The Promise of Public Interest Technology: in India and the United States Anthology of Working Papers by New America's U.S.-India Fellows

July 2019 The Promise of Public Interest Technology: In India and the United States Anthology of Working Papers by New America's U.S.-India Fellows

Richard Abisla, Subhodeep Jash, Aditya K. Kaushik, Sylvia Mishra, Ananth Padmanabhan, Pranesh Prakash, Tanvi Ratna, Joshua Simons, Madhulika Srikumar, & Kaliya Young

Last edited on August 01, 2019 at 3:20 p.m. EDT newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ About New America

We are dedicated to renewing America by continuing the quest to realize our nation’s highest ideals, honestly confronting the challenges caused by rapid technological and social change, and seizing the opportunities those changes create.

About the U.S.-India Fellowship

The India-United States Fellows Exchange is a collaboration between the Global Studies Program and the Fellows Program at New America. It aims to identify technologists from industry, government, and civil society; analysts of technology from academia and the media; and government regulators from state, local, and national levels to participate in a unique and timely fellowship exchange.

This program will bring Fellows from India to the United States, and Fellows from the United States to India, in order to devise novel technology-based solutions to policy challenges. The aim of this program is to enable both countries to better harness technology to improve the lives of their citizens, and to improve and strengthen the bilateral relationship between India and the United States.

About Fellows

New America’s Fellows Program invests in thinkers— journalists, scholars, filmmakers, and public policy analysts—who generate big, bold ideas that have an impact and spark new conversations about the most pressing issues of our day.

About International Security

The International Security program aims to provide evidence-based analysis of some of the thorniest questions facing American policymakers and the public. We are focused on South Asia and the Middle East, extremist groups such as ISIS, al Qaeda and allied groups, the proliferation of drones, homeland security, and the activities of U.S. Special Forces and the CIA.

2 Acknowledgments

The India-U.S. Fellowship team would like to sincerely thank the Ford Foundation for its vision, trust, and support throughout this process. A sincere thanks to Pradeep Nair and Seema Sharma for their support and enthusiasm both before and during our fellowship.

Thank you to our partner in India, the Observer Research Foundation, for hosting our cohort while in New Delhi, and to the Selection Committee for supporting this year’s application process.

We would also like to thank a number of New America teams that helped to shape the experience of the 10 Fellows while they were in residence: Blockchain Trust Accelerator; Cybersecurity Initiative; Future of Property Rights; International Security; and Resource Security.

Open Technology Institute; Ranking Digital Rights; Political Reform; Public Interest Technology; and Resource Security. Thank you to your staff for making time to meet with the cohort of Fellows throughout the research period, further building out their network, and providing them with thought leadership.

Thank you to the wider New America team for supporting our Fellows by attending open events we had with them, joining us on our Fellows Day at New America, and helping answer any questions they had. A huge thank you to Anne-Marie Slaughter, Tyra Mariani, and Anish Goel for their collective support and encouragement throughout the entire fellowship.

Thank you to our colleagues supporting events, communications, production, and human resources. You carried us through the process, and we are extremely grateful for the time and effort you have put into supporting the fellowship, convening event, and final papers.

A huge thank you for the collaborative effort of a number of our current and former colleagues throughout this process: Catherine York, Emily Schneider, Afua Bruce, Joanne Zalatoris, Maria Elkin, Angela Spidalette, Narmada Variyam, Clarke Reeves, Dee Snyder with Connoisseur Travel, Robin Bradley, Elizabeth Pankova, and Sumaita Mulk.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 3 About the Author(s) nited States Fe Madhulika Srikumar is a 2019 India-U.S. Fellow at Richard Abisla is a 2019 India-U.S. Fellow at New New America. Srikumar will be working on India-U.S. America. Abisla is currently the Portfolio Manager for data sharing for law enforcement and explore the ellows the Americas at Caravan Studios, a division of underlying privacy standards for access to electronic TechSoup. data in the two countries. w om indu sts of tec Subhodeep Jash is a 2019 India-U.S. Fellow at New Kaliya Young is a 2019 India-U.S. Fellow at New America, where he focuses on civic engagement that America. Young is one of the world’s leading experts combines technology with active citizenship. on decentralized or self-sovereign identity technology wship e ws from Aditya K. Kaushik is a 2019 India-U.S. Fellow at New n America. Kaushik works as a project scientist at echnology Divecha Centre for Climate Change at the Indian Institute of Science (IISc) in Bangalore. o better h

eral rela Sylvia Mishra is a 2019 India-U.S. Fellow at New tates. America. Mishra will research civilian drones and India and the United States’ potential role in shaping new drone applications, a project with applications in wider public interest issues.

Ananth Padmanabhan is a 2019 India-U.S. Fellow at New America and a fellow at the Centre for Policy Research. His research interests are in the fields of technology policy, intellectual property rights, and innovation scholarship.

Pranesh Prakash is a 2019 India-U.S. Fellow at New America. Prakash will spend his fellowship working on policy and standards relating to the Indian parliament's record-keeping and legislative process.

Tanvi Ratna is a 2019 India-U.S. Fellow at New America. Ratna is a policy analyst and engineer, managing blockchain projects with a leading global consulting firm, based in India.

Joshua Simons is a 2019 India-U.S. Fellow at New America. Simons, a Sheldon Fellow in Government at Harvard University, is writing about the politics and ethics of machine learning.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 4 Contents

Foreword 6

The Development of Smart Water Markets Using Blockchain Technology (Aditya K. Kaushik) 9

Civilian Drones: Privacy Challenges and Potential Resolution (Ananth Padmanabhan) 25

The Privacy Negotiators: The Need for U.S. Tech Companies to Mediate Agreements on Government Access to Data in India (Madhulika Srikumar) 38

Governing Data: Non-Discrimination and Non-Domination in Decision- Making (Joshua Simons) 53

Open Transit Data in India (Richard Abisla) 66

Blockchain Regulation in the United States: Evaluating the overall approach to 80 virtual asset regulation (Tanvi Ratna)

Improving India’s Parliamentary Voting and Recordkeeping (Pranesh Prakash) 94 India and the United States: The Time Has Come to Collaborate on Commercial Drones (Sylvia Mishra) 109

Civic Futures 2.0: The Gamification of Civic Engagement in Cities (Subhodeep Jash) 120

Key Differences Between the U.S. Social Security System and India’s Aadhaar System (Kaliya Young) 137

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 5 Foreword

New America and the Ford Foundation recognized a unique and timely opportunity to create a fellowship exchange initiative between public interest technology practitioners in India and the United States. The 2019 exchange brought Fellows from India to the United States and sent Fellows to India from the United States with the aim of enabling Fellows from both countries to better harness technology to improve the lives of their citizens. The Fellows were technology practitioners from industry, government, and civil society as well as analysts of technology from academia and the media, and governmental regulators.

Too often, technical experts who understand the details of how a technology works lack the expertise or critical distance necessary to efectively evaluate, and thoughtfully shape, the policy impact of their work. Developing a better understanding of technology’s impact is a precondition for formulating efective and just public policy.

Each Fellow we selected possessed unique experience and expertise, which enabled them to devise novel technological solutions to public problems, and to analyze the efects of technology and of technology policy in new ways over the course of their eight-week research program.

Our frst batch of applicants were diverse in talent, experience, education, and physical location. 27 percent of our applicants were female, 95 percent had a degree beyond a Bachelor’s or equivalent, and 62 percent of applicants came from India. Most candidates put forward potential projects in technology policy, privacy, blockchain, future of work, and biometrics. Through a robust selection process, our fnal cohort consisted of 10 Fellows, four women and six men, and seven were from India and three were U.S.-based.

We had a series of goals for this cohort:

1. To increase knowledge and awareness of technology policy challenges and efective technological solutions to social problems in India and the United States

2. To increase knowledge and awareness in India and the United States of both the successes and failures of initiatives to apply data science to public problems

3. To increase awareness within the United States and India of successful local and regional technological tools addressing public policy challenges

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 6 Our 2019 cohort's projects, as you’ll see in the following research papers, focused on a wide range of issues: Open data and public transit in India; civic engagement through technology and gamifcation; blockchain-based solutions used for water management; civilian drones and the role that India and the United States have in shaping new drone applications; privacy in drone systems and evaluating the implications of this technology on personal data; policy and standards relating to the Indian Parliament’s recordkeeping and legislative process; designing efective regulatory frameworks for blockchain; the politics and ethics of machine learning; data sharing between India and the United States for law enforcement purposes and the underlying privacy standards for access to this electronic data; and the Aadhaar program in India.

Our approach to the fellowship was extremely hands-on and tailored to the unique backgrounds of our cohort. We began with one week of programming at the start of the fellowship in New Delhi, which included a full-day at the Ford Foundation with moderated discussions about the Fellows’ work, as well as keynote conversations. A second day was held at a partner organization—the Observer Research Foundation—with high-level industry speakers from organizations such as Facebook, Centre for Policy Research, The World Bank, Dalberg, and Mozilla.

Through a series of activities during the research exchange period, we supported the formation of a cohesive spirit of shared enterprise among the Fellows in the cohort in a way that ensured that the whole was more than the sum of the individual parts. We hosted events where the cohort met as a group with leading policymakers, experts and analysts working on public policy issues, and we organized individual meetings and interviews between Fellows and experts in the United States and India who could help them make progress on their projects.

The second week of full programming for all 10 Fellows took place at the end of the fellowship in Washington, D.C. Events included a full-day program for all Fellows to highlight their research fndings on moderated panel discussions at New America with industry experts. In addition to the moderated discussions with Fellows, invited speakers included U.S.-based policy experts for keynote conversations. Fellows also participated in research workshops, and high-level meetings.

Further, there were industry experts across New America, representing programs and initiatives (Blockchain Trust Accelerator, Cybersecurity Initiative, Future of Property Rights, International Security, Open Technology Institute, Ranking Digital Rights, Political Reform, Public Interest Technology, and Resource Security) that were available to meet with the cohort of Fellows throughout the research period, further building their professional network.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 7 In addition to their research papers, Fellows wrote articles, participated on panels, and took advantage of other media opportunities, and had meetings with technologists and policymakers in both countries.

We hope that you will enjoy reading their research papers, and believe that this anthology of work will prove helpful to India and U.S. policymakers and researchers alike.

Peter Bergen, Vice President for Global Studies & Fellows, New America

Pradeep Nair, Regional Director, Ford Foundation

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 8 The Development of Smart Water Markets Using Blockchain Technology (Aditya K. Kaushik)

Aditya K. Kaushik is a project scientist at Divecha Centre for Climate Change at the Indian Institute of Science where his work revolves around developing applied research initiatives and assisting in science policy communication in the area of water. Kaushik holds a master of science degree in electrical engineering from the University of Southern California and a master of arts degree in law and diplomacy from the Fletcher School at Tufts University.

Acknowledgments : The author would like to thank New America for providing an opportunity to part of the 2019 India-U.S. fellowship program. This paper would not have been possible without contributions from Ahmed Jawad, Anik Bhaduri, Allison Price, Awista Ayub, Christopher Mellon, Jennifer Brody, Keerthana Chandrashekar, Melissa Salyk-Virk, Sharon Burke, Tomicah Tillemann, Yulia Panfl and the 2019 India - US fellows. The author would also like to express his gratitude to the New America editing, publishing and the communications team for their support.

Introduction

A signifcant reduction in the quantity of freshwater and deterioration of its quality has pushed the world towards a global water crisis.1 Lack of sufcient water, defned as water scarcity, is exacerbated by current global trends of rampant population growth, rapid urbanization, a rise in consumerism, and climate change (see Figure 1). According to the United Nations World Water Development Report 2018, about 46 percent of people in the world live in water scarce regions at least one month per year. This fgure is predicted to rise to about 51–55 percent by the year 2050.2 Meanwhile, the global population is estimated to rise by 32 percent by the year 2050. Within this, the global urban population is expected to increase by over 80 percent, thus, increasing the global water demand, which is estimated to rise by 30 percent by the year 2050.3 Water scarcity is inextricably interwoven with the health, food, and energy sectors which has the capacity to signifcantly disrupt the economic, social, environmental, and political landscape, extending the problem across multiple development sectors.

Traditionally, the problem of water scarcity has been addressed by augmenting the supply side through a structural approach, such as building dams and reservoirs.5 Supply-side augmentation has yielded tremendous benefts vis-à-vis access to water and water services but it has also been environmentally damaging. Policymakers and city planners are increasingly looking at nonstructural demand-side solutions, such as managing water allocations, to ensure more efcient use of resources to complement the traditional structural

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 9 approaches.6 In water reallocation projects, the movement of water from abundant areas to water-scarce areas tries to adjust the unequal demand for water over a geographic jurisdiction. Typically, centralized governmental institutions are responsible for water reallocation. These institutions are the main suppliers of water and they predict demand-side responses and while also determining supply and distribution costs. They respond to policies designed by city planners and seldom to the needs of individual buyers. This is partly because individual buyers are unable to signal their needs to the suppliers through such centralized ecosystems. Incorrect mapping of supply and demand requirements lead to the inefcient allocation of water resources. In addition, water management and its use result in several negative externalities.7 It is susceptible to problems related to collective action,8 free rider issues,9 and wastage.

Water markets where water assets are treated as a tradable commodity are cited as a solution to better allocate water and address the problem of water scarcity. Development of any market, especially to manage a good like water, is susceptible to market distortions typically caused by information asymmetry and high transaction costs. These market distortions lead to barriers to trade and thus prevent markets to function efciently. As water is unlike any other commodity and is essential for life, these market distortions can incur a signifcant social cost. Thus, water markets have been historically a complicated economic policy instrument to implement. The purpose of this paper is to explore how blockchain-based solutions, based on the cities of Los Angeles and Bengalaru as case studies, can be used by regulators to reduce information asymmetry and high transaction costs and help in the development of efcient and transparent water markets.

Figure 1: Water scarcity in 2010 (upper image) and projected water scarcity in 2050 (lower image)

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 10 Source: Burek, P., Y. Satoh, G. Fischer, M. T. Kahil, A. Scherzer, S. Tramberend, L. F. Nava et al. "Water Futures and Solution: Fast Track Initiative (Final Report)." IIASA, Laxenburg, Austria (2016). http://pure.iiasa.ac.at/id/eprint/13008/1/ WP-16-006.pdf

What are Water Markets?

A water market is a medium that allows buyers and sellers of a water-related good (wastewater, rainwater, groundwater, water rights, or entitlements) to interact and facilitate an exchange. The primary purpose of a water market is to facilitate efcient allocation of water resources and provide a clear measure of the value of water to incentivize conservation.10 The theory of water markets is based on the principle that trading water allows for better economic efciency between buyers and sellers by allocating water resources in accordance with the strength of the buyer’s water demand. It also allows for better accounting of externalities like pollution and waste by allowing consumers to respond to changes in the operating environment.11 Water markets allow users with high marginal value to purchase water from users with low marginal value. In other words, water is transferred from low water use areas to high water use areas, allowing for allocation efciency. The interaction between buyers and sellers and traditional market forces determine the price of water. The price of water is

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 11 infuenced by environmental and economic considerations. When markets are functioning efciently, the market price of water sends signals and thus incentivizes buyers and sellers to increase or decrease their demand and supply. Typically, water is managed as a service industry where the price of water is determined by governing agencies who are unwilling to change the price based on quantity or quality available. Thus, such a system leads to distortions where water is being underpriced and over-consumed. Some of the more successfully functioning water markets exist in the United States (California’s Central Valley), in Australia (the Murray-Darling Basin), and in Chile (the National Market).12 Water markets are typically created to either meet additional water demands, to limit water use, to improve economic productivity and/or to protect natural ecosystems.

Conditions Necessary to Create Efcient Water Markets

Symmetric information exchange between buyers and sellers

Information asymmetry13 revolves around decisions made during transactions. In a water market setting, underlying gaps in the data ecosystem and institutional mechanisms contribute to three kinds of information asymmetries. First, there is a data inequality issue. For example, some participants might have better access to data than others, or the data that is available is of bad quality, or data is available but important data is hidden away, thus leading to adverse selection.14 Adverse selection occurs when some participants are able to make better decisions than others due to access to certain information. For instance, a seller of a treated wastewater has more information about the product quality than the buyer, thus putting the buyer at a disadvantage. The buyers will be unable to decide whether the price quoted is optimal or not vis-à-vis the quality of water supplied. Adverse selection can act as a barrier to entry for new buyers and can also result in bad quality goods weeding out good quality goods over time. Second, when the data ecosystem is susceptible to tampering and institutional infrastructure does not have the necessary checks, balances, and penalty enforcement mechanisms, it can lead to the problem of moral hazard.15 The moral hazard problem occurs when entities participating in a trade transact in bad faith, provide misleading information, or change behavior post-contractual agreement. For instance, during a transaction, one of the parties can misrepresent the quality of the product and the other party is unable to validate the quality, thus promoting mistrust and perpetuating opaqueness in water markets. Third, the creation of monopolies of knowledge can lead to severe distribution efects.16 For instance, a large buyer of a water good, by virtue of access to more and better information, can afect the price and quantity of the water traded. Thus, such information asymmetries lead to market failures. Symmetric information exchange between buyers and sellers is a necessary condition for the creation of efcient water markets.

