist

Robert Putnam suggests that people living in diverse but divided communities

tend to “hunker down” and “withdraw from collective life” by placing less

trust in their neighbors, including those from a similar background. As a result,

they assume markedly more negative attitudes towards their local areas, vote

less; volunteer less, and give less to charity. A recent report of the City of London

portends an alarming development—it indicates a lack of “cross-community

contact,” and a low level of active citizenship, especially among newcomers.

The report finds this reality to be “one of the key challenges facing cities across

the world” and urges the need to find solutions to encourage active citizens who

“shape the decisions that affect their communities and their city” and share “a

sense of rootedness and active participation in community life.”

The OECD is one of the few public institutions that have guidelines on

measuring trust, both interpersonal and institutional. A recent OECD study finds

that only 43 percent of citizens trust their government. Trust in government is

deteriorating in many OECD countries. Lack of trust compromises the

willingness of citizens and business to respond to public policies and contribute

to a sustainable economic recovery. Open government policies that concentrate

on citizen engagement and access to information can increase public trust.

465

466

467

468

469

470


Early Use Cases

What are the earliest use-cases of gamification around civic engagement? One of

the early salient cases is the ‘Howard Dean for Iowa Game’, the first official

video game commissioned in the history of the U.S. presidential elections in

2003. Players in the game earned points for virtual sign-waving, door-to-door

canvassing, and pamphleteering. The engagement for this game led to 100,000

plays before the Iowa caucus and signaled a new form of political campaigning.

Another example occurred in 2004 when the Illinois House Republicans released

a game called Take Back Illinois designed to represent their political positions

on various policy issues (such as economic development, healthcare, and

education). The game was at the center of that year’s legislative electoral race.

The game attained a fair degree of popularity as it received traction from online

distribution channels and supported via local blogs. The game was praised for its

attempt to capture political communication rhetoric in a persuasive manner.

During the lead up to Barack Obama’s presidential inauguration in 2009, his

team asked American citizens to vote for whichever issue they cared about most

on a platform called Change.gov. The idea was to crowdsource the highest-

priority issues from American citizens.

Then, in 2016, Hillary Clinton’s presidential campaign team launched an app

designed to gamify the campaign process. The application, which was inspired by

the Facebook game, Farmville, offered virtual badges and real-life rewards for

activities such as sharing promotional videos through social media platforms.

These scenarios all have a precise scope: to engage potential voters. Albeit, none

of these three campaigns led to successful electoral outcomes for the three

candidates, they did herald an innovative approach to bolster citizen

engagement.

Certain experiments pertaining to gamification were seen more in a setting to

provoke discussions, as seen in citizen engagement processes with SAM from

New Zealand, where an AI chatbot simulated interaction between a virtual

politician and users on Facebook messenger. All of these early engagement

efforts sought to explore ways to reinvent the citizen interaction process through

gamification as it offered greater motivation towards participation and a

transparent mechanism to engage in governance processes.

The Landscape of Citizen Gamification

During the course of this research, 25 to 30 initiatives that attempted to gamify

civic engagement were mapped. These projects were geographically diverse,

471

472

473


spreading across Europe, North America, and Asia. Based on the mechanisms

involved, the projects could be divided into two broad categories:

1. Participatory decision-making: consultation/budgeting forums and

crowdsourced decision-making, and

2. Points-based system and community currencies.

Citizen engagement efforts employ several different “means” to achieve many

different “ends.” Depending on the context, citizens can play different roles

ranging from providing ideas and expertise (as with policy crowdsourcing

platforms) to being representatives of specific interests (as seen with

participatory budgeting and deliberative polling).

Participatory Decision-making: Consultation and budgeting forums

Graham Smith terms “democratic innovations” as the institutions “that have

been specifically designed to increase and deepen citizen participation in the

political decision-making process.” These innovations, as per Smith, are

consequential in that they represent a departure from the traditional institutional

architecture of advanced industrial nation-states. Citizen assemblies,

participatory budgeting forums, town halls, online citizen groups, and newer

legislative forms (such as liquid democracy) would be classifiable as democratic

innovations based on this taxonomy. In this regard, gamification within the

context of participatory consultation and budgeting forums has seen use-cases

that have boosted the participatory dimension of citizen engagement.

Ovar, a small town in Portugal, saw an impressive 25 percent of its residents turn

out to vote in its first participatory budgeting campaign. A seaside town of 55,398

people, Ovar is one of the oldest municipalities in the country. The city

implemented participatory budgeting as a means for the mayor, Salvador

Malheiro, to connect with the citizens and better engage with young people. The

program, which was allotted €100,000, used a gamification strategy with a

leader board that highlighted which proposals were receiving the most votes. It

also gave people both online and offline methods of voting, through either paper

ballots or a website form.

In 2015, Decide Madrid, a platform for public participation in decision-

making, was launched by the Madrid city council. Decide Madrid has four main

functions: proposals and votes for new local laws; debates; participatory

budgeting; and consultations. The platform allows any resident to propose a new

local law that other residents can vote on to show support. Proposals that gain

support from one percent of the census population are then put to a binding

public vote.

474

475

476


A variant similar to participatory budgeting, “CrowdLaw,” is a participatory

lawmaking process where legislative bodies can tap into new methods for

unlocking the intelligence and expertise of the citizenry beyond an electoral

process.

In Reykjavik, Iceland, a CrowdLaw web platform for “idea generation” and

“policy crowdsourcing” allows citizens to present and discuss ideas related to the

services and operations of the city of Reykjavik since 2010. The website has seen

a fairly positive response as it’s been used by 20 percent of Iceland’s population.

vTaiwan, an experimental e-consultation platform, was used to engage

200,000 people in crafting legislation on topics as varied as company

shareholder requirements, regulating ridesharing services like Uber, internet

alcohol sales, and online education. The online engagement process used a

combination of an online system called “pol.is” and Slido, a questionnaire

tool.

Points-based Systems and Community Currencies

There have been a few cities that have promoted the idea of a local civic currency

towards promoting social innovation and as a means to invest in projects at a

local level. Nu Spaarpas, for example, was a municipal experiment that was

launched in Rotterdam in the Netherlands around 2000 to create a loyalty

points-like system to incentivize sustainable and eco-friendly consumption

choices. Consumers were rewarded when they engaged in behaviors such as

buying green or recyclable products. These loyalty points could be redeemed for

gifts such as event tickets or public transportation passes.

Cities such as Gent (in Belgium), Cascais (in Portugal), and the example of

Tlalnepantla (in Mexico) have taken the lead in developing similar community

currency (digital or physical) driven initiatives that foster active citizenship or

sustainability-driven action.

Recently, a system of digital social credit has been offered by Andrew Yang,

the founder of Venture for America and U.S. 2020 Democratic presidential

candidate. In his view, Digital Social Credits can improve civic engagement,

volunteer rates, and social interactions across the community. Credits can be

gained by “participating in a town fair,” “tutoring a local student,” or

“volunteering at a local shelter.”

Points- or rating-based system can, however, present a set of technological,

psychological, and ethical challenges. Who decides what is a “good deed?” What

criteria is used for creating such systems? How should a city disseminate the idea

or allow for registering participants or recording data? How effective are such

477

478

479

480

481 482

483 484

485

486


incentives likely to be in cultivating positive habits and morals, and what can be

the societal side effects?

While these challenges are not examined in this paper, the feasibility and ethical

implications of scoring systems, especially in light of the bad reputation earned

with the adoption of China’s Social Credit System, become pertinent for further

research into the design of scoring systems. Algorithmic citizenship earned a bad

reputation following the adoption of China’s Social Credit System (SCS) in 2014.

The SCS creates a world in which one’s daily online activities are constantly

monitored and evaluated to create a Citizen Score, which is publicly ranked and

compared against the entire population. China’s SCS ranks citizens based on

criteria such as credit history, consumption behavior, social connections,

personal characteristics, and compliance with the government’s ideological

framework. The Citizen Score affects the eligibility of citizens for basic

services (mortgage, job, social benefits, etc.) and provides people with rewards

(e.g., one can rent a car without a deposit or have a faster check-in experience at

the airport) and punishments (e.g., restricted access to restaurants or removal of

the right to travel abroad). As China looks to make this project mandatory by

2020 and its intentions with regard to big data governance systems,

notwithstanding, the SCS can be conceived more like an ecosystem of initiatives

sharing a similar underlying logic than a fully integrated machine for social

control.

The distinction, however, is that unlike the pervasive algorithmic citizenship

profiles in China that are punitive in nature, the civic experiments outlined here

for cities across Europe and the Americas are largely voluntary and not developed

around sanctions or any form of activities that are classified as being negative.

Impact of Gamified Systems

Benefits

What do the gamified systems mean in terms of social benefit at a local level?

Gamified innovations provide novel solutions that simultaneously solve a social

need and augment capabilities and relationships and improve the use of assets

and resources. Social innovation models that are driven through citizen

engagement lead to a greater good for society and enhance social interaction and

engagement levels. It is evident that gamification can mobilize citizens

effectively to participate in public decision-making. Citizen participation needs

to be fun, easy and interactive. People are provided a voice and incentive towards

building an engaged society with a sense of fulfilling both their rights and

responsibilities towards more active civic engagement.

The efficacy of such platforms depend on a variety of factors, such as: (a)

voluntary participation that is sometimes incentivized, but not coerced; (b) trust

487

488

489


of the civil society placed in the state authorities to provide the motivation

accompanied by an underlying assumption of a republican, “active” citizen

rather than a “Marshallian” (passive) citizen; (c) ca requirement to perform

some sort of action, and not just be a passive recipient ; (d) digital literacy

combined with internet and smartphone proliferation within the ecosystem to

allow adequate diversity of participation.

In 2009, a study published by the MacArthur Foundation investigated the

correlation between video games and their capacity to stimulate civic and

political engagement. The report identified a direct correlation between the civic

potential of video games and further engagement in civic life, especially by

young citizens.

Participatory processes work best at a local level as party politics are less

dominant. Citizens also find it easier to spot problems, identify solutions and

evaluate legislation for issues that directly affect their daily lives.

With several initiatives, a tech interface is meant to be a layer supplementing an

offline discussion forum, as happened in Decide Madrid and vTaiwan, the use-

cases highlighted earlier.

Measuring Engagement Levels

While we have examined the broad strokes of the kinds of gamification that are

being driven in the civic engagement context, it is important to evaluate whether

these civic-driven initiatives encourage low-risk/low-cost engagement or

whether they can be a driver of social change (both online and offline).

In an effort to measure levels of engagement, the International Association of

Public Participation (IAP2) has developed a public participation spectrum to help

groups define the public’s role in any public participation process on an

increasing level of intensity ranging on a scale of: Inform, Consult, Involve,

Collaborate and Empower. These varying degrees of engagement on the

participation spectrum can be outlined as follows.

• Inform: To allow citizens with a balanced and objective understanding of

a problem alternatives and solutions.

• Consult: To obtain citizen feedback on a policy challenge or problem

facing citizens

• Involve: To have a direct engagement mechanism for citizen redressal on

their needs and concerns.

490

491

492

493


• Collaborate: To partner with the public on each aspect of the policy cycle

(from the development of alternatives to identifying the preferred

solution).

• Empower: To place decision making authority to the public.

Figure 1: Spectrum of Public Participation

(Source: Tim Bonnemann, City of Vancouver Mayor's Engaged City Task Force

Final Report on https://www.flickr.com/photos/planspark/12249559465 )

Taxonomy Of Gamified Civic Engagement Projects

Initiative/Platform(City/Country) Category Mechanics Depth of Participation

SpotHoles Campaign(Boston, USA)

Participatory(crowdsourced) decisionmaking

Hybrid realitygame app-based

Inform, Consult, Involve,Collaborate

City Points (Cascais,Portugal)

Points/rating based system App based Inform, Involve,Collaborate


https://www.flickr.com/photos/planspark/12249559465

Initiative/Platform(City/Country) Category Mechanics Depth of Participation

Change Tomorrow(Ovar, Portugal)

Participatory decisionmaking

Web based +Offline

Inform, Consult, Involve

Better Reykjavik(Reykjavik, Iceland)


Web based Inform, Consult, Involve,Collaborate, Empower

vTaiwan (Taipei,Taiwan)


Web-based +offline forums


Nu Spaarpas(Rotterdam,Netherlands)

Points/rating based system Card basedtechnology

Inform, Involve,Collaborate

Torekes (Gent,Belgium)

Points/rating based system Loyalty card basedInform, Involve,Collaborate

Decide Madrid(Madrid, Spain)




Citizenlab (Brussels,Belgium)


Web + app based Inform, Consult, Involve,Collaborate

Hull Coin (Hull,England)

Points/rating based system App based Inform, Involve,Collaborate

Echo Citoyen (Paris,France)




Next Election(Bangalore, India)


Web + app based Inform, Consult,Collaborate

Figure 2: Taxonomy of Gamified Civic Engagement Projects

It is important to note some commonalities among the 12 initiatives presented in

Figure 2. First, most of the experiments were created by non-profits or

administered through collaborations between startups and city councils. Second,

all the initiatives have a similar goal, which is to inform the public and obtain a

reasonable degree of participation. Further, over half of the initiatives have a

consultative dimension, (i.e. receiving feedback from the citizens on a civic


problem) thereby reflecting a fair degree of citizen engagement. Third, a majority

(over 70 percent) of the initiatives have used a blend of channels for engagement,

including either web/app-based platforms and offline elements. And lastly, all the

initiatives are based on positive acts and duties and do not carry any punitive

elements.

For a subsequent iteration of the synoptic table, a more detailed study of these

initiatives would need to be carried out in order to acquire a better measure of

how successful these platforms are. While this paper has not delved into these

finer details, any subsequent research in this area could look to incorporate the

following aspects:

• Creator of the initiatives

• Participation (voluntary/mandated) and opt-out scope

• Privacy and security features for the web/app based platforms

• Transparency in disclosures for activities or lists in the points or rating

based systems

• Feedback mechanisms for users or citizens

Challenges to Gamified Systems

Samuel Bowles in his book The Moral Economy argues that substituting moral

goodness with a reward and punishment system attacks the core of Rousseau’s

social contract. Intrinsic motivation, he believes, is a better motivation than

extrinsic rewards. Given that several of the game elements border on steering the

choice architecture towards a more rewards-centered arc, this is a trade-off that

can produce unintended consequences. For example, the ‘paradox of

disincentives’ may be viewed here as the outcome of an authoritarian exercise

of power from the moment in which citizens perceive that they lack the ultimate

control of their decisions.

Beth Noveck, of the Governance Lab at New York University, argues that civic

innovation in governments implies a conceptual shift in the exercise of public

power. The introduction of gamified governance implies a shift towards

upending the status quo towards reuniting citizenship with expertise. It

postulates a bottom-up approach to building public policies, and it necessitates

new mental models for conceiving the exercise of regulatory powers from public

institutions.

494

495

496


Design becomes a critical challenge, in terms of marshaling convincing evidence

for the adoption of new technologies or including the right motivational

incentives for a crowdsourced decision-making process. Also, the perils of

‘groupthink’ can produce cognitive biases, as studied by eminent behavioral

economist, Daniel Kahneman when each decision-maker in a group has too little

information to solve a given problem and instead observes others in the hope of

becoming wiser.

With the increased use of computer algorithms to monitor digital activity, any

form of scoring systems is bound to raise questions relating to one’s status,

identity, and rights. John Cheney-Lippold captured this phenomenon with the

term jus algoritmi, which describes a new form of citizenship produced by

online data collection and used by law enforcement agencies (the NSA’s PRISM

Surveillance Program of targeting “algorithmically foreigners,” or the U.S.

Homeland Security Department’s plan to collect data on immigrants based on

search results, social media handles, and mobile phone information ).

Algorithmic citizenship brings to the fore fundamental questions on the digital

sphere and public function of online activity.

Normative citizen scoring (e.g., general assessment of moral personality or

ethical integrity) in all aspects and on a large scale by public authorities

endangers individual freedom and autonomy, especially when used in violation

of fundamental rights, or “when used disproportionately and without a

delineated and communicated legitimate purpose”, as has been highlighted in

the European Commission’s High Level Expert Group on Artificial Intelligence

guidelines titled “Draft Ethics Guidelines for Trustworthy A.I.”

Scaling solutions is a critical component in the new practice of public problem

solving, as argued by Tara McGuinness, Former Director to the White House

Task Force on Community solutions and Anne-Marie Slaughter, CEO of New

America. Some of the startups echoed this sentiment as well in terms of

constraints. Navigating the right areas for creating new forms of civic

engagement is another important dimension that emerges as a key consideration

for some of these projects. The measurement of impact is not quite so

straightforward. Accounting for context when measuring impact is imperative,

and thereby a theory of change for mapping complex causality is needed. For

example, large scale participation if orchestrated by advocacy groups may not be

a reliable indicator of citizens’ informed value preferences. In this context,

political scientists Robert Dahl and John Dryzek moot the formation of small

groups of citizens that comprise the non-elite, typically recruited through

random sampling.

These challenges outline the fact that, while it is enticing for gamified

applications to offer low-cost and higher engagement forms, the design of such

systems are intricate in nature and require much deeper deliberation.

497

498

499

500

501

502

503

504


Civic Engagement in India: Potential for Gamification?

In India, the Ministry of Electronics and Information Technology (MeitY)

launched the National Portal of India (www.india.gov.in) in November 2005 as

well as the Open Government Data Platform (www.data.gov.in) in October

2012 for providing easier access to public information and data. In 2014, the

Digital India program laid the groundwork towards increasing the level of citizen

participation in the decision-making process through digital tools such as MyGov

and the eponymous Prime Minister’s mobile app, Narendra Modi. While these

platforms have exhibited some initial promise, the lack of an adequate vision

means that they no longer remained relevant and have been reduced to a

platform for input on various advertising or marketing campaigns instead of

substantive issue-driven citizen interactions.

As far as the civic engagement ecosystem in cities goes, there has typically been

sporadic levels of engagement. Traditionally, civic engagement has not been a

top priority. However, there is potential in its future application with citizens

increasingly using technology (especially mobile) with over 175 million

smartphone users expected to emerge in the next four years. Civil society

organizations such as the Janaagraha Centre for Citizenship and Democracy, and

the federal government’s efforts under the ‘Digital India program’ have led to

strengthening capacities towards digital literacy.

While gamification in this context is still at a pretty nascent stage, there are a few

applications that have been identified during this research.

ichangemycity is a locational online social networking platform launched in

2012 by Janaagraha Centre for Citizenship and Democracy for civic action. The

site uses the power of the internet to connect people who are in the same vicinity

and helps them discuss and act on civic issues. The platform largely uses a

complaint redressal system for citizens to raise concerns on potholes, unattended

garbage, water supply, and related civic issues. There is a system of “upvoting”

(where other users can vote for complaints to be prioritized) as part of the

interaction mechanism to ensure resolution of a complaint.

Next Election is envisaged as a virtual town hall that brings citizens,

politicians, and journalists together. It seeks to create a vertical accountability

framework among a diverse range of actors in order to bridge the gap between

elected representatives and constituents. It has microsites that comprise

sentiment analysis on issues such as sanitation and environment as well as

scorecard systems that allow individuals to rate elected representatives, building

a network of issue-based champions.

505

506

507


http://www.india.gov.in

http://www.data.gov.in

https://www.ichangemycity.com/

https://www.nextelection.com/home

Civis , started off as a web platform and sought to create meaningful

engagements with participatory consultation exercises around livability metrics

in Bangalore, Gurgaon, and Mumbai. Civis, thus operates more on the

participatory or crowdsourced decision-making spectrum. About 1,074 citizens

participated in a consultation on the city of Bangalore’s revised master plan.

Reap Benefit is an NGO based out of Bangalore that looks to empower civic

problem solving among youth through a mix of skill enhancement, local data,

and contextual solutions. The NGO wants to build a community of “solve ninjas”

around issues such as sanitation, education, and healthcare. The organization

does employ game elements in the form of badges for different skills: mobilize,

report, build, prototyping solutions, and campaigning.

Village Capital, a venture capital firm in collaboration with the Omidyar

Network, ran an accelerator program last year to support the growing ecosystem

of civic tech startups in India. Fourteen platforms that were developing ideas

about improving governance and augmenting citizen-facing interactions were

part of this program. According to Perry Nunes, a manager at Village Capital, a

large part of these initiatives were geared towards streamlining public service

delivery and helping local or municipal governments. Transparency and

governance and citizen participation were two of the broad themes for civic

innovation ideas.

The overarching state of play in India looks to be based around improvements in

backend governance delivery. There is a resource constraint present when it

comes to capacities for scaling civic engagement models. With this context,

gamification in India can leverage individual choices at a low cost as it aims to

produce a common good. Gamification also has more commonalities with

crowdsourcing vis-a-vis ‘nudges’ , which are aspects of a choice architecture

that alters people’s behavior in a predictable manner without forbidding any

options or significantly altering economic incentives. However, the introduction

of any sort of game mechanics must fit the right socio-economic context. At

present, the focal point for civic innovations is in Southern India (Bangalore in

particular). The design of these innovations is largely geared toward problem

identification or grievance redressal, but there is enough room for new forms to

emerge that focus on solution identification and crowdsourced policy-making.

The Way Forward: A Blueprint for Gamifying Citizenship

Digital technology is increasingly used to experiment with new forms of

encouraging active citizenship. The current spectrum extends from China’s

social credit system to ideas such as catalogs of good deeds to motivate active

citizenship. While China’s Social Credit System has been unequivocally

508

509

510

511


https://civis.vote/

https://reapbenefit.org/about/

condemned in the Western world, many of its scoring components are also

common for social networks outside China.

A scoring system, therefore, needs to have a more contextual and cognitive

design. For example, there are certain principles that could be considered while

building such systems. Based on the nascent scholarship and conversations with

some of the developers of these civic innovations, future scoring systems should

be:

• Voluntary. A voluntary system that provides equal forms of participation

in terms of allowing each registered resident to participate and the choice

to opt out of a system after signing up.

• Deliberative. The public can participate in something akin to the Catalog

of Good Deeds idea in Mexico.

• Flexible. Any list of deeds or activities needs to be subject to a review and

constant iteration.

• Transferable. Earned points can be transferred among citizens’ subject to

certain conditions.