Low infrastructure and transaction cost

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 12 Development and maintenance of a water market come with associated costs. Infrastructure costs include: 1) Initial cost of setting up an enabling mechanism of water markets; 2) Development and deployment of water entitlements; 3) Connecting buyers and sellers; 4) Monitoring and evaluation of water use and externalities; and 5) Enforcement mechanisms for penalty and reward. Transaction costs include: 1) Participation fees; 2) Information search costs of willing buyers and sellers; 3) Negotiation and bargaining costs; 4) Cost of registration for an exchange; 5) Enforcing contracts; and 6) Cost of checking the veracity of the product. High infrastructure costs and associated maintenance costs act as a barrier to setting up a water market.17 High transaction costs can lead to thin markets.18

Stringent regulation and distribution of water entitlements

Regulators set the framework and rules for establishing a water market. They play a key role in identifying and vetting participants, issuing water rights, administering trade, monitoring and evaluating water use, and externalities; and developing enforcement mechanisms for deterring rule breakers. Regulation is subject to bureaucracy and corruption that can prevent water markets from functioning efectively. In a water market setting, if there are diferent rules for diferent participants, and if the buyers and sellers do not perceive equal opportunity gains from transactions, then a market failure can occur.19 A robust regulatory mechanism with necessary checks and balances is necessary for developing, implementing, managing, and sustaining a complex economic instrument such as a water market.

Water entitlements are tradable rights held by users for the exclusive use of a water resource as defned by the regulators. Clarity over water rights and a history of water assets are a necessary condition for the functioning of a water market. Information asymmetry and high transaction costs lead to signifcant market distortions in any market. Its efects are even more magnifed when managing water assets in a market-based setting. A robust regulatory process along with a clear system of water rights is necessary to overcome these distortions in order to create a sustainable water market.

Blockchain Solution and Analysis

Traditionally, in a regulated market place, market distortions such as information asymmetry and high transaction costs are tackled through a system of institutional solutions such as: 1) The establishment of norms and standards that act as binding rules and requirements vis-à-vis processes and quality of the goods; 2) The disclosure and transparency mechanism that requires participants in a market to report process adopted, quality of product produced, cost associated, and so on; 3) The monitoring and traceability provisions that allow for

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 13 tracking of products, quality, and liability allocation;20 and 4) Contingent contracts that allow for a trade to be completed when specifc conditions are met. 21 However, the efectiveness of these institutional solutions depends on several intermediaries, an individual’s ability to access these intermediaries, an ability to leverage the available data, and the integration of several disparate systems and stakeholders.22 In addition, these solutions are susceptible to inefciencies, corruption, bureaucracy, human errors, and tampering.

In order to make these institutional solutions more resilient and adaptive, as well as make regulators more accountable, while also setting the conditions that would allow participants to trade, blockchain-based solutions can address these needs. These solutions can be used as a governing tool that can replace intermediaries, modernize the regulatory processes, and act as an accounting, auditing, interlinking and trading platform that enables water markets to function efectively.

Blockchain Technology

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 14 As of late, blockchain technology seems like a short-term trend, but some hail it as the best innovation since the internet. Even though the optimism should be handled with caution, blockchain’s key features and potential applications seem well worth the hype. Blockchain is a distributed, decentralized, peer-to-peer database network that allows for fast, secure, and transparent transactions of digital assets. It is a network of ledgers with the capacity to record information, and compute and transact, with each ledger holding an up-to-date copy of the entire network. Each ledger then acts as a node in a network. Unlike in a centralized system, where transactions are validated by a single server acting as a central authority, with blockchain, the veracity of transactions is validated by distributed consensus. For example, if a majority of nodes verify and authenticate a transaction, then the transaction is accepted. This updated version of the transaction is stored in a block. Each block stores a series of transactions and is linked to the previous block of transactions through hashing functions. Through cryptography and complex mathematical puzzles, the blockchain network is virtually immutable. Thus, it can be used to store information and facilitate transactions in a transparent, efcient, and a tamper-proof manner.23

Blockchain for Water Markets

Source: Narang, Shivika, Praphul Chandra, Shweta Jain, and Y. Narahari. "Foundations of Blockchain Technology for Industrial and Societal Applications – A Quarterly Publication of ACCS." A Quarterly Publication of ACCS. (2018). https://acc.digital/foundations-of-blockchain-technology-for- industrial-and-societal-applications/.

The capabilities of blockchain technology can be divided into three fundamental features. First is a shared ledger system that is virtually immutable through a combination of cryptography and distributed consensus algorithm. It protects against the misuse of data and opens up several possibilities in domains where privacy and trust are of critical importance. One of the obvious applications is in securing digital identities. This allows for the creation of a common tamper proof

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 15 database that facilitates assembling data from multiple sources in a seamless manner. Its distributed consensus mechanism and inherent traceability provisions allow for checking the veracity of this data and validates data sharing. This promotes trust amongst diferent stakeholders and participants, increases transparency, improves data reliability and reduces audit time. This common tamper proof database facilitates accounting for trades and transfers, prevents double counting, and promotes efciency in the system. The second feature is tokenization, which is the ability to create coins or tokens that are a digital representation of assets i.e. a unit of a token represents a specifc amount of an asset. This paves a path for token economics and allows for faster transactions with better tracking, trading, and transferring of digital assets. The third feature is a “smart” contract, which is a digital protocol that self-executes when certain conditions are met.24 This allows disparate parties to transact in a transparent and trusted manner without a need for an external enforcement mechanism or intermediaries. It facilitates the compliance of participants, enforces negotiations of contracts, and renders transactions traceable. Smart contracts can help reduce transaction costs, human errors, and corruption through automation and thus increase the robustness and resilience of the system.

Figure 4: Mapping of blockchain features with digital water requirements

In a water market setting, the convergence of the three features of blockchain—a shared ledger to store information in an immutable fashion, the ability to create currencies that paves a path for token economics, and smart contracts to execute

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 16 automated functions when certain conditions are met—makes it a useful tool to reduce information asymmetry and transaction cost. To illustrate this, consider the case of a blockchain based peer to peer trading platform called the Water Ledger developed by an Australian based company called Civic Ledger.25

Civic Ledger conducted a feasibility study on whether Water Ledger can increase transparency and improve efciency in the water trading market of Murray Darling basin in Australia.26 The primary fnding of the study was that the complexities of the water market, such as complicated business and operational rules, lack of available water information and presence of intermediaries, excluded nearly 75 percent of potential users from participating in water trades. Simply put, they did not have confdence and could not understand how these markets functioned.27 The Water Ledger platform developed by Civic Ledger provides a single ecosystem without intermediaries that bring buyers and sellers together. The water trading mechanism in Murray Darling Basin allows for buying and selling of water entitlements—permanent rights to share of water and water allocation shares—seasonal rights to share of water distributed to an entitlement holder.28 Through a system of tokenization i.e. by mapping a physical asset such as allowable water allocation shares to a digital signature in the form of a token, the Water Ledger platform provides clarity over the ownership and history of such a water asset. This makes tracking, trading, and transferring of water assets far more transparent. Through its system of consensus algorithms, Water Ledger verifes all water trades and updates all shared digital ledgers and public registries in real time.29 Having such a tamper-proof blockchain network with robust traceability provisions prevents misrepresentation of transactions, or participants from backing out of a trade after a contract is signed. This provides the participants with confdence in the robustness of such a trading system and tackles the problem of moral hazard.30 In addition to all trades being published in real time, business and operating rules are built into the blockchain system. This reduces uncertainties amongst participants. Any change in the rules of trade will immediately be visible to all users.31 Thus by allowing equal access to information and making all changes to the market rules visible to all, Civic Ledger provides a platform that promotes trust and transparency in the water market ecosystem. This, in turn, reduces the problem of adverse selection that participants face in a water market and prevents the creation of knowledge monopolies.

As demonstrated by Water Ledger, the intermediaries in a water market setting play a variety of roles. They manage operations such as connecting buyers and sellers, providing information, and registering trades. These intermediaries charge a fee to manage these operations. The Water Ledger platform allows buyers and sellers to come together in a single market place without any intermediaries and all information is provided at no cost to participants.32 This reduces the transaction cost and transaction time.33 The platform also integrates with other related departments’ data that determine a buyer’s need such as

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 17 rainfall data and agricultural throughput. This provides buyers with a range of options optimized to their needs. This reduces information search cost. The process of trading is inexpensive and is simplifed through a combination of smart contracts and optimized choices based on the selection of specifc parameters that is presented to participants. Automatic execution, settlement, and enforcement of contracts based on complex water market rules eliminates costs associated with negotiating and enforcing trades. Finally, the platforms allow for trades to be published in multiple ledgers simultaneously, thus reducing the cost of maintaining and reconciling multiple ledgers.

Reduction of transaction cost and transaction time allows more users to participate as well as allows for more transactions to actualize. This improves the liquidity in the water trading market.34

Thus, blockchain can be used as an efective tool to eliminate market distortions and pave the way for “smart35 ” water markets to address the problem of water scarcity. Blockchain would act as: 1) An accounting platform that maintains a ledger of accurate tamper-proof information on water rights, quantity, quality, buyers and sellers; 2) An auditing platform that allows regulators to quantify water fows and quality and penalize rule violations; 3) A trading platform that connects buyers and sellers and facilitates transactions of water assets; and 4) A networking/interlinking platform that allows for seamless interaction among diferent agencies and stakeholders.

Thus, blockchain can be used as an efective tool to eliminate market distortions and pave the way for “smart” water markets to address the problem of water scarcity.

Challenges of Using Blockchain

Use of other technologies

There are several diferent types of databases that record digital transactions: version control software packages that keep track of every change made to a fle, audit management packages to assist in continuous monitoring and scrutinization, trading tools to facilitate transactions, and accounting tools for book-keeping purposes. These individual tools ofer specifc features that can rival or supplant blockchain. It is possible that these tools are individually cost-

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 18 efective and ofer a faster execution speed. However, integration of multiple such tools to operate across diferent functionalities, as in the case of water markets, creates inherent complexities that can lead to inefciencies and higher costs. As illustrated in the previous section, the blockchain database, through its decentralized shared ledger system, consensus algorithms to verify transactions, and tokenization to track assets and smart contracts, provides an integrated functionality of accounting, auditing, and trading and thus provides seamless integration while adding value across the ecosystem.

High energy consumption and increased transaction time

Blockchains are divided into public or private based on who is allowed to participate in the network. In public blockchains, anyone is allowed to participate without permission;in the consensus validation process, in sending transactions over the network, or in viewing all transactions. Thus, public blockchains ofer true transparency and decentralization. Such a blockchain system works well in certain applications such as managing digital currencies. However, on the downside, public blockchains increase transaction time and reduce the network speed as there is signifcant cost vis-a-vis computational power and the time associated with verifying transactions through a such a distributed consensus protocol. As illustrated in the previous sections, blockchain does reduce costs related to data storage, data capture, and search cost. But it also increases costs signifcantly during the verifcation process. For public blockchain to function efciently and to scale, signifcant computational power will be necessary to facilitate faster transactions. However, in a water market setting, selected participants are allowed to engage in trade while regulators play a role in deciding the rules of the trade. In such a setting, a private blockchain-based model with a permissioned access setting that puts a limit on the number of participants would be an ideal protocol to use. A system with limited players can reduce the inherent cost associated with using blockchain and thus facilitate faster transactions and provide better scalability options.36

Not truly decentralized

Use of a permissioned blockchain system does not eliminate the role of a central authority and thus is not truly decentralized. However, regulators and institutions play a signifcant role in the management of water markets. They set the rules of the water markets for participation, compliance, operation, and trading. They also continuously monitor water use, take into account water quantity and quality considerations, and observe externalities and third-party efects. All this in addition to developing a penalty and reward system to ensure compliance. In short, they play a role in preventing market failures. A permissioned blockchain protocol ofers a way to make the regulators more accountable, make regulations more robust, and help reduce market distortions.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 19 Exploring the Need for Water Markets in Los Angeles County and Bengaluru

Los Angeles County

The water management infrastructure in Los Angeles County, with the help of 215 community water systems, serves over 10 million people.37 Each of the community water systems is administered by government agencies or privately- owned bodies. The water systems are of diferent capacities in terms of the volume of water that they can hold and the number of customers they cater to. Each of the water systems is unequally supplied with diferent water resources. The supply of water to each of the water systems is not determined by need, equity, efciency or the environment, but rather by historical processes. Diferent water systems are supplied with water from various sources (as seen in Figure 5) resulting in diferences in quality. Also, by being dependent on a particular water resource, water systems are susceptible and vulnerable to shocks such as droughts or contamination. In addition, due to an unequal allocation mechanism, some water systems contain more water or less water than the other systems. This results in diferent pricing mechanisms for each system. There are some water systems that supply water at $2,000 per year for certain households whereas comparable households in other water systems pay around $200 per year.38

These water systems in Los Angeles County difer in governance regimes, jurisdictional boundaries, and regulations. They are completely decentralized in

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 20 their management, fragmented in their architecture, and disconnected in their operations. The water systems act as a natural monopoly since consumers have no ability to switch to other suppliers. In addition, there is no systematic or standardized regulatory framework. There is a lack of standardized and accessible databases.39 This results in a lack of supervision, transparency, and accountability in the system, which can lead to an inadequate understanding of water quality and distribution. Governing agencies make assumptions on how to distribute water rather than adequately projecting for future demands and risks. There is also a lack of coordination and oversight as each of the suppliers set their own prices and policies.40

Developing a regional blockchain-based water market that provides a robust regulatory mechanism and an efcient trading platform can help: 1) Reduce inequity by facilitating water systems with surplus water to trade with systems that have a defcit; 2) Develop new revenue streams and local water sources by incentivizing water systems to explore opportunities to tap into new supplies such as rainwater, wastewater, and stormwater; 3) Improve resilience to climate change impacts by facilitating water systems to diversify its supplies; and 4) Creating incentives for water systems to recycle wastewater. 41

Bengaluru

The population of Bengaluru stands at over 10 million; similar in size to that of Los Angeles County.42 However, unlike Los Angeles County, the major supplier of fresh water is a centralized governmental agency called the Bengaluru Water Supply and Sewerage Board (BWSSB). The BWSSB primarily imports water from a single source, the Kaveri river.43 With growing demand and a changing climate, reliance on a single source will make the water system infrastructure vulnerable. The distribution of water by BWSSB is based on a piped water network. There is inter-regional inequity in water distribution as a signifcant number of urban communities in Bengaluru is not connected to a piped water supply managed by BWSSB.44 Instead, they rely on water supplied by unregulated private companies. These private companies typically extract and sell groundwater.45 Since they can operate under an informal market setting, there is no systematic reporting or regulatory framework to hold them accountable for the quality of water that they supply or the environmental impacts (like falling water tables) that they infict. In the areas where BWSSB supplies water, the tarifs are low. Such an inefcient pricing model leads to apathy and lack of awareness amongst consumers resulting in overuse and wastage.

In order to reduce the dependence on a single source, there is a need to diversify BWSSB’s water resource portfolio. Thus, there is an opportunity to develop recycled wastewater, catchment and household-scale rainwater, and stormwater as supplementary sources. Financial considerations and management inefciencies are usually an impediment to developing new local sources. But developing a blockchain-based smart water market that provides a robust

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 21 accounting, auditing, and trading platform to manage these local sources will bring in new revenue streams, provide access to newer and cheaper water supply options to consumers, improve allocation efciency, and reduce risk exposure vis-à-vis imported water. These market-based instruments for local water sources can be expanded to include private companies who manage groundwater, thus formalizing the informal water market.

Policy Implications: Beyond Water Markets

Creation of a prosumer market

In light of current water scarcity problems, alternate sources are being tapped to address water needs. Rainwater harvesting and wastewater reuse are popular alternatives. A blockchain-based system can be used to create peer-to-peer trading platforms, where water users can be incentivized to also act as producers. This lays a foundation for a prosumer market, i.e. production by consumers. Development of a prosumer market reduces dependence on surface and groundwater, incentivizes consumers to use less water thereby assisting in conservation, and creates a socially, economically, and environmentally conscious citizenry.

Monitoring water quality levels

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 22 A blockchain system can be built to acquire water quality data from quality measurement equipment and can be used by authorities to monitor the levels of water purity in the distribution system. Through smart contracts, an automatic system can be developed to send alerts to relevant authorities and citizens if water quality level falls below permissible limits. Such a mechanism can help to avoid a crisis related to water quality as seen in Flint, Michigan in the United States where there was an unprecedented level of lead in water.

Facilitation of urban-basin interlinkage

The blockchain system can also be integrated with water meters installed at basins to facilitate seamless information transfer to urban water systems. This can help authorities to better design demand and supply models, assess risks and opportunities, and develop a robust real-time disaster response mechanism.

Future Research

The future work will focus on the economic implications of a blockchain-based water market on society. To illustrate this a bit further, one of the key fndings of this paper is that using blockchain as an underlying technology to manage water markets reduces market distortions due to information asymmetry. An interesting question that this fnding unlocks is how will a water market operate when buyers and sellers have access to perfect information? Based on the “market for lemons” concept,46 when perfect information is available to buyers regarding diferent grades of quality of goods that are available, over time poor quality goods will be weeded out due to perfect signaling. This can result in either fewer sellers participating in such a market or fewer products albeit higher quality ones available to meet the demand. In a blockchain-based water market context, with fewer goods available, the price of high quality water goods will increase substantially. Such a scenario can lead to the creation of an exclusive market with only a few participants who are able to aford the products. In addition, sellers of poorer quality water goods will have an incentive to move to a non-blockchain-based market, which will result in market segmentation. Thus, the future work will focus on whether a blockchain based water market will increase or decrease the welfare in society.

Conclusion

Water resources are fnite and are becoming increasingly scarce in light of natural and anthropogenic stressors such as extreme weather phenomena, population explosion, rapid urbanization, and consumerism. Regulators who manage water are faced with challenges such as inefciencies in water allocation, apathy amongst consumers, overexploitation of water resources, and pollution.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 23 Water markets are cited as a solution to address the problem of water scarcity and its associated problems. They are instruments that are used to dynamically allocate water-related goods efciently. However, water markets are a complex economic instrument to implement, manage and sustain as they are susceptible to market distortions especially due to information asymmetry and high transaction cost. A robust regulatory mechanism is necessary to prevent these market distortions. The research paper makes a case for a blockchain-based system to be used by regulators as an accounting, auditing, trading and an interlinking tool to reduce information asymmetry and transaction costs. This paper also explores the potential of a blockchain-based water market to address the inequitable distribution of water in the community water systems of Los Angeles County; and, the underdeveloped local water sources and unregulated private players in Bengaluru.