• Secure. The technological infrastructure on which a system is built needs

to be safe and secure (in which data is encrypted).

• Positive Acts. The system can be built around rewards, however, a

decision to not participate should not impose any negative costs.

• Adaptive. It is interoperable and can be implemented either at a sub-

municipal level or supra-municipal level, such as a consortium of cities

(e.g. C40 Cities ) where an individual can claim benefits in one

participatory city based on good deeds in other participating cities.

• Activity-centric. It is action-based: no score will be given to individuals—

this is not a citizen rating method—but to “deeds.” It is imperative that

extrinsic rewards don’t become a substitute for intrinsic motivation. The

two would need to go hand in hand.

Gamification can mobilize citizens to effectively participate in public decision-

making. But note that gamification can also have detrimental effects if the design

is manipulative in terms of the choice architecture it presents or has the

unintended consequence of excluding participants in any way. In this regard, it

becomes imperative to ensure that any such context starts with the sense of

belonging to the local community and to amplify with a smart gamification

scheme.

512


https://www.c40.org/networks

The gamification of civic engagement syncs well with the ability to create new

spatial interactions around local issues (such as waste management, potholes,

etc.).

Any adaptation of the innovations discussed in this paper would need to fit into

the socio-political context of the region. Blended models or formal and

unconventional channels should operate together to engage citizens in policy-

making.

Conclusion

Gamifying citizen engagement is certainly not a panacea for all societal ills, and

it poses various challenges of its own—notably those linked to aspects of privacy,

design, and inclusion. But, in combination with other innovations and methods,

especially the interlinkages with behavioral economics and collective

intelligence, it does offer a potentially valuable and still somewhat under-

explored approach to governance in the 21st century. The motivation towards

greater participation and transparency across the public participation spectrum

ranges from informing to empowering the public.

While the verdict for attributing success to gamification in this space is still not

clear, the governance potential offered by gamification stems primarily from the

avenues it offers for greater motivation and participation, inclusion and,

consequently, transparency across the full policy life cycle—from agenda setting

to solution ideation, policy development, implementation, enforcement, and

review of effectiveness.

513


Key Differences Between the U.S. Social SecuritySystem and India’s Aadhaar System (Kaliya Young)

Kaliya Young also known as "Identity Woman" is the author of A Comprehensive

Guide to Self-Sovereign Identity and the Domains of Identity. She holds a Master

of Science in Identity Management and Security from the University of Texas at

Austin. She currently serves on the faculty of Merritt College in Oakland California.

Acknowledgments: The author would like to thank all the people she spoke with in

India about Aadhaar. This paper would not have been possible without the support of

New America and the guidance provided by Awista Ayub and Melissa Salyk-Virk. The

author would also like to thank the 2019 India-U.S. Fellows.

Introduction

As the world’s largest democracies, with 1.3 billion and 326 million people

respectively, India and the United States both need to support the abstract

representation of individuals and entities and support their transactions with

each other confidently in the digital world.

In a 2013 lecture, Nandan Nilekani, founding chairman of Unique Identification

Authority of India (UIDAI) stated, "the same thing happened in the 1930s in the

United States when Roosevelt passed the Social Security Act as part of the New

Deal.” Because the United States is often admired as a large functioning

democracy, the fact that it uses a national ID number means that there is an

assumption that the U.S. system must be a good model.

The United States began issuing Social Security numbers (SSN) to a small

segment of citizens in 1935. The system has evolved over the past 85 years and

now numbers are issued to children at birth. Today, Social Security numbers are

used by employers to verify employment eligibility and by the government to

track the collection of taxes, social benefit contributions by people, and to

support them receiving benefits. Most residents also have a state level driver’s

license or ID card that an SSN is required in the application process. This type of

ID has a photo biometric and is held by 87 percent of adults.

Over the past 10 years, India has rolled out an identity system based on the

collection of biometrics and simple demographic information from all of its

residents. The system is called Aadhaar, meaning foundation in Hindi. To date,

Aadhaar claims to have enrolled 1.3 billion residents.

Both Aadhaar numbers and SSN are unique numbers issued to residents by their

federal government. A card with the number on it is mailed to the resident. To

514

515

516


this extent, the numbers are comparable. There are differences in the registration

and enrollment processes, but this is not really where the major differences lie.

The important differences center on how numbers serve as part of an overall

identity system in both the public and private sector. This paper walks through

the specifics of these differences comparing the U.S. and Indian systems

throughout.

The first section provides context for each ID and considers the historical and

contemporary risks of identity systems.

The second section considers the role of the number itself, and, further, explains

how the creators of Aadhaar position the number within a sprawling system that

continues to add new features, particularly in contrast with the limited role of the

SSN within the U.S. context.

The third section looks at the very different legal and regulatory frameworks that

inform the operation of the agencies responsible for both Aadhaar and Social

Security, along with contrasts in the visibility of operations through the court

systems where challenges occur.

The fourth section outlines how the national-level UIDAI worked with state-level

governments and consultants in India to create vast databases of information

about residents at the local level. These state-level databases are called State

Resident Data Hubs. In the United States, there are no large scale databases of

this type. This section walks through the range of regulations that have been put

in place since the 1960s to guard against the creation of such databases in the

United States.

Finally, the paper concludes with a discussion in sections five and six about how

the use of the SSN has become limited to employee enrollment and financial

services in contrast to the ever-expanding use of Aadhaar in the private sector

and employment context.

Risks of Identity Technologies

Identity systems, one of the original public interest technologies, arose with

the creation of contemporary nation-states. The first identity documents were

simply receipts that proved that an individual had been surveyed in a census or

that they were registered by a local authority in return for a government service

in response to a live event (e.g., birth, marriage, and/or death). As a result, these

documents or statuses shaped a citizen’s perception of identity as a member of a

common public or state.

517

518

519


Identity technologies have tremendous power. They can enable the constructive

engagement of citizens with their government, but can be used by the state in

ways that cause great harm.

Democracies benefit from diverse input into the design of identity systems and a

broad consensus about their operation, transparency, and accountability to the

citizens whose information is managed by these systems.

Existing mental models of how identity and identification systems work are

based on government registries for births, deaths, and marriages where events

are recorded on paper in a ledger book and certificates issued. Identifier oriented

systems like the SSN originated at a time when paper-based punch cards were the

latest technology. There were limits to how far and wide a number could circulate

when paper technologies like punch cards, index cards, and the physical mail

system were the only means of circulation.

Even when identity technology is limited to paper, its abuse could lead to horrific

results. IBM’s punch card technology was instrumental in facilitating the Nazi

genocide of Jews in Europe via the census records in various countries. Several

Indian subjects interviewed for this research paper pointed out that there have

been a number of significant events of communal and caste violence in India:

• Keezhvenmani (Tamil Nadu, 1968)

• Gujarat (1969)

• Nellie (Assam, 1983)

• The Anti-Sikh Riots (1984)

• Hashimpura (Uttar Pradesh, 1987)

• Lakshmanpur Bathe (Bihar, 1997)

• Gujarat (2002)

• Khairlanji (Maharashtra, 2006)

Some of these incidents were facilitated by datasets from Voter IDs and Ration

Cards, and some had implicit state involvement. Beyond these large incidents

involving thousands of deaths at one time, there are also tens of thousands of

reports of more isolated incidents of violence every year against Dalits.

520

521

522

523

524

525

526

527

528

529

530


In the third millennium, computers became ubiquitous and we, i.e., society writ-

large, must consider how identification-based systems translate into a new digital

medium. There are new opportunities and risks created by the design and

implementation of identity technologies and the systems they are connected to.

Techno-Utopianism, the predominant stance of UIDAI, iSPRIT and India Stack

proponents, does not address some of the real security risks. In India, security

researchers and reporters who have brought to light the flaws, vulnerabilities,

and leaks of the Aadhaar number system have been prosecuted by the UIDAI as

criminals. This has led to groups of concerned critics collaborating and

publishing under pseudonyms to ensure the public knows about the issues and

vulnerabilities while limiting their own risk.

What is the Role of The Number

Both the U.S. Social Security Number and Aadhaar Number are core to how the

respective systems work but the way the number is seen and how the designers of

the programs orient around it is quite different.

In India, there has been a proliferation of digital services linked to and

surrounding the Aadhaar number. Some examples include:

• Aadhaar-enabled payment services for bank transfers using only the

Aadhaar number;

• Aadhaar payment bridge for government-to-citizen transfers;

• Offline authentication with QR code;

• Mobile Aadhaar application including lock and unlock service;

• Aadhaar authentication history logs;

• VirtualID creation;

• Mobile OTP for authentication;

• eKYC (electronic Know Your Customer);

• DigiLocker, a service for people to download all the documents they have

been issued by different government departments; and

• eSignatures and document signed locker.

531

532

533

534


However, security researchers I spoke with highlighted major flaws in the design

of many of these services. There has also been a stream of reporting about

specific security vulnerabilities that have been uncovered, like API’s to the core

demographic database that was reported to be completely open.

The creators of Aadhaar and the India Stack led by iSPIRT, a trade association

of software makers focused on the Indian market, see the Aadhaar number as the

center of a bottleneck in an ecosystem. The Aadhar system is built under the

assumption that national identity numbers are the equivalent of IP addresses in a

digital network. This assumption creates significant correlation risks and the

potential to amass vast datasets that can be used for commercial and government

surveillance.

In the United States, public concern about the possible use of the SSN for

government surveillance has limited the use of the number and led to regulations

about its use in both the public and private sector.

On the other hand, in the India stack model, not only does the Indian

government provide an identity card to citizens, acknowledging them and giving

them a “proof ” to share, but it also provides authentication services. Indians

can use their UID to log in to services and then either use a biometric or get a

one-time password (OTP) sent to their phone which they then enter to complete

remote authentication. This means that the UIDAI has a record of all of the

places where a person authenticates their identity, and this information is kept in

Aadhaar’s logs for six months.

It is very difficult to imagine a proposal by private sector companies or

government leaders in the United States that would require individuals to “log

535

536

537

538

539


in” with their SSN. U.S. government agencies, both as a matter of policy and

law, are reducing or ending their reliance on the SSN as the canonical identifier of

people. There is no way an SSN can be used for authentication against a factor of

authentication (password, OTP, biometric) held by the Social Security

Administration.

There is ongoing work in the United States to develop ways for individuals to

prove they are a particular person by leveraging government-issued identity

documents in digital form. An important feature of some of these systems is

that they do not rely on a connection to a central government database to prove

their veracity.

Legal and Regulatory Frameworks

UIDAI and its leadership have a culture of operating just beyond or just within a

legal and regulatory framework. Two books about the story of the creation of

Aadhaar have been written by journalists. Both document how the project did

not have a legal or regulatory basis for six years between 2009 and 2016 and

operated with a startup culture. They describe how the UIDAI leaders pushed to

build out Aadhaar despite this legal limbo.

When it was finally made legal with the Aadhaar Act of 2016, the UIDAI was also

left as its own regulator with enormous freedom to expand aspects of the system

and build new “features” without any need to consult the public. UIDAI did not

do privacy impact or security assessments that would bring transparency to how

the system would work or change in the future and what the implications would

be. In my interviews with UIDAI leaders, they described the next new features

that were going to be appearing within the India Stack framework while at the

same time saying that the UIDAI had no responsibility for how people were asked

for their identity information or how that information was used by those

requesting it.

Unlike UIDAI, when the U.S. government changes any technology at the core of

its operations, it moves with a deliberate and careful approach bound by the legal

and regulatory framework of the government, particularly when working with

the sensitive personal information of its residents. For decades, there have been

extensive on-the-record hearings by various legislative committees and

presidential commissions addressing government systems for registering citizens

and collecting and using data about them. Hearings of this type are, by default,

not public in the Indian parliamentary system.

Another contrast between the two systems is a key mechanism for public

accountability. Challenges to U.S. government procedures happen in the courts,

where proceedings produce court transcripts. The 38 days of hearings about

Aadhaar before the Indian Supreme Court produced no transcripts: the best we

540

541

542

543


have are some summaries and aggregations of live tweeting done by

observers in the courtroom.

In contrast to the U.S. Social Security Administration, the UIDAI is its own

regulator. This is in part because, in India, most legislation is written in a way that

delegates significant regulatory power to the government while the law

concentrates on legal and policy issues. In the case of the Aadhaar Act,

substantial regulatory power was given not to the government but to UIDAI itself,

meaning it is not actually accountable to any other organization. And the

UIDAI is exempted from Right to Information [RTI] requests and it sets the

grievance mechanisms for itself. The UIDAI is responsible for regulating the

ecosystem around it. Many have questioned the revolving door that is seemingly

connecting the UIDAI and private industry and question whether this limits the

ability of UIDAI to regulate its own ecosystem.

From Enrollment to Mass Databases

Governments register people into systems through enrollment. In the United

States, enrollment systems are run entirely by government officials who are

accountable to government agencies within which corruption is very rare. There

is coordination between the local county and state levels that have the authority

to register births and the federal Social Security Administration through a system

called enumeration at birth (EAB).

Enrolling people in more than one program or system at once is multi-context

enrollment. In the United States, legislation at the federal level, colloquially

known as the Motor Voter Act and officially as National Voter Registration Act

of 1993 mandates that states provide the opportunity for people who are signing

up or renewing a driver’s license to also have the opportunity to register to vote in

elections. Individuals getting a driver’s license must proactively choose to be

enrolled in this second and very different system. A special process pushes data

from the driver's license registration process over to the government agency that

manages the state-level voter list.

In India, multi-context enrollment takes place with state-level registrars. States

are incentivized to enroll their people because they get to collect more

information than the basic four fields (name, birthdate, gender, and address)

required by the UIDAI “Know Your Resident” rules. Different states have added

additional fields, such as marital status, house status , occupation, and VoterID

number. This data was intended to be reserved for the state and is known as

“Know Your Resident Plus” [KYR+] data.

Indian residents, when they go through the process of getting their Aadhaar

number for the first time, are enrolled in the UIDAI Central Identity Repository

and the State Resident Data Hub.

544 545

546

547

548

549

550

551

552

553


Figure 3: Flow of Data from Enrollment into the CIDR and SRDH by Anand

Venkatanarayanan https://medium.com/karana/the-360-degree-

database-17a0f91e6a33

UIDAI created the software and required that states use this software if they

wanted to get UID information and additional KYR information.

Several years into enrollment, problems surfaced. Some residents were bypassing

State enrollment agents by enrolling through banks and other registrars, and

states did not have access to that data. In response, the UIDAI made a deal with

states to share the UID and demographic data from residents of their states that

enrolled with other registrars.

It is claimed that this activity stopped with the passage of the Aadhaar Act in 2016

and that all the State Resident Data Hubs were destroyed. However, there is

evidence that these Hubs are still operating. Even if the data is no longer sent

directly from the UIDAI to SRDH, each of the states has agreements to access the

KYC API of the UIDAI CIDR, so when they interact with residents they can pull

the data from the UIDAI into their state-level databases (see Figure 5).

554

555

556

557

558


https://medium.com/@venkatanarayanan.anand

https://medium.com/@venkatanarayanan.anand

https://medium.com/karana/the-360-degree-database-17a0f91e6a33

https://medium.com/karana/the-360-degree-database-17a0f91e6a33

Figure 5: SRDH – State Adoption Strategy Document & State Resident Data Hub

(SRDH) Application Framework Adoption Guidelines by UIDAI

The State Resident Data Hubs use the UID as the anchor to integrate all data

from different state databases together. This happens in two ways. One is a

linking process where residents who are recipients of a particular subsidy,

benefit, or service go to the agency and assert their ID from a given system and

provide their Aadhaar number. They may be asked to authenticate via a thumb

print. This process is known as linking, or organic seeding.

Another process, known as inorganic seeding, combines data from SRDH and

UIDs together with existing databases from various subsidies, benefits, or

services. This process occurs without the awareness or consent of residents.

Authorities might check with residents/beneficiaries to see if they made the

correct link or to find beneficiaries who “did not match” any particular Aadhaar

number and ask them what their number was. This human resolution requires

more effort to complete.

The assumption is that only those with matching UID Aadhaar numbers are

“real” beneficiaries. Everyone else is a ghost or fake and can be eliminated.

Indian naming conventions are very fluid, and the same people use different

names in different contexts. This strategy to address who is on different social

services programs is causing disruption to clients who have their benefits cut off

because their legitimate claims are not recognized by the system.

The State Resident Data Hubs have applied a computer science data modeling

idea of “single source of truth” and sought to impose it on Indian society and

559

560

561

562

563


bureaucracy, deciding that whatever is recorded in the UIDAI database is the

single source of truth about an individual.

Rather than creating mass databases and integrating all data about citizens

across all contexts, the U.S. government is actively taking steps to stop or reduce

the use of the SSN, even in unlinked discrete databases. Currently, the use of

the number at the federal level is mandated for only a few agencies and services,

such as the Internal Revenue Service (tax authority), Social Security

Administration, passport applications, and for loans by any federal agency. Other

agencies that request the number must inform residents that sharing it is

voluntary, and they will not be denied services if they do not share the number.

This was not always the case. Beginning with an executive order by President

Eisenhower in 1953, there was a phase where using the SSN as a key to interact

with various services was encouraged and even mandated.

In 1961 the Internal Revenue Service required the use of SNNs when filing taxes.

Increased digitization of records in the 1960s drove the need for common

reference systems across government agencies and within the private sector, and

they chose the SSN as a way to do this.

In 1965, there was a proposal to create a National Data Center that would pool

statistical information held by the Census Bureau, the Internal Revenue Service,

the Bureau of Labor Statistics, the Social Security Administration, the Federal

Reserve Board as well as a dozen other federal agencies. The public reaction to

merging all of these bureaucratic records caught proponents off guard because

they thought that the composite data were necessary for a well-ordered society,

and the benefits were self-evident. But the reaction by the public was hostile

and sustained when the proposal was floated in 1967, and again in 1970 when it

was finally rejected. There was widespread press coverage that looked at the

implications for the present and future by creating such databases (see Figure 8).

564

565

566

567

568


Figure 8: (c) 1967 The Atlantic Media Co., as first published on the cover of The

Atlantic Magazine.

All rights reserved. Distributed by Tribune Content Agency, LLC

Today, India has the type of database the American public rejected in the 1960s

and 1970s. The process was started by the UIDAI and their approved consultants

(among them Accenture, Ernst and Young, KPMG, PwC, Wipro, and Deloitte)

with the software they developed and supported. This is particularly true in570


Andhra Pradesh and Telangana, which have recently become separate states.

They did intense surveys of their residents, linking all the data collected to a

citizen’s Aadhaar number. Andhra Pradesh used The People Hub (see Figure 9)

to combine 29 different department databases.

Figure 9: Screenshot of Andhra Pradesh online state survey http://

prajasadhikarasurvey.ap.gov.in/PSS2017/index.html [this link is not live]. It is

from this

How did the United States move from public outcry against a National Data

Center to developing actual laws and regulation that helped citizens accept the

same data being collected by discrete agencies to guard against information

sharing between agencies? While India adopted the use of Aadhaar across

several agencies to deliver services, the U.S. was slower to move in that direction

with the SSN, but did get there eventually.

In this time period the late 1960s and early 1970s there were multiple hearings,

task forces, and committees convened by various agencies of the federal

government and committees in United States Congress. These included The

Social Security Number Task Force in 1970. In 1973, the Secretary of Health

Education and Welfare Advisory Committee on Automated Personal Data

Systems issued a report entitled, “Records, Computers and the Rights of

Citizens.” The committee developed a code of fair information practices,

inspired by the code of fair labor practices.

Below is the Committee’s original formulation of the Code:

• Safeguards for personal privacy based on our concept of mutuality in

record keeping would require adherence by record-keeping organizations

to certain fundamental principles of fair information practice.

571

572

573

574


• There must be no personal data record-keeping systems whose very

existence is secret.

• There must be a way for an individual to find out what information about

him is in a record and how it is used.

• There must be a way for an individual to prevent information about him

obtained for one purpose from being used or made available for other

purposes without his consent.

• There must be a way for an individual to correct or amend a record of

identifiable information about himself.

• Any organization creating, maintaining, using, or disseminating records

of identifiable personal data must assure the reliability of the data for their

intended use and must take reasonable precautions to prevent misuse of

the data.

These were the starting points of what evolved to be the Fair Information

Practices and Principles, and later evolved into the Privacy Act of 1974, that

prohibits data sharing between government agencies. It states:

No governmental agency can "deny to any individual any right, benefit,

or privilege provided by law because of such individual's refusal to

disclose his social security account number" except refusal to disclose

after a request pursuant to requirements of federal statutes or pursuant

to pre-existing federal or state statutes or regulations through which a

system of records had already (before January 1, 1975) been set up. (5

U.S.C. § 552a) (note, Section 7 Disclosure of Social Security Number)

Over the next several years, the U.S. government began to move in a direction

that would result in expanded use of the SSN. In 1976, the Tax Reform Act

expanded the use of the SNN outside of Federal Agencies, by authorizing the

direct use of the SSN in state and local government programs. In 1977,

Personal Privacy in an Information Society by the Privacy Protection Study

Commission was delivered to President Carter. It covered the relationships

among government agencies across a broad range of services and had a special

chapter on the SSN. The Debt Collections Act of 1982 required that the SSN be

collected as part of the applications for all federal loans (student, agriculture,

small business—each administered by different departments) as a standard

practice.

575 576

577

578

579

580


It is important to keep in mind that mandating the use of the SSN for privacy

protection meant that each of these departments could not share data about

residents with each other without consent. Many government departments that

encompass workforces and programs like the military or Medicare (healthcare

for the elderly), that relied heavily on the SSN as “the identifier,”made significant

changes to their system and stopped using it altogether.

The Driver’s License Protection Act of 1994 places strict limits on who can access

the Department of Motor Vehicles’ data, and under what circumstances. The

e-Government Act of 2002 requires agencies that collect data about citizens to

complete a Privacy Impact Assessment (PIA) for electronic information systems

and to make the results public. The PIA must be conducted before developing or

procuring an ID system that will collect, maintain, or disseminate information in

an identifiable form or about members of the public. They must also conduct this

assessment when merging databases, or when business processes change

significantly by adding new uses or disclosures of information. Here is what the

PIAs must analyze and describe:

Conducting a PIA.