A blockchain-based smart water market will be able to efectively allocate water resources.

A blockchain-based smart water market will be able to efectively allocate water resources; empower consumers by providing economic and social value, and incentivize conservation and provide positive environmental outcomes. Thus, it will act as an efective policy instrument to reduce water scarcity.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 24 Civilian Drones: Privacy Challenges and Potential Resolution (Ananth Padmanabhan)

Ananth Padmanabhan is a New America India-U.S. Fellow, 2019 and a Fellow at the Centre for Policy Research in New Delhi.

Acknowledgements: The author extends heartfelt gratitude to Peter Singer, Arthur Holland Michel, Rachel Stohl, Anand Murali, John Livingstone, Mugilan T. Ramasamy, and Anirudh Rastogi for sharing their insights.

Introduction

From being a technology used predominantly by the military for years, unmanned aerial vehicles (hereinafter referred to interchangeably as UAV, UAS, or drones) have gradually moved into the public sphere by ofering versatile civilian uses. This is due to converging technological advances such as hardware miniaturization, sophisticated software functionalities, and advanced sensors.47 While several countries have seen this explosion of drone innovation in the civilian airspace, China stands out with the dominance of Da-Jiang Innovations (DJI) as the market leader.48 The United States has seen the rise and fall of many drone start-ups, alongside a realization on the part of leading aircraft manufacturers about the immense potential of the technology.49 U.S. dominance in adjacent felds – artifcial intelligence, robotics, and 3-D printing, to list some here – is signifcant, making it a force to contend with in this sector. India has primarily witnessed the proliferation of drone service companies that ofer solutions across a range of areas, from agriculture to event photography. But Indian companies have not yet made a mark globally when it comes to the manufacture of drones or supporting hardware elements.50 In short, the innovation landscape and relative strengths and weaknesses are signifcantly varied across countries.

In short, the innovation landscape and relative strengths and weaknesses are signifcantly varied across countries.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 25 The regulatory landscape is similarly incongruent across jurisdictions.51 In an earlier report, I examined this issue, comparing the regulatory responses across key jurisdictions to the civilian use of this technology.52 This work arose in the context of India’s initial regulatory responses, wherein the Ministry of Civil Aviation (MCA) frst declared, in 2014, a complete ban on civilian drone operations and followed by a set of draft regulations that failed to support the full potential of this technology when it came to commercial uses. As that report argued, the fedgling industry could be permanently crippled under the weight of security apprehensions that permeated that set of draft regulations. At the same time, the draft had not considered several aspects of drone operations that demanded regulatory attention, including property protections and safety concerns. It was thus both over- and under-inclusive. But in an optimistic turn, the new regulations that came into efect in December 2018 took a more progressive stance, earning a dial-down of some of the earlier criticisms.53

The newest set of regulations take seriously the challenges of compliance arising from a licensing regime. They propose a reg-tech (regulatory technology) solution to these challenges, namely Digital Sky, which operates as a platform for convenient fling of paperwork to obtain unique identifcation numbers and operators’ permits.54 These identifcation numbers and permits are a prerequisite for most remotely piloted aircraft (RPA) operations under the regulations. Appropriately titled Regulations 1.0, these regulations also present a window for future innovation in this sector, including testbed locations for experimental projects.55 Though delivery drones may presently appear a distant use case, considering all operations must have a remote pilot operator for each RPA and be within visual-line-of-sight (VLOS), there is a distinct possibility that the sector would expand with time to accommodate fully autonomous, self-controlling drones that operate without the presence of any manual operator and beyond VLOS.56 The safety of drone operations has also merited signifcant attention, including insistence on geo-fencing technological capabilities beyond a certain height and for most weight categories, and the requirement of drone operator insurance to compensate for any losses incurred because of commercial operations.57

However, despite privacy (of individuals, communities, and personal data) being a critical concern, solutions have not found a place in the regulatory narrative even as civilian use grows. Drone operators have also fagged concerns regarding confdentiality of their operations but those are outside the scope of this paper. Here, the focus is on end-user concerns, with the argument being advanced that the challenges in this regard are common to the United States and India. These challenges can be further subdivided into two sets, categorized here as “traditional privacy challenges” and “big data privacy challenges.” These challenges are explained more fully in the next section. On both counts, legal and regulatory responses have been far from satisfactory. The aim of this paper is

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 26 threefold: descriptive for clearly identifying these challenges; explanatory for demonstrating why they remain unresolved; and reformative to advance better regulation in this area.

The discussion proceeds in three segments. The frst segment captures the present regulatory landscape in India on this issue and argues that privacy concerns have been mostly ignored or at least unaddressed in any meaningful way. The second segment discusses “traditional privacy challenges” and the limitations of the law, including constitutionally guaranteed rights when it comes to civilian drones and possible high-level responses. The third segment discusses “big data privacy challenges,” current legal and regulatory limitations, and possible high-level strategies and responses. A short conclusion follows.

The Privacy Challenge and Broad Regulatory Brushstrokes

The present Indian regulations only require that RPA operators be “liable to ensure that privacy norms of any entity are not compromised in any manner,” with nothing more by way of guidance on achieving this outcome.58 The RPAS Guidance Manual accompanying these regulations, issued by the Directorate General of Civil Aviation (DGCA), simply restates this liability.59 Additionally, no technological requirements have found mention in the regulations, unlike with safety concerns through the presence of geo-fencing and detect-and-avoid systems. A supplementary document accompanying the regulations places full responsibility on the RPA operator to come up with standard operating procedures (SOP), including to protect the privacy of persons, without any baseline that such SOP must meet in this regard.60

Public documents on the Digital Sky project do not consider privacy an important enough concern to be addressed through this reg-tech solution. The public tender for this digital platform contains Annexure No. 8, which outlines its technology architecture. It merely states that the “privacy of data should be fundamental in the design of the system without sacrifcing the utility of the state procurement system” and reiterates that the handling of sensitive and critical data must not remain an afterthought in a system of this scale. It also references the IndiaStack – a system of Application Programming Interfaces built on top of India’s centralized digital identities database, Aadhaar – as a model stack with privacy- protected data sharing.61 This reference disregards the fact that the kind of data gathering and processing that is facilitated by drones is far removed from the use cases of personal data processing that IndiaStack can potentially resolve.

The vision for Digital Sky – no permission, no take-of (NPNT) – envisages setting “rights for airspace permission access at a fne-tuned level (for example, the ability to choose a polygon area of airspace at a particular altitude and for a particular date and time) and … enforced digitally through … generation of verifable fight telemetry.”62 The DGCA will grant a “permission artefact” in the

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 27 form of a digitally signed XML format fle that specifes the geographic area and time of operations, and the identifcation details of the remote pilot. The RPAs are meant to carry frmware that can authenticate these artefacts and confrm that the fight parameters of the mission match those contained in the artefact. Thus, to be NPNT compliant, any fight module must carry three important features: a unique identifer to allow the end-to-end traceability of a fight module, a system to obtain and verify a permission artefact, and the elimination of any synthetic fight logs or external systems to provide simulated logs.63

Compared with these elaborate specifcations for regulatory compliance, the Digital Sky Technology Standards go easy on privacy concerns. The primary response is through an articulation of “privacy-by-design (PbD).” This is included as a guiding design principle in the Standards, with its four key features being: a) proactive, not reactive, and preventative, not remedial; b) privacy as the default setting; c) visibility and transparency; and d) respect for privacy, of all stakeholders.64 But there is no concrete direction, unlike with aspects such as key management and identifcation of registered fight modules that fnd more extensive detailing in the Standards. More recently, the MCA issued a Drone Ecosystem Policy Roadmap, where it is reiterated that “for privacy, we require manufacturers to adhere to a privacy by design standard, eliminating risks of future privacy harms by operators.” Though not a legally binding document, the roadmap captures the MCA’s vision for civilian drone businesses and their regulation through Digital Sky and other means. Discussing fully autonomous drone operations, an area identifed as the next frontier of innovation in this technology domain, the roadmap merely notes that “use of algorithms for piloting may be permitted, but only if adequate safety, security and privacy principles are demonstrated in the design of operations.”65 PbD is identifed as an area to which airworthiness standards for drone design could potentially extend, such that privacy principles can be “embedded into the functional design … by introducing technical measures that enable privacy as the default setting.”66 In addition to these recommendations, the roadmap also envisages drone service providers including “technical and organizational measures designed to implement data-protection principles as part of any UAS operation that collects personal data, and to integrate the necessary safeguards to protect the rights of data principals” and “feedback and review mechanisms including requests to access, anonymize, or erase the data of the data principal.” Remote pilot operators are also expected to be trained in applicable privacy and data protection laws of India before being approved to handle RPA operations.67

The reference to PbD in the standards and roadmap is also relevant because India’s newly proposed Personal Data Protection Bill, 2018 emphasizes reliance on this concept. This bill resulted from extensive deliberations by an Expert Committee of the Ministry of Electronics and Information Technology headed by retired Justice B.N. Srikrishna (hereafter “Srikrishna Committee”). In relevant part, it states that data fduciaries shall implement managerial and organizational

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 28 policies, business practices, and technical systems that anticipate, identify, and avoid harm to the data principal and ensure that the interests of the data principle is accounted for at every stage of personal data processing.68 This provision must be read in the light of deliberations by the Srikrishna Committee leading up to this bill, captured in an initial white paper that was circulated for public comments in November 2017. Here the committee has noted difculties when operationalizing the notice and consent framework for the internet of things (IoT) and IoT-enabled applications that gather data ubiquitously. These technologies do not present individuals with the opportunity to evaluate privacy harms associated with specifc use cases, and based on such evaluations, to either accept or reject such instances and applications of personal data collection and processing. Manufacturers of several “smart devices” used at homes and in personal settings decouple privacy notices from such devices and make them available instead on their respective websites. However, the Committee observed that this is not a very efective method to inform users about the data collection and use practices of such devices. The Committee therefore insisted upon the need to develop better notice design or whether such notices are the right solution for the privacy harms arising from the use of these “smart devices.” The Committee also noted that standard responses such as de-identifcation techniques do not work very well in many such cases. As an example, the white paper cited gait analysis based on data processing by a wearable activity tracker, where no amount of possible de-identifcation could secure foolproof privacy protection.69

At present, there are no straightforward responses to the new kinds of privacy challenges posed by a combination of ubiquitous data gathering and advanced data analytics. Drone operations can potentially gather signifcant amounts of personal data, including facial images and location coordinates of individuals, and analyze them to granular detail. These activities pose great risk to both individual and community privacy, including re-identifcation of anonymized datasets and extensive profling. The “big data privacy challenges” arising from these activities are discussed in Part III of this paper. Additionally, civilian drones ofer the capability to commit more traditional forms of privacy violations, including intrusions upon spatial privacy and unlawful surveillance. The present regulatory response in India needs to evolve to address these concerns in a stronger way, as detailed in the following section.

Traditional Privacy Challenges and Responses

In the U.S., the Electronic Privacy Information Center (EPIC, a non-proft research center) petitioned the Federal Aviation Administration during the rule- making process for civilian UAS operations, providing an overview of traditional privacy challenges.70 EPIC highlighted the increased capacity for domestic surveillance ofered by drones through high-defnition cameras, real-time video

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 29 streams, a massive geographical sweep, heat and motion sensors, automated text and facial recognition technologies, and the ability to operate undetected. It also raised concerns regarding incentives for various kinds of businesses to develop and deploy drones for a wide range of data gathering purposes, including ‘paparazzi drones’ to track and photograph celebrities, street-level drones to enhance satellite imagery, and drones ofered as market solutions for private detectives. The FAA refused to consider these issues, leaving it to states to respond appropriately to the various privacy concerns, resulting in a “patchwork” of privacy protection.71 The FAA reafrmed this stance in February, 2019, as part of a fresh rule-making exercise.72

Similarly, in the Indian context, the privacy jurisprudence does not ofer clear principles to adjudicate claims against private violators. The primary reason for this – disproportionate focus on constitutional principles that are better addressed to tackle privacy violations by the State, rather than the organic evolution of privacy through tort law (as has happened in the United States) – and other reasons, such as a weak civil justice system with long-pending cases and minimal judicial guidance on evaluating and apportioning damages for tortious claims, have been elaborated in my earlier report.73

The “patchwork” in the U.S., which is comprised of not only state laws but also a wide range of local ordinances, makes it difcult to pinpoint any legislation as the ideal. At the same time, certain principles and regulatory approaches stand out. Commonly restricted conduct includes operations over public property and critical infrastructure; over private property without the owner’s consent; in parks; and at large events.74 Criminal law and high monetary penalties are relied upon to address intrusive behavior that makes use of drones, with the ability to factor in the intent of the perpetrator when deciding on questions of guilt and punishment. For instance, North Carolina prohibits using drones to photograph a person with the intent to publish or distribute the photo, but exempts “newsgathering, newsworthy events, or events or places to which the general public is invited.” Similarly, Arkansas law criminalizes the use of drones for video voyeurism, Indiana addresses “remote aerial harassment” and “remote aerial voyeurism,” and the Californian legislation is targeted towards individuals who knowingly enter air columns immediately above private property for taking pictures or videos. South Dakota prohibits using a drone with a camera to take photos of private property or a person on private property when the person has a reasonable expectation of privacy.75

Through all of these examples, an attempt to balance multiple values emerges: the prospect of innovation using this new technology, the reasonable expectation of privacy in certain settings, and fairness of criminal action. The American Legislative Exchange Council has put out an easily comprehensible and consistent model law in this regard, primarily focusing on harassment and stalking activities that are met with criminal penalties of the same nature as “a misdemeanor punishable by imprisonment for not more than 90 days or a fne of

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 30 not more than $500.00, or both.” The model law also proposes penalizing the knowing and intentional operation of drones to “capture photographs, video, or audio recordings of an individual in a manner that invades the individual’s reasonable expectation of privacy.”76 Indian lawmakers could beneft from these insights while avoiding the patchwork in the US, intervening at this early stage to come out with drone legislation that sets the balance between criminal ofenses and civil liabilities, and clearly spells out diferent kinds of conduct to which they apply.

The Indian legal system has also not been responsive to mass surveillance, partly because, for several years, the status of privacy as a fundamental right in India was ambivalent at best. But also, mass surveillance has not run into efective legal and constitutional challenges because Indian courts have analyzed State surveillance within the factual context of individual, rather than systemic, surveillance. In fact, many of the contested instances involve individuals who found their way into “history sheets” maintained by the police for reasons justifable or otherwise. Upon constitutional challenges against police action, the Supreme Court has balanced out individual rights with social goals, such as maintenance of public order, often prioritizing the latter. Even in cases that apparently address systemic faws, such as unauthorized telephone tapping, the technical capabilities of the executive and the intent behind the contested State action were both limited towards a subset of individuals. Therefore, the court laid down procedural and substantive restrictions on the authority of the State to carry out surveillance, which would operate on a case-by-case basis. The court’s detailed directives against telephone tapping demanded specifcity of State action in the communications and persons and addresses intercepted; the exhausting of alternate and less intrusive ways to acquire the information before activating interception; or the limiting of intercepted material to the necessary minimum. However, these directives are not adequate safeguards against mass surveillance as they fail to conduct a robust review of the technology architecture in place to gather and process data.77

Shifting from this context to one of mass surveillance where technical capabilities permit non-targeted gathering and processing of data without further action from the political executive has been a steep learning curve for the Apex court. The 2018 verdict in Justice Puttaswamy v. Union of India shows the challenges when adjudicating the legality of such measures.78 This case involved an omnibus constitutional challenge to Aadhaar, India’s biometric identities project aimed primarily at de-duplication of identities to ensure that welfare benefts from the State reach their rightful benefciaries. Among the various grounds of the challenge was a novel one that attacked the excessive seeding of Aadhaar numbers in multiple databases, such as a pension, education, banking, and telecom databases. The petitioners argued that this exercise would, in efect, present the State with a mass surveillance tool. Additionally, they also pointed out that various state resident data hubs (SRDHs) helped to ofer a 360-degree

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 31 view of residents, as publicly acknowledged by the State governments – Haryana, Andhra Pradesh, Tamil Nadu, Madhya Pradesh, and others – instituting them. These SRDHs used the Aadhaar identity as their foundation without incorporating the protections under the Aadhaar Act in respect to data security or privacy. Thus, the SRDHs made it evident that the aggregation of data from diferent silos, profling, and consequential surveillance of residents was no longer in the realm of conjecture; it had become reality. The Aadhaar numbers made fnding information much more convenient by serving as a unifying link across various government departments and between their respective databases.