PIAs must analyze and describe:

1. what information is to be collected (e.g., nature and source);

2. why the information is being collected (e.g., to determine eligibility);

3. intended use of the information (e.g., to verify existing data);

4. with whom the information will be shared (e.g., another agency for a

specified programmatic purpose);

5. what opportunities individuals have to decline to provide information (i.e.,

where providing information is voluntary) or to consent to particular uses

of the information (other than required or authorized uses), and how

individuals can grant consent;

6. how the information will be secured (e.g., administrative and

technological controls7); and

7. whether a system of records is being created under the Privacy Act, 5

U.S.C. 552a.

581

582

583

584


Major information systems. PIAs conducted for these systems should reflect

more extensive analyses of:

1. the consequences of collection and flow of information;

2. the alternatives to collection and handling as designed; and

3. the appropriate measures to mitigate risks identified for each alternative.

Throughout the last two decades, there have been more reports by the federal

government about the SSN.

Today, in the United States the use of the SSN is strictly regulated and culturally

limited, while, in India, there is currently no privacy protection bill of any kind

that applies to the government or the private sector.

Commercial Sector Enrollment and Use

In the United States, several federal government statutes mandate the use of the

SSN for particular financial service transactions, such as opening a bank account,

cashing a check over $3,000 USD, being the beneficial owner of businesses, or

applying for a home loan. Because the SSN card is literally just a paper card with a

name and number on it, agencies also conduct Know Your Customer (KYC)

checks with identity documents that have photographs, such as driver’s licenses,

passports, military IDs, and permanent resident cards. Laws require the

collection of this type of data, but they also mandate the protection of this

information.

India, like the United States, has a KYC requirement driven by international

requirements mandated by the Financial Action Task Force (FATF) that put

these requirements in place after the September 11, 2001 terrorist attacks. The

original design of the UIDAI database would permit residents to do

authentication of their name and address. This process would start with a

resident sharing personal information with a bank. The bank would then send it

to the UIDAI which would send back an affirmative or negative answer to

whether it matched. While this design is commonly used to preserve individual

privacy, it also limits the amount of information that leaves the database.

Indian addresses are much more complex than U.S. addresses: each building has

a name or number, within a block, within a district, and then a city. In addition

to this complexity, India has 22 official languages. Its administration uses English,

which most residents do not read or speak. Language barriers make it difficult to

get an accurate answer from the UIDAI database. Lastly, regulated banks require

a copy of an identity document, and many people do not have an appropriate one.

585

586

587

588

589

590


In 2014, the UIDAI made a significant design change and created a process

known as eKYC, where banks and telecommunications companies could ask

people for their Aadhaar number on enrollment, do a biometric authentication

with a fingerprint on a device, and the UIDAI would send the business a digital

document with their name, birth date, Aadhaar number, and physical address.

They could then use this address to populate their database and keep the digital

copy on file.

In the United States, there are very few services offered by any government that

allows private companies to connect with a government database and extract

private citizen data. The Social Security Administration has set up a system

known as Consent Based SSN Verification (CBSV). Various private companies

have been granted a special license for $5,000 USD to connect to the

government agency to do this type of check (CBSV).

Businesses use one of these agencies to check against the database with the

consent of the person whose information is being checked. They share the name,

SSN, and date of birth. These are sent to the government, checked against the

SSN Master File, and a Yes/No indicator is sent back to the business.

Since it is uncommon in everyday life to have one’s SSN information checked by

businesses, banks doing large numbers of transactions with people require a

different license to participate in this system.

In contrast, in India residents are regularly asked to show their Aadhaar “card”

and this document is regularly photocopied. As a result of this process, a new

convention has arisen where individuals take a photocopy of their card and write

the purpose for which it was made across the image. This, users hope, is a way to

prevent the photo copy from being used by someone else to open an account or to

obtain a service in their name.

Employment Enrollment and Use

When people seek employment in the United States, they are required to share

their SSN with their employer. Employers are required by law to verify that the

people they are hiring have valid SSNs. The CBSV is used for employee SSN

verifications.

Individuals can also self-check via the e-Verify system set up by the Department

of Homeland Security on an online portal. Individuals can enter their SSN with

their current citizenship status and receive a report about their current eligibility

to work.

Employers can enroll to use the e-Verify system too. They log into the system

every time they want to check a potential employee’s status by using information

591

592

593


listed in the I-9 form (legal name, SSN, date of birth, and current citizenship

status). The employer will then receive a report about the applicant’s current

eligibility to work.

Employers who want to check if an SSN is valid for the purposes of tax

withholding can register with the Social Security Number Verification System

(SSNVS) to do so. Employers enter the names and SSN of employees that they

want to check. The system reports back if they match a person in the system.

Employers do this is to ensure that the taxes they are withholding from their

employees actually lines up with records at the Social Security Administration.

At the end of every quarter, employers send the government income taxes that

they withhold from their employees along with the name and SSN. The

government uses the SSN as an index to tax records and social benefit schemes

into which they pay social security and Medicare.

While these systems can potentially be used to extract information for other

purposes, this is explicitly prohibited.

In India, the Employees Provident Fund Organization requires Aadhaar (EPFO)

to open an account, and participation in PF is mandatory, so employees do not

have a choice as to whether or not they want to share their Aadhaar number with

their employer who will then pass it along to the EPFO.

In India, several employers, particularly the government, connect to the Aadhaar

Enabled Biometric Attendance System. This means that every day, when an

employee arrives to work, they are required to enter their Aadhaar number but it

is authenticated with a fingerprint. The biometric template is sent to the CIDR

and the authentication event is logged. This means the government not only has

a record of what an employee earned and tax deductions they submitted

quarterly, it also knows when the employee was at work in any given day.

Figure 11: Authentication Process of Matrix that Integrates with the AEBAS

server. https://www.matrixaccesscontrol.com/aadhaar-enabled-biometric-

attendance-solution.html.

594

595

596


Conclusion

The framing of how a national identity number can and must be used, along with

the regulation of its use, often determines how companies, other governments,

and citizens all use national identity numbers. It is vital that a global dialogue

continues about the specifics of how the identity systems work in the two largest

democracies.

While in India I learned there were a lot of assumptions made about how the U.S.

system works that are actually incorrect. I hope that this paper provides a starting

point to understand the key differences between the U.S. and Indian systems and

made clear to readers from both countries about how the systems work.

In the United States, there is significant regulation around the use of SSNs, and

extensive privacy protection rules about any personally identifiable information.

There is public dialogue, which has been ongoing since the creation of the

SSN, about how much information is appropriate for the U.S. government to have

on residents in order to provide them with services.

The Aadhar system is more exclusively digital because it was created in the last

10 years. There are no privacy or data protection laws in place in India. The

creators of the Aadhaar system chose to expand the features of the system

without public input and feedback, and because they are their own regulator.

In my research, I have not found any comprehensive government-led privacy

impact assessments or evaluations about the use of Aadhaar in any context.

Aadhaar proponents see it as having the potential to “solve” a vast range of

problems. Yet, there tends to be insufficient consideration of the ways in which

the proposed solutions that use Aadhaar might create risks for those individuals

and institutions it intends to serve

Identity systems are powerful tools that have the potential for good, but also for

great harm. Those highlighting legitimate concerns in democracies should not be

fearful that their criticism will be criminalized. Public engagement and robust

public dialogue about identity systems in all countries should continue and be

supported.

597


Notes

1 The Global Risks Report 2018 13th Edition,[Geneva: World Economic Forum,2018] http://www3.weforum.org/docs/WEF_GRR18_Report.pdf.

2 The United Nations World Water DevelopmentReport 2018: Nature-Based Solutions for Water,[Paris: WWAP (United Nations World WaterAssessment Programme) /UN-Water, 2018, UNESCO]http://www.unwater.org/publications/world-water-development-report-2018/.

3 Martina Flörke, Christof Schneider, and Robert I.McDonald, "Water competition between cities andagriculture driven by climate change and urbangrowth," Nature Sustainability 1, no. 1 (2018): 51.

4 Robert I. McDonald, Pamela Green, Deborah Balk,Balazs M. Fekete, Carmen Revenga, Megan Todd,and Mark Montgomery, "Urban growth, climatechange, and freshwater availability," Proceedings ofthe National Academy of Sciences 108, no. 15 (2011):6312-6317.

5 Peter H. Gleick, "Global freshwater resources:soft-path solutions for the 21st century," Science 302,no. 5650 (2003): 1524-1528.

6 Ibid.

7 Negative externalities are costs that impact aparty that does not have a role in its creation. Forinstance, vehicular pollution generated by a specificindividual affecting people nearby. Negativeexternalities cause market failures.

8 Collection action problem occurs when individualspursuing a common goal do not cooperate due tocompeting interests.

9 Free rider issues occur when individuals who donot pay for a good or service reap its benefit. Toomany free riders results in over-exploitation or under-production of the good or service.

10 Richard E. Howitt, Richard E. and KristianaHansen, "The Evolving Western Water Markets," Choices 20, no. 316-2016-6565 (2005): 59.

11 Guy Le MoigneShawki Barghouti, Gershon Feder,Lisa Garbus, and Mei Xie, "Country experiences withwater resources management," World Bank TechnicalPaper 175 (1992).

12 Ereney Hadjigeorgalis, "A Place for WaterMarkets: Performance and Challenges," Review ofAgricultural Economics 31, no. 1 (2009): 50-67.

13 George A. Akerlof, "The Market for ‘Lemons:’Quality Uncertainty and the Market Mechanism," Uncertainty in Economics (Academic Press, 1978):235-251.

14 C. Wilson, Adverse Selection, In: PalgraveMacmillan (eds) [London: The New PalgraveDictionary of Economics, Palgrave Macmillan, 2008]

15 Y. Kotowitz, Moral Hazard, In: PalgraveMacmillan (eds) [London: The New PalgraveDictionary of Economics. Palgrave Macmillan, 2008]

16 J.O. Ledyard, Market Failure, In: PalgraveMacmillan (eds)[London: The New PalgraveDictionary of Economics. Palgrave Macmillan, 2008]

17 David S. Brookshire, Bonnie Colby, Mary Ewers,and Philip T. Ganderton, "Market Prices for Water inthe Semiarid West of the United States," WaterResources Research 40, no. 9 (2004).

18 John Freebairn and John Quiggin, "Water rightsfor variable supplies," Australian Journal ofAgricultural and Resource Economics 50, no. 3(2006): 295-312.

19 A. Dinar, M. Rosegrant, R. Meinzen-Dick, "Waterallocation mechanisms: Principles and examples,"The World Bank Policy Research Working Paper 1779(June 1997).


20 Jill E. Hobbs, "Information asymmetry and therole of traceability systems," Agribusiness: AnInternational Journal 20, no. 4 (2004): 397-415.

21 Max H. Bazerman and James J. Gillespie, "Bettingon the future: The virtues of contingent contracts," Harvard Business Review 77 (1999): 155-162.

22 Stefaan G. Verhulst, "Information Asymmetries,Blockchain Technologies, and Social Change," Medium, July 24, 2018, https://medium.com/@sverhulst/information-asymmetries-blockchain-technologies-and-social-change-148459b5ab1a.

23 Sloane Brakeville, and Bhargav Perepa,"Blockchain Basics: Introduction to DistributedLedgers," IBM Developer, March 18, 2018, accessedApril 14, 2019, https://developer.ibm.com/tutorials/cl-blockchain-basics-intro-bluemix-trs/.

24 Nigel Gopie, "What Are Smart Contracts onBlockchain?" Blockchain Pulse: IBM Blockchain Blog,July 02, 2018, https://www.ibm.com/blogs/blockchain/2018/07/what-are-smart-contracts-on-blockchain/.

25 "Civic Use Cases," Helping Governments to BeMore Accessible, Efficient and Effective. https://www.civicledger.com/?page_id=95.

26 "Civic Ledger Pty Ltd.," Australian WaterPartnership. https://waterpartnership.org.au/partners/civic-ledger-pty-ltd/.

27 "OECD Blockchain Policy Forum – DistributedLedgers: Opportunities and Challenges," Releasingthe Floodgates: Blockchain for Water Management,Sept. 2018.

28 "Water Markets and Trade," AustralianGovernment - Murray-Darling Basin Authority, Sept.29, 2015. https://www.mdba.gov.au/managing-water/water-markets-and-trade.

29 "About Water Ledger," How Water LedgerWorks, https://waterledger.com/about-us.

30 "OECD Blockchain Policy Forum – DistributedLedgers: Opportunities and Challenges," Releasingthe Floodgates: Blockchain for Water Management,Sept. 2018.

31 "About Water Ledger," How Water Ledger Works,https://waterledger.com/about-us.

32 Ibid.

33 "OECD Blockchain Policy Forum – DistributedLedgers: Opportunities and Challenges," Releasingthe Floodgates: Blockchain for Water Management.September 2018.

34 Ibid.

35 The term “smart” in this context indicates the useof internet of things, big data, predictive analyticsintegrated over blockchain network as underlyingtechnologies to facilitate the operations of a watermarket.

36 Jayachandran Praveen, “The Difference betweenPublic and Private Blockchain," Blockchain Pulse: IBMBlockchain Blog, Aug. 06, 2018, https://www.ibm.com/blogs/blockchain/2017/05/the-difference-between-public-and-private-blockchain/.

37 J.R. DeShazo, Gregory Pierce, and HenryMcCann, “Los Angeles County Community WaterSystems Atlas and Policy Guide: SupplyVulnerabilities, At-Risk Populations, ConservationOpportunities, Pricing Policies, and CustomerAssistance Programs,” UCLA: Luskin Center forInnovation, (2015), https://innovation.luskin.ucla.edu/wp-content/uploads/2019/03/LA_County_Community_Water_Systems.pdf; U.S.Census Bureau Quick Facts: Los Angeles County,California," Census Bureau Quick Facts, July 1, 2017,https://www.census.gov/quickfacts/losangelescountycalifornia.

38 S. Pincetl et al., “Water Management in LosAngeles County: a Research Report,” Los Angeles:UCLA, Institute of Environment and Sustainability,


2015, https://www.ioes.ucla.edu/wp-content/uploads/UCLA-CCSC_LAWater_-Haynes1.pdf

39 Ibid.

40 Ibid.

41 J.R. DeShazo and Gregory Pierce, "Quantifyingthe Benefits and Designing Governance Structuresfor a Water Market in Los Angeles County," [LosAngeles: UCLA, Luskin Center for Innovation, Oct.2016] https://innovation.luskin.ucla.edu/wp-content/uploads/2019/03/Quantifying_the_Benefits_and_Designing_Governance_Structures_for_a_Water_Market_in_LA.pdf

42 Bengaluru Water Board, “Blueprint for Future,”https://www.bwssb.gov.in/images/upload/pdfs/vision_document_2050.pdf.

43 Bangalore Water Supply and Sewerage Board,"About BWSSB," Bangalore Water Supply andSewerage Board. https://www.bwssb.gov.in/com_content?page=3&info_for=4.

44 Bengaluru Water Board, “Blueprint for Future,"https://www.bwssb.gov.in/images/upload/pdfs/vision_document_2050.pdf.

45 Malini Ranganathan, "'Mafias' in the waterscape:Urban informality and everyday public authority inBangalore," Water Alternatives 7, no. 1 (2014).

46 George A. Akerlof, "The Market for ‘Lemons:’Quality Uncertainty and the Market Mechanism," Uncertainty in Economics (Academic Press, 1978):235-251.

47 Bart Elias, Unmanned Aircraft Operations inDomestic Airspace: U.S. Policy Perspectives and theRegulatory Landscape (Washington, D.C.:Congressional Research Service, 2016), https://digital.library.unt.edu/ark:/67531/metadc824644/m2/1/high_res_d/R44352_2016Jan27.pdf.

48 Tom Hancock and Wang Xueqiao, “China’s DJItargets agriculture as consumer drone sales slow,” Financial Times, March 25, 2019, https://www.ft.com/content/afa5e042-4c50-11e9-bbc9-6917dce3dc62.

49 Richard Levick, “Drone Industry Just BeginningTo Take Off,” Forbes, May 15, 2018, https://www.forbes.com/sites/richardlevick/2018/05/15/drone-industry-just-beginning-to-take-off/#71c6b76672bc.

50 Ujjwal Bakshi and Manash Neog, “Much to DroneAbout,” Economic Times, April 4, 2019, https://economictimes.indiatimes.com/news/defence/opinion-much-to-drone-about/articleshow/68724827.cms.

51 Therese Jones, International Commercial DroneRegulation and Drone Delivery Services (SantaMonica: RAND Corporation, 2017), https://www.rand.org/pubs/research_reports/RR1718z3.html.

52 Ananth Padmanabhan, Civilian Drones andIndia’s Regulatory Response (New Delhi: CarnegieIndia, 2017), https://carnegieindia.org/2017/03/10/civilian-drones-and-india-s-regulatory-response-pub-68218.

53 Somya Lohia, “Drone Regulations 1.0 Can FetchIndia Major Slice of $100 Billion Industry,” MoneyControl, January 9, 2019, https://www.moneycontrol.com/news/india/drone-regulations-1-0-can-fetch-india-major-slice-of-100-billion-industry-3358411.html.

54 Civil Aviation Requirements Series X Part I Issue I:Requirements for Operation of Civil Remotely PilotedAircraft System (RPAS), F. No. 05-13/2014-AED Vol. IV(New Delhi: Directorate General of Civil Aviation,2018), http://dgca.nic.in/cars/d3x-x1.pdf.

55 Ibid., Reg. 14.2.

56 Ibid., Reg. 12.14 & 12.2.


57 Ibid., Reg. 11.2 & 17.1.

58 Ibid, Reg. 12.21.

59 DGCA RPAS Guidance Manual (New Delhi:Directorate General of Civil Aviation, 2018), http://dgca.nic.in/rpas/DGCA%20RPAS%20Guidance%20Manual.pdf.

60 Procedures for Operation of Civil RemotelyPiloted Aircraft Systems (RPAS) in Indian Airspace,AIP Supplement 164/2018 AAI/ATM/AIS/09-09/2018(NewDelhi: Airports Authority of India, 2018), https://aim-india.aai.aero/sites/default/files/aip_supplements/AIPS_2018_164.pdf.

61 Tender Document: Development, Hosting andMaintenance of Digital Sky Platform for Ministry ofCivil Aviation IT-11042/1/2018-DIRECTORATE OF IT(New Delhi: Airports Authority of India, 2018),https://www.aai.aero/system/files_force/tender/Tender_DigiSky.pdf?download=1.

62 DGCA RPAS Guidance Manual (New Delhi:Directorate General of Civil Aviation, 2018), http://dgca.nic.in/rpas/DGCA%20RPAS%20Guidance%20Manual.pdf.

63 Ibid.

64 Ibid.

65 Drone Ecosystem Policy Roadmap (New Delhi:Ministry of Civil Aviation, 2019), https://www.globalaviationsummit.in/documents/DRONE-ECOSYSTEM-POLICY-ROADMAP.pdf.

66 Ibid, 7.

67 Ibid, 14.

68 The Personal Data Protection Bill, 2018 (NewDelhi: Ministry of Electronics and InformationTechnology, 2018), https://meity.gov.in/writereaddata/files/Personal_Data_Protection_Bill%2C2018_0.pdf.

69 White Paper of the Committee of Experts on aData Protection Framework for India (New Delhi:Ministry of Electronics and Information Technology,2017), https://meity.gov.in/writereaddata/files/white_paper_on_data_protection_in_india_18122017_final_v2.1.pdf

70 Petition to the Federal Aviation Administration:Drones and Privacy (Washington, D.C.: ElectronicPrivacy Information Center, 2012), https://epic.org/privacy/drones/FAA-553e-Petition-v-1.1.pdf.

71 Margot Kaminski, “Drone Federalism: CivilianDrones and the Things They Carry,” California LawReview 4 (2013): 57–74.

72 Notice of Proposed Rulemaking: Operation ofSmall Unmanned Aircraft Systems Over People FAA–2018–1087 (Washington, D.C.: Federal AviationAdministration, 2019), https://www.govinfo.gov/content/pkg/FR-2019-02-13/pdf/2019-00732.pdf.

73 Ananth Padmanabhan, Civilian Drones and India’sRegulatory Response (New Delhi: Carnegie India,2017), https://carnegieindia.org/2017/03/10/civilian-drones-and-india-s-regulatory-response-pub-68218.

74 Arthur Holland Michel, Drones at Home: Localand State Drone Laws (New York: Center for theStudy of the Drone, Bard College, 2017), https://dronecenter.bard.edu/files/2017/03/CSD-Local-and-State-Drone-Laws-1.pdf.

75 Amanda Essex, Taking Off: State UnmannedAircraft Systems Policies (Denver, CO: NationalConference of State Legislatures, 2016), http://www.ncsl.org/Portals/1/Documents/transportation/TAKING_OFF-STATE_%20UNMANNED_%20AIRCRAFT_SYSTEMS_%20POLICIES_%20%28004%29.pdf.

76 An Act Relating To Unmanned Aircraft Systems –Establishing Statewide Standards, Protecting Privacy,And Ensuring Public Safety (Virginia: AmericanLegislative Exchange Council, 2017), https://www.alec.org/model-policy/an-act-relating-to-


unmanned-aircraft-systems-establishing-statewide-standards-protecting-privacy-and-ensuring-public-safety/.

77 Gautam Bhatia, “State Surveillance and the Rightto Privacy in India: A Constitutional Biography,” National Law School of India Review 26 (2014): 127–158.

78 (2019) 1 SCC 1.

79 Ibid, 359.

80 (2015) 5 SCC 1.

81 Ibid, 167.

82 Colin Snow, “Drones Pose a Unique Big DataChallenge For Business Users,” Forbes, February 6,2019 https://www.forbes.com/sites/colinsnow/2019/02/06/what-every-cio-needs-to-know-about-commercial-drone-data/#5d7fb90389ba ; MichelleChan, “What Businesses Need to Know About DroneData,” Techwire Asia, February 13, 2019, https://techwireasia.com/2019/02/what-businesses-need-to-know-about-drone-data/

83 Information Technology (Reasonable SecurityPractices and Procedures and Sensitive Personal Dataor Information) Rules ((New Delhi: Ministry ofElectronics and Information Technology, 2011),https://meity.gov.in/writereaddata/files/GSR313E_10511%281%29_0.pdf ; Ibid. ; Rachel Finnand Anna Donovan, “Big Data, Drone Data: Privacyand Ethical Impacts of the Intersection Between BigData and Civil Drone Deployments,” in The Future ofDrone Use: Opportunities and Threats from Ethicaland Legal Perspectives, ed. Bart Custers (The Hague:TMC Asser Press, 2016), 47-67.

84 As Solove remarks about the “Information Age:”“The data gathered about people is significantlymore extensive, the process of combining it is mucheasier, and the computer technologies to analyze itare more sophisticated and powerful.” See DanielSolove, “A Taxonomy of Privacy,” University of

Pennsylvania Law Review 154 (2006): 477, 506 ; Ibid.,507–08.

85 Jordi Soria-Comas and Josep Domingo-Ferrer,“Big Data Privacy: Challenges to Privacy Principlesand Models.” Data Science and Engineering 1 (2016):21, 22. ; Justice KS Puttaswamy v. Union of India,(2017) 10 SCC 1.

86 Guide to Basic Data Anonymisation Techniques(Singapore: Personal Data Protection Commission ofSingapore, 2018), www.pdpc.gov.sg/-/media/Files/PDPC/PDF-Files/Other-Guides/Guide-to-Anonymisation_v1-(250118).pdf.

87 For a particularly stark situation, where the de-identification was considered near foolproof and yetre-identified, see Jean Louis Raisaro et al.,“Addressing Beacon Re-Identification Attacks:Quantification and Mitigation of Privacy Risks,” Journal of the American Medical Informatics Association 24(2017): 799, 800.

88 Solon Barocas and Helen Nissenbaum, “BigData’s End Run around Anonymity and Consent,” in Privacy, Big Data, and the Public Good, eds. Julia Laneet al. (New York, NY: Cambridge University Press,2014), 44–45.

89 Ira S Rubinstein, “Big Data: The End of Privacy ora New Beginning,” International Data Privacy Law 3(2013): 74, 77–78; Davide Castelvecchi, “Can WeOpen the Black Box of AI?” Nature 538, no. 7623(2016): 20.

90 Mireille Hildebrandt, “Defining Profiling: A NewType of Knowledge?” in Profiling the EuropeanCitizen: Cross-Disciplinary Perspectives, eds. MireilleHildebrandt and Serge Gutwirth (eBook: Springer,2008), 17, 20.

91 Nathaniel A Raymond, “Beyond ‘Do No Harm’ andIndividual Consent: Reckoning with the EmergingEthical Challenges of Civil Society’s Use of Data,” in Group Privacy: New Challenges of Data Technologies,


https://meity.gov.in/writereaddata/files/GSR313E_10511%281%29_0.pdf



eds. Linnet Taylor, Luciano Floridi and Bart van derSloot (eBook: Springer, 2017): 67, 75.

92 A Free and Fair Digital Economy: ProtectingPrivacy, Empowering Indians (New Delhi: Ministry ofElectronics and Information Technology, 2018),https://meity.gov.in/writereaddata/files/Data_Protection_Committee_Report.pdf.

93 Ibid, 45–46.

94 Ananth Padmanabhan and Anirudh Rastogi, “BigData,” in Regulation in India: Design, Capacity,Performance, eds. Devesh Kapur and Madhav Khosla(London: Hart Publishing, 2019): 251, 262.

95 Aleecia M. McDonald and Lorrie Faith Cranor,“The Cost of Reading Privacy Policies,” I/S Journal ofLaw and Policy, 4 (2008): 543, 565.

96 Arthur Allen Leff, “Contract as Thing,” AmericanUniversity Law Review 19 (1970): 131.

97 Nikhil Narendran, “Policy Framework forProtection of Big Data in State Possession,” in Blockchain for Property: A Roll Out Road Map for India, eds.Baladevan Rangaraju and Vishnu Chandra (NewDelhi: India Institute, 2017): 34, 40.

98 Rahul Matthan, Privacy 3.0: Unlocking Our Data-Driven Future (Noida: Harper Collins, 2018): 167–171.

99 Carmine Cifaldi, “Unmanned Aircraft SystemPrivacy and Data Protection,” in Handbook ofUnmanned Aerial Vehicles, eds. K.P. Valavanis andG.J. Vachtsevanos (eBook: Springer, 2018): 1–19.

100 Voluntary Best Practices for UAS Privacy,Transparency, and Accountability (Washington, D.C.:National Telecommunications and InformationAdministration, 2016), https://www.ntia.doc.gov/files/ntia/publications/uas_privacy_best_practices_6-21-16.pdf.

101 Clark D. Cunningham, “Apple and the AmericanRevolution: Remembering Why We Have the fourth

Amendment”, The Yale Law Journal, volume 126,https://www.yalelawjournal.org/forum/apple-and-the-american-revolution-remembering-why-we-have-the-fourth-amendment-1

102 “ Breaking Down Apple’s iPhone Fight With theU.S. Government”, The New York Times, March 21,2016, https://www.nytimes.com/interactive/2016/03/03/technology/apple-iphone-fbi-fight-explained.html?module=inline

103 Nick Statt, “Apple’s iCloud partner in China willstore user data on servers of state-run telecom”, TheVerge, July 18, 2018, https://www.theverge.com/2018/7/18/17587304/apple-icloud-china-user-data-state-run-telecom-privacy-security

104 “Chen Guangcheng, Apple Can’t Resist Playingby China’s Rules”, The New York Times, January 23,2018, https://www.nytimes.com/2018/01/23/opinion/apple-china-data.html

105 Alan Z. Rozenshtein, “SurveillanceIntermediaries”, Stanford Law Review, volume 70,January 2018, https://review.law.stanford.edu/wp-content/uploads/sites/3/2018/01/70-Stan.-L.-Rev.-99.pdf

106 Ibid., “Digital Switzerlands”, University ofPennsylvania Law Review, Volume 164 (forthcoming),Developments in the Law — More Data, MoreProblems, Harvard Law Review, volume 131 no.6 :1715-1722, https://harvardlawreview.org/2018/04/cooperation-or-resistance-the-role-of-tech-companies-in-government-surveillance/

107 “Top 20 Countries with the Highest Number OfInternet Users”, https://www.internetworldstats.com/top20.htm

108 Bedavyasa Mohanty and Madhulika Srikumar,“Hitting Refresh: Making India-US Data SharingWork,” ORF Special Report 37, https://www.orfonline.org/research/hitting-refresh-india-us-data-sharing-mlat/


109 Ibid.

110 See Bedavyasa Mohanty and MadhulikaSrikumar, “Hitting Refresh: Making India-US DataSharing Work,” ORF Special Report 37, https://www.orfonline.org/research/hitting-refresh-india-us-data-sharing-mlat/

111 Krishna Pokharel and Rajesh Roy, “India SaysRumors About Child Snatching on WhatsApp Led toMob Killings”, The Wall Street Journal, July 5, 2018,https://www.wsj.com/articles/india-admonishes-whatsapp-after-deaths-1530730096

112 . Section 91, Code of Criminal Procedure, 1973


114 Id.

115 “Cross-Border Law Enforcement Demands:Analysis of the U.S. Department of Justice’sProposed Bill”, Center for Democracy andTechnology, August 17, 2016, https://cdt.org/files/2016/08/DOJ-Cross-Border-Bill-Insight-FINAL2.pdf

116 Bedavyasa Mohanty and Madhulika Srikumar,“Data localization is no solution,” The Hindu, August3, 2018, https://www.thehindu.com/opinion/op-ed/data-localisation-is-not-enough/article24584698.ece

117 This, however, requires an executive agreementbetween the United States and the foreign countrycertifying that the state will rely on robust privacyprotections, and respect for due process and the ruleof law when making requests to companies directly.Such a framework over time, will not only need to betransparent and hold both companies and LEAsaccountable but also be scalable to respond to theincreasing volume and complexity of requests.Specifically, due process safeguards on usernotification, redressal etc. will need to be

incorporated. The U.S. Department of Justicerecently issued clarifications on how the CLOUD Actwill be operationalized available at https://www.justice.gov/opa/press-release/file/1153446/download?utm_medium=email&utm_a=govdelivery

118 For more on the privacy protecting requirementsunder CLOUD Act, both at an institutional level andfor individual requests, see Madhulika Srikumar,Debrae Kennedy-mayo, Peter Swire and SreenidhiSrinivasan, “India-US Data Sharing For LawEnforcement : Blueprint For Reforms,” ObserverResearch Foundation, January, 2019, https://www.orfonline.org/wp-content/uploads/2019/01/MLAT-Book-_v8_web-1.pdf

119 Reserve Bank of India Notifications, “Storage ofPayment Systems Data”, Apr. 6, 2018

120 Sections 40 and 41, The Personal DataProtection Bill, 2018

121 Ibid.

122 Committee of Experts under the Chairmanshipof Justice B.N. Srikrishna, “A Free and Fair DigitalEconomy Protecting Privacy, Empowering Indians”,27 July 2018

123 Ministry of Electronics and InformationTechnology, “The Information Technology[Intermediaries Guidelines (Amendment) Rules]2018,” https://meity.gov.in/writereaddata/files/Draft_Intermediary_Amendment_24122018.pdf

124 Pranesh Prakash,“Why Data Localisation MightLead To Unchecked Surveillance,” Centre for Internetand Society, October 15, 2018, https://cis-india.org/internet-governance/blog/bloomberg-quint-pranesh-prakash-october-15-2018-why-data-localisation-might-lead-to-unchecked-surveillance ; “US criticisesIndia's data localisation norms, draft e-commercepolicy,” The Economic Times, April 9, 2019, https://economictimes.indiatimes.com/news/economy/foreign-trade/us-criticises-indias-data-localisation-


norms-draft-e-commerce-policy/articleshow/68794927.cms?from=mdr

125 Rishab Bailey and Smriti Parsheera ,“Datalocalisation in India: Questioning the means andends,” NIPFP Working Paper Series, no.242, https://www.nipfp.org.in/media/medialibrary/2018/10/WP_2018_242.pdf

126 Josh Constine,” Zuckerberg warns ofauthoritarian data localization trend,” Techcrunch,https://techcrunch.com/2019/04/26/facebook-data-localization/


128 Reserve Bank of India Notifications, “Storage ofPayment Systems Data”, Apr. 6, 2018

129 “RBI data localisation: 80 percent players,including WhatsApp, comply with norms”, BusinessStandard, https://www.business-standard.com/article/technology/rbi-data-localization -80-players-including-whatsapp-comply-with-norms-118101500907_1.html

130 “Facebook takes a tough stand on data storageamidst India’s localisation push”, The EconomicTimes, https://cfo.economictimes.indiatimes.com/news/facebook-takes-a-tough-stand-on-data-storage-amidst-india-s-localisation-push/68328647

131 WhatsApp is working to comply with ReserveBank of India (RBI) regulations on the local storage ofpayment-related data, the Economic Times reported.“Only some engineering work is left,” an anonymoussenior Facebook executive told ET. https://www.medianama.com/2019/04/223-whatsapp-plans-to-comply-with-rbis-data-localization -mandate-report-why-is-it-needed/

132 “India Pushes Back Against Tech ‘Colonization’by Internet Giants”,The New York Times, https://www.nytimes.com/2018/08/31/technology/india-technology-american-giants.html

133 Komal Gupta, “Google Agrees to Comply withRBI’s Data Localisation Norms,” Livemint , September10, 2018, https://www.livemint.com/Companies/xEAFZGZ9kOaMz6R4HIgwXK/Google-ready-to-comply-with-RBI-norms-for-payment-services.htmlSurabhi Aggarwal, “Industry bodieswrite to IT minister Ravi Shankar Prasad against databill,” Economic Times, October 4, 2018, //economictimes.indiatimes.com/articleshow/66062141.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst

134 See U.S. India Strategic Partnership Forum(USISPF) submission to MeitY available at https://www.medianama.com/wp-content/uploads/USISPF-Submission-India-Draft-Data-Protection-Bill-Privacy-2018.pdf

135 Aditya Kalra, “U.S. senators urge India to softendata localisation stance,” Reuters, October 13, 2018,https://uk.reuters.com/article/uk-india-data-localisation-exclusive/exclusive-u-s-senators-urge-india-to-soften-data-localisation-stance-idUKKCN1MN0CY

136 Ashish Shukla, “RBI refuses to extend deadlinefor data localisation,” IBTimes, October 14, 2018,https://www.ibtimes.co.in/rbi-refuses-extend-deadline-data-localisation-783058

137 Bhavin Patel and Hemant Krishna, “DataLocalisation: Here’s why the RBI isn’t listening to the‘Mirroring’ argument,” CNBC TV18, October 15, 2018,https://www.cnbctv18.com/technology/data-localisation-heres-why-the-rbi-isnt-listening-to-the-mirroring-argument-1097451.htm

138 Rishab Bailey and Smriti Parsheera ,”Datalocalisation in India: Questioning the means andends,”The Leap Blog, February 22, 2019, https://


https://www.google.com/url?q=https://www.livemint.com/Companies/xEAFZGZ9kOaMz6R4HIgwXK/Google-ready-to-comply-with-RBI-norms-for-payment-services.html&sa=D&ust=1564428895466000&usg=AFQjCNFyK-3G4Vg6LwzDlItWw62PkhhmQw




blog.theleapjournal.org/2019/02/data-localisation-in-india-questioning.html

139 Amazon not mirroring it abroad Whatsappasked for 5 more months, mastercard and rest askedfor one year

140 “Russia fines Facebook $50 for failing to complywith local data privacy law, ” ZDNet, April 12, 2019,https://www.zdnet.com/article/russia-fines-facebook-50-for-failing-to-comply-with-local-data-privacy-law/ ; Mark Scott, “Russia Prepares to BlockLinkedIn After Court Ruling,” The New York Times,November 10, 2016, https://www.nytimes.com/2016/11/11/technology/russia-linkedin-data-court-blocked.html?_r=



143 Government authorities increasingly rely onblocking access to internet altogether to containcases of public unrest. See Timothy Mclaughlin,“How Whatsapp Fuels Fake News And Violence InIndia, ” The Wired, December 12, 2018, https://www.wired.com/story/how-whatsapp-fuels-fake-news-and-violence-in-india/

144 “Fighting fake news: Govt asks Whatsapp totake immediate action,” Economic Times, July 3,2018, https://economictimes.indiatimes.com/et-now/daily/fighting-fake-news-govt-asks-whatsapp-to-take-immediate-action/videoshow/64846005.cms?from=mdr

145 The Indian government introduced the draftamendment to the Information Technology Act, 2008

to overhaul the current intermediary liability regimein India. One of the problematic provisions includedthe requirement for intermediaries to enable tracingthe originator of messages. See Yesha Tshering Paul“Fake News: Misguided Policymaking To CounterMisinformation,” Bloomberg Quint, January 14, 2019,https://www.bloombergquint.com/opinion/fake-news-misguided-policymaking-to-counter-misinformation

146 The Srikrishna Committee appointed to draftIndia’s first comprehensive data protection lawintroduced the term “fiduciaries” in the Personal DataProtection Bill, 2018. See Arghya Sengupta, “Why theSrikrishna Committee Rejected Ownership of Data inFavour of Fiduciary Duty,” The Wire, August 2, 2018,https://thewire.in/tech/why-the-srikrishna-committee-rejected-ownership-of-data-in-favour-of-fiduciary-duty

147 For more on how Indian law enforcementagencies make requests for data under Indian law,see Chapter 3 in Srikumar et al., “India-US DataSharing For Law Enforcement : Blueprint ForReforms,” Observer Research Foundation, January,2019, https://www.orfonline.org/wp-content/uploads/2019/01/MLAT-Book-_v8_web-1.pdf

148 See Developments in the Law — More Data,More Problems, Harvard Law Review, volume 131 no.6 : 1715-1722, https://harvardlawreview.org/2018/04/cooperation-or-resistance-the-role-of-tech-companies-in-government-surveillance/

149 See Developments in the Law — More Data,More Problems, Harvard Law Review, volume 131 no.6 : 1715-1722, https://harvardlawreview.org/2018/04/cooperation-or-resistance-the-role-of-tech-companies-in-government-surveillance/

150 For instance, Facebook commits to fight back incourt if requests are overbroad or defective. ChrisSonderby, “Sharing Our Latest Transparency Report,”Facebook Newsroom, May 23, 2019, https://newsroom.fb.com/news/2019/05/transparency-report-h2-2018/


151 Alan Z. Rozenshtein, “SurveillanceIntermediaries”, Stanford Law Review, volume 70,January 2018, https://review.law.stanford.edu/wp-content/uploads/sites/3/2018/01/70-Stan.-L.-Rev.-99.pdf

152 The authors in this paper argue that SiliconValley have been forced to accept their role as our“corporate avatars” when they possess “neither thewill nor the means to effectively challengegovernment snooping”. See Chapter 1 inDevelopments in the Law — More Data, MoreProblems, Harvard Law Review, volume 131 no.6 :1715-1722, https://harvardlawreview.org/2018/04/cooperation-or-resistance-the-role-of-tech-companies-in-government-surveillance/



155 See 3(13), Personal Data Protection Bill, 2018.Available at https://www.meity.gov.in/writereaddata/files/Personal_Data_Protection_Bill,2018.pdf;Stakeholders in India however have argued that thedraft bill does not imbibe the philosophy offiduciaries completely since certain sections in thebill still places the disproportionate onus on users to

realize their rights. See comments submitted byDvara Research to MeitY available at https://www.dvara.com/blog/wp-content/uploads/2018/10/Response-to-draft-Personal-Data-Protection-Bill_DvaraResearch.pdf

156 Jack M. Balkin, "Information fiduciaries and thefirst amendment." UCDL Rev. 49 ,1183, 2015

157 See A Free and Fair Digital Economy ProtectingPrivacy, Empowering Indians: Committee of Expertsunder the Chairmanship of Justice B.N. Srikrishna,July 27, 2018, available at https://www.meity.gov.in/writereaddata/files/Data_Protection_Committee_Report-comp.pdf

158 Jack M. Balkin, "Information fiduciaries and thefirst amendment." UCDL Rev. 49 ,1183, 2015

159 Id. , see Jack M.Balkin, "Fixing Social Media'sGrand Bargain." Hoover Working Group on NationalSecurity, Technology, and Law, Aegis Series Paper1814,2018.

160 The author of this piece argues that Balkin’sfiduciary framework could eliminate the third partydoctrine in the U.S. altogether binding all companiesto a higher duty of care towards users. See MikeGodwin, It’s Time to Reframe Our Relationship WithFacebook,” Slate, November 16, 2018, https://slate.com/technology/2018/11/information-fiduciaries-facebook-google-jack-balkin-data-privacy.html; In India, the Supreme Court through the2017 ruling recognising privacy as a fundamentalright invalidated the application of third partydoctrine. See Gautam Bhatia, “The Supreme Court’sRight to Privacy Judgment – IV: Privacy,Informational Self-Determination, and the Idea ofConsent,” Indian Constitutional Law and Philosophy,August 2017, https://indconlawphil.wordpress.com/2017/08/30/the-supreme-courts-right-to-privacy-judgment-iv-privacy-informational-self-determination-and-the-idea-of-consent/

161 Vivan Sharan, Sidharth Deb, “Reimaginingfiduciaries in the digital economy,” Livemint, August,


15, 2018, https://www.livemint.com/Opinion/KkgNtjljNd6Ikmu0qR8hWJ/Opinion--Reimagining-fiduciaries-in-the-digital-economy.html

162 Ariel Dobkin, "Information Fiduciaries inPractice: Data Privacy and User Expectations." Berkeley Tech. LJ 33 2018: 1.