To articulate this threat in legal terms, the petitioners relied on important decisions of the European Court of Justice that treated mass surveillance as a separate category when up for judicial review. These cases focused on the structural and architectural aspects of the respective surveillance programs. But the Indian Supreme Court followed a more conservative approach, narrowly balancing immediate individual harms and long-standing social goals rather than assessing medium and long-term consequences of such unifed databases. While the majority opinion suggested several quick fxes for any immediate harms from the workings of Aadhaar, they hardly addressed the long-term consequences of SRDHs and other potential applications of Aadhaar for big data analytics and profling. In fact, the majority did not even reference SRDHs despite the petitioners pointing out that, when combined with multiple databases, the view that Aadhaar ofered on citizens could be extremely invasive. The majority observed that the averment of “a surveillance state created by the Aadhaar project is not well founded, and in any case, is taken care of by the difuence exercise carried out with the striking down certain ofending provisions in their present form.”79

For reasons best known to the State, it extensively relied during the hearing on a powerpoint presentation by the Chief Executive Ofcer of the Unique Identifcation Authority of India (UIDAI). This presentation mostly focused on the security architecture in place to prevent data leaks and did not address the surveillance threat or refer to the SRDHs. Yet, the majority verdict endorsed these claims that were, at best, irrelevant to the surveillance challenge. This is particularly disconcerting because secure systems can simultaneously be extremely sophisticated surveillance machines. Instead, the majority would have done well to follow the various European court decisions that consistently opposed state-of-the-art mass surveillance architectures because their long-term consequences, while not fully ascertainable, made them even more worrisome and intrusive. All this goes to establish the case here that Indian courts have an extremely limited vocabulary to address questions of mass surveillance. Because of the widespread use of civilian drones in governance is a distinct possibility, it is important that such vocabulary be developed immediately in order to address concerns that are more architectural in nature. Digital Sky or enhanced security systems cannot substitute the need for the same as their primary focus is on ease of regulatory compliance and safety of drone operations.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 32 The court could look to the “chilling efects” doctrine as developed by U.S. courts as a possible solution here. It has, in fact, done so previously in a diferent setting. In Shreya Singhal v. Union of India,80 a case dealing with free speech, the police had invoked section 66-A of the Information Technology Act, 2000 against some Facebook users for expressing their displeasure at a city-wide shutdown in Mumbai in the wake of Shiv Sena supremo Bal Thackeray’s death. Striking down this provision as being unconstitutional for its chilling efects on the freedom of speech and expression, the court opened doors to the possibility of evaluating structural power imbalances brought on by vaguely-worded criminal ofenses. Chilling efects can occur when a citizen apprehends that the State is watching their activities and alters their behavior based on this belief. While immediate criminal consequences may not necessarily follow, the mere existence of vague and overreaching criminal liabilities could restrain individuals from expressing themselves due to the fear of such consequences. As the court reasoned, “Section 66-A is cast so wide that virtually any opinion on any subject would be covered by it, as any serious opinion dissenting with the mores of the day would be caught within its net. Such is the reach of this section and if it is to withstand the test of constitutionality, the chilling efect on free speech would be total.”81

While this doctrine is not a perfect mechanism to scope out the limits of state authority when undertaking mass surveillance, and can even be a conversation- stopper in this context, the verdict in Shreya Singhal demonstrates the need to evaluate possible long-term consequences of state action. To do so, the judiciary must go beyond immediate cases of rights infractions to a critical scrutiny of the architecture of data collection put in place, be it legal or technological. This is not a point limited to rights reviews. Even cases involving the dilution of judicial independence through the formation of tribunals, for instance, demand a similar outlook – as do instances such as circumventing legislative scrutiny through frequent resort to executive ordinances. In all these situations, the State’s usual defense – that the scope for abuse is not grounds for striking down an executive or legislative action – is weakened. These are all architectural questions, ones that have a bearing on even the basic structure of the Constitution, but not in the same way that surveillance orders against repeat ofenders or individual instances of telephone tapping impinge on individual rights.

Big Data Privacy Challenges and Some Responses

Besides their low-altitude operations, with direct spatial privacy and surveillance concerns, drones also gather considerable amount of data. Drone platforms – often consisting of in-fight software to help command the aircraft, high- resolution Light Detection and Ranging (LiDAR) imagery solutions, digital orthomosaic technology to stitch together varied images and present a composite picture, photogrammetry to calculate distance and volume measurements, and data analytics solutions – ofer critical actionable insights to several industries

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 33 today. This capability has resulted in business models where such platforms are ofered as services.82 In addition to the new kinds of sensors and data that drones can gather, they also transmit the standard types of data that any internet-of- things solution can potentially channel to a central server— - mobile phone data, radio frequency identifcation data, location, weather and temperature data.

A signifcant part of such data would fall within the legal defnition of sensitive personal information. No special case needs to be made here for the privacy risks associated with such data, evident as they are from the strict legal mandate that prior written consent of the data-holder is required to collect and process the same Apart from the stand-alone risks of such data in the hands of private entities, these pieces of data are often combined with personal data categories – social media behavior, biometric information, fnancial data – gathered from other sources, to heighten the risk.83 These “big data privacy challenges” are however less obvious as compared with risks highlighted in the previous section, and we remain relatively underinformed about them even in settings outside of the civilian drone context.

Often, the challenges there are not with the gathering of data, but rather with how it is processed and the associated risks. As digital activities grow exponentially, so do the electronic tracks left behind by individuals. The semantic web and other data analytic solutions permit such crumbs to be aggregated by intelligent machines and algorithms to provide a comprehensive picture of an individual’s preferences, personality traits, and values, as well as predict her next move and suggest specifc, relevant choices. Yet such practices run the risk of being reductive, incomplete, and often divorced from the context in which the data was originally gathered.84 Because of the efciency involved in algorithmic perception, prediction, and suggestion, and the recombinant nature of data, private actor incentives are aligned towards the unhindered amassing and processing of huge swaths of personal data, often for purposes unidentifable at the time of the original transaction or data exchange. As noted by the Indian Supreme Court, these privacy invasions often go undetected because of the non- rivalrous and invisible nature of data access, storage, and transfer.85

Unstructured streaming data presents new challenges for state-of-the-art anonymization strategies developed to deal with static, structured, and well- defned datasets.86 Re-identifcation techniques have evolved in parallel, combining multiple Personally Identifable Information (PII)-excluded databases to arrive at near identical results as those emerging from the processing of a PII- inclusive database.87 The newly created database can then be linked with other databases, even PII-excluded ones, to compromise anonymity. These techniques present a cautionary tale: against the ubiquity of “data fngerprints” left by individuals, and the excessive linking of multiple databases, PII protection can do much less than before. Therefore, the legal mandate on big data handlers must go beyond anonymization and de-identifcation strategies that exclude PII.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 34 Finally, much like the issue with surveillance identifed in the previous section , i.e. refocusing attention from targeted to mass surveillance, big data processing demands refocusing attention from individual to group privacy and the simultaneous development of policy positions on handling community data. Individuals, while not personally identifable in many such cases, may still be “reachable” on account of being within a group targeted for prejudicial action based on data-driven inference and prediction.88 To illustrate, individuals practicing a certain faith can be targeted either by identifying them individually or through a larger group consisting of several individuals practicing this faith. In the latter scenario, while the individual remains unidentifed, she is vulnerable to any action taken against the group. Often, individuals are even unaware of such memberships because the aggregated datasets and groups emerging therefrom do not perfectly align with pre-existing real-world groupings, constructed as they are by algorithmic black boxes.89 The excessive linking of multiple datasets also enables group profling without any personally identifable information being breached.90 Of particular concern is the possibility of constructing “demographically identifable information,” which then enables the classifcation, identifcation, and/or tracking of a specifc categorization based on ethnicity, religion, gender, age, health condition, location, or any other demographically defning factor.91 Though aware of these risks, the Srikrishna Committee did not propose any immediate solutions for community data protection, perhaps because it did not strictly fall within its mandate.92 Noting the need for a “principled basis for according protection to an identifable community,” “class action remedies for certain kinds of data breaches involving community data,” and “tools like group communication and sanction,” the Committee strongly recommended that the Government of India address them through appropriate legislation.93

Many of the solutions to these threats are within the ambit of personal data protection and regulations thereof, but it is unclear how efective they could be in balancing the multiple values at stake. With new modes of gathering and processing data, such as internet-of-things and remote cloud servers, privacy notices that are predominantly available on websites and mobile apps are fast losing their relevance.94 The pervasiveness of digital technologies and applications has also resulted in “consent fatigue” due to the increasingly large number of requests for consent and the disproportionate time required to meaningfully assess such requests by the user on a routine basis.95 Meaningful consent is further vitiated by a substantial number of companies adopting a “take it or leave it” approach to privacy notices, with no room for negotiation.96 Privacy notices also often sufer from verbosity and dense legalese.97 Moreover, the draft bill proposed by the Srikrishna Committee does not address many situations where it is difcult to register consent because of technological or interface limitations. Consequently, the notice-and-consent foundations of this bill can diminish the fexibility needed for new data technologies to scale and grow.98

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 35 Therefore, solutions on ofer at present, especially the idea of privacy self- management, need to be customized to the specifc context of civilian drone use. Here, responses could include integrating a notice dashboard as part of Digital Sky. The public then can access information about the geographic locations and purposes served by drone operations, the sensing and data gathering technologies onboard the unmanned system, the kinds of data potentially captured, and technical specifcations relating to the granularity and accuracy of the data collected and processed, from such dashboard. By providing this option, the DGCA can efectively compel drone operators to carry out privacy impact assessments and publicize them before undertaking such operations. Data minimization can also be achieved because these assessments and disclosures make it possible to evaluate whether the data operations are proportionate with the stated purposes, thereby disincentivizing drone operators to gather or process disproportionate amounts or types of data.99 Many of these recommendations are refected in a set of voluntary best practices that the National Telecommunications and Information Administration (NTIA) released in 2016. 100

Concluding Remarks

The traditional privacy challenges raised by drone technology – ftting drones with devices that can capture personal and private information at very close range, using the technology for mass surveillance, causing discomfort to human beings through their intrusive nature – are concerns totally ignored by the present regulatory response in India, except to place liability on drone operators for any such harms. Criminal law responses similar to those present in many of the state legislations in the U.S. need to be introduced to penalize rogue actors with wrongful intent to intrude upon privacy. In parallel, strengthening the civil tort of privacy through clear delineation of principles for quantifcation of damages, and the constitutional tort of privacy through appropriate legal standards to restrain mass surveillance projects, is required to safeguard individual interests against such traditional privacy harms.

These are basic steps that must be implemented soon to keep pace in an area where law and technology will continue to evolve.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 36 The Indian State must also move ahead to create appropriate personal and community data protection regimes that place limits on the processing of such data using drone technology. This framework should make use of a co-regulation framework that incentivizes private actors to adopt voluntary codes of conduct and places responsibility on appropriate state authorities to evaluate such codes, suggest suitable modifcations, and monitor compliance with the same. The Digital Sky platform, a state-of-the-art solution for regulatory compliance as well as drone tracking, should be expanded to publicize privacy impact assessments carried out by drone operators. These are basic steps that must be implemented soon to keep pace in an area where law and technology will continue to evolve.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 37 The Privacy Negotiators: The Need for U.S. Tech Companies to Mediate Agreements on Government Access to Data in India (Madhulika Srikumar)

Madhulika Srikumar is attending the graduate program at Harvard Law School as a 2019 Inlaks Scholar. She was previously an Associate Fellow and Programme Coordinator with the Cyber Initiative at Observer Research Foundation in New Delhi.

Acknowledgments: The author extends sincere thanks to Sharon Bradford Franklin, Andrew Woods, Greg Nojeim, Heather West, Jennifer Daskal, Tim Maurer and William Carter for their valuable insights. This paper would not have been possible without the kind support of New America and the invaluable guidance provided by Awista Ayub and Melissa Salyk-Virk. The author would also like to thank the 2019 India-US Fellows. All errors in this paper are the author's alone.

Introduction

Apple’s clash with the FBI in 2016 was touted as an “American Revolution” and a reminder of “why we (Americans) have the fourth amendment.”101 Indeed, Apple’s challenge signifed the pivotal role that tech companies play in defning the parameters of government surveillance.102 It did so by publicly challenging a court order requiring the company to break the encryption built into its iPhone device.

Cut to 2018: to the chagrin of privacy advocates everywhere, Apple announced that it would move the data of Chinese users to servers owned by a state-run company to comply with China’s data localization law. The company later announced that they would host the encryption keys in China;103 and that the Chinese partner would “have access to all data” of users registered in the country.104

An emerging body of scholarship has now examined the role that tech companies play in instances like Apple’s clash with the FBI – where “surveillance intermediaries” constrain government surveillance, as Alan Rozenshtein argues. 105 Scholars have examined the incentives and tools that tech companies use to resist the government (U.S. government in most analyses) and the net positive efect that it has ushered in for users against surveillance excesses by law enforcement.106

What these scholarly attempts have omitted, however, is taking the latter reality into account – where tech companies accede to (sometimes regressive) government demands. The number of internet users in India and China is over

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 38 four times larger than the United States excluding the number of future users.107 This fact alone introduces fner nuances that dismantle the existing understanding of fnancial and policy incentives that drive intermediary behavior.

I lay out in the following sections why tech companies must instead be treated as privacy negotiators – not only advocating for user privacy but negotiating the tradeof between cooperation or resistance in the short term vs. compliance with unintended regulatory consequences in the long term. Over the past year, the scales have tipped in favor of the latter outcome. The difculty of obtaining electronic data from U.S. tech companies combined with the historic resistance put forth by these companies has been recognized as the primary reason behind the onerous regulation introduced in India.108

In response, tech companies are increasingly relenting to government pressure thereby complying with regulation that is not only poorly designed but one that could pose serious consequences to the privacy of Indian users.

I argue that as privacy negotiators, tech companies are in a unique position in the surveillance architecture to reform cross-border access to data for law enforcement in a manner that secures the privacy interests of Indian (and all foreign) users. Given that these tech companies are privy to the nature of requests and have the legal standing to pushback against the requests- their role as privacy negotiators is established frmly.

In earlier work, I examined the challenges in the current cross-border regime where Indian government requests data from U.S. tech companies, arguing that the respective governments must consider an India-US executive agreement under the Clarifying Lawful Overseas Use of Data Act or CLOUD Act. I argued that such a bilateral agreement would not only ease cross-border access to data and make it more efcient but also safeguard user privacy in the process and ultimately strengthen the overall case against mandatory data localization.

This article takes of from there – given that there is an alternative on the table, there are still no signifcant advances being made in the conversation. This article explores why. Even while the challenge arising out of the confict of laws is undeniable, I argue that there is an emerging “confict of interests” which has resulted in tech companies acceding to Indian government’s demands for localization. The article, therefore, addresses the gap between current literature that examines the challenge of cross-border access to data and the growing scholarship on governing tech companies as “information fduciaries.”

In Part I, I briefy lay out the challenge of Indian government access to data highlighting how U.S. tech companies have fallen into the role of privacy negotiators. The section also briefy addresses the signifcant normative turnaround that an India-US executive agreement on data sharing can bring about.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 39 In Part II, I examine how the push for data localization from the Indian government came about and the competing incentives of tech companies that may ultimately drive them to comply with a larger localization mandate.

In Part III, I explore how the recognition of tech companies as data fduciaries under Indian law may enhance the legal responsibility of privacy negotiators – requiring them not only to pushback against localization but also push for more privacy protecting alternatives such as the CLOUD Act. In the fnal section, I argue that private tech frms indeed have the clout to push for an executive agreement between India and the U.S. to raise the privacy standards of law enforcement access to data.

This article is limited to examining the regulatory responses stemming from the cross-border conundrum when Indian law enforcement agencies (LEA) request user data from U.S. tech companies whose services are widely used in the country. Any reference to “tech companies” in this paper is limited to prominent U.S. tech service providers that are operational worldwide. Their function as privacy negotiators, therefore, is emblematic of the role they carry out in the current surveillance regime – and as I argue later in the article, also indicative of the duty they must discharge towards all users. Developments in India present a compelling lens to examine this contention since companies’ recent actions in the country exhibit a decisive turnaround in the incentives that earlier drove their resistance in the surveillance regime worldwide.

Conflict of Laws

The system for cross-border access to electronic data for criminal investigations between India and the United States has often been criticized for being outdated and time consuming, sometimes taking as long as three years.109 At the heart of the issue is the confict of laws between where the user is located, where the company is headquartered and in some cases, where the data is stored.This has led to fragmentation of legal frameworks across jurisdictions and reliance on slow inter-governmental processes like Mutual Legal Assistance Treaties (MLAT).

Access to electronic data – specifcally communications content – has become instrumental not just for crimes committed online but also to further investigations where these crimes cause ‘real-world’ harm. U.S. tech companies, governed by the Stored Communications Act, disclose non-content data to government agencies that honor the rule of law and respect fundamental rights. Companies only voluntarily disclose content data during exigent circumstances involving danger of death or serious physical injury to any person

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 40 Under normal circumstances content data can only be shared in response to a warrant issued in the U.S. As a result, in most cases investigating ofcers in India must obtain a warrant meeting the probable cause standard from a U.S. court through the India-U.S. MLAT to access content data. Due to delays and uncertainties associated with the MLAT process, Indian law enforcement ofcials often express their dissatisfaction of having to comply with a foreign law, especially while tackling crucial cases.110 One such instance is the recent case of disinformation spread through WhatsApp that resulted in mob violence and deaths of 27 people.111

Given this reality, the Indian government in the past year has called for data to be localized or stored within India’s borders. The mandate to store data locally either completely or in the form of “mirror servers” is a harmful and ill-suited policy approach for two reasons.