163 Dalip Singh, “Law enforcement agencies favourdata localisation “, Economic Times, October 8, 2018,https://economictimes.indiatimes.com/news/economy/policy/law-enforcement-agencies-favour-data-localization /articleshow/66113360.cms

164 India Pushes Back Against Tech ‘Colonization’ byInternet Giants”,The New York Times, https://www.nytimes.com/2018/08/31/technology/india-technology-american-giants.html

165 Aria Thaker, “Behind RBI’s digital paymentspanel, a controversial firm’s shadow, conflict ofinterest allegations”, Scroll, January 10, 2019, https://scroll.in/article/908802/behind-rbis-digital-payments-panel-a-controversial-firms-shadow-conflict-of-interest-allegations; The Indiangovernment’s motivation to create an environmentfavourable to domestic tech firms is most evident inits recent policy on Foreign Direct Investment in e-commerce. See “What India e-commerce policyentails for online retailers”, Livemint, January 16,2019, https://www.livemint.com/Industry/4e8rKuiaJSGmsNU5BXUSvM/What-India-ecommerce-policy-entails-for-online-retailers.html

166 a. Aditya Kalra and Aditi Shah, “U.S. firms faceoff with Indian rival in lobbying against data storagerules,” Reuters, July 24, 2018, https://www.reuters.com/article/us-india-data-localisation/u-s-firms-face-off-with-indian-rival-in-lobbying-against-data-storage-rules-idUSKBN1KE17Nb. Vidhi Choudhary and YashwantRaj, “Cambridge Analytica row: Facebook databreach hit 560K Indian users,”Hindustan Times, April5, 2018, https://www.hindustantimes.com/tech/facebook-data-breach-hit-over-5-6-lakh-users-in-india/story-S3bafNwwKTtO5q6U7S4FZM.html

167 Prashant Reddy, “View: It's time to tame thesocial media beast,” Economic Times, February 13,2019,//economictimes.indiatimes.com/articleshow/67966170.cms?from=mdr&utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst

168 Ben Brody, “Tech Giants Back U.S. Bill GoverningCross-Border Data Searches,”Bloomberg, February 7,2018, https://www.bloomberg.com/news/articles/2018-02-07/tech-companies-welcome-cross-border-data-search-legislation

169 Brad Smith, “A call for principle-basedinternational agreements to govern law enforcementaccess to data,” Microsoft On the Issues, September11, 2018, https://blogs.microsoft.com/on-the-issues/2018/09/11/a-call-for-principle-based-international-agreements-to-govern-law-enforcement-access-to-data/

170 Michael Punke, “AWS and the CLOUD Act,”AWS Security Blog, May 27, 2019, https://aws.amazon.com/blogs/security/aws-and-the-cloud-act ; Chaim Gartenberg, “Apple will launch aglobal web portal for law enforcement requests laterthis year,” The Verge, September 6, 2018, available at https://www.theverge.com/2018/9/6/17827352/apple-global-web-portal-law-enforcement-requests; Kristen E. Eichensehr, “DigitalSwitzerlands”, University of Pennsylvania LawReview, Volume 164 (forthcoming)

171 “One year later: A cybersecurity commitmentshared by more than 100 companies,” Tech Accord,May 9, 2019, https://cybertechaccord.org/one-year-later-a-cybersecurity-commitment-shared-by-more-than-100-companies/

172 Mike Isaac, “Zuckerberg Plans to IntegrateWhatsApp, Instagram and Facebook Messenger,”The New York Times, January 25, 2019, https://www.nytimes.com/2019/01/25/technology/facebook-instagram-whatsapp-messenger.html


https://www.google.com/url?q=https://www.reuters.com/article/us-india-data-localisation/u-s-firms-face-off-with-indian-rival-in-lobbying-against-data-storage-rules-idUSKBN1KE17N&sa=D&ust=1564428895469000&usg=AFQjCNHreoFfphHEPSxb9OatMJTDsNnMNQ





https://www.google.com/url?q=https://aws.amazon.com/blogs/security/aws-and-the-cloud-act/&sa=D&ust=1564428895471000&usg=AFQjCNGj4oq3XUe7UKGpgHNeitXykZR3Kg



https://www.theverge.com/2018/9/6/17827352/apple-global-web-portal-law-enforcement-requests



173 Mike Isaac, “Facebook’s Mark Zuckerberg SaysHe’ll Shift Focus to Users’ Privacy,” The New YorkTimes, March 6, 2019, https://www.nytimes.com/2019/03/06/technology/mark-zuckerberg-facebook-privacy.html . Facebook’s official announcement isavailable at https://www.facebook.com/notes/mark-zuckerberg/a-privacy-focused-vision-for-social-networking/10156700570096634/

174 Law enforcement agencies across the worldmake overbroad demands for location data to findsuspects and witnesses at crime scenes. See JenniferValentino-Devries, “Tracking Phones, Google Is aDragnet for the Police,” The New York Times, April13, 2019, https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html;also on “reverse location warrants” see Aaron Mak,Close Enough, Slate, February 19, 2019, https://slate.com/technology/2019/02/reverse-location-search-warrants-google-police.html; Matthew Haag,“FamilyTreeDNA Admits to Sharing Genetic DataWith F.B.I.”, The New York Times, February 4, 2019,https://www.nytimes.com/2019/02/04/business/family-tree-dna-fbi.html

175 Josh Costine, “Facebook will pass off contentpolicy appeals to a new independent oversight body,”Techcrunch, https://techcrunch.com/2018/11/15/facebook-oversight-body/

176 For instance, in the UK, https://nyti.ms/2D5bGf7; France, https://techcrunch.com/2019/04/03/how-frances-new-digital-minister-plans-to-regulate-tech/; and Germany, https://iapp.org/news/a/germanys-first-fine-under-the-gdpr-offers-enforcement-insights/

177 Varun Aggrawal, “Infosys to Set up DataMarketplace for Enterprises - The HinduBusinessLine,” June 19, 2018, https://www.thehindubusinessline.com/info-tech/infosys-to-set-up-data-marketplace-for-enterprises/article24203427.ece.dsllwakwjgthkjj.

178 “The Personal Data Protection Bill” (2018),https://meity.gov.in/writereaddata/files/

Personal_Data_Protection_Bill,2018.pdf; Justice B.N.Srikrishna, “A Free and Fair Digital Economy:Protecting Privacy, Empowering Indians,”(Committee of Experts under the Chairmanship ofJustice B.N. Shrikrishna, July 2018), https://meity.gov.in/writereaddata/files/Data_Protection_Committee_Report.pdf.

179 Jack M. Balkin, “Information Fiduciaries and theFirst Amendment,” U.C. Davis Law Review 49, no. 4(2016): 1234; Lina Khan and David Pozen, “A SkepticalView of Information Fiduciaries” (SSRN, February 25,2019), https://papers.ssrn.com/abstract=3341661.

180 Whilst the European Union’s approach in theGDPR is limited by is focus on privacy. Thechallenges of governing data-driven decision-makinggo well beyond concerns about privacy. See TaliaGillis and Josh Simons, “Explanation < Justification:GDPR and the Perils of Privacy,” (SSRN, 2019).

181 To use André Béteille’s phrase, one of India’smost important twentieth-century social theorists.André Béteille, Anti-Utopia: Essential Writings ofAndré Béteille (New Delhi: Oxford University Press,2005); André Béteille, Ramachandra Guha, andJonathan P. Parry, Institutions and Inequalities: Essaysin Honour of Andre Beteille (New Delhi: OxfordUniversity Press, 1999).

182 Purva Khera, Macroeconomic Impacts of GenderInequality and Informality in India, IMF WorkingPaper (Washington, District of Columbia DC:International Monetary Fund, 2016); Carol Vlassoff, Gender Equality and Inequality in Rural India: Blessedwith a Son (New York, NY: Palgrave Macmillan, 2013);Stephen M. Caliendo, Inequality in America: Race,Poverty, and Fulfilling Democracy’s Promise,Dilemmas in American Politics (Boulder, CO:Westview Press, 2014); Xavier N. De Souza Briggs, Social Capital and Segregation: Race, Connections, andInequality in America (Cambridge, MassMA.: John F.Kennedy School of Government, 2002).

183 It is important to note that this is not just aboutunrepresentative data. Unrepresentative data


excludes some groups, perhaps because there arenot enough data points about that group, or the datapoints that exist are less numerous or rich. This is animportant problem, particularly in India, where theunderrepresentation of Untouchables and women indata is systemic. But the problems this paperconsiders would remain even in the most accurateand careful data sets, which are still a reflection ofthe structure of our social world, including theinequalities and injustices that characterize it. Arepresentative dataset is not devoid of injustice. Thisleaves open a host of important issues about whenthe representation of injustice in a dataset actuallyconstitutes an injustice, an issue I hope to address infuture work. Cynthia Dwork and Deirdre Mulligan,“It’s Not Privacy, and It’s Not Fair,” Stanford LawReview 66 (September 2013): 35–40; Kate Crawford,“The Hidden Biases in Big Data,” Harvard BusinessReview, April 1, 2013, https://hbr.org/2013/04/the-hidden-biases-in-big-data; David Garcia et al.,“Analyzing Gender Inequality through Large-ScaleFacebook Advertising Data,” Proceedings of theNational Academy of Sciences of the United States ofAmerica 115, no. 27 (2018): 6958–63, https://doi.org/10.1073/pnas.1717781115.

184 Andrew D. Selbst and Solon Barocas, “TheIntuitive Appeal of Explainable Machines,” SSRNElectronic Journal, 2018, https://doi.org/10.2139/ssrn.3126971.

185 Daniel Kahneman, Thinking, Fast and Slow (NewYork, NY: Farrar, Straus and Giroux, 2011).

186 Virginia Eubanks, Automating Inequality: HowHigh-Tech Tools Profile, Police and Punish the Poor(New York, NY: St. Martin’s Press, 2018).

187 TOI, “Aadhaar Covers over 89% Population:Alphons,” The Times of India, accessed March 5,2019, https://timesofindia.indiatimes.com/business/india-business/aadhaar-covers-over-89-population-alphons/articleshow/63202223.cms.

188 Cynthia Dwork et al., “Fairness throughAwareness,” ITCS ’12 (ACM, 2012), 214–226.

189 Sam Corbett-Davies and Sharad Goel, “TheMeasure and Mismeasure of Fairness: A CriticalReview of Fair Machine Learning,” 20180731, http://arxiv.org/abs/1808.00023.

190 Jon Kleinberg, Sendhil Mullainathan, andManish Raghavan, “Inherent Trade-Offs in the FairDetermination of Risk Scores,” Proceedings ofInnovations in Theoretical Computer Science (ITCS),2017.

191 I am therefore moving beyond privacy as aframework for thinking about the governance ofdata-driven decision-making. Privacy is one concernwe might have about those decision-makingprocedures, usually called “data processing” inexisting legislation in the EU and India. But it is farfrom the only concern. Other aims and values needto be brought into play. Privacy should not be thesole lens through which to view governance data andmachine learning. A29WP, “Guidelines on AutomatedIndividual Decision-Making and Profiling” (Article 29Data Protection Working Party, 2018), https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612053.; ICO, “Guide to the General DataProtection Regulation (GDPR)” (U.K.: InformationCommissioner’s Office, August 2018), https://ico.org.uk/media/for-organisations/guide-to-the-general-data-protection-regulation-gdpr-1-0.pdf;Srikrishna, “A Free and Fair Digital Economy:Protecting Privacy, Empowering Indians.”

192 Most other important pieces of non-discrimination legislation extend the categories towhich duties of non-discrimination apply. Theseinclude the Equal Pay Act of 1963, which prohibitsthe payment of different wages to employees ofdifferent sexes who perform equal work under similarconditions; the Americans with Disabilities Act (ADA)of 1990, which prohibits discrimination againstindividuals with a disability and requires the provisionof reasonable accommodation to someone who islegally disabled; and the Genetic Information Non-Discrimination Act of 2008, which protects


individuals from genetic discrimination in thehealthcare and insurance industries.

193 For instance, U.S. Executive Orders 10925,11246, and 11375 require federal contractors who doover $10,000 in Government business in one year to“take affirmative action to ensure that applicants areemployed, and that employees are treated duringemployment, without regard to their race, color,religion, sex or national origin.”

194 David Strauss, “Discriminatory Intent and theTaming of Brown,” University of Chicago Law Review56, no. 3 (1989): 935–935.

195 Jon Kleinberg et al., “Discrimination in the Ageof Algorithms,” 2019, http://arxiv.org/abs/1902.03731;Solon Barocas and Andrew D. Selbst, “Big Data’sDisparate Impact,” California Law Review 104, no. 3(June 1, 2016): 671–732.

196 There is an important emerging debate aboutprecisely this point, including a paper of my own. Forthe key protagonists, see Kleinberg et al.,“Discrimination in the Age of Algorithms,” 2019;Barocas and Selbst, “Big Data’s Disparate Impact”;Lior Strahilevitz, “Privacy versus Antidiscrimination,” Public Law & Legal Theory Working Paper, no. 174(2007), https://chicagounbound.uchicago.edu/public_law_and_legal_theory/235; Pamela L. Perry,“Two Faces of Disparate Impact Discrimination,” Fordham Law Review 59, no. 4 (March 1, 1991): 523–595;Cass Sunstein, “The Anticaste Principle,” MichiganLaw Review, January 1, 1993, 2410.

197 Barocas and Selbst, “Big Data’s DisparateImpact,” 724.

198 Sophia Moreau and Deborah Hellman, Philosophical Foundations of Discrimination Law (Oxford:Oxford University Press, 2013), 259.

199 Béteille, Anti-Utopia.

200 Cass Sunstein makes a similar point. If there isprejudice and statistical discrimination, and if third

parties promote discrimination, there will bedecreased investments in human capital. Suchdecreased investments will be a perfectly reasonableresponse to the real world. And if there aredecreased investments in human capital, thenprejudice, statistical discrimination, and third-partyeffects will also increase. Statistical discriminationwill become all the more rational; prejudice willhardly be broken down; consumers and employerswill be more likely to be discriminators.Ronnie J.Steinberg, Applications of Feminist Legal Theory toWomen’s Lives: Sex, Violence, Work andReproduction. Women in the Political Economy.(Temple University Press, 2012), 560; Sunstein, “TheAnticaste Principle,” 2431.

201 Dwork et al., “Fairness through Awareness,” 215.

202 As Hannah Arendt argued when comparing theAmerican and French revolutions. Rohit De, APeople’s Constitution: The Everyday Life of Law in theIndian Republic (Princeton, CT: Princeton UniversityPress, 2018), 5; Uday S. Mehta, “The Social Questionand the Absolutism of Politics,” 2010, http://www.india-seminar.com/2010/615/615_uday_s_mehta.htm; Hannah Arendt, On Revolution (New York, NY: Viking Press, 1965).

203 Sunil Khilnani, The Idea of India (New Delhi:Penguin, 2004).

204 Kalpana Kannabirān, Tools of Justice: Non-Discrimination and the Indian Constitution (New York,NY: Routledge, 2012), 7.

205 B. R. Ambedkar is a neglected character inIndia’s political history. His ideas have received littleattention compared with more widely known figuresM. K. Gandhi and Jawaharlal Nehru, in part becauseof the Congress Party’s dominant role in shapingIndia’s national story, and the contours of democraticpolitics after independence. See Valerian Rodrigues,“Justice as the Lens: Interrogating Rawls through Senand Ambedkar,” Indian Journal of HumanDevelopment 5, no. 1 (2011): 153–174; Jean Drèze andAmartya Sen, “Democratic Practice and Social


Inequality in India,” Journal of Asian and AfricanStudies 37, no. 2 (2002): 6–37; Martha Nussbaum,“India: Implementing Sex Equality through Law,” Chicago Journal of International Law 2, no. 1 (2001): 35–58.

206 Kannabirān, Tools of Justice, 162.

207 Patterns of domination, which produce thesepersistent inequalities in the political and economicspheres, have two effects. First, they undermine theliberty of each individual to benefit from an effectiveand competent use of their powers. Democracyentailed political equality. Political equality entailedthe absence of domination. Second, patterns ofdomination undermine the possibility of freeassociation. Drawing on John Dewey, Ambedkarargued that free association – the capacity of groupsto form links, to self-govern over time – was essentialto democratic life. Democracy is not merely a form ofgovernment. It is primarily a mode of associatedliving, of conjoin communicated experience. It isessentially an attitude of respect and reverencetowards fellow men. Patterns of domination madeimpossible the associations and relationships thatencouraged and embodied this attitude of respectand reverence.B.R. Ambedkar, Annihilation of Caste:The Annotated Critical Edition, ed. S. Anand (NewDelhi: Navayana, 2014), 280, 261.

208 Béteille, Guha, and Parry, Institutions andInequalities, 342.

209 V. R. Krishnaiyer, Akhil Bharatiya SoshitKaramchari Sangh and Others vs. Union Of India, No.185 (Supreme Court of India November 14, 1980).

210 J B. Sudershan Reddy, Indian MedicalAssociation vs. Union Of India & Ors, No. 8170(Supreme Court of India May 12, 2011).

211 Deepti Shenoy, “Courting Substantive Equality:Employment Discrimination Law in India,” Universityof Pennsylvania Journal of International Law 34, no. 3(2013): 632.

212 Jon Kleinberg et al., “Discrimination in the Ageof Algorithms,” 20190210, http://arxiv.org/abs/1902.03731.

213 The Personal Data Protection Bill; Srikrishna, “AFree and Fair Digital Economy: Protecting Privacy,Empowering Indians.”

214 Srikrishna, “A Free and Fair Digital Economy:Protecting Privacy, Empowering Indians,” 8.

215 De, A People’s Constitution; Béteille, Guha, andParry, Institutions and Inequalities; Khilnani, The Ideaof India.

216 This is precisely the challenge that Jack Balkin,who first coined the data fiduciary concept, warnedabout. Balkin, “Information Fiduciaries and the FirstAmendment,” 1232–1324.

217 As André Béteille argues, institutional well-beingis an important consideration. He describes this asequality as a matter of policy, not of right, warningagainst placing too much faith specifically in thestate to eliminate every social inequality, everydifference of caste or class. Béteille, Anti-Utopia, 435.

218 Joshua A. Kroll et al., “Accountable Algorithms,”University of Pennsylvania Law Review 165, no. 3(2017): 633–705; Andrew Tutt, “An FDA forAlgorithms,” Admin. L. Rev. 83 (2016); JeremyWaldron, “Accountability: Fundamental toDemocracy,” SSRN Scholarly Paper (Rochester, NY:Social Science Research Network, April 1, 2014),https://papers.ssrn.com/abstract=2410812; Craig T.Borowiak, Accountability and Democracy: The Pitfallsand Promise of Popular Control (Oxford UniversityPress, 2011); Adam Przeworski, Susan Carol Stokes,and Bernard Manin, Democracy, Accountability, andRepresentation (Cambridge: Cambridge UniversityPress, 1999).

219 “World Metro Figures Statistics Brief,” UITP,accessed April 29, 2019, https://www.uitp.org/sites/default/files/cck-focus-papers-files/UITP-Statistic%20Brief-Metro-A4-WEB_0.pdf; Global BRT


Data, “Global BRT Data,” accessed April 29, 2019,https://brtdata.org/.

220 Autorickshaws are three-wheeled vehicles thatsupply much of the last-mile connectivity to masstransit in Indian cities.

221 Candace Brakewood, Gregory Macfarlane, andKari Watkins, “The Impact of Real-Time Informationon Bus Ridership in New York City,” TransportationResearch Part C: Emerging Technologies, 53 (April2015): 59-75.; Eric Jaffe, “The Best Evidence Yet ThatReal-Time Arrival Info Increases Transit Ridership,”CityLab, accessed Feb. 20, 2019, https://www.citylab.com/transportation/2015/03/the-best-evidence-yet-that-real-time-arrival-info-increases-transit-ridership/387220/.

222 Aaron Antrim and Sean Barbeau, “The ManyUses of GTFS Data- Opening the Door to Transit andMultimodal Applications,” ITS America’s 23rd AnnualMeeting & Exposition, April 2013, https://www.researchgate.net/publication/268097444_THE_MANY_USES_OF_GTFS_DATA_OPENING_THE_DOOR_TO_TRANSIT_AND_MULTIMODAL_APPLICATIONS; Transit Center, “The DataTransit Riders Want “A Shared Agenda for PublicAgencies and Transit Application Developers,”accessed Feb. 16, 2019, http://transitcenter.org/wp-content/uploads/2018/12/The_Data_Transit_Riders_Want.pdf.

223 “Open Government Partnership,” OpenGovernment Partnership, accessed Jan. 28, 2019,https://www.opengovpartnership.org/.

224 “WRI India,” WRI India, accessed January 28,2019, https://wri-india.org/.

225 KMRL signed a Memorandum of Understanding(MOU) with WRI in February of 2017, which includedseveral initiatives to support urban transport andurban development, including public transport,transit oriented policy, electric mobility, and urbanplanning in Kochi.

226 Available at: https://kochimetro.org/open-data/

227 The GPS installation was paid for by the UrbanMass Transit Company Limited (UMTC), a jointventure of several national and state governmentagencies and the private company InfrastructureLeasing and Financial Services Limited (IL&FS).

228 “Kochi Metro Rail Limited signs pact with autodrivers,” Deccan Chronicle, Jan. 24, 2018, https://www.deccanchronicle.com/nation/in-other-news/240118/kochi-metro-rail-limited-signs-pact-with-auto-drivers.html.

229 In Hindi, “Chalo” means “Let’s Go!”

230 “Demographia World Urban Areas,”Demographia, April 2019, http://www.demographia.com/db-worldua.pdf

231 G.P. Hari, Personal Interview, Kochi, Feb. 11,2019.

232 “Kochi gets Chalo app for live tracking of buses,ferries,” The Hindu, accessed Jan. 28, 2019, https://www.thehindu.com/news/cities/Kochi/kochi-gets-chalo-app-for-live-tracking-of-buses-ferries/article24596526.ece.

233 Aparna Vijaykumar, Personal Interview, Online,March 5, 2019.

234 Arjun G., “Delhi Government launches OpenTransit Data Platform for Buses,” Medium, accessedJan. 28, 2019, https://medium.com/redact/delhi-government-launches-open-transit-data-platform-for-buses-b1ed9b80e996; Open Data Portal availableat: https://opendata.iiitd.edu.in/

235 Pravesh Biyani, Personal Interview, New Delhi,Feb. 14, 2019.

236 Ibid.

237 Ibid.


238 “PoochhO,” Delhi Integrated Multi-modalTransit System, accessed Feb. 15, 2019, https://play.google.com/store/apps/developer?id=DIMTS+Ltd.

239 Samir Sharma, Personal Interview, New Delhi,Feb. 15, 2019.

240 Ibid.

241 Pravesh Biyani, Personal Interview, New Delhi,Feb. 14, 2019.

242 Nikhil V.J., “Re: [datameet] – Open Transit Data– Delhi,” Email, 2019.

243 “BMTC to open up transit data enablingentrepreneurs build mobility solutions.” EconomicTimes. https://tech.economictimes.indiatimes.com/news/internet/bmtc-to-open-up-transit-data-enabling-entrepreneurs-build-mobility-solutions/59064430; “BMTC’s data-sharing plan on backburner,” The Hindu, accessed Feb. 4, 2019, https://www.thehindu.com/todays-paper/tp-national/tp-karnataka/bmtcs-data-sharing-plan-on-back-burner/article19874128.ece; Naveen Menezes, “Two yearson, commuters continue to suffer as BMTC squats onreal-time data,” Economic Times, accessed Feb. 16,2019, https://economictimes.indiatimes.com/industry/transportation/two-years-on-commuters-continue-to-suffer-as-bmtc-squats-on-real-time-data/articleshow/67087829.cms.

244 ET Bureau, “BMTC to open up transit dataenabling entrepreneurs build mobility solutions,” Economic Times. https://tech.economictimes.indiatimes.com/news/internet/bmtc-to-open-up-transit-data-enabling-entrepreneurs-build-mobility-solutions/59064430.

245 Naveen Menezes, “Two years on, commuterscontinue to suffer as BMTC squats on real-timedata,” Economic Times, accessed Feb. 16, 2019,https://economictimes.indiatimes.com/industry/transportation/two-years-on-commuters-continue-

to-suffer-as-bmtc-squats-on-real-time-data/articleshow/67087829.cms.

246 O.P. Agarwal, Personal Interview, New Delhi,March 1, 2019.

247 Naveen Menezes, “Two years on, commuterscontinue to suffer as BMTC squats on real-timedata,” Economic Times, accessed Feb. 16, 2019,https://economictimes.indiatimes.com/industry/transportation/two-years-on-commuters-continue-to-suffer-as-bmtc-squats-on-real-time-data/articleshow/67087829.cms.

248 Harsha Krishna, Personal Interview, Bangalore,March 4, 2019.


250 Tejas Pande, Personal Interview, New Delhi,Feb. 9, 2019;Vinay Sreenivasa, Personal Interview.Online, March 7, 2019; Harsha Krishna, PersonalInterview, Bangalore, March 4, 2019.


252 Ibid.

253 “BMTC,” Bangalore Municipal TransportCorporation, accessed Feb. 20, 2019, https://play.google.com/store/apps/details?id=com.bmtc.mybmtc&hl=en_US.

254 Ibid; Tanushree Dev Barma, Personal Interview,Bangalore, March 5, 2019.

255 S. Rajagopalan, Personal Interview, Bangalore,March 5, 2019.

256 BMTC Data Sharing Policy Draft (July, 2018),Bangalore: Bangalore Municipal Transit Corporation,2018.

257 S. Rajagopalan, Personal Interview, Bangalore,March 5, 2019.


258 Ibid.

259 BMTC Data Sharing Policy Draft (July, 2018).Bangalore: Bangalore Municipal Transit Corporation,2018.

260 Srinivas Kodali, “BMTC IntelligentTransportation System (ITS) and Need for OpenTransport Data,” Data Meet, accessed Jan. 28, 2019,http://datameet.org/2016/08/05/bmtc-intelligent-transportation-system-its-open-transport-data/ .

261 Naveen Menezes, “Two years on, commuterscontinue to suffer as BMTC squats on real-timedata,” Economic Times, accessed Feb. 16, 2019,https://economictimes.indiatimes.com/industry/transportation/two-years-on-commuters-continue-to-suffer-as-bmtc-squats-on-real-time-data/articleshow/67087829.cms

262 Vinay Sreenivasa, Personal Interview, Online,March 7, 2019.

263 Yunus Y. Lasania, “Telangana’s ‘open data’ policyto help start-ups address public issues,” LiveMint,accessed March 15, 2019, https://www.livemint.com/Companies/iZKdgU1KkQh4azdSKCZ31O/Telanganas-open-data-policy-to-help-startups-address-pub.html

264 Telangana Open Data Policy 2016, Hyderabad,Telangana: Government of Telangana, accessedMarch 15, 2019, https://data.gov.in/sites/default/files/Telangana-Open-Data-Policy-2016.pdf

265 Ibid.

266 Yunus Y. Lasania, “Telangana’s ‘open data’ policyto help start-ups address public issues,” LiveMint,accessed March 15, 2019, https://www.livemint.com/Companies/iZKdgU1KkQh4azdSKCZ31O/Telanganas-open-data-policy-to-help-startups-address-pub.html

267 “Background,” Factly, accessed Feb. 18, 2019,https://factly.in/about/

268 Anant Maringanti, Personal Interview,Hyderabad, March 6, 2019.; Harsha Devulapalli andGirish Agrawal, “Mapping bus transit services inHyderabad – an illustrative example of the use ofopen geospatial data,” Transportation ResearchProcedia. 25 (201): 4196-4206.

269 Surya Kandukuri, Personal Interview,Hyderabad, March 6, 2019.

270 Vishal Ramprasad, Personal Interview, Mumbai,Feb. 12, 2019.

271 Srya Kandukuri, “Notes from our conversation,”Email, 2019.; Surya Kandukuri, Personal Interview,Hyderabad, March 6, 2019.

272 Ibid.

273 Aaron Antrim and Sean Barbeau, “The ManyUses of GTFS Data- Opening the Door to Transit andMultimodal Applications,” ITS America’s 23rd AnnualMeeting and Exposition, April 2013, https://www.researchgate.net/publication/268097444_THE_MANY_USES_OF_GTFS_DATA_OPENING_THE_DOOR_TO_TRANSIT_AND_MULTIMODAL_APPLICATIONS

274 Harsha Devulapalli and Girish Agrawal,“Mapping bus transit services in Hyderabad – anillustrative example of the use of open geospatialdata,” Transportation Research Procedia, 25 (201):4196-4206.

275 Anumita Roychowdhury, Gaurav Dubey, AnuSoman, Waiting for a Bus: Strategies to improveDelhi’s bus system. (New Delhi: Centre for Scienceand Environment, 2017).

276 Ibid.


278 In many cases, transit operators do not make asystem map or timetable available. Data can be used


to provide these more analog solutions in order tomeet the information needs of riders who do notpossess smartphones or do not access transit data inan online format. Other technologies may proveuseful to encompass groups of people who might notuse smartphones, such as text or voice-basedservices.

279 Open Government Data Platform India,“National Data Sharing and Accessibility Policy,”accessed Jan. 28, 2019, https://data.gov.in/sites/default/files/NDSAP.pdf

280 “Open Government Data Platform India,” OpenGovernment Data Platform India, accessed Jan. 28,2019, https://data.gov.in

281 Mohd Ujaley, “Countries to Ride on India’s OpenGovernment Data Platform,” Express Computer,https://www.expresscomputer.in/interviews/countries-to-ride-on-indias-open-government-data-ogd-platform/11567

282 Simonti, Chakraborty, “Open Data Policy of theGovernment of India: What has it achieved?” CBGIndia, http://www.cbgaindia.org/blog/open-data-policy-government-india-achieved

283 Joel Gurin, Personal Interview, Online, March 1,2019.

284 Mark Headd, “New Thinking in HowGovernments Deliver Services,” in BeyondTransparency, ed. Brett Goldstein with Lauren Dyson.(San Francisco: Code for America Press, 2013): 278-9.

285 Rajarshi Sahai, “Going Public with PublicTransport Data For Public: Dilemmas of DevelopingCities,” accessed Jan. 28, 2019, https://india.uitp.org/articles/open-data-public-transport-data-for-public

286 “National Urban Innovation Stack: Strategy andApproach,” New Delhi, India: Ministry of Housingand Urban Affairs, Government of India, 2019,accessed Feb. 8, 2019, https://smartnet.niua.org/

sites/default/files/resources/nuis_master_doc_07.01.19_v5_0.pdf

287 “DataSmart Cities: Empowering Cities throughData,” Ministry of Housing and Urban Affairs,Government of India, https://smartnet.niua.org/sites/default/files/resources/datasmart_cities.pdf

288 “We Continue to Create an Open Data Culture,”Makaia, accessed March 5, 2019, https://makaia.org/we-continue-to-create-open-data-culture

289 “National Urban Transport Policy (2006),” NewDelhi, India: Ministry of Urban Development,Government of India, 2006. https://smartnet.niua.org/sites/default/files/resources/National%20Urban%20Transport%20Policy.pdf

290 “National Urban Transport Policy (2014),” NewDelhi, India: Ministry of Urban Development,Government of India, 2014. http://www.itdp.in/wp-content/uploads/2014/11/NUTP-2014.pdf

291 “National Urban Transport Policy,” New Delhi,India: Ministry of Urban Development, Governmentof India (2006), https://smartnet.niua.org/sites/default/files/resources/National%20Urban%20Transport%20Policy.pdf

292 Ibid.

293 GP Hari, Personal Interview, Kochi, Feb. 11,2019.


295 Harshith Gokulendra, Personal Interview, NewDelhi, March 1, 2019.

296 O.P. Agarwal, Personal Interview. New Delhi,March 1, 2019.

297 Srinivas Kodali, Personal Interview, New Delhi,Feb. 5, 2019.


298 Rajarshi Sahai, Personal Interview, Online, Jan.30, 2019.

299 Available at: https://smartnet.niua.org

300 Kunal Kumar, “Building National UrbanInnovation Stack for Indian Smart Cities Mission -Technologies and Financing Model,” (Panelpresentation, Smart Republic Conference, NewDelhi, India, Feb. 27-28, 2019).

301 Srinivas Kodali,. Personal Interview. New Delhi,Feb. 5, 2019.

302 Samir Sharma, Personal Interview. New Delhi,Feb. 15, 2019.

303 GP Hari, Personal Interview, Kochi, Feb. 11,2019.

304 Vishal Ramprasad, Personal Interview, Mumbai,Feb. 12, 2019.

305 Harsha Krishna, Personal Interview. Bangalore,March 4, 2019;Vipassana Vijayarangan, PersonalInterview, Online, Jan. 15, 2019.

306 “National Urban Transport Policy,” New Delhi,India: Ministry of Urban Development, Governmentof India, 2006, https://smartnet.niua.org/sites/default/files/resources/National%20Urban%20Transport%20Policy.pdf.

307 Don Tapscott, “2018 Regulation Roundtable:Addressing the Regulatory Challenges of DisruptiveInnovation,” Summary of 10 May 2018 Proceedingsheld at KPMG Toronto, Blockchain Research Institute,Aug. 8 2018.

308 Warren Davidson, R-OH, "Text - H.R.7356 - 115thCongress (2017-2018): Token Taxonomy Act."Congress.gov. December 20, 2018, accessed April 14,2019, https://www.congress.gov/bill/115th-congress/house-bill/7356/text.

309 U.S. Securities and Exchange Commission,“Ponzi Schemes Using Virtual Currencies,” July 23,

2017, https://www.investor.gov/system/files/news/documents/english/ia_virtualcurrencies.pdf

310 The DAO is one example of a DecentralizedAutonomous Organization, which is a term used todescribe a “virtual” organization embodied incomputer code and executed on a distributed ledgeror blockchain.

311 U.S. Securities and Exchange Commission,“Report of Investigation Pursuant to Section 21(a) ofthe Securities Exchange Act of 1934: The DAO,” July25, 2017, https://www.sec.gov/litigation/investreport/34-81207.pdf

312 Lester Coleman, "SEC Subpoenas 80Cryptocurrency Firms," CCN, March 04, 2018,accessed May 16, 2019. https://www.ccn.com/sec-subpoenas-80-cryptocurrency-firms-including-techcrunch-fund.

313 Nikhilesh De, "SEC Again Delays Decision onBitwise Bitcoin ETF Approval," CoinDesk, May 15,2019. accessed May 16, 2019, https://www.coindesk.com/sec-again-delays-decision-on-bitwise-bitcoin-etf-approval.

314 U.S. Securities and Exchange Commission,Fintech Finhub, "Framework for “InvestmentContract” Analysis of Digital Assets," April 3, 2019,accessed April 14, 2019, https://www.sec.gov/corpfin/framework-investment-contract-analysis-digital-assets.

315 The Howey Test is the standard methodology,put in place by the U.S. Supreme Court to determinewhether a transaction is an example of an"investment contract,” i.e., a security. It derives froma 1946 case, SEC v. W.J. Howey Co., a lawsuitinvolving the Howey Company of Florida. In thecontext of blockchain tokens, the Howey test can beexpressed as three independent elements: (1) Aninvestment of money, (2) in a common enterprise, (3)with an expectation of profits predominantly fromthe efforts of others.


316 "A New Commissioner at America's MainSecurities Regulator Causes a Buzz," The Economist,Nov. 08, 2018, accessed April 14, 2019, https://www.economist.com/finance-and-economics/2018/11/08/a-new-commissioner-at-americas-main-securities-regulator-causes-a-buzz.

317 Stan Higgins, "The SEC Just Appointed Its First-Ever Crypto Czar," CoinDesk, June 04, 2018,accessed April 14, 2019, https://www.coindesk.com/sec-just-appointed-first-ever-crypto-czar.

318 Detailed in the next section, LabCFTC is apioneering regulatory model in dealing with fintechinnovations

319 Stephan O'Neal, “SEC Launches FinHub toCommunicate With Industry, But What Does It Haveto Say?" Cointelegraph, Feb. 13, 2019, accessed April14, 2019, https://cointelegraph.com/news/sec-launches-finhub-to-communicate-with-industry-but-what-does-it-have-to-say.

320 Yogita Khatri, "The SEC Wants to Hire a 'CryptoSecurities' Advisor," CoinDesk, April 01, 2019,accessed April 14, 2019, https://www.coindesk.com/the-us-sec-is-hiring-a-crypto-specialist-legal-advisor.

321 Commodity Futures Trading Commission, “AnIntroduction to Virtual Currency,” 2017, https://www.cftc.gov/sites/default/files/idc/groups/public/%40customerprotection/documents/file/oceo_aivc0218.pdf.

322 Khatri, Yogita, "CabbageTech CEO Indicted inNew York for Defrauding Crypto Investors," CoinDesk, March 27, 2019, accessed April 14, 2019, https://www.coindesk.com/cabbagetech-ceo-indicted-in-new-york-for-defrauding-crypto-investors.

323 Chris Giancarlo, "CFTC Chairman ChrisGiancarlo,” DC Blockchain Summit 2019,Georgetown University, Washington, D.C., March 6,2019.

324 Daniel Gorfine (Director, LabCFTC), personalinterview, Washington, D.C., April 2019.

325 Daniel Gorfine, "Podcasts." Commodity FuturesTrading Commission, accessed April 14, 2019. https://www.cftc.gov/Media/Podcast/index.htm.

326 Commodity Futures Trading Commission,"Request for Input on Crypto-asset Mechanics andMarkets." December 11, 2018, accessed May 12, 2019,https://www.cftc.gov/sites/default/files/2018-12/federalregister121118.pdf.

327 United States Financial Crimes EnforcementNetwork, Department of Treasury, Guidance:Application of FinCEN’s Regulations to PersonsAdministering, Exchanging, or Using VirtualCurrencies, FIN-2013-G001, March 18, 2013, https://www.fincen.gov/sites/default/files/shared/FIN-2013-G001.pdf.

328 Peter Van Valkenburgh, "FinCEN Raises MajorLicensing Problem for ICOs in New Letter toCongress," Coin Center, March 6, 2018, accessedMay 12, 2019, https://coincenter.org/link/fincen-raises-major-licensing-problem-for-icos-in-new-letter-to-congress.

329 Timothy Spangler and Robert J. Rhatigan."FinCEN Warns That Virtual Currency Activities AreSubject to Anti-Money Laundering Obligations," Lexology, April 03, 2018, accessed April 14, 2019, https://www.lexology.com/library/detail.aspx?g=67eaaff2-3d48-4e39-a1b7-8cf1651099df.

330 FinCEN, "Advisory on the Iranian Regime’s Illicitand Malign Activities and Attempts to Exploit theFinancial System," FIN-2018-A006, October 11, 2018,accessed April 14, 2019, https://www.fincen.gov/sites/default/files/advisory/2018-10-11/Iran AdvisoryFINAL 508.pdf.

331 Internal Revenue Service, "Notice 2014-21,"March 2014, accessed April 14, 2019, https://www.irs.gov/pub/irs-drop/n-14-21.pdf.


332 "Tax Treatment of Cryptocurrency Hard Forksfor Taxable Year 2017," American Bar Association toInternal Revenue Service, March 19, 2017,Washington, D.C.

333 "IRS Treatment of Virtual Currencies," U.S.House of Representatives Committee on Ways andMeans to Internal Revenue Service, Sept. 19, 2018,Washington, D.C. https://republicans-waysandmeansforms.house.gov/uploadedfiles/letter_irs_virtual_currencies.pdf.

334 Steven T. Mnuchin and Craig S. Phillips, “AFinancial System That Creates EconomicOpportunities Nonbank Financials, Fintech, andInnovation,” U.S. Department of the Treasury, July2018. https://home.treasury.gov/sites/default/files/2018-07/A-Financial-System-that-Creates-Economic-Opportunities---Nonbank-Financi....pdf.

335 Craig S. Phillips "Fireside Chat with CounselorCraig Phillips, U.S. Dept. of the Treasury," Speech atthe D.C. Blockchain Summit 2019, GeorgetownUniversity, Washington, D.C., March 6, 2019.

336 Statement of Jennifer Shasky Calvery, Director,Financial Crimes Enforcement Network, United StatesDepartment of the Treasury (2013) (testimony ofJennifer Shasky Calvery).https://www.fincen.gov/news/testimony/statement-jennifer-shasky-calvery-director-financial-crimes-enforcement-network-0.

337 Ibid.

338 "Virtual Currency Business (BitLicense)," NewYork Department of Financial Services, 2015. https://www.dfs.ny.gov/apps_and_licensing/virtual_currency_businesses/license_management.

339 Patrick Murck, (Partner, Cooley LLP), personalinterview, March 2019.

340 Marco Santori and Maria Vullo, "Legal Tender?The Regulation of Cryptocurrencies," June 7, 2018,accessed April 14, 2019, https://www.cfr.org/event/legal-tender-regulation-cryptocurrencies.

341 Anonymous New York venture capitalist inblockchain, personal interview, March 2019.

342 Gage Lathrop and Dale Werts, "Blockchain andCryptocurrency: State Law Roundup," JD Supra, July10, 2018, accessed April 14, 2019, https://www.jdsupra.com/legalnews/blockchain-and-cryptocurrency-state-law-84534/.

343 Long, Caitlin, "What Do Wyoming's 13 NewBlockchain Laws Mean?" Forbes, April 08, 2019,accessed April 14, 2019, https://www.forbes.com/sites/caitlinlong/2019/03/04/what-do-wyomings-new-blockchain-laws-mean/#11ecd0575fde.

344 Caitlin Long (Co-Founder, Wyoming BlockchainCoalition), personal interview, Feb. 2019.

345 Multiple start-up founders and businessstrategy leads (anonymous), personal interview, April2019, Seattle.

346 Greg Heuss (Managing Partner, CounterpointVentures), personal interview, April 2019, Seattle,Washington.

347 Multiple start-ups (anonymous), interview bythe author, April 2019, Los Angeles and SanFrancisco, California.

348 David Otto (Founder and Managing Partner,Martin Davis PLLC), personal interview, April 2019,Seattle, Washington.

349 Multiple start-ups and Venture Capitalists(anonymous), interview by the author, April 2019, LosAngeles and San Francisco, California.

350 The SEC, as well as the securities laws itenforces, have come under bipartisan criticism fromacademics, entrepreneurs, investors, and membersof Congress for creating red tape that makes itdifficult both for entrepreneurs to raise capital in thepublic markets and for investors to find wealth-building opportunities. This concern promptedCongress to pass regulatory relief overwhelmingly in


the Jumpstart Our Business Start-ups (JOBS) Act,which was signed by President Obama in 2012. In2018, the U.S. House of Representatives passed a billallowing further relief, the Jobs and InvestorConfidence Act. The JOBS Act eased some burdenson entrepreneurs by exempting small and “emerginggrowth” companies from some of the costly burdensof securities laws like the Sarbanes-Oxley Act of2002 and the Dodd-Frank Act 2010.For furtherreference: John Berlau, "Cryptocurrency and theSEC's Limitless Power Grab," Competitive EnterpriseInstitute, April 11, 2019, accessed April 14, 2019,https://cei.org/content/cryptocurrency-and-secs-limitless-power-grab.

351 Multiple venture capitalists, interviewed byauthor, Feb./Apr. 2019, New York, Seattle, SanFrancisco.

352 John M. Carey, Legislative Voting andAccountability, Cambridge Studies in ComparativePolitics (Cambridge University Press, 2009), ix.

353 This expectation was, in some part, because ofthe way I had seen the voting records of Americanmembers of Congress being used to discuss theirpast positions on legislative matter, as well as toexamine the linkages between the funding theyreceived and the positions they espoused.

354 Rule 246, “Rules of Procedure and Conduct ofBusiness in the Council of States (Rajya Sabha),”August 2016, https://rajyasabha.nic.in/rsnew/rs_rule/rules_pro.pdf; and Rule 364, “Rules of Procedure andConduct of Business in Lok Sabha,” April 2014, http://164.100.47.194/loksabha/rules/RULES-2010-P-FINAL_1.pdf.

355 “Constitution of India,” 1950, http://www.legislative.gov.in/constitution-of-india.

356 For the sake of brevity, the term “Speaker” shallbe used to cover both the Speaker of the Lok Sabhaas well as the Chairman of the Rajya Sabha.

357 A head-count is not seen as a “division” underthe Rules of Procedures of the Lok Sabha and theRajya Sabha, even though votes are counted.

358 This was increased from 2½ minutes in 1989(Lok Sabha) and 2006 (Rajya Sabha).

359 It was in 1956-57 that the Indo-German TradeCentre was contracted to install ‘automatic voterecording equipment,’ i.e., voting machines,manufactured by Telefonbau und NormalzeitG.M.B.H. of Frankfurt, West Germany, in both theLok Sabha as well as the Rajya Sabha. Incidentally,this contract led to what was the first ruling onparliamentary privilege within the Rajya Sabha, andthe second in the Lok Sabha in relation to a casebefore the Election Tribunal and the Calcutta HighCourt on disqualification of a member. See, RajyaSabha Committee on Privileges, “First Report,” May1958, https://rajyasabha.nic.in/rsnew/privileges_digest/priv-18.pdf; Lok Sabha Committeeon Privileges, “Second Report,” April 1958, https://eparlib.nic.in/bitstream/123456789/57641/1/privileges_02_02_1958.pdf; and Brojo Gopal Das v. Kalipada Banerjee, January 1959, https://indiankanoon.org/doc/1158907/?type=print. Giventhat the equipment did not have any means of theMP authenticating herself (unlike the machine usedin the U.S. House of Representatives), thatnecessitated the allocation of specific seats to eachmember, which had not been fixed (except thereservation of a few rows for government ministers)until then. As a book on Indian parliamentaryprocedure notes, “each member is now allotted afixed seat from where he has to address the Houseunless it otherwise directed by the Chair, and at thetime of a division he has to record his vote byoperating the apparatus fixed to his seat.” MN Kauland SL Shakdher, Practice and Procedure ofParliament, 3rd ed., vol. 1 (Metropolitan Book Co.,1979), http://archive.org/details/in.ernet.dli.2015.111150; this is also encapsulated in the Lok SabhaRules of Procedure. Rule 349(vii), “Rules of Procedureand Conduct of Business in Lok Sabha”


360 India Const., art. 368(2).

361 India Const., arts. 61(2)(b) and 61(4).

362 India Const., art. 124(4).

363 India Const., art. 244A(3).

364 India Const., art. 249.

365 India Const., art. 312.

366 India Const., art.352(6).

367 India Const., arts. 55(3) & 66(1).

368 U.S. Const., art. I, . 5, cl. 3.

369 Elizabeth Rybicki, “Voting and QuorumProcedures in the Senate,” (Congressional ResearchService, August 2013), 5.

370 Rybicki, 5.

371 “Divisions,” UK Parliament, accessed 10 March2019, https://www.parliament.uk/about/how/business/divisions/

372 Ibid.

373 Shalaka Patil, “Push Button Parliament - WhyIndia Needs a Non-Partisan, Recorded Vote System,” Anuario Colombiano de Derecho Internacional 4(2011): 182, https://heinonline.org/HOL/Page?handle=hein.journals/acdin4\&id=154\&div=\&collection=.