First, mandating data to be localized is especially dangerous to user privacy since police ofcials in India rely on legacy laws to access electronic data which require no prior authorisation by courts. Legacy laws in India provide that any court or police ofcer in charge of a police station can compel the production of any “document or other thing” that is necessary or desirable for the purposes of an investigation or trial.112 Not only has this power been interpreted broadly but in practice it is only police ofcers who issue notices to companies requesting user data.113 This imposes a much lower threshold than the U.S. Probable Cause standard that is currently enforced on Indian users through the MLAT process where the court issues a warrant.114

Second, data localization is ill-suited for the stated purpose of law enforcement access. Major service providers may not be able to comply with user data requests from the Indian government since U.S. law still efectively bars these companies from disclosing user data to foreign law enforcement authorities.115 Even if U.S. companies comply, only data of Indian citizens can be provided. In cases of transnational crimes such as online radicalisation, money laundering and cybercrimes, Indian police will have to continue to rely on cooperative models like the MLAT process.116

It is crucial that a common framework is devised that eases the existing confict of laws and increases institutional cooperation between states to discourage further fragmented developments such as mandatory data localization. Access to electronic data, therefore, must be determined on the basis of where the user is located and not where the data is stored. States must strive towards enacting direct data sharing arrangements between foreign LEAs and technology companies to operationalize this. The CLOUD Act signed into law last year by the U.S. Congress can actualize this for the frst time and decentralize control over data from U.S. authorities where popular technology companies are located.117

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 41 Even while the CLOUD Act is an imperfect solution – the Act by allowing executive agreements between states to bypass the existing confict of laws provides a workaround that was earlier unavailable. In efect, an India-U.S. executive agreement under the CLOUD Act would establish a higher standard of privacy protection for Indian users that is currently unavailable under Indian law such as limiting the scope of requests and judicial review.118

Conflict of Interests

Push for Data Localization

Calls for mandatory data localization by the Indian government over the past year have emerged as the overwhelming bone of contention. Far from mere rhetoric, the Reserve Bank of India (RBI) has already made it mandatory for all payment service providers to store copies of data locally.119

India’s frst draft data protection law imposes mandatory data localization – requiring all data fduciaries operating in the country to store at least one serving copy of data on a local server.120 The draft law further empowers the government to recognize certain categories of data which must not only be stored but also processed exclusively in the country.121

Admittedly, this push for data localization is part of a larger strategy that the government is rolling out to reassert their sovereignty in the digital economy. However, in no uncertain terms, the committee drafting the law has cited the difculty that law enforcement faces in accessing user data during criminal investigations and prosecutions as the primary motive behind the move.122 The committee reasons that forcing companies to localize data, even just a copy, can enable “quick and easy access.”

The government directive to command cooperation from companies on surveillance is not limited to data localization. The draft amendment rules to the Information Technology Act imposes an obligation on intermediaries to respond within 72 hours of receiving a request from any government agency; preserve data upon requests for 180 days or longer; and enable “tracing” the originator of the messages shared on their platforms.123

Forcing companies to store data locally – even just copies– has been widely panned by stakeholders in India and abroad. Broadly, enforcing data localization is criticized as a regulatory tool that can lead to unchecked surveillance, impose signifcant costs on companies, ironically on local startups, compromise security, and as per the U.S. government be discriminatory and trade-distortive. 124

It is undeniable that the Indian government has a legitimate interest in regulating tech companies, especially given their growing strategic importance. A case can

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 42 even be made that a carefully nuanced localization law – that is backed by evidence and least obstructive in practice – can be an appropriate regulatory response in some cases.125

It is undeniable that the Indian government has a legitimate interest in regulating tech companies, especially given their growing strategic importance.

However, the current data localization directive is driven by the government’s waning patience in eliciting compliance from tech companies across issues – from online speech to taxation. Even in the absence of a consensus across agencies on the extent, indeed the rationale behind data localization, the government is hurtling towards a point of no return. The government’s frustration stems from private and foreign companies wielding public power and, consequently, opposing state sovereignty.

Compliance with such a law would run wildly contrary to the public stance that tech companies have long held on this issue. If passed in its current form, this law will also be counterproductive defeating the government’s intended purpose, likely hurting law enforcement eforts, undermining user privacy in the process.

First, as I mentioned above, it is unclear whether a mandate to relocate data locally will translate into easier access for Indian law enforcement. Given that U.S. law efectively bars these companies from disclosing user data to foreign law enforcement authorities, companies are in a position to legally refuse to comply with requests. As is current practice, companies can continue to demand a judicial order from a U.S. court to comply with a request for content of any online communications.

Second, even if localizing data could assuage fears of foreign surveillance, it could easily lend itself to domestic surveillance. The Committee has sought to localize data for law enforcement but “categorically refused to aford this data any procedural protection”.126 The Committee has instead placed the onus on Parliament to enact another comprehensive legislation for surveillance reform. In other words, the government is enacting data localization in the absence of any, let alone strong, data protection laws and enforcement mechanisms. Some have gone on to argue that the mandate may therefore not fulfll the standard laid out by the Supreme Court on what constitutes a reasonable restriction on an individual’s right to privacy.127 This reasoning is compelling since the

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 43 government can just as easily adopt less onerous regulations that could serve the purpose adequately and proportionately.

Competing Incentives of Tech Companies

Developments over the past year conclusively indicate that tech companies are relenting to Indian government demands to forcefully localize data. While these demands are not new, the RBI made a decisive move towards enacting this mandate for the frst time targeting big tech companies – posing an existential peril to the payment ecosystem in the country. The principal banking regulator made it mandatory for all “payment system providers” to store payments data locally and ensure “unfettered supervisory access” to the data stored within a six- month period.128 Eighty percent of the players, including Google, Amazon, and Whatsapp, have reportedly either complied with the regulation or are planning to.129

Undoubtedly, the RBI notifcation has a far-reaching impact – not only because it is the frst policy of this kind, but more importantly for what it signals lies in store. It has been reported that the Central Bank is relying on the localization regulation to “prepare ground” for a stringent data protection law that would be applicable across sectors not limited to fnancial data. Further, the close involvement of the central government in seeking compliance with the RBI regulation frmly indicates the emergence of a “whole-of-government” approach, laying the foundation for a wider localization requirement under the upcoming data protection law.

Admittedly, big tech companies have complied with data localization laws in Russia and China previously. However, I argue here, that submitting to an Indian regulation (and thereby a mandate issued by a democratic state) represents a turning point in the incentives that drive their behavior in emerging economies. Take Facebook, for instance. The company recently not only acknowledged that choosing where to build data centers is “one of the most important decisions” they make, but also committed to not storing sensitive data in countries with weak human rights records or lacking security safeguards.130 Meanwhile, Facebook’s subsidiary Whatsapp is on the fnal stretch before storing all payments-related data within India in the absence of adequate checks and balances under Indian law.131

It may be unclear, even unnecessary, to characterize these actions of tech companies as hypocrisy or doublespeak. Tech companies have been and will continue to strike a balance between cooperation with, and resistance to lawful surveillance across jurisdictions.

In efect, however, the added complexity of responding to foreign governments has contributed to their resistance over time. This, in turn, has resulted in heavy- handed policies in growing markets such as India, which has distorted the

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 44 incentives that earlier drove their actions. Companies are increasingly either adhering to these policies or showing a willingness to. Even while companies are incentivized by a proft motive, and understandably so, as privacy negotiators their acquiescence or pushback plays an outsized role for the privacy rights of Indian users. This alone demands an exercise in breaking down what incentives drive them.

Launch of new services: The launch of WhatsApp’s frst-ever payments service coincided with the RBI localization notifcation. The RBI’s directive to all payment system providers to store payment data of the Indian leg of a transaction exclusively in India was issued in April 2018. In addition to the local storage requirement, the stated purpose behind the regulation was for providers to establish a mechanism to allow the Central bank to monitor this data end-to-end. The regulation was applicable to all payment providers including international card networks such as Mastercard and Visa, and operators of pre-paid wallets including WhatsApp Payments, Amazon Pay and Google Pay.

The consequent resistance to this regulation by global payment frms including big tech companies illustrated not only how their pushback was unsuccessful, but also the stakes involved for these companies as they were vying to expand in the Indian market. Tech companies view India as the “next frontier of growth” – fghting to capture the sizable and growing digital payments market, which is expected to be worth a reported $500 billion by 2020.132 Google Pay is reported to have 30 million users on the platform in India alone. With over 200 million monthly active users, India is the biggest market for WhatsApp – justifying why the company has been testing its payments service frst in the country.

Even while complying with the RBI regulation heralded signifcant costs and an overhaul of existing operations; and is inconsistent with their previous policy positions on this issue, tech companies ultimately relented. Google, for instance, agreed to abide by all RBI requirements while at the same time maintaining that they promote cross border data fows since they generate more economic value. Apple, on the other hand, has reportedly stalled the launch of Apple Pay in India in light of RBI’s localization mandate.

Even under mounting pressure from industry bodies,133 U.S.-India trade organizations134 and U.S. senators,135 the Indian government has been unwavering in its demand. The Central Bank refused to extend their six-month deadline for compliance;136 did not concede to a less onerous alternative such as a “mirror server” requirement;137 and did not open up to public consultation.138 While companies challenged the RBI directive, it is clear that none of them pursued a legal challenge, though the reasons why remain unclear. Combined with the whole of government approach that the current administration in India has adopted, we see that tech companies acceded to the localization request given their signifcant growing interest in the market.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 45 Localization as the “less bad” option: Increasingly, tech companies operating in India are seen to be viewing a localization mandate as a less bad option. First, tech companies across the board have agreed to comply (some at the frst instance) with the RBI notifcation to exclusively store payment data arising out of the country locally. The majority of the global payment frms including Amazon and Google have abided by the law and satisfed the regulator’s requirements.139 This difers signifcantly from how some of the companies have responded to Russia’s 2014 data localization law, with some either ignoring the obligation altogether and the rest failing to fully comply.140

Second, it appears increasingly unlikely that the companies would continue to rely on U.S. law as a crutch to resist or delay responding to requests from Indian agencies.141 In efect by complying with the RBI requirement to store data exclusively in India, the companies have ceded to the regulators’ supervisory powers. Especially given the presence of physical infrastructure or personnel in the country, companies might consider the risk of not attracting punitive action more seriously.142

Third, tech companies might be willing to acquiesce to data localization to stave of demands that could fundamentally alter their technological design. Over the past year, while WhatsApp has been under government pressure to localize data, the company was also fghting the fre to contain the spread of viral rumors on its platform. False videos of child abduction shared on the messaging app triggered a spate of mob-related killings that resulted in over 30 reported deaths.143

The company’s plan to launch its payment service stalled as they came under intense scrutiny from the government to “not evade responsibility” and were being pressured to introduce technology changes to their service.144 This pressure culminated with the Ministry of Electronics and Information Technology (MeitY)’s draft intermediary guidelines late last year that mandatorily required companies to enable “tracing out the originator” of messages upon requests and to respond within 72 hours. While the company made changes to its messaging service to limit forwarding of messages, they pushed back on the tracing requirement as it could entail breaking the end-to- end encryption deployed by the platform.145 We see that while the company was willing to alter its architecture by storing data locally for its payment service, they were at the same time unwilling to alter a critical facet of its business model in encryption.

Responsibility of Tech Companies as Privacy Negotiators

U.S. tech companies operating in India are therefore caught up in what can best be termed as an identity crisis. At the crux of it, the aforementioned incentives muddy the waters for tech companies, making it difcult for them to push for a

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 46 workaround to adequately address the challenge of Indian law enforcement access to data.

Since U.S. tech companies play a unique role when responding to government surveillance, acting both as the frst and last line of defense, I argue that only companies can and must negotiate to protect the long-term privacy interests of Indian users. Especially given that these tech companies will soon be recognized as “data fduciaries” in the Indian market, I argue that companies indeed have an additional legal responsibility to protect their users’ privacy interests.146 Through the CLOUD Act, tech companies can counteract the demands for data localization while upholding high standards of due process and privacy protections for Indian users that are currently unavailable under Indian law.147

As current literature has exhaustively outlined, tech companies are the only actors privy to the nature of requests they receive from government agencies.148 Not only can tech companies aford the resources to comply with requests, but they can also cooperate more actively, and even pushback through a legal challenge when required.149 Ultimately it is only companies who have the resources or the legal standing to fght a request – further entrenching the role that they play as privacy negotiators.150

The question that then arises is what role do companies discharge as privacy negotiators? Are there any obligations, legal or otherwise, on these companies to safeguard user rights within the larger surveillance architecture?

To predict the route that technology companies will adopt in the tussle between advocating for user privacy and acceding to lawful surveillance, it is necessary to distill the specifc interests that tech companies have in going either way. Viewed as pure corporate actors following rational self-interest, it may seem unwise for the companies to assume any additional burden of resisting requests for access to data, even when requests may be overbroad or vague. This holds doubly true when American companies undertake the collective responsibility of addressing requests from foreign governments and are called on to fnd a fx to the current overburdened cross-border regime for data sharing.

Largely, the current scholarship falls on one of two sides of this debate. The frst, popularized by Rozenshtein, adopts an empathetic view that companies as surveillance intermediaries have brought about an overall positive change or “disciplining efect” on the surveillance regime—through pushback in courts and mobilizing public opinion for the beneft of user privacy. Rozenshtein goes so far as to argue that tech companies have never before relied so signifcantly on a foreign user base and resisted government surveillance this aggressively in part due to their “intense libertarian aversion to government invasions of privacy.”151

The second is more cynical in its outlook where scholars argue that tech companies shielding or delivering information to law enforcement is all

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 47 happenstance and purely an outcome of their pervasiveness in our digital economy.152 Users should have no expectations to think a “technology company can and should be responsible for its users’ rights.”153 Regardless, the consensus across the two schools is loud and clear. Tech companies post 2013 Snowden disclosures have a commercial incentive to challenge lawful government surveillance and advocate for users rights; and indeed on the whole until now, companies’ actions support this contention.154

However, this contention overall no longer holds any water. As I have outlined above, the incentives of tech companies are no longer aligned with the interests of users – at least Indian users. By conceding, indeed, complying with the Indian government’s mandate to store data locally in the absence of adequate privacy safeguards, tech companies’ interests have conclusively aligned with the government and regulatory interests and no longer appear aligned with those of Indian users; and by extension users in all emerging markets. The incentive to launch a new service in a crucial market or the act of conceding to localization in order to not attract other adverse regulatory mandates are compelling reasons for companies to abandon their seemingly voluntary role as privacy negotiators. Instead, the assertion that companies often choose to fght for user privacy because of their proft motives and not in spite of them—as advanced by the above mentioned cynical school—does a better job of explaining the turn of events helmed by tech companies in the country. Simply put, tech companies fnd themselves in a confict of interests—advancing their market priorities versus prioritizing user privacy.

This relationship between tech companies and users stands fundamentally altered with the growing recognition of tech companies as fduciaries. India’s upcoming draft data protection bill may well be one of the frst few legislations that articulates this duty of care for tech companies – recognizing any individual, state, company, or juristic entity who determines the purposes and means of processing personal data (either alone or in conjunction with others) as data fduciaries.155

The constitutional law scholar Jack Balkin frst proposed extending the common law doctrine of fduciary relationships to the digital economy – and coined the term “information fduciaries”.156 This proposal has gained wide acceptance, with the drafters of India’s data protection bill adapting it to develop a “fourth path” to deliver a data protection regime, distinct from the U.S., EU and China – relevant not just to India but to “all countries in the Global South”.157

As information fduciaries, tech companies including social media, search engines, etc. will have to discharge duties of care, confdentiality and loyalty towards users whose data they collect, store and use.158 This fduciary responsibility bestowed on companies is over and above the contractual rights that users are entitled to and further confers the duty on companies to adopt a

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 48 professional code of ethics to protect the data principal’s or user’s interests. Balkin likens this duty to that of a doctor’s or lawyer’s:

Suppose that a doctor, lawyer, or accountant sold personal information about their clients to a data broker. Suppose that they used personal information to manipulate a client’s actions for the doctor, lawyer, or accountant’s beneft. Or suppose that they simply disclosed it in order to gain a business advantage at the expense of their client. If they did any of these things, they would likely be liable for a violation of professional conduct … Even absent an express promise not to reveal, use or sell information, there is a duty not to do so in ways that will harm the interests of the client, or that pose a confict of interest.

The fduciary relationship between users and companies, however, is not extended to all online service providers who operate in the digital economy. Instead, four criteria must be met for a company to be considered an information fduciary; whether users are placed in a position of signifcant vulnerability, whether users disclose personal information to the company in return for gaining access to important online services; and fnally whether the company holds disproportionate volumes of data about the user which can be used against her interest.159 Admittedly, India’s draft data protection bill adopts a broader sanction, indeed conferring the fduciary duty on all actors who process personal data in the digital market.

The criteria set out above, however, are wholly met by private tech frms in the current surveillance ecosystem for the reasons I stated above – that tech companies are the frst and last line of defense.160 While the above excerpt suggests that tech companies must be able to avoid conficts that harm the interests of clients, or in this case users, altogether – the reality is not as wishful. Instead, with the statutory recognition of their fduciary duty, tech frms have an obligation to carry out their duty of loyalty by resolving any confict of interest to the beneft of their users’ interests and not their own. Therefore, as privacy negotiators, tech companies must respond to surveillance by not endangering the privacy of their users by localizing data in the absence of adequate safeguards, but instead work towards a sustainable workaround. Commentators have argued that the government’s push towards data localization in the data protection bill (and companies acceding to this demand) undermines the fduciary relationship laid out in the very same bill – increasing not just privacy but the security risks of users located in India.161

Indeed, the duty of loyalty translates into fduciaries ensuring that they use data “only in ways that are consistent with users’ expectations.”162 Expectations of Indian users can be easily traced in the submissions to MeitY during the recent public consultation process on the data protection bill. Not only has a signifcant

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 49 section of civil society and industry opposed the localization mandate but there is also a growing consensus that an India-U.S. agreement under the CLOUD Act must be considered as a policy alternative. Therefore, as privacy negotiators bestowed with a fduciary duty, tech companies must strive to leverage their clout to push for such an agreement.

Resolving Conflicts

The whole-of-government approach adopted by Indian policymakers combined with the support from the law enforcement and national security community has all but cemented the government’s single-minded objective of demanding U.S. companies to store personal data locally.163 This move cannot be seen in isolation – only stemming from the challenge that the Indian government currently faces either in accessing user data or enforcing domestic regulations. The government recognizing that data is a “strategic asset”164 is motivated to level the playing feld between Indian and foreign players in the digital economy; even appointing industry representatives with reported conficting interests to policy drafting committees.165 While there is acknowledgement that localization is not a silver- bullet solution for all of these multifarious concerns, law enforcement access is viewed as the only challenge that will defnitively be solved by localizing data within Indian borders. With the lines between global tech companies and their Indian counterparts drawn, Indian companies have thrown their support behind localization; expecting that it will give them a competitive advantage against the outsized resources that the technology giants command.

Other developments over the past year have also contributed to a confrontation between foreign tech companies and the Indian government. The reveal, for instance that the Cambridge Analytica leaks had led to sharing of personal information of 560,000 Indians with the political consulting frm.166 And more recently, Twitter initially declining to appear before the parliamentary standing committee on information technology.167

From the perspective of the users, however, there is a dawning realization that critical safeguards for privacy may be lost in this battle for compliance between the government and companies. Especially in the surveillance regime it is ultimately only companies that may have a legal standing to resist requests for excessive collection of user data – further cementing the role that they can play as privacy negotiators. In efect, global technology companies wield signifcant bargaining clout that,at least until now,as been used sparingly when user privacy has coincided with their commercial interests. On the face of it,that seems to be changing.

Major U.S. tech companies have openly supported President Trump’s signing of the CLOUD Act.168 Microsoft, for instance, has committed to additional privacy protections on top of the CLOUD Act including the requirement for prior-judicial

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 50 sanction before responding to request.169 Apple is contributing to making the process more transparent by training law enforcement ofcials from around the world in lawful data collection and by creating a web portal for requesting user data and tracking the status of these requests.170 More recently, Amazon Web Services joined the list of prominent technology companies that have lent support to the CLOUD Act as the answer to data collection for law enforcement.

This support is not insignifcant. With their sheer size, near complete integration with the digital economy and transnational operations, the companies have begun to resemble nation states in multilateral negotiations and as such will have a huge bearing on whether the new framework succeeds or fails.

However, as I have examined in Part II of the article, even as companies openly voice support for frameworks such as the CLOUD Act, their actions in response to regulatory pressure in India suggest otherwise. A critical consideration in this equation, however, is users’ trust in the companies’ ability to protect their data and privacy. This trust is not limitless and for it to persist, companies will need to walk the talk of safeguarding user privacy.

Frameworks like the Cybersecurity Tech Accord, signed by over 100 global companies committed to protecting users against malicious cyber threats (even those emanating from state actors), are symbolic of the clout that global tech companies can leverage – an initiative that need to be encouraged in conversations around law enforcement access to data.171

Conclusion

Law enforcement demands for access to data have coincided and intensifed with the evolution of electronic communications. And yet, the contours of this access are more fuid today than they have ever been and will only get murkier in the coming years. Two paradoxical trends in technology lend credence to this fact: even as larger and more complex data sets become available, a pivot towards anonymising technologies is likely to make more and more data inaccessible to law enforcement.

Law enforcement demands for access to data have coincided and intensifed with the evolution of electronic communications.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 51 Earlier this year, Facebook – arguably the most important arbiter of user privacy – announced the eventual merging of its three messaging services and the creation of an ecosystem where the chat app essentially becomes a web browser.172 The more signifcant part of the announcement, however, was the deployment of WhatsApp-like encryption across all its services.173 The company would store no content data and would therefore not be in a position to share it with law enforcement. This pivot towards universal encryption is likely to intensify the present demands for data access and a resurgence of the dichotomous debate around user privacy versus national security.

At the same time, as emerging technologies like facial recognition, wearables, and smart assistants become commonplace, they will create highly sophisticated datasets including behavioral data – compounding both the volume and types of data that can be available for criminal investigations.174

While encryption will further frustrate law enforcement attempts to access data, new and emerging datasets will increase their dependence on technology platforms. Reconciling these two demands will need fxing the problems that currently plague cross-border data sharing. An important realization that has emerged in the context of controversies surrounding content moderation and speech regulation by social media platforms has been that centralization of these complex politico-legal decisions in the hands of a few actors.175

Competing priorities around ensuring national security, investigating crimes and protecting user privacy have long evaded any meaningful reconciliation. In many ways, recent developments like India’s data localization mandate have forced technology companies and privacy advocates into a corner. At the same time, new policy frameworks like the CLOUD Act have, for the frst time, thrown up an opportunity to arrive at a sustainable and privacy-strengthening solution.

The pivot that technology companies make in their public policy posture now will determine the way in which this debate will be resolved. It is critical that they step up and not only bargain for stronger user protection, but also highlight to countries like India how a cooperative and not compulsive framework will better serve all stakeholders in the long run.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 52 Governing Data: Non-Discrimination and Non- Domination in Decision-Making (Joshua Simons)

Joshua Simons is a Sheldon Fellow in Government at Harvard University, and is writing about the politics and ethics of machine learning. His research argues that machine learning is political.

Introduction

This paper is about how modern democracies should govern data-driven decision-making. It examines the goals that democracies might require diferent institutions to embed in their decision-making procedures, including those that use machine learning. I compare the public philosophies and constitutions of America and India to contrast such goals, the elimination of discrimination and domination respectively.

The present is a critical moment in the governance of data-driven decision- making. Across the world, the debate about the governance of data and the technology companies is gaining pace.176 In India, the government has begun to develop a ‘data marketplace’ for private sector institutions to stimulate innovation.177 India is also on the cusp of adopting a comprehensive legislative framework to govern data-driven decision-making.178 The draft Data Protection Bill, built on the conceptual foundations of the Srikrishna Report, will be the frst signifcant legislation to draw on the data fduciary concept developed by American lawyers.179

At such a moment, it is important to pause to ask fundamental questions about what the governance of data should aim to achieve. This paper goes beyond familiar concerns about privacy to compare two ideas that might underpin such a governance framework: discrimination, which I associate with American law and politics; and domination, which I associate with Indian law and politics. The U.S. places on institutions only the negative requirement not to discriminate in their decision-making procedures.180 This limited goal does not address the ways in which, without intent or malpractice, decision-making procedures can compound and entrench patterns of inequality.

India’s approach in politics and law to addressing structural social inequality is founded on the concept of domination. In particular, the ambition to eliminate relations of domination is central to the Constitution of India and the writings and speeches of B.R. Ambedkar. India requires society’s most important institutions to embed in their decision procedures the goal of eliminating persistent structures of power between social groups, a goal that extends beyond simply the pursuit of efciency and non-discrimination.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 53 Other democracies can learn much from India’s traditions, including the U.S. The Indian idea of domination treats equity as a policy to be pursued in the name of democracy.181 This recognizes that pervasive and persistent inequalities of power —of resources and income, education and health, social status and respect— ultimately undermine democracy itself. The promise of political equality, the foundation of collective self-government, becomes a mirage. Because domination is a threat to democracy, institutions across the social, economic, and political spheres must embed the goal of eliminating it in their decision-making procedures.

India’s current approach to governing data neglects these ideas. Instead of drawing fromIndia’s own constitutional and philosophical traditions, the draft Data Protection Bill imports several fimsy concepts from American and European privacy law, including from the EU’s General Data Protection Regulation (GDPR). India should instead pursue its own approach, built on the idea of non-domination, rather than the shaky foundations of privacy. The governance of data should aim not just to protect privacy, but to promote equity.

This paper applies these ideas about non-domination to the governance of data- driven decision-making. It explores how the responsibilities of data fduciaries, the conceptual pillar of India’s recent Data Protection Bill, might be extended to include responsibilities to address structural injustice. This could be done in a context-sensitive way, that varies across institutions and sectors.

The great strength of the non-domination principle is that it forces us to ask: Who decides? It focuses on who gets to make choices about the design of data-driven decision procedures that will shape the contours of our societies. As we march rapidly towards an algorithmic world, the question of what principles should underpin the governance of data-driven decision-making, will be among the most important political questions in the data-drenched twenty-frst century.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 54 The Challenge: Data and Decisions

Data-driven decision-making operates at three levels. First, society itself. Societies are characterized by diferences and inequalities of all kinds. Some we do not regard as important, such as what brand of raincoats diferent groups choose to wear, what humor they prefer, or how they dance. Some are the result of persistent structures of power, such as the way that race, gender, caste and class shape educational and employment opportunities, access to healthcare or credit, or the ability to be seen and heard in public with dignity and respect.182

Second, data. Data sets almost always refect these diferences and inequalities. They show us not only which clothes or humor diferent groups prefer, but also the complex ways in which race, gender, caste, and class condition the opportunities certain groups are aforded. If African Americans or Dalits are routinely excluded from educational opportunities, property in safe and prosperous locations, or valuable jobs and promotions, then a large and complex dataset will refect how being an African American or Dalit conditions—and therefore correlates with—the opportunities an individual is aforded in life. Data encodes social inequalities and the structures of power that produce them.183

Third, the decision-making procedure. Data sets can be used to make decisions in a number of ways. These range from simple linear models to sophisticated forms of machine learning. When an institution develops its decision-making

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 55 procedure, it makes choices about how to structure that procedure. These include choices about the data-driven model itself: which data to train it on, which features to include, what to train it to predict, rank, or classify. These also include choices about how to combine the model with human decision-making, such as what kind of human oversight, if any, to impose.184

There are conficting ideas about how data makes decisions diferent. On the one hand, data ofers the opportunity to eliminate intractable human prejudice.185 On the other, data threatens to reinforce existing prejudices and inequalities. Wealthy, white, men are better represented in data. Using that data to make decisions—without human refection or intervention—will simply reproduce those injustices.186

The truth is that we have choices about how we use data to make decisions. Data gives us control over our decision-making procedures, especially machine learning. It enables us to be explicit about the goals we wish to prioritize, the values we wish to promote, and the trade-ofs we are willing to make. We can decide to impose a defnition of fairness. Or we can decide to ignore issues of justice and equality, and blindly pursue accuracy and efciency.

Data raises the stakes of these choices, about which values to embed in our decision-making procedure. Data-driven decision-making operates on a vast scale. This means that the choices an institution makes as it designs decision- making procedures will, over time, shape the lives of large numbers of people. Especially in India where data-driven programs operate on a caste scale. Aadhar, India’s national identifcation system, is now reported to cover almost 1.2 billion citizens.187

To understand the kinds of choices involved, consider an example. Imagine an online advertising tool that recommends job adverts to individuals. The recommendations refect the past online behavior of users seeking job postings, in particular, which advertisements they clicked on and applied to. Suppose women on average clicked on lower paid jobs than men; the tool then recommends lower paid jobs to women compared to men. The institution designing the tool has three options, each with quite diferent technical and legal implications.

First, the institution could establish a decision-making procedure that refects the world (read: data) as it is. This tool would show women lower paid jobs because that’s the data users have given them. Second, the institution could impose some fairness metric on their decision-making procedure. For example, they could impose a maximum diference between average incomes in job postings for men and women within a specifed geographic area. Computer scientists have developed a series of sophisticated individual188 and group-based defnitions189 of fairness (some of which cannot simultaneously be achieved)190 which could be imposed on the model. Third, the institution could use their decision-making

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 56 procedure to change the world (read: data). They could show women higher paid jobs on average, subject to some reasonable constraint.

What choice should the institution designing the jobs recommendation tool make? What should our governance framework say about which choice the institution should make? This paper compares two ideas in the U.S. and India about the kinds of burdens that should be placed on institutions as they make these choices: discrimination and domination.191

Governing in America: Non-Discrimination

Over the past fve decades, non-discrimination has become among the most important principles for governing decision-making procedures in the U.S. It is broadly accepted that institutions should ensure their decision-making procedures do not discriminate, including procedures that use data. Let us examine this principle by focusing on one particular law, Title VII of the Civil Rights Act of 1964, which prohibits discrimination against employees and applicants on the basis of race, color, sex, national origin, and religion.192

Recall our tool that recommends job adverts to users. The company who designs it has three possible choices: To refect the world as it is and show women lower paid jobs on average, because those are the job postings they tend to click on; to impose some fairness constraint, such as specifying some maximum diference between the average income of jobs postings between men and women; or to change the world and show women higher paid jobs on average than men, subject to some reasonable constraint.

U.S. discrimination law would not require this company to pursue either of the fnal two strategies. To require the company to pursue these would, in efect, would require institutions in their decision-procedures to take afrmative action on behalf of protected groups. This extension of the non-discrimination principle has never gained broad purchase in the United States.193 To see why, let’s focus in more detail on Title VII. This will clarify the ideas and concepts that actually underpin the non-discrimination duty—and most importantly, their limits.

Two kinds of legal cases can be brought under Title VII, disparate treatment and disparate impact. Disparate treatment concerns direct discrimination in which similar people are formally treated diferently, usually when there is demonstrable intent to discriminate. More important for our purposes is disparate impact, which is indirect discrimination that does not concern intent. 194

A disparate impact case involves three questions. First, is there a disparate impact of this policy on members of a protected class? The plaintif has to show that the decision-making procedure causes a disparate impact with respect to a protected

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 57 class. Second, is there some business justifcation for this disparate impact? This has historically been the most important part of a disparate impact case. The defendant has the opportunity to show there is a legitimate business case for this procedure and thereby avoid liability. In data-driven decision-making, the answer is usually likely to be that the procedure accurately predicts something useful to the defendant. Third, is there a less discriminatory means of achieving the same ends? This may become the most important component of a Title VII case in relation to data-driven decision-making. The plaintif can show that there is another decision-making procedure that achieves the same goal, but produces less discriminatory outcomes across a protected group. 195

In most cases, efcient data-driven decision-making procedures will not fall foul of Title VII discrimination law as currently constituted. This is because the principle of non-discrimination on which the law is developed does not capture cases in which data-driven decision-making procedures reinforce existing structures of inequality and disadvantage.196

Consider two goals that have driven the development of U.S. discrimination law, anti-classifcation and anti-subordination. The anti-classifcation goal aims to combat unfairness for individuals in certain protected classes that results from the choices of decision-makers. This mostly concerns formal or intentional discrimination. The anti-subordination goal aims to eradicate inequalities based on membership in protected classes; not just procedurally, but substantively. On the anti-subordination view, the purpose of disparate impact law is not only to unearth well-hidden cases of intentional discrimination, it is also to cover cases of unintentional discrimination which entrench existing patterns of inequality.

Legal theorists and courts have reached consensus only on the anti-classifcation goal. The law is not now thought by most to serve the purpose of addressing the complex structural inequalities to which disadvantaged groups are subject. Without the anti-subordination grounding, U.S. discrimination law has no basis on which to impose on institutions the requirement to address structural injustice in their decision-making procedures.197 “As a society,” the historian Michael Selmi argues, “we have never been committed to eradicating racial or gender inequality beyond immediate issues of intentional discrimination.”198

The problem with the non-discrimination principle is this. It reinforces the idea that beyond efciency, the sole responsibility of institutions is to pursue neutrality or blindness in the design of their decision procedures. Institutions have no obligation to ensure that their procedures do not entrench existing structures of inequality.199 Non-discrimination constrains attempts to embed equity in the decision-making procedures of important institutions. It does not support the goal of transforming underlying structures of power or confronting persistent patterns of domination. As the feminist scholar Nancy Down argues, “discrimination analysis is designed to ensure that no one is denied an equal

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 58 opportunity within the existing structure; it is not designed to change the structure to the least discriminatory, most opportunity-maximizing pattern.”200

I believe that non-discrimination, and the ideas of neutrality or blindness it entails, obscures the politics of debating and deciding between substantive aims, and the trade-ofs required to achieve them. Negative duties of non- discrimination are not a satisfactory basis on which to develop a framework for governing data-driven decision-making.201 We must think explicitly about how we should treat individuals diferently on the basis of the disadvantages associated with protected groups. The rest of this paper explores how the constitution of India and the arguments of B.R. Ambedkar might enable us to reason through that challenge. They explore another idea to underpin the governance of data-driven decision-making: non-domination.

Governing in India: Non-Domination

In 1950, India adopted a constitution that represented a new social and political experiment. On the eve of independence, most of those who became citizens could not read or write. India was a society characterized by profound hierarchies of power and deep diferences of language, education, and culture. The constitution aimed to harness the power of the state to transform these entrenched hierarchies. This was to be achieved, in part, by imposing on institutions a wide range of responsibilities to directly address structural social injustices.

India’s constitution directly challenged the liberal idea that underpins the approach to non-discrimination in the United States, “that every attempt to resolve social question of inequality and material destitution by political means would lead to terror and absolutism.”202 As Sunil Khilnani explains, democracy in India promised “to bring the alien and powerful machine like that of the state under the control of human will...to enable a community of political equals before constitutional law to make their own history.”203 The Constitution, as K. G. Kannabiran describes it, particularly the Social and Economic Directives, expressly places “the state under obligation to eliminate inequalities in status, facilities, and opportunities between people.”204

These ideas were in large part B.R. Ambedkar’s.205 Ambedkar’s primary concern was with the relationship between the political sphere, on the one hand, and the social and economic spheres, on the other. His work explored what burdens the pursuit of political equality in a democracy placed on diferent actors to address manifest social and economic inequalities.