374 Carey, Legislative Voting and Accountability,166.

375 Carey, 166.

376 Whips can be the letter that are issued by asenior functionary of a political party, issuingdirections to the members of that party in parliament—usually directing them to vote in a particularmanner on a motion, to abstain from voting, or even

to just attend a particular session of parliament. Theterm can also be used to describe the privilege ofbelonging to a political party; thus when an MP’swhip is removed, that MP is expelled from the party,until that MP’s whip is restored. Finally, the term canalso be used to describe the senior political partyfunctionaries whose job it is to issue and removewhips, and otherwise ensure cohesion among theirfellow party members. Whips are statutorilyrecognized in multiple parliaments, and draw salariesfrom the public exchequer as well in countries likeIndia and the U.K.

377 R. Eric Petersen, “Parliament and Congress: ABrief Comparison of the British House of Commonsand the U.S. House of Representatives,” 2005, 4,https://fas.org/sgp/crs/misc/RL32206.pdf.

378 Petersen, 4.

379 The law allows for disqualification if there is“voluntarily giving up of seat” or if an MP “votes orabstains from voting in such House contrary to anydirection issued by the political party to which hebelongs or by any person or authority authorized byit in this behalf, without obtaining, in either case, theprior permission of such political party, person orauthority and such voting or abstention”. There arelimited circumstances in whips may not be issued,namely in the election of presidents and vice-presidents.

380 Kihoto Hollohan v. Zachillhu, 1992 SCR (1) 686.The court noted that, “there are certain side effectsand fall out which might affect and hurt even honestdissenters and conscientious objectors, but these arethe usual plus and minus of all areas of experimentallegislation.”

381 Ibid.

382 Mannadi Satyanarayan Reddy v. AndhraPradesh Legislative Assembly and Others, 2009 (3)ALT 32.


383 David Beetham, Parliament and Democracy inthe Twenty-First Century: A Guide to Good Practice(Inter-Parliamentary Union, 2006), 96, https://www.ipu.org/resources/publications/handbooks/2016-07/parliament-and-democracy-in-twenty-first-century-guide-good-practice.

384 Beetham, 96.

385 The situation before 1972-73 when the U.S.House of Representatives moved to electronic votingwas described by the Clerk of the House: “Voting inthe House was something of a mystery, unless youwere present in the chamber when the roll wascalled, and attentive to the Members’ responses, andthen, of course, people in the gallery then, as now,could not take notes. You did not know until the nextday when the vote was recapitulated in theCongressional Record how the Members individuallyhad voted.” - Donnald K. Anderson, Clerk of the U.S.House of Representatives (2006)

386 Patil, “Push Button Parliament - Why IndiaNeeds a Non-Partisan, Recorded Vote System,” 170–72.

387 Simon Hug, Simone Wegmann, and RetoWüest, ‘Parliamentary Voting Procedures inComparison’, West European Politics 38, no. 5(September 2015): 943, https://doi.org/10.1080/01402382.2015.1045290.

388 Patil, “Push Button Parliament - Why IndiaNeeds a Non-Partisan, Recorded Vote System,” 171.

389 Varghese K. George, “Voice Vote Valid OnlyWhen Nobody Questions It,” The Hindu, November2014, https://www.thehindu.com/news/national/other-states/voice-vote-valid-only-when-nobody-questions-it/article6596275.ece.

390 Anusha Ondaatjie and Iain Marlow, “NoConfidence in New PM, Sri Lanka Lawmakers TellParliament,” Bloomberg, accessed 29 April 2019,https://www.bloomberg.com/news/articles/

2018-11-14/sri-lanka-parliament-passes-no-confidence-vote-against-new-pm.

391 See Hug, Wegmann, and Wüest,”ParliamentaryVoting Procedures in Comparison.”

392 For this to happen, it ought to be taken up bythe Rules Committee of either house, and a changerecommended. Thereupon, the rules of procedure ofthe Lok Sabha and the Rajya Sabha should beamended by each house. While the lack of a clearrule is not a bar for this practice to be implemented,it would give it a more binding character if it foundexpression in the rules of procedure. As a start,though, it would be judicious for political parties tostart publicly documenting every whip they issue(whether one-line, two-line, or three-line whips) ontheir website.

393 Patil, “Push Button Parliament — Why IndiaNeeds a Non-Partisan, Recorded Vote System,” 191.

394 Patil, 192.

395 MPs have at least four distinct kinds of duties:(1) Legislative and deliberative: MPs debate, draft,and pass statutes, they amend or reject subordinatelegislation promulgated by the Executive; (2)Oversight: they exercise budgetary oversight,participate in committees that examine the workingsof the government, and have powers to conductspecial investigations via “joint parliamentarycommittees,” fell governments through “no-confidence motions,” impeach the President,approve or disapprove declarations of emergency,and interrogate the functioning of the governmentthrough a variety of means [Question Hour, CallingAttention Motion, etc.], and impeach judges ofconstitutional courts; (3) Elective: they vote for theelections for the president and vice-president of India(apart from parliamentary functionaries such as theSpeaker of the Lok Sabha, etc.; (4) Representative:MPs represent their political parties, and representtheir constituents by raising issues relevant to theirconstituents in Parliament [or in parliamentarycommittees and processes], by aiding their


constituents in communicating with governmentalbodies and getting their concerns heard by thegovernment and local bodies, and recommendingspecific developmental projects be undertaken intheir constituency and providing the funding for thatthrough the MPLAD fund.

396 Lok Sabha Secretariat, “Resumé of Work Doneby Lok Sabha: 16th Lok Sabha, 13th Session,”February 2018, 32–33, http://164.100.47.193/resumeofwork/XIII/5163LS.pdf.

397 MP’s Reports, Dr. Shashi Tharoor’s OfficialWebsite, 2019, http://shashitharoor.in/mp_reports.MP Shashi Tharoor has been leading the way, havingissued such reports since his first term from2009-2014. Instructively, in his latest end-term reportcovering 2014-2019, he only dedicates two sectionsfor work within the Lok Sabha and a StandingCommittee, while eleven sections are dedicated towork outside of Parliament.

398 Manju Jain, “Delivering Parliamentary Libraryand Research Services in an Interconnected World:The Case of the Parliament of India,” IFLA - Libraryand Research Services for Parliaments, September2016, https://www.ifla.org/node/10848.

399 Rajya Sabha Secretariat, ‘Rajya Sabha AnnualReport 2017’, 2017, https://rajyasabha.nic.in/rsnew/annual_report/2017/LARRDIS.pdf.

400 Empirical research for this paper would havebeen aided greatly if Parliamentary debates wereavailable in a structured format such as AkomaNtoso.

401 There are many definitions of open standards,but for the purposes of this section I mean that it hasbeen standardized by a committee with openparticipation and an open process, and is availablefor free, and may be implemented in free/libre/opensource software without payment of any royalties.

402 Ashok Hariharan, interview by author, March2019.

403 John Sheridan and Jim Mangiafico, ‘Structure-Aware Search of UK Legislation’, in XML London 2016Conference Proceedings (London, United Kingdom:XML London, 2016), 78–81, https://doi.org/10.14337/XMLLondon16.Sheridan01.

404 ‘AT4AM.eu’, AT4AM.eu, accessed 30 January2019, https://at4am.eu/.

405 “U.N. Semantic Interoperability Framework forNormative and Parliamentary Documents (UNSIF) |United Nations System Chief Executives Board forCoordination,” United Nations System, accessed 16April 2019, https://www.unsystem.org/content/akn4un. The blog post on this notes: ‘The adoption of[the UN Semantic Interoperability Framework] hasput the foundations for the establishment of a UN-wide ecosystem of machine-readable documentsthat will foster collaboration and reduce costs ininformation management across the system bytransforming the web of information enclosed intraditional word processing documents into a web ofdata that can be interpreted by computers to createinnovative services. By having documents available ina common semantically rich format will raisedramatically the UN capacity to coordinate activities,create synergies and respond to clients’ informationdemands, improve the efficiency and quality ofinformation processing, dissemination andaccessibility, and bring significant benefits in termsof governance, accountability and transparency.”

406 “Indigo Platform for Publishing BeautifulLegislation: Laws-Africa/Indigo’ (Laws.Africa, March2019), https://github.com/laws-africa/indigo.

407 Nyaaya, “Laws of India in Akoma Ntoso XMLformat,” https://github.com/nyaayaIN/laws-of-india/tree/master/consolidated.

408 Union of India v. Vansh Sharad Gupta, W.P. (C)4761/2016, order dated May 25, 2017, http://delhihighcourt.nic.in/dhcqrydisp_o.asp?pn=106443&yr=2017.


409 Union of India v. Vansh Sharad Gupta, W.P. (C)4761/2016, order dated December 15, 2017, http://delhihighcourt.nic.in/dhcqrydisp_o.asp?pn=240305&yr=2017.

410 Chakshu Roy, “Budgeting for Democracy,” TheIndian Express, February 2017, https://indianexpress.com/article/opinion/columns/union-budget-parliament-democracy-lok-sabha-rajya-sabha-4511240/.

411 Ashok Hariharan, interview with author, March2019. Hariharan.’

412 Hariharan.

413 Hariharan.

414 Beetham, Parliament and Democracy in theTwenty-First Century, 7.

415 Ministry of Civil Aviation, GovernmentAnnounces Regulations for Drones, New Delhi, India:Press Information Bureau, Government of India,August 27, 2018, http://pib.nic.in/newsite/PrintRelease.aspx?relid=183093; Gill, Prabhjote,“Flying Drones are Finally Legal in India.,” BusinessInsider, August 29, 2018, https://www.businessinsider.in/flying-drones-is-finally-legal-in-india/articleshow/65573434.cms.

416 For a discussion on how unmanned aerialvehicles or commercial drones are being utilized insome of the core public sectors and allowing civilianuses of aerial monitoring, see: Padmanabhan,Ananth, “Civilian Drones and India’s RegulatoryResponse,” Carnegie India, March 10, 2017, https://carnegieindia.org/2017/03/10/civilian-drones-and-india-s-regulatory-response-pub-68218.

417 “Cleared for Take-Off: India Ready for the DroneRevolution, Pilots New Open Source Guide forGovernments,” World Economic Forum, January 25,2019, https://www.weforum.org/press/2019/01/cleared-for-take-off-india-ready-for-the-drone-

revolution-pilots-new-open-source-guide-for-governments/.

418 FE Bureau, “India’s Drone Market Expected toGrow $885.7 mn by 2021,” Financial Express, October8, 2018, https://www.financialexpress.com/industry/technology/indias-drone-market-expected-to-grow-885-7-mn-by-2021-jobs-look-like-a-guarantee-here/1340848/.

419 Mallapur, Chaitanya, “India Tops List of Drone-Importing Nations,” Business Insider, May 4, 2015,https://www.business-standard.com/article/specials/india-tops-list-of-drone-importing-nations-115050400136_1.html.

420 Panda, Ankit, “US Approves Sale of ArmedPredator-B Drones to India,” The Diplomat, May 2,2018. https://thediplomat.com/2018/05/us-approves-sale-of-armed-predator-b-drones-to-india-report/.

421 Pamela Cohn, Alastair Green, MeredithLangstaff, and Melanie Roller, “Commercial Dronesare Here: The Future of Unmanned Aerial Systems”,McKinsey Report, December 2017, https://www.mckinsey.com/industries/capital-projects-and-infrastructure/our-insights/commercial-drones-are-here-the-future-of-unmanned-aerial-systems

422 Pamela Cohn, Alastair Green, MeredithLangstaff, and Melanie Roller, “Commercial DronesAre Here: The Future of Unmanned Aerial Systems,”McKinsey Report, December 2017, https://www.mckinsey.com/industries/capital-projects-and-infrastructure/our-insights/commercial-drones-are-here-the-future-of-unmanned-aerial-systems.

423 “Drone Certification: A Step-by-Step Guide toFAA Part 107 for U.S. Commercial Drone Pilots,” UAVCoach, https://uavcoach.com/drone-certification/.

424 Dukowitz, Jack, “ISO Releases Draft of FirstInternational Drone Standards for Public Comment,” UAVCoach. November 30, 2018, https://uavcoach.com/iso-standards/.


425 Government. Ministry of External Affairs. Responding First as a Leading Power. https://www.mea.gov.in/Portal/IndiaArticleAll/636548962666860480_Responding_First_Leading_Power.pdf

426 Kuronuma, Yuki. ‘Drones Help Rescue Efforts inNepal.’ Nikkei Asian Review. May 11, 2015. https://asia.nikkei.com/Business/Drones-help-rescue-efforts-in-Nepal

427 Parmar, Tekendra, “Drones in India,” Center forthe Study of the Drone. December 4, 2014. https://dronecenter.bard.edu/drones-in-india/.

428 Rossow, Richard M. and C. Raja Mohan, Deepening India-U.S. Cooperation on HumanitarianAssistance and Disaster Relief in the Indian Oceanand the Asia-Pacific Regions, CSIS, Wadhwani Chairin U.S.-India Policy Studies, October 2015. https://csis-prod.s3.amazonaws.com/s3fs-public/legacy_files/files/publication/151021_Rossow_DeepeningUSIndiaCooperation_Web.pdf.

429 Mehta, Aaron, “US, India Collaborating on Air-Launched Drone,” Defense News, March 18, 2019,https://www.defensenews.com/global/asia-pacific/2019/03/18/us-india-collaborating-on-air-launched-drone/

430 “Building Cargo Drone Expertise in Papua NewGuinea,” iRevolutions, February 25, 2019, https://irevolutions.org/2019/02/25/building-cargo-drone-expertise-in-papua-new-guinea/.

431 “Is China at the Forefront of DroneTechnology?”, CSIS ChinaPower, May 29, 2018,https://chinapower.csis.org/china-drones-unmanned-technology/

432 Das, Pranab K, “The Customs Paradigm inCombatting Weapons of Mass Destruction,” Ministryof Finance, Government of India. https://www.eiseverywhere.com/file_uploads/

00f88670a97ee6715c92afc0199aec8c_6.6Mr.PranabKumarDas.pdf.

433 Ministry of Civil Aviation. Operations ofRemotely Piloted Aircraft System (RPAS) to beEnabled through Digital Sky Platform, PressInformation Bureau, August 27, 2018. http://www.pib.nic.in/PressReleseDetail.aspx?PRID=1544087

434 Mathews, Neelam, “India Struggles With DroneIssues.” AINOnline, February 17, 2016, https://www.ainonline.com/aviation-news/aerospace/2016-02-17/india-struggles-drone-issues

435 For a detailed discussion on the variouschallenges to bolster the commercial drone sector inIndia, see “Make in India for Unmanned AircraftSystems: Awaiting its Kitty Hawk Moment,” FICCIand EY, https://www.ey.com/Publication/vwLUAssets/ey-make-in-india-for-unmanned-aircraft-systems/$File/ey-make-in-india-for-unmanned-aircraft-systems.pdf

436 Rice, Stephen, “Eyes in the Sky: The Public hasPrivacy Concerns About Drones”, Forbes, February 4,2019, https://www.forbes.com/sites/stephenrice1/2019/02/04/eyes-in-the-sky-the-public-has-privacy-concerns-about-drones/#a0432c06984c

437 A doorstep delivery would entail collection ofcustomer data at levels which would be consideredprivate such as residence address, timings fordeliveries among other detailed information oncustomers.

438 Lohn, Andrew J, Gulden, Timothy R. Xu, Jia.Jones, Therese, Kuhn, Kenneth, Welser IV, William.“What’s in Store for Commercial Delivery Drones,” Rand Research Brief, https://www.rand.org/pubs/research_briefs/RB9995.html

439 Lohn, Andrew J, Gulden, Timothy R. Xu, Jia.Jones, Therese, Kuhn, Kenneth, Welser IV, William.“What’s in Store for Commercial Delivery Drones,” Ra


nd Research Brief, https://www.rand.org/pubs/research_briefs/RB9995.html

440 ET Bureau, “Drones: Out of Sight, but in IndianGovt’s Mind,” Economic Times, January 16, 2019,https://economictimes.indiatimes.com/industry/transportation/drones-out-of-sight-but-in-indian-govts-mind/articleshow/67550036.cms

441 Isaak, Adam “With More Drones in the SkyEvery Year, ‘Counter-Drone’ Tech Can Keep the BadOnes at Bay”, CNBC, February 2, 2019, https://www.cnbc.com/2019/02/02/counter-drone-tech-is-needed-more-than-ever.html

442 Chang, Lulu “FBI Rescue Hostage TeamBamboozled After Criminals Unleash Drone Swarm”, Digital Trends, May 4, 2018, https://www.digitaltrends.com/cool-tech/drones-fbi-raid/

443 Brennan, David. “Why are Militants UsingDrones? UAV Weapons Have Spread Far BeyondNation States,” Newsweek, April 24, 2018, https://www.newsweek.com/why-are-militants-using-drones-uav-weapons-have-spread-far-beyond-nation-899076.

444 “Game of Drones-Proliferated Drones,” Wargame Report, Center for New American Security, June29, 2016, http://drones.cnas.org/wp-content/uploads/2016/06/Game-of-Drones-Proliferated-Drones.pdf.

445 Harper, Alexander, “Drones Level the Battlefieldfor Extremists,” The Interpreter, April 20, 2018,https://www.lowyinstitute.org/the-interpreter/drones-level-battlefield-extremists.

446 Michel, Arthur H, ‘Counter-Drone Systems.’ TheCenter for Study of Drone, Bard College, February2018, accessed April 26, 2019. https://docs.google.com/viewerng/viewer?url=http://dronecenter.bard.edu/files/2018/02/CSD-Counter-Drone-Systems-Report.pdf&hl=en_US

447 Ibid.

448 Grand View Research, “Anti-Drone Market SizeWorth $1.85 Billion By 2024 | CAGR: 24.1%,” accessedApril 26, 2019. https://www.grandviewresearch.com/press-release/global-anti-drone-market

449 “Why We Need Counter-Drone TechnologyNow More than Ever,” CNBC, February 1, 2019,https://www.cnbc.com/video/2019/02/01/counter-drone-companies-like-dedrone-fortem-are-policing-the-skies.html

450 Federal Aviation Administration, Pilot Reports ofClose Calls With Drones Soar in 2015, August 12,2015, https://www.faa.gov/news/updates/?newsId=83445

451 Goglia, John,“FAA Confirms Shooting a Drone isa Federal Crime. So When Will U.S. Prosecute?” Forbes, April 13, 2016, https://www.forbes.com/sites/johngoglia/2016/04/13/faa-confirms-shooting-drone-federal-crime-so-when-will-us-prosecute/#15ca2e562a25

452 U.S. Department of Transportation, UpdatedGuidance on Unmanned Aircraft System (UAS)Detection and Countermeasures, Federal AviationAgency. July 19, 2018, https://www.faa.gov/airports/airport_safety/media/Counter-UAS-Airport-Sponsor-Letter-July-2018.pdf

453 Snead, Jason, John-Michael Seibler, and DavidInserra, “Establishing a Legal Framework for Counter-Drone Technologies,” The Heritage Foundation, April16, 2018, https://www.heritage.org/technology/report/establishing-legal-framework-counter-drone-technologies

454 French, Sally, “Department Of Defense Is UsingSkySafe To Crack Down on Rogue Drones,” DroneGirl, July 20, 2017, https://thedronegirl.com/2017/07/20/skysafe-anti-drone/

455 Peri, Dinaker, “Expanding Anti-UAVs Market toCounter Drone Technology,” CLAWS Journal, Winter2015, https://www.claws.in/images/journals_doc/


246665511_ExpandingAnti-UAVsMarkettoCounterDroneTechnology.pdf

456 Ahuja, Namrata B, “Govt Plans to Deploy Anti-Drone Facilities at Airports,” The Week, March 14,2018, https://www.theweek.in/news/india/2018/05/14/govt-plans-to-deploy-anti-drone-facilities-at-airports.html

457 National Nuclear Security Administration, NNSA Deploys its First Counter-Unmanned AircraftSystem, Nov. 19, 2018, https://www.energy.gov/nnsa/articles/nnsa-deploys-its-first-counter-unmanned-aircraft-system

458 Horizontal technology refers to application of atechnology across different sectors without muchinvestment in R&D. An example would be e-commerce where selling a book is similar to selling alaptop.

459 “The Chatbots Taking Over Government: WhatJobs Can They Do?” October 17, 2017, https://apolitical.co/solution_article/chatbots-government-what-jobs-can-they-do/.

460 Lindsay Curdele, “Pokemon Gov: GamifyingCivic Engagement,” July 28, 2016https://mediacause.org/pokemon-go-gamifying-civic-engagement/.

461 Participatory Pokemon Go, last modified July 5,2017, https://www.boston.gov/departments/new-urban-mechanics/participatory-pokemon-go.

462 “Catalog of Good Deeds: Building Civil SocietyThrough Daily Acts of Kindness, Tlalnepantla De Baz,Mexico: Mayors Challenge Finalist, 2016,https://mayorschallenge.bloomberg.org/ideas/tlalnepantla-de-baz/.

463 Ibid.

464 G. Sgueo, A discussion on gamified digitaladvocacy, Workshop The Future of Law. Technology,Innovation and Access to Justice, Chair for Public

Law and Comparative Law, Humboldt University ofBerlin and Friedrich Naumann Stiftung for Freedom,November 2018.

465 Alan Ivan Chorney, "Taking the Game out ofGamification," Dalhousie Journal of InterdisciplinaryManagement, Vol. 8, No. 1 (2012).

466 Jane McGonigal, Reality is broken: Why gamesmake us better and how they can change the world.(New York: Penguin, 2011).

467 Robert D. Putnam, "E Pluribus Unum: Diversityand Community in the Twenty-first Century." (The2006 Johan Skytte Prize Lecture, 2007).

468 Nicholas Plumb, Hannah Millinship Hayes, et al,“Integration City: A new communities agenda forLondon,” October 2016, https://the-challenge.org/uploads/documents/TCN-Integration-City.pdf.