Introducing the Constitution in 1949, Ambedkar issued a warning to India’s Constituent Assembly. He warned his comrades, “not [to] be content with mere

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 59 political democracy. We must make our political democracy a social democracy as well.” He continued:

On the 26th January 1950, we are going to enter into a life of contradictions. In politics we will have equality and in social and economic life we will have inequality. In politics we will be recognizing the principle of one man one vote and one vote one value. In our social and economic life, we shall, by reason of our social and economic structure, continue to deny the principle of one man one value. How long shall we continue to live this life of contradictions? How long shall we continue to deny equality in our social and economic life? If we continue to deny it for long, we will do so only by putting our political democracy in peril. We must remove this contradiction at the earliest possible moment or else those who sufer from inequality will blow up the structure of political democracy.206

The contradiction between formal political equality and social and economic inequality is, in the end, a threat to democracy. For Ambedkar, if the equal worth of each citizen in politics stands in stark contrast to persistent inequalities in the economic and social spheres, political equality becomes a mere formalism. The idea of democracy becomes a mirage. Since patterns of domination reproduce persistent inequalities, democracy itself depends on the practical and continuous goal of eliminating patterns of domination.207

This prompts a series of important political questions: Who has what burdens to eliminate non-domination? How should they be imposed? Ambedkar’s refections on these questions formed the basis of some of the most ambitious provisions in India’s Constitution. The idea was to embed social transformation into the aims and procedures of society’s most important institutions. Powerful institutions were explicitly required to direct their eforts towards the transformation of society. These were the politics of confronting a long history of injustice.

There are two relevant parts of the constitution. In Part III on Fundamental Rights, Article 14 establishes equality before the law; Article 15 prohibits discrimination on the grounds of religion, race, caste, sex, or place of birth; Article 16 establishes equality of opportunity in public employment; and Article 17 prohibits the practice of untouchability. Second, Part IV the Directive Principles of State Policy, which cannot be enforced in law, establish “equality as a policy aimed at bringing about…changes in the structure of society.”208

The implications of these provisions for public sector institutions are reasonably clear: their decision-making procedures must contribute to the elimination patterns of domination. For instance, in 1980, the Supreme Court ruled the policies of reservation and afrmative action of the Indian Railway Board to be

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 60 consistent with the constitution’s aims and purposes. The Court argued that the State was in fact required to pursue policies of afrmative action—that is, to treat individuals diferently based on their membership of groups historically subject to patterns of domination. Issuing the judgment, Justice Krishna Iyer wrote: “the Indian Constitution is a National Charter pregnant with social revolution, not a Legal Parchment barren of militant values, to usher in a democratic, secular, socialist society which belongs equally to the masses hungering for a human deal after feudal colonial history’s long night.”209

The implications for private institutions are less clear. Case law is still developing. Consider the scope of Article 15 (2), which states that no citizen can be restricted on protected grounds from access to “shops, public restaurants, hotels and places of public entertainment, as well as places of public resort dedicated to the use of the general public.” In a 2011 case, the Army College of Medical Services (ACMS) in New Delhi devised its own merit-based admissions procedure. The Court found the procedure to be unconstitutional. Its reasoning stated that private sector institutions were subject to the provisions of Article 15. “If a vast majority of our youngers, especially those belonging to disadvantaged groups, are denied access in the higher educational institutions in the private sector,” argued the judgment, “it would mean that a vast majority of youngers… belonging to disadvantaged groups would be left without access to higher education at all.”

The court drew on Ambedkar’s arguments in the Constituent Assembly debates, to expand the scope of the word “shop” to include private educational institutions. The ACMS admissions procedure, the Court found, produced disparate impact, reinforcing the disadvantage of students from disadvantaged backgrounds. Since ACMS was subject to the provision of Article 15 (2), and its admissions procedure produced demonstrable disparate impact against disadvantaged students, it was unacceptable.

More interesting was the Court’s interpretation of the word “only” when referring to the prohibited grounds of discrimination. They interpreted the word not to prohibit merely explicit or intentional discrimination on the grounds of some protected trait, as courts tend to in the U.S. Instead, the word meant that “the private establishment” must “ensure that the consequences” of its “rules of access . . .do not contribute to the perpetration of the unwarranted social disadvantages associated with the functioning of the social, cultural and economic order.”210 In other words, India’s Supreme Court has been willing to extend constitutional provisions beyond the requirements of non-discrimination. These provisions require private sector institutions to embed the aim of eliminating patterns of domination in their decision procedures.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 61 Non-Domination in Decision-Making

How far this provision will extend remains to be seen, but the underlying idea is clear. Democracy depends on the promise of political equality. This promise is undermined by entrenched patterns of domination. These patterns can be reproduced not only by the state, but by institutions that perform public functions or that distribute important goods, such as employers, landlords, banks, telephone networks, and so on. When these institutions establish their decision-making procedures—hiring and fring, promoting and demoting, setting rent and granting mortgages—they must bear some of the burdens of eliminating patterns of domination.

As Justice Bhagwati, the 17th Chief Justice of India, wrote: “In a hierarchical society with an indelible feudal stamp and incurable actual inequality, it is absurd to suggest that progressive measures to eliminate group disabilities…are antagonistic to equality on the ground that every individual is entitled to equality of opportunity based purely on merit.”211

Let’s explore the implications of the non-domination principle for the governance of data-driven decision-making. Recall the example with which this essay began: the tool that recommends jobs adverts. I argued that that the U.S. non-discrimination principle provides no grounds for placing any responsibility on a public or private institution to either impose some fairness constraint, such as limiting the diference between the average incomes of job posting seen by men and women, or to show women higher average incomes than men, on the grounds that doing so would be to pursue some defensible aim of social justice.

The non-domination approach provides grounds for imposing the responsibility to pursue both of these more ambitious aims. It could require public and private institutions to impose some kind of fairness constraint on their data-driven decision-making procedures, or to construct that procedure to specifcally eliminate patterns of domination. The Indian non-domination approach provides a conceptual and legal basis for applying many of the technical approaches to fairness developed in the computer science literature.212

India could develop an approach to governing data built on this non-domination principle. This could be done by broadening the responsibilities of data fduciaries, established in the draft Data Protection Bill.213 The fduciary concept rests on the idea of a relationship of trust. Banks are custodians of customers’ money; internet companies are custodians of customers’ data. That relationship of trust entails responsibilities for the fduciary to act in the best interests of consumers. For instance, processing data is permitted only for purposes that the consumer might “reasonably expect.”214 In a country where citizens expect institutions to bear the responsibility of eliminating patterns of domination,215

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 62 the concept of trust might plausibly impose quite signifcant burdens on grant fduciaries. They might be required to identify and raise important trade-of choices as they design and develop data-driven decision-making procedures, especially those that bear on entrenched social inequalities. Those choices could then be subject to meaningful public oversight, through explicit regulatory provisions, civil society organizations, and public debate.

Incorporating the non-domination principle into these fduciary requirements of trust may stretch the idea of trust to its limits. This is not because non- domination is too ambitious an aim, but because the governance of data is about more than privacy. If trust cannot incorporate ideas like non-domination, fairness, and justice, the data fduciary concept may prove limited in a world of algorithmic decision-making and machine learning. Jack Balkin, who frst coined the information fduciary concept, has written about this challenge. 216

Instead, more comprehensive structural regulation may be required. Such regulation must leave room for fexibility and variation. Eliminating patterns of domination may be part of the pursuit of political equality (essential in any democracy), but considerable variation should be permitted in terms of how this aim is embedded into decision-making procedures. Overly prescriptive and specifc regulatory requirements would undermine the institutional innovation that is required to achieve the overall goal.217

At this critical moment in the development of regimes to govern data, we must pause to ask fundamental questions about the ideas and aims that should underpin them. The American approach, guided by the principle of non- discrimination, does not impose on institutions the obligation to transform entrenched social inequalities through their decision-making procedures. In an algorithmic society, in which decisions are ever more often made or informed by algorithmic procedures, there is a risk that these structures of injustice are reproduced on a vast scale that becomes ever harder to adjust. A giant form of path dependency.

The Indian approach, guided by the principle of non-domination, holds that decision-making procedures, in both private and public institutions, are the right place to intervene to address structural injustice. Many difcult questions—about the extent of the responsibilities that diferent institutions should bear—remain unanswered and profoundly under-theorized.

But what the Indian approach makes clear is that a comprehensive approach to governing data-driven decision-making cannot simply address issues of privacy. Such an approach must confront intractable questions about the burdens of pursuing political equality. After all, as Ambedkar argued, nothing less than the future of democracy is at stake. This has never been truer than in a world in which data-driven decision-making is pervasive.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 63 Conclusion: Who Decides?

I would like to end by drawing attention to perhaps the most signifcant strength of the Indian approach and the non-domination principle on which it rests. It brings to the surface the politics of decision-making. It makes visible the inevitable trade-ofs involved in establishing a decision-making procedure. It therefore forces us to confront the choices we have about the burdens we wish to impose on institutions as they establish those decision-making procedures. It forces us to ask what we wish to achieve and how.

This is an important strength in an algorithmic world. Too often, political choices are buried in the technical details of decision-making procedures. In machine learning, for instance, they are buried in choices about the construction of the dataset, choices about the outcome of interest or target variable, or which variables to include in the model. The risk is that a great many of the political choices necessary in a democracy are buried in the technical decision-making procedures of institutions, beyond the reach of legislative action and political debate. The pursuit of justice is moved slowly but imperceptibly outside the sphere of democratic politics.

Too often, political choices are buried in the technical details of decision-making procedures.

Avoiding this outcome will require comprehensive legislation. That legislation must not only set out the responsibilities of diferent institutions to address structural injustice in their decision-making procedures. It must also take on an even harder task: establishing the right institutional structure to enforce those provisions. There is a difcult balance to be struck. Regulation should not aim to specify precisely who has which burdens in every case; regulatory overreach can stife democracy, as well as protect it. Yet without regulation, there can be no democratic oversight at all. This is not a tension specifc to algorithmic decision- making, but rather, one that characterizes the relationship between democracy and the modern administrative state. But as ever, data and algorithms raise the stakes.218

The great strength of the non-domination principle is that it forces us to ask: Who decides? The risk is that we pretend that nobody decides. In practice, this means

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 64 that institutions will decide unilaterally, often in secret and without public oversight, which priorities and values to build into their decision-making procedures. In the case of our example of the job recommendations tool, Google and Facebook decide, without accountability, whether they wish to pursue efciency, fairness, or non-domination. With the right framework, Google and Facebook may decide frst, but their decisions would then be subject to regulatory provisions. And those provisions would, in turn, be subject to the oversight of democratic institutions.

As our societies make more and more important decisions using data, democracies must make choices about how they wish to distribute the burdens of pursuing justice. Ignoring these choices will simply narrow the possibilities of political action, producing a kind of political atrophy, eroding the capacity of citizens to govern themselves in democratic politics. To stimulate their thinking as they confront these choices, democracies all over the world should draw on the writings of B.R. Ambedkar and the provisions of the Constitution of India.

This Indian approach, founded on the principle of non-domination, can provide an approach to governing data-driven decision-making that diverges from the familiar provisions of late twentieth century Anglo-American liberalism.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 65 Open Transit Data in India (Richard Abisla)

Richard Abisla is the Portfolio Manager, Americas at Caravan Studios, a division of TechSoup.

Acknowledgments: The author extends sincere thanks to Kate Owens, Andrea Rizvi, O.P. Agarwal, Charru Malhotra, Srinivas Kodali, Jackie Klopp, Catherine Hurd Johnson, Marnie Webb, Niranjan Krishnamurthi, and to all those who provided invaluable guidance and information for this project. The author is grateful to New America, in particular, Awista Ayub, Melissa Salyk-Virk, and the 2019 India-US Fellows, and to Caravan Studios and TechSoup for this opportunity. All errors and omissions in this paper are the author’s alone. All information was accurate at the time of submission/publication.

Introduction

Hundreds of millions of people worldwide rely on public transportation daily,219 yet only a tiny proportion of those users have access to accurate information about when their transport will arrive or where it is going. This lack of information is not solely customer-facing: the majority of transit operators, whether public or private, do not collect automated data that would allow them to make more informed business decisions. This lack of data creates a vicious cycle in which commuters, tired of wasting time as they wait for their bus or train, abandon mass transit and seek lower-capacity vehicles, like taxis, rideshares, two-wheelers, or autorickshaws,220 which increases congestion and air pollution. Both transit riders and operators would beneft from access to data about public transportation; on the user side, accurate information increases rider satisfaction and ridership,221 while on the operator side, data can be used to improve oferings and better meet the needs of local communities.222

Technological innovation and the transparency movement have spurred and spread the adoption of open transit data over the past 13 years. In 2006, the creation of a worldwide open standard for transit data, the General Transit Feed Specifcation (GTFS), provided an interoperable format for transit agencies of all types and modalities to share data that can be displayed on mobile apps, or used to create maps and schedules. A growing worldwide transparency movement, demonstrated by the 2011 launch of the Open Government Partnership223 and the institution of open data policies in the United States (2013), Britain (2010), and India (2012), have provided frameworks and policy assurances that citizens can access data collected by their governments. Despite the proliferation of technological solutions that can promote mass transit ridership and satisfaction, many countries lag in their adoption of open transit data, preventing their

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 66 residents from accessing readily available tools to use transit more efciently, save time, and reduce their dependence on lower-capacity vehicles.

This paper seeks to explain barriers to collecting, organizing, and sharing this data in the Indian public transport context, and will provide four case studies of transit data projects that are working to overcome these barriers. These successful projects provide examples of stakeholder engagement that can be replicated in other regions, such as Latin America, and countries where large portions of the population depend on mass transit. The paper will examine opportunities to include public transit data into existing data and transport policies, and will investigate opportunities to increase capacity-building eforts so that local transit authorities have adequate information to make decisions that favor open transit data.

Methodology

In order to investigate transit data organization and publication in India, I interviewed 40 people over the course of seven weeks and made site visits in Delhi, Mumbai, Kochi, Bangalore, and Hyderabad. All interviewees have participated in the Indian mass transit ecosystem by providing, studying, innovating, or using public transit. The interviewees include representatives from central, state, and local government, transit corporation employees, representatives from civil society organizations, and academics; many are also regular public transit riders. I reviewed the existing literature on open data and transit data in India and examined the issue via local press coverage. The objective of the four case studies that follow are to illuminate the diferent environments and sets of stakeholders that have allowed these projects to develop and garner support within local government and transit corporations.

Case Studies

Kochi: NGO leadership and resources together with a forward-thinking government

In March of 2018, Kochi Metro Rail Limited (KMRL) was heralded as the frst metro agency in India to open its data by publishing their GTFS feed on their website. KMRL’s open feed was developed with assistance from the World Resources Institute (WRI), a global research organization active throughout India that works to “turn big ideas into action at the nexus of environment, economic opportunity, and human well-being.”224 Kochi had initially approached WRI for help with their open data, and WRI was able to lend signifcant mentoring and technical assistance to KMRL staf.225 KMRL publishes a static GTFS feed,226 which, in their case, is as good as real time data due to vehicle management software that ensures trains run on schedule.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 67 KMRL, despite only operating the metro, currently acts as an interim Unifed Metropolitan Transport Authority, leading other transportation modalities to organize and share their data. Other stakeholders include private bus operators, a network of 15,000 autorickshaw drivers, and the Rajagiri School of Engineering and Technology (RSET). RSET is developing a data dashboard for KMRL, allowing the agency to analyze their data in more sophisticated ways. This will become increasingly important—and useful—as open data practices spread to other modalities in the Kochi transportation ecosystem. KMRL has helped to organize 950 privately-operated buses that are under contract from the government of the State of Kerala. These bus owners have been organized into seven companies that have agreed to have GPS devices installed on their buses and pay for monthly maintenance.227 The 450 government-owned and operated buses do not yet have GPS installed, as they have yet to go through the required procurement process for the GPS devices. KMRL was also a key player in organizing a cooperative of 15,000 autorickshaw drivers228 that will engage in a variety of activities focused on drivers’ welfare and economic success. Most notably, the cooperative will begin ofering transportation to Metro stations on a ticketed basis, and will develop a mobile application that will provide on-demand access to members that utilize the GPS installed in their fare boxes. KMRL ofcials note that organizing the bus companies into clusters and helping with the organization of the 15,000 autorickshaw drivers into a cooperative have been the most challenging parts of the project.

In order to provide arrival data for transit riders, Kochi has partnered with the Chalo229 mobile application to display metro, ferry, and bus data, and will soon add autorickshaws. Chalo has over 50,000 downloads and over 7,000 daily users, a modest amount for a city of over 2 million people.230 Because Kochi’s data is “open,” or hosted online and available for use, Kochi’s transit system is also displayed in Google Maps, which has over 1 billion active monthly users worldwide. As more buses and ferries are added to the GTFS feed, more developers may elect to build products using the feed. Access to the static GTFS fles are free, and a link to the fles are sent to the requestor’s email after inputting a name and email address.

Kochi ofcials have a clear vision that promoting ease of access to public transportation, such as providing frst and last mile connectivity to metro stations and providing access to digital schedules and journey planners will both increase equity and improve environmental outcomes. KMRL ofcials have noted that if transit is faster and cheaper, poorer residents will have more economic opportunities and more disposable income, which can lead to better opportunities for their children and a better quality of life for families.231 This equity lens is unsurprising considering Kerala’s communist-leaning governance history. In a similar vein, the Kerala Minister for Transport has publicly noted that the shift of commuters to private, lower capacity vehicles are increasing pollution, trafc, and accidents.232 Retaining transit riders, and creating new

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 68 ones, is key to addressing these concerns. Additionally, the Kochi Smart Cities mission shares administration with KMRL, resulting in a close relationship that has also infuenced KMRL’s commitment to open data.233

Delhi: Political will and academic leadership

In November of 2018, Delhi became the frst city in India to provide static and real-time bus data feeds.234 Delhi’s bus open transit data project was initiated in 2016, with the formation of an advisory committee that included a broad swath of stakeholders in the urban mobility space, including government ofcials, the Delhi Transport Commissioner, staf from both Delhi bus corporations, university professors, and industry representatives, like Google, and ride-hailing companies Uber and Ola.235 The Committee was a joint initiative of the Indraprastha Institute of Information Technology Delhi (IIITD) and the Delhi government, which is run by the Aam Aadmi Party, a new party that won on an anti-corruption platform and had made campaign promises to improve life in Delhi.236 As a result of the committee’s work, the Delhi Government signed a memorandum of understanding with IIITD to build a portal to share real time information publicly. IIITD, working with a group of student interns, unveiled a portal after fve months.237 Both static and real-time GTFS feeds are available on the open transit data portal after a simple registration that includes contact information and explanation of the intended purpose of accessing the data use.