469 Ibid

470 OECD Guidelines on Measuring Trust, Nov. 23,2017, http://www.oecd.org/sdd/oecd-guidelines-on-measuring-trust-9789264278219-en.htm.

471 I. Bogost, “The rhetoric of video games” in K.SALEN (ed.), The Ecology of Games: ConnectingYouth, Games, and Learning, (MIT Press, 2008), p.130.

472 Ibid.

473 Gianluca Sgueo, “Games, Powers &Democracies: Chapter 1,” Games, Powers &Democracies, (Milan: Bocconi University Press, 2018).

474 , Barnett et al., “Toward Metrics forRe(imagining) Governance: The Promise andChallenge of Evaluating Innovations in How WeGovern,” GovLab Working Paper, April 18, 2013.

475 Graham Smith, Democratic innovations:Designing institutions for citizen participation(Cambridge: Cambridge University Press, 2009).


476 Decide Madrid, https://decide.madrid.es/.

477 CrowdLaw Introduction, The GovLab, Sep. 2017,https://crowd.law/crowdlaw-introduction-baef458325ae

478 “Over Half of Reykjavik Residents SteerPolicymaking - Here's How,” Apolitical, Sept. 2017,https://apolitical.co/solution_article/half-reykjavik-residents-steer-policymaking-heres/.

479 Vtaiwan, https://info.vtaiwan.tw/.

480 “Taiwan Is Using Social Media to CrowdsourceLegislation,” Apolitical, June 2017, https://apolitical.co/solution_article/taiwan-using-social-media-crowdsource-legislation/.

481 Beth Noveck, “More Than A Coin: The Rise OfCivic Cryptocurrency,”June 25, 2018, https://medium.com/@bethnoveck/with-victoria-alsina-reproduced-from-forbes-march-27-2018-600db3e64131.

482 Paul van Sambeek, Edgar Kampers, “NU-spaarpas, the Sustainable Incentive Card Scheme,2004.

483 De Torekes, https://samenlevingsopbouwgent.be/wat-doen-we/projecten/de-torekes/

484 “Engage Your Citizens with Gamification,”Innowave, https://content.campaignspartner.com/link/innowave-download-wp-en-lk.

485 Peter Hasson, “Social Credit,” Daily Caller, Nov.2018, https://dailycaller.com/2018/11/17/andrew-yang-2020-social-credit/.

486 Andrew Yang, “Modern Time Banking,” https://www.yang2020.com/policies/modern-time-banking/.

487 Rachel Botsman, “Big Data Meets Big BrotherAs China Moves To Rate Its Citizens,” Wired, Oct. 21,2017, https://www.wired.co.uk/article/chinese-government-social-credit-score-privacy-invasion.

488 Rogier Creemers, "China's Social CreditSystem: An Evolving Practice of Control." (2018)

489 A. Davies and J. Simon, “Citizen engagement insocial innovation – a case study report,” adeliverableof the project: “The theoretical, empirical and policyfoundations for building socialinnovation in Europe”(TEPSIE), European Commission – 7th FrameworkProgramme, Brussels:European Commission, DGResearch, 2012.

490 Fred Powell, "Civil society, social policy andparticipatory democracy: Past, present and future." Social Policy and Society 8, no. 1 (2009): 49-58.

491 Ibid

492 Joseph Kahne, Ellen Middaugh, and ChrisEvans. The civic potential of video games.(Cambridge, MA: MIT Press, 2009).

493 “Who Knows Best? Cities Consult Citizens forFresh IdeasPlace,” Feb. 2019, http://www.thisisplace.org/i/?id=8bce0a3d-3179-4bf9-ad79-e5f52e186062.

494 Samuel Bowles, “The Moral Economy: WhyGood Incentives are no substitute for good citizens,”(New Haven, CT: Yale University Press, 2017).

495 Cass R. Sunstein, “Why nudge?: The politics oflibertarian paternalism,” ((New Haven, CT: YaleUniversity Press, 2014).

496 Beth Noveck, Smarter Citizens, Smarter State,(Harvard, MA:Harvard University Press, 2015).

497 BETH Noveck, "Wiki-government: HowTechnology Can Make Government Better,Democracy Stronger, and Citizens More Powerful,”(Washington, DC: Brookings Institution 2009).

498 Amos Tversky and Daniel Kahneman,"Judgment Under Uncertainty: Heuristics andBiases," Science 185, no. 4157 (1974): 1124-1131.


499 John Cheney-Lippold, "A New AlgorithmicIdentity: Soft Biopolitics and the Modulation ofControl," Theory, Culture & Society 28, no. 6 (2011):164-181.

500 John Cheney-Lippold, "Jus algoritmi: How theNational Security Agency Remade Citizenship,"International Journal of Communication 10 (2016): 22.

501 Colin Daileda “The U.S. Will Start CollectingSocial and Search Data on Every Immigrant Soon,” Mashable, September 2017, https://mashable.com/2017/09/26/us-government-social-media-data-immigrants/.

502 Draft Ethics Guidelines for Trustworthy AI,European Commission, December 2018, https://ec.europa.eu/digital-single-market/en/news/draft-ethics-guidelines-trustworthy-ai.

503 Ibid.

504 Tara McGuinness and Anne-Marie Slaughter,“The New Practice of Public Problem Solving,” Stanford Social Innovation Review, Spring 2019. https://ssir.org/articles/entry/the_new_practice_of_public_problem_solving#

505 Bharath Visweswariah, “Solving India's MostPressing Challenges with Civic Tech,” Medium, May21, 2018, https://medium.com/positive-returns/solving-indias-most-pressing-challenges-with-civic-tech-f2caea4a4c76.

506 “About: ichangemycity,” https://www.ichangemycity.com/about-us.

507 “Next Election: Make It Count!,” https://www.nextelection.com/home.

508 “Civis,” https://civis.vote/.

509 “Building Young India's Champions | Solve ninja,Reap Benefit,” https://reapbenefit.org/

510 “Home.” Village Capital, vilcap.com/.

511 Richard H. Thaler and Cass R. Sunstein, Nudge:Improving Decisions about Health, Wealth, andHappiness, (New York: Penguin, 2009).

512 “C40 Cities | Networks,” https://www.c40.org/networks

513 Stefaan Verhulst, Towards a Science ofGamification and its Relationship to Governance andDemocracy (2018).

514 Nilekani, Nandan ‘Technology to LeapfrogDevelopment: The Aadhaar Experience’ Center forGlobal Development, The Eighth Annual Richard H.Sabot Lecture.

515 “Social Security.” Social Security History, SocialSecurity Administration, www.ssa.gov/history/hfaq.html.

516 This statistic was reported in 2009 by “HighwayFinance Data Collection.” Policy and GovernmentalAffairs Office of Highway Policy Information, U.S.Department of Transportation/Federal HighwayAdministration, www.fhwa.dot.gov/policyinformation/pubs/hf/pl11028/chapter4.cfm.

517 Public Interest Technology is a field dedicated toleveraging technology to support public interestorganizations and the people they serve. Fordecades, public interest organizations have workedto improve the lives of the general public. They workon issues that shape our everyday lives, includingprotecting the environment, human rights, childwelfare, and reforming criminal justice. Source NewAmerica about Public Interest Technology

518 Mawaki, Chango, "Becoming Artifacts:Medieval Seals, Passports and the Future of DigitalIdentity" (2012). The School of Information Studies-Dissertations. Paper 74.

519 Benedict Anderson, Imagined communities:reflections on the origin and spread of nationalism,London: Verso, 1983.


520 Edward Black, IBM and the Holocaust: The Stratigic Alliance Between Nazi Germany and America’sMost Powerful Corporation. New York: RandomHouse 2001)

521 M Manikandan ‘Fire of 1968 still burning inside’The New Indian Express. Dec 24, 2017

522 1969 Gujarat riots

523 Nellie Massacre

524 1984 Anti-Sikh Riots

525 Hashimpura massacre

526 Laxmanpur Bathe Masacare

527 ‘Timeline of the Riots in Modi’s Gujarat’ NewYork Times, Aug 19, 2015

528 Khairlanji Massacre

529 See Kaur, Jaskaran; Crossette, Barbara (2006). Twenty years of impunity: the November 1984pogroms of Sikhs in India (2nd ed.). Portland, OR:Ensaaf. p. 29. and Rao, Amiya; Ghose, Aurobindo;Pancholi, N. D. (1985). Truth about Delhi violence:report to the nation. India: Citizens for Democracy.Retrieved 4 August 2010.

530 Dabas, Maninder, ‘11 Major Incidents ofViolence Against Dalits Which Show How Badly WeTreat Them’. Indian Times. July 25, 2016

531 A Techno-Utopian strongly believes thattechnology allows mankind to make social,economic, political, and cultural advancements andthat technology’s impacts as extremely positive.

532 Nandan Nilekani and Viral Shah, RebootingIndia: Realizing a Billion Aspirations (Penguin Books,India 2015)

533 This was the case for several of my intervieesfor this research and why I have chosen not todisclose their names. Examples include: Shashidhar

KJ, “UIDAI files FIR against journalist for exposingflaws in Aadhaar enrolment,” Medianama, March 29,2017; Rachna Khaira “Rs 500, 10 minutes, and youhave access to billion Aadhaar details, ”Tribune NewsService Jan. 4, 2018.

534 Interviews with subjects in India whoparticipate in groups to do research and publish theirwork either under the name of someone who hasenough power to reduce the risk they will have a FIR(first information report) filed against them or undera group name.

535 Anand Venkatanarayanan, Security Analysis ofmAadhaar, Oct 30, 2017Derick Thomas, “What UIDAIdoesn’t tell you about offline use of Aadhaar forKYC,” Nov. 18, 2018. Karan Saini, “Extracting personalphone numbers linked to Aadhaar,” May 8, 2018.

536 Zack Whittaker. “A new data leak hits Aadhaar,India's national ID database.” ZDNet/ZeroDay, March23, 2018.

537 Original content by iSpirit https://ispirt.in

538 Cameron, Kim, Laws of Identity See the 4thLaw of Identity. in the Directed Identity: A universalidentity system must support both “omni-directional”identifiers for use by public entities and“unidirectional” identifiers for use by private entities,thus facilitating discovery while preventingunnecessary release of correlation handles.

539 Identification vs. authenticationIdentification isthe process of establishing who an entity is within agiven population or context. It often takes placethrough identity proofing, which verifies and validatesattributes (such as name, birth date, fingerprints oriris scans) that the entity presents.Authentication isthe process of determining if the authenticators(such as a fingerprint or password) used to claim adigital identity are valid – that they belong to thesame entity who previously established theidentity.World Economic Forum, Identity in a DigitalWorld: A new chapter in the social contract, 2017


540 This scenario was imagined by the AmericanCivil Liberties Union and a short film was created ofwhat this would be like when ordering pizza.

541 Better Identity in America: A Blueprint forPolicymakers, Better Identity Coalition, June 2018.

542 See: Department of Homeland Security, SiliconValley Innovation, Program. ‘Preventing Forgery andCounterfeiting of Certificates and Licenses(70RSAT19R00000002)’, Other TransactionsSolicitations Link to site. Direct link to PDF.

543 Aadhaar: A Biometric History of India’s 12-DigitRevolution by Shankkar Aiyar and The Aadhaar Effect:Why the World’s largest identity project matters byN.S. Ramnath, Charles Assisi.

544 Updates on Aadhaar Final Hearing: Day 1

545 Vidyut, Constitutional validity of Aadhaar SeriesMediaNama

546 Prashant Reddy Thikkavarapu, ‘The Aadhaar BillIs Yet Another Legislation That Leaves Too MuchPower With The Government At The Centre’, Caravan Magazine 14 March 2016

547 Prashant Reddy Thikkavarapu | ‘New AadhaarRegulations Grant The UIDAI Unchecked Power, AndOffer Little Convenience To Users’, November 21,2016

548 The Ecosystem Around Aadhaar mapped byVidyut https://aadhaar.fail/aadhaar-ecosystem/ andDr. Usha Ramanathan’s Talk on the UIDAI Litigation An argument was made by private individuals andprivate companies to allow them to use the data as abusiness database, to use it as an identity platform onwhich many apps would be built. When the case wasunder way, five such businesses came to the court tobe a part of the litigation. They requested the court tonot change anything or their businesses wouldcollapse. The link between businesses and thegovernment in this project was extraordinary.

549 Social Security Administration, Enumeration atBirth

550 Department of Justice About the National VoterRegistration Act

551 Number of rooms, type of room, material of thebuilding construction.

552 Government of Kerala, Aadhaar Application

553 Anand Venkatanarayanan and other securityresearchers have examined the software used forenrollment and in particular the encryption keys usedin the enrollment software.

554 All of these are available on the Internet Archiveversions of UIDAI sites. UIDAI, State Resident DataHub (SRDH) State Adoption Strategy Document v1.2March, 2012. UIDAI Doc Number: UID _603_ECMP,Aadhaar Enrolment Client-Registrar IntegrationManual Pre-Enrolment Data, Security & KYR+ Data.Document Version 2.2; UIDAI, Approach Documentfor Aadhaar Seeding In Service Delivery DatabasesVersion 1.0. 2010; ITE & C Department Govt. ofAndhra Pradesh. State Resident Data Hub SRDH;UIDAI, SRDH Application Deployment Guide VersionNo.1.5; State Resident Data Hub (SRDH) ApplicationFramework Adoption Guidelines; UIDAI,Memorandum of Understanding between the UniqueIdentification Authority of India And the StateGovernment for the Implementation of SRDH Project

555 UIDAI State Resident Data Hub (SRDH), StateAdoption Strategy Document v1.2, March, 2012 IDAIPortal and allows a Registrar to access ONLY its ownKYR data – hence, a State Registrar cannot accessdata enrolled by Non State Registrars.

556 UIDAI Data Sharing Policy Annexure-B,Memorandum of Understanding between the UniqueIdentification Authority of India And the StateGovernment for the Implementation of SRDH Project.

557 U Sudhakar Reddy, “Aadhaar-linked SRDH Datawas shared in the past,” Times of India Mar. 9, 2019.


558 Digital India Site: Kerala State Resident DataHub Lookup Service

559 UIDAI, Standard Protocol Covering theApproach & Process for Seeding Aadhaar Numbers inService Delivery Databases June 2015 Version 1.1

560 The same person may have many differentnames or variations of name based on context. It isalso true that different parts of India have differentnaming conventions. Naming Conventions In India,RitiRiwaz, Aug. 2, 2018, Naming Traditions: How toName Babies in India Last Updated on Sept. 12, 2017by Team Babygogo,

561 Subjects I interviewed in India went into greatdetail explaining how the name on their birthcertificate was their grandfathers and matched whatwas on their marriage certificate but this wasdifferent from the name they had on all their schoolrecords and this was different from how they listedtheir name on government documents like PANcards.

562 Niha Masih Lost in transition: Has linkingAadhaar to government welfare schemes made itdifficult for beneficiaries to avail of aid? HindustanTimes Oct. 08, 2017; Namita Singh Centre: Statesneed to speed up Aadhaar seeding with benefitschemes, MediaNama, Nov. 12, 2018; Reetika Khera,Impact of Aadhaar in Welfare Programmes. Thegovernment's estimates of savings are examined, butthese do not stand scrutiny. What passes as 'savings'is often the result of denial of legal entitlements forlack of Aadhaar. In that sense, the Aadhaar projectundermines the right to life.

563 Feggins, R. DevOps Best Practice - Establishinga “Single Source of Truth,” July, 14, 2014.

564 Government of Odisha, State Resident DataHub. http://archive.is/wBrqeOdisha SRDH is acentralized, secure & single source of information onstate residents and will be integrated withdepartmental applications for the purpose of availingGovernment Welfare Scheme benefits.

565 United States Government GovernmentAccountability Office,Social Security NumbersFederal and State Laws Restrict Use of SSNs, yetGaps Remain, Testimony Before the Committee onConsumer Affairs and Protection andCommittee onGovernmental Operations, New York State Assembly,Statement of Barbara D. Bovbjerg, SOCIALSECURITY NUMBERS, Federal and State LawsRestrict Use of SSNs, yet Gaps Remain, For Releaseon Delivery Expected at 10:30 a.m. EST Thursday,September 15, 2005.

566 Meiser, Ken, Opening Pandoras Box: The SocialSecurity Number from 1937-2018, 2018. (master’sthesis)

567 Sarah Igo, the Known Citizen: A history ofPrivacy in Modern America

568 Sawyer and Schechter, “Computers, Privacyand the National Data Center” 811. In the KnownCitizen: A history of Privacy in Modern America bySarah Igo

569 The cover story on the Atlantic in November1967 was The National Data Bank; They July 1970News Week Cover Is Privacy Dead; The ComputerData Bank: Will it Kill your Freedom, July 1968 LookMagazine.

570 UIDAI, ‘State Resident Data Hub (SRDH)Institutional Framework Document’, April 2012. SeeSection 2.1.3.1 UIDAI Empanelment List

571 Government of Telegana, Intensive HouseholdSurvey 2014

572 Aman Sethi, ‘Why state data hubs pose a risk toAadhaar security’, Hindustan Times, March 13, 2018

573 Social Security Number Task Force, SocialSecurity Administration, Report to the Commissioner(1971)


574 Records, Computers and the Rights of Citizens,Report of the Secretary's Advisory Committee onAutomated Personal Data Systems July, 1973

575 See Robert Gellman, Fair Information Practices:A Basic History

576 U.S. Department of Justice, United StatesDepartment of Justice Overview of the Privacy Act1974, 2015 Edition

577 Meiser, Ken, Opening Pandora’s Box: The SocialSecurity Number from 1937-2018, 2018. (master’sthesis)

578 Personal Privacy in an Information Society, TheReport of The Privacy Protection Study Commission,July 1977

579 Chapter 16: The Social Security Number.Personal Privacy in an Information Society, TheReport of The Privacy Protection Study Commission,



582 Better Identity Coalition, Better Identity inAmerica: A Blueprint for Policy Makers, 2018. Page 4.accessed

583 E-Government Act of 2002 (Pub.L. 107–347, 116Stat. 2899, 44 U.S.C. § 101, H.R. 2458/S. 803)

584 M-03-22, OMB Guidance for Implementing thePrivacy Provisions of the E-Government Act of 2002

585 Congressional Research Services The SocialSecurity Number: Legal Developments Affecting ItsCollection, Disclosure, and Confidentiality, Feb. 21,2008State Department Report to Congress on SocialSecurity Number Fraud Prevention Act 2017

586 Laws currently being proposed would onlyapply to the private sector.

587 Consumer Identification Program 31 C.F.R1020.220

588 The Privacy of Financial Information 12 C.F. R. pt332 and the Interagency Guidelines EstablishingInformation Security Standards 12 C.F.R. pt 364. App.B (and corresponding regs) together with severallaws mandating reporting to consumers of mis-useand theft of their information; Disclosure by CRA ofConsumer File to Consumer; Free Annual Report; 15U.S.C. §§ 1681g, 1681h, 1681j(a); 12 C.F.R. pt. 1022,subpart N. Duties of Consumer Reporting AgenciesRegarding Identity Theft 12 C.F.R. § 1022.123

589 FATF - http://www.fatf-gafi.org

590 Indian Postal Addresses, Real Addresses takenfrom Kamat's Address Book,

591 Nandan Nilekani and Viral Shah, RebootingIndia: Realizing a Billion Aspirations (Penguin Books,India 2015) Page 113-120

592 There are a few limited cases such as privateinvestigators, for example, can run license plates ifthey are in the course of an investigation. Towingcompanies can run a license plate to locate theowner of a towed vehicle.

593 I worked with advocates in India to surveypeople to create a list of how and where thishappens. This was an informal survey via Twitter toget a sense of the range of every day activities thatrequire photocopies of Aadhaar Cards - https://twitter.com/godavar/status/1112556629390692353?s=19Patient transfer between hospital dfKotakMahindra Bank Mobile App for updating mobilenumber.private hospitals like #RNTagoreHospitalsAllbanks ask for #Aadhaar photocopiesnew SIM card inChennaiprivate and public schoolsA workshop onDigital marketingRooftop gardening lecturedemoHAM Radio classesVoter Idapplicationinsurance of many typesshare


market,Office HR deptMedical insurancerenewalPassport office during renewalPost office,when creating new post office schemes like NationalSaving CertificatesPAN card data correctionCellphone connection - AirtelVodafone while upgradingSIMElectoral Bond purchaseIndane gas agency forKYC. Sundaram Motors Honda dealer processinginsurance claimTCS World 10k Race,BengaluruTamilnadu Ration (TN EPDS)the DTDCcourier took my Aadhar card photocopy whilesending one package outside India - claimed theauthorities at the airports are asking them to submitit as one of the required documents.Livpure ROwater purifier.Central University of HimachalPradesh. For admission related paperwork.

594 As stated on their website: “Anyone whoknowingly and willfully uses SSNVS to request orobtain information from Social Security under falsepretenses violates Federal law and may be punishedby a fine or imprisonment, or both.” BusinessServices Online BSO Suite of Services Page”

595 EPFO Scheme How to Link Aadhaar Card WithEPFO & UAN Account 2018

596 Aadhaar Enabled Biometric AttendanceSolution (AEBAS) is an attendance managementsystem designed for government organizations byGovernment of India to improve productivity ofemployees. The system authenticates attendanceusing Aadhaar number created by UniqueIdentification Authority of India (UIDAI). It is a cloudbased BAS that monitors attendance of governmentemployees in real-time.

597 Stephen Cobb, Data privacy and dataprotection: U.S. law and legislation:an ESET WhitePaper. 2016


This report carries a Creative Commons Attribution4.0 International license, which permits re-use ofNew America content when proper attribution isprovided. This means you are free to share and adaptNew America’s work, or include our content inderivative works, under the following conditions:

• Attribution. You must give appropriate credit,provide a link to the license, and indicate if changeswere made. You may do so in any reasonable manner,but not in any way that suggests the licensorendorses you or your use.

For the full legal code of this Creative Commonslicense, please visit creativecommons.org.

If you have any questions about citing or reusingNew America content, please visit www.newamerica.org.

All photos in this report are supplied by, and licensedto, shutterstock.com unless otherwise stated.Photos from federal government sources are usedunder section 105 of the Copyright Act.


The Promise of Public Interest Technology: In India and the ...

Documents

Transcript of The Promise of Public Interest Technology: In India and the ...