The Delhi GTFS feeds currently include the 1,700 buses that are under the control of the Delhi Integrated Multi-Modal System (DIMTS), a joint venture of the Delhi National Capital Territory Government and the IDFC Foundation. Known as “cluster buses,” these orange buses are monitored by DIMTS, who also manages the contracts with individual private bus operators. All cluster buses have GPS installed, which allows them to be monitored from a central control center. Presently, only DIMTS-administered buses feed real-time data into the control center and the GTFS Real Time feed, as the remaining 3,800 buses managed by the Delhi Transport Company (DTC) are not currently participating due to broken or missing GPS devices.

DIMTS has developed a proprietary transit application, PoochhO.238 In addition to arrival times for the 1,700 cluster buses, PoochhO estimates bus seat availability on buses and provides proximity and contact information for nearby autorickshaw drivers.239 Both DIMTS and DTC buses are visible on Google Maps, with cluster buses providing real-time information and DTC buses ofering schedule data. However, Delhi’s bus data will be of limited use until the entire bus system’s data is available.240

Barriers in the Delhi data project include funding constraints and nonfunctional or missing GPS units on the feet of 3,800 DTC buses. Initially, limited knowledge of open data practices posed a challenge, but the strong partnership with IITD helped Delhi overcome this challenge.241 Furthermore, the partnership

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 69 allowed the project to succeed without a large fnancial investment. One of the project’s biggest successes has been cultivating buy-in from the Delhi local government, the Department of Transportation, and DIMTS. And, now that the data is online and open data activists are able to use it for their own analyses.242

Bangalore: Academic infuence, strong activism, and press coverage

Despite publicly announcing in 2017 that open bus data would be released imminently, as of early 2019 Bangalore has not published open static nor real- time GTFS feeds.243 Early excitement and positive press coverage244 of Bangalore Municipal Transportation Corporation’s (BMTC) open data commitment has transformed into frustration for many civil society stakeholders, including local tech workers who use a higher tier, yet still public, level of service known as “AC buses.”245 These are commuters who may shift to lower capacity vehicles when they are left waiting at the bus stop too long, adding to congestion and air pollution.246 A major fear of BMTC ofcials is that providing data on the AC bus lines, which are proftable, would open up those lines to competition from ridesharing companies Uber and Ola, reducing ridership and revenue.247

Another challenge has been buy-in from leadership at BMTC. In 2016, BMTC’s Managing Director supported open data, but soon left the organization, and her replacement wanted to monetize the data.248 This monetization push is a central barrier to open data provision in Bangalore, as BMTC has struggled to fnd fnancial resources to support the creation of both static and real-time GTFS feeds. Central to the desire to monetize the data is the reality that BMTC receives little in the way of subsidies from the Karnataka state government, and is run more like a for-proft business than a public service.249 However, many civil society actors and activists take exception to this line of thinking, strongly maintaining that mobility is a right and should be supported by the state government.250 These activist voices have been highlighted in the local press, and have provided positive pressure on BMTC leadership to make data available to riders.

In September 2018, a new IT Director took charge at BMTC and began to actively engage with civil society stakeholders. She began working with local NGOs to organize a static GTFS feed, often the frst step to getting more useful real-time data.251 Working with the NGO Fields of View in a voluntary capacity allowed BMTC to experiment with GTFS without incurring costs or undergoing lengthy procurement processes, both of which could have derailed the project.252 The new BMTC leadership reports that they are committed to providing open transit data, and are actively trying to fgure out how they can work with civil society and academia to organize and provide the data. While BMTC does provide their own proprietary mobile application,253 usage rates and user satisfaction are low.254

Bangalore’s vibrant stakeholder community continuously advocates for open data, putting pressure on BMTC to address the demand and need for open data.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 70 Central to the stakeholder community are academics like Dr. S. Rajagopalan of the International Institute of Information Technology-Bangalore, who served on BMTC advisory committees to help select Intelligent Transportation Systems (ITS), which include the GPS devices and bus management software that can be used to create real-time GTFS feeds.255 BMTC adopted an ITS in 2016, and now every bus has GPS and can be monitored from a central control center.256 Dr. Rajagopalan also helped to create BMTC’s draft Data Sharing Policy, which has yet to be formally adopted.257 The policy is based on both the National Data Sharing and Accessibility Policy and Transport for London’s Open Data Policy.258 The Data Sharing Policy supports opening transit data for use by urban planners, educational institutions, businesses, transportation companies, and trip planning websites and portals.259 In addition to academics like Dr. Rajagopalan, the involvement of activist groups like DataMeet260 and Bangaluru Bus Prayaanikara Vedike (Bangalore Bus Commuters Forum),261 coupled with interest from the local press, have elevated the conversation in Bangalore and put public pressure on BMTC. While these groups are not solely focused on bus data, they do make arguments in favor of better trip planning and for using the data to understand how bus routes provide access to jobs and other resources from across the socioeconomic spectrum. In particular, groups like the Bangaluru Bus Prayaanikara Vedike are interested in making sure that lower-revenue bus lines that go to poorer areas are not terminated.262

Hyderabad: State open data policy leading the way

In 2016, the Telangana State Government unveiled a state open data policy based upon the National Data Sharing and Accessibility Policy (NDSAP), becoming the second state in India to adopt an open data policy.263 The policy provides clear directives to state government departments to open up non-sensitive datasets, going as far as saying that “opening up the government is the new world order.” 264 The policy indicates that datasets should be in “human readable and machine readable formats, using open standards, and under open license.”265 The creation of Telangana as a new state after splitting from Andhra Pradesh in 2014 provided a special opportunity for the government to refect on their practices, and “it was realized that a lot of government decisions were not data-driven.”266 Leadership from top state ministries have paved the way for Telangana state services, including the Telangana State Road Transport Corporation (TSRTC), to implement open data using open standards.

In order to organize GTFS feeds of TSRTC buses that provide services to Hyderabad, the state capital, the Telangana government is working with both WRI and Factly, a local startup that focuses on creating platforms and infrastructure to support open data and “strengthen democracy through engagement.”267 Factly and WRI will create static GTFS feeds for both TSRTC buses and the Hyderabad Metro Rail Limited (HMRL). The frst step in organizing the TSRTC data was to identify all bus stops by their latitude and

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 71 longitude coordinates; this was done by combining several data sets that had been compiled over several years from multiple civil society actors, including Hyderabad Urban Lab, Engineers Without Borders, Mufkhamjah College of Engineering and Technology, Shakti Sustainable Development Foundation, and WRI.268 From these multiple eforts, more than 8,000 bus stops were mapped, more than twice the number of actual bus stops.269

Factly and WRI designed a process to validate the bus stop data so that it can be used as a basis for a static GTFS feed. First, spelling inaccuracies had to be corrected and geo-locations had to be cross-checked, with names assigned to the GPS coordinates of the 3,900 bus stops. A developer hired by WRI built a fuzzy mapping algorithm to check and de-duplicate this data, which was then sent to TSRTC to be verifed and audited manually270 . The verifcation process has taken over two months, and is still ongoing as of March 2019. Once complete, TSRTC will update schedule data, and Factly and WRI will create the GTFS feed, as well as a mechanism that TSRTC staf can use to make future changes in schedules and routes. Once completed, the data will be ready to be shared in the public domain.271

Thanks to buy-in from top state ofcials there has been little staf resistance to organizing the GTFS feed.272 The main barriers have been a lack of validated information and a glut of bus stop information, which have been solved through both machine and human validation processes. TSRTC buses do not currently have GPS devices installed, so there are no immediate plans to organize a real- time GTFS feed. However, the involvement of Factly and WRI certainly bodes well for future developments, should TSRTC endeavor to install GPS devices on their vehicles.

Figure 1: Table of public transit data for case study locations in India

City Population* Metro: Static Metro: Real Time Bus: Static Bus: Real Time

Kochi 2.81M Yes, open No, in process No Partially, closed

Delhi 28.1M Yes, closed Yes, closed Yes, open Partially, open

Bangalore 11.25M Yes, closed Yes, closed In process Under negotiation

Hyderabad 9.58M Yes, closed Yes, closed In process No

* Demographia World Urban Areas,” Demographia, April 2019, accessed March 10, 2019, http://www.demographia.com/db-worldua.pdf

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 72 Case Study Discussion

Stakeholder Engagement

These case studies illustrate the importance of vocal stakeholders, local leadership, and progressive policy. In each city, local champions have emerged from civil society or from within the transit corporation to help lead and shepherd the projects. In Kochi, Bangalore, and Delhi, NGOs or academic institutions have provided labor and technological resources for free or at a very low cost, helping authorities avoid lengthy procurement processes and fnding money in already stretched budgets. In Bangalore and Delhi, academics played key roles in infuencing city ofcials to move towards open data, educating ofcials on the benefts of open data and open standards like GTFS. Both Delhi and Kochi beneftted from political leadership who wanted to show positive change in government services and to increase transparency. In Bangalore, a well- organized civil society is clamoring for transit data, and has the ear of the local press. In Hyderabad, barriers experienced by other cities, such as lack of political will, interest, or budget, have been roundly avoided by the implementation of a state-wide open data policy. These examples show how the leadership of civil society can be a powerful tool in embracing open transit data, and how important of an ofcial state policy it can be with fnancial resources behind it.

Uses of Open Data

Once data is open and available, agencies can use it to understand their systems and improve their oferings. Transit data can be overlaid with other geospatial data, including population density and housing development, job availability, and employment and education centers.273 In Hyderabad, transit data has been used to show that public transportation options are “infrequent or nearly absent” in the areas of the city where residents are least likely to own or have access to private vehicles, and that they are missing near the city’s slums.274 This analysis of publicly available data shows how transit can be an economic development tool that can break the cycle of poverty. Lack of access to public transportation excludes certain portions of the population from opportunities, making their lives more difcult and expensive, and keeping them in poverty.

Open Transit Data: Not a universal solution

While providing transit data is critical to improving the rider experience, it is not a panacea to solve all transit-related ills. In many cases, comprehensive bus reform is needed to provide drastic improvements in markets where ridership is declining, rider satisfaction is low, and entrenched problems seem insurmountable.275 In Delhi, it is the poor who are most dependent on cheap public transportation, yet they spend 25-30 percent of their income on moving

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 73 around the city.276 Simply providing these transit riders with more information about when the bus is coming may make their commute less frustrating, but the majority of Delhi’s bus riders do not have the purchasing power to switch to another modality if they get tired of waiting.277 Rather, they will wait for the bus as long as they have to,however crowded it may be. For these riders, knowing when the bus is coming might not be the biggest change they’d request from their transit operator; given the choice, they would probably prioritize more vehicles, more frequent departures, and cheaper fares over digital signage or a smartphone app that communicates arrival times.278

Transit Data: Open best, closed still good

It is also important to note that transit data does not need to be “open,” or publicly available online for free in order to be used for analysis or trip planning. Many agencies choose to organize a GTFS feed, but keep it closed for their own internal analysis and to provide a proprietary mobile or web applications that riders can use to access schedules and trip planners. Transit riders are then only able to use the proprietary application, which provides one point of failure and may be of lower quality than other transit applications. One reason for varying quality is that several of the top transit applications, such as Google Maps and Moovit, are private companies that have invested multiple millions of dollars in their products. It makes sense that the user experience, design, and performance of these applications would be superior to an application created by a city transit agency, no matter the talent and skills of the in-house developers. Additionally, there is little need to reinvent the wheel of building an in-house transit application when publishing a GTFS feed online allows consumers to access multiple applications. It is important to note that smartphone applications are not the only option to provide transit data to consumers, and transit data can be used to create resources like maps and timetables, as well as text or voice-based applications for feature phone users. While open data allows for customers to use more products and researchers to perform more analyses, the frst goal should be providing access in order to promote ridership, whether the data itself is open or not.

Suggested Policy Interventions

Despite strong research that shows the benefts of transit data to riders and operators, and organized civil society that clamors for access, too many local governments lag in their provision of data to their communities. What follows are recommendations for policy and capacity building interventions that could help cities provide useful data, thereby promoting the use of mass transit.

National Data Sharing and Accessibility Policy

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 74 There are several opportunities to weave transit data into existing policies. First, the National Data Sharing and Accessibility Policy (NDSAP) was implemented in March 2012,279 and soon thereafter the Open Government Data Platform India was launched.280 Despite the NDSAP setting clear expectations for all government agencies to share data in an online format for use by civil society, the policy is not mandatory, and only provides guidelines to central government agencies, and not to state or city government agencies.281 In India, cities have a much closer relationship to the state government than the central government, and city services are often managed by the state government. For this reason, the most efective way to infuence urban policy is to infuence state policy.

State Open Data Policies

The case of Telangana shows that adapting the NDSAP into state policy provides a clear pathway for open transit data. According to the Centre for Budget and Governance Accountability, as of August 2018, only fve of 29 states have instituted their own state-level policy that corresponds to NDSAP or have adopted the NDSAP as state policy.282 While enforcement might be difcult to ensure, given that the national policy itself lacks enforcement mechanisms, expressly including transit data in state open data plans provides clear expectations to cities that transit data be open and freely available. Codifying these expectations into state-level policy will also strengthen the position of both transit activists (like commuters’ groups) and open data organizations and activists (like DataMeet), giving them a policy to refer to as they work to hold local governments and transit operators accountable.

Local, Transit-Specifc Open Data Policies

In the absence of a state policy, local, transit-specifc open data policies, such as BMTC’s draft policy, would provide a pathway for cities to embrace open data without the express support of the state government. Such policies have the potential to provide leadership from below,283 and could lead to a visible “win” that could demonstrate the value of open data to the lives of everyday residents. 284 Releasing transit data on an open standard like GTFS provides the beneft of harnessing the imagination and brainpower of many actors, such as the robust developer and startup community. GTFS also enjoys strong support and interest from civil society, including academics, and large multilateral institutions. Even those who don’t necessarily support GTFS, like Rajarshi Sahai, the former India country manager for transit app startup TRAFI, believe in localized policy: “Policy must evolve out of unique experiences of each city than following templates/exemplars.”285 Codifying open transit data into local public policies would have the dual impact of supporting commuters and transit riders and supplying the potential to spread open data practices amongst all levels of government.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 75 Smart Cities Mission

Transit data could also be couched in existing, and future, Smart Cities policies and projects. Transit on the whole is a focus of the burgeoning Smart Cities movement in India. The focus is to support “urban development through capacity building, research, service, and infrastructure innovations and citizen engagement,” and the central government is actively working with State-level departments and agencies to implement Smart Cities programs.286 A key opportunity to spread the technology tools key to creating open GTFS feeds is the National Urban Innovation Stack (NUIS), a platform to share cloud-based technology services amongst all participating Smart Cities. The NUIS could easily include GTFS creators and management software, in addition to targeted training on open data practices. The NUIS is well positioned to include existing data creation tools, like scripts that convert a city’s transit data from KML or JSON fles into GTFS, and GTFS management software. The monetary savings of providing this software centrally would be signifcant, and would immediately provide tools to 100 cities that would encourage and enable them to organize and publish their transit data. This would also contribute to creating a “culture of data”287 that other cities, such as Medellín, Colombia, have found useful in becoming more data-driven.288 Cities that have invested public funds into developing their own mobile apps could choose to share the source code of these applications, resulting in further savings for cities that want to provide proprietary mobile apps.

National Urban Transport Policy

Lastly, transportation policy itself provides an avenue to compel state and city governments to organize and provide transit data. In the context of rapid urban growth, the Government of India instituted the National Urban Transport Policy (NUTP) in 2006,289 and updated it in 2014.290 A main tenet of the policy is to encourage residents to use public and non-motorized modes through ofering fnancial assistance to state government agencies, as well as providing leadership in order to “guide State-level action plans within an overall framework.”291 The plan acknowledges that state-level policy and laws are the way to improve urban transport, and provides signifcant fnancial resources for states to plan and implement public transportation systems. While the NUTP does not explicitly mention open transit data, it does encourage the installation of GPS devices on buses, which make it possible to provide GTFS-Real Time data. A customer- facing data provision that ensures transit riders have access to scheduled and real-time information in a digital format would work towards the ultimate goal of reducing the number of cars on the road, lessening congestion and air pollution. Signifcantly, the NUTP recommends that each city with more than one million inhabitants set up a Unifed Metropolitan Transport Authorities (UMTA).292 These agencies will be charged with integrating diferent transportation modalities – such as bus, metro trains, and autorickshaws. A key beneft will be

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 76 the coordination amongst the agencies,293 solving problems like a bus stop that is 200 meters from the Metro entrance, or a bus line running along the same route as the metro.294 UMTAs can support open data by setting standards around data provision and publication, and by requiring all public transportation providers in the metropolitan area to make data available. When systems are fully integrated, it may be possible that some services that make money may subsidize services that are not proftable.295

Capacity Building

Alongside policy, stakeholders agree that capacity building amongst local transit corporation staf could have an enormous impact on the provision of open transit data. Capacity building should focus on the dual audiences of decision-makers, who will engage with cost-beneft analyses and budget considerations, and technical staf, who will create, manage, and maintain GTFS feeds. O.P. Agarwal, the CEO of WRI India, believes that ofcials want to do the right thing, but often don’t have a good understanding of what open data means and entails, despite the phrase being a popular buzzword.296 Helping leaders understand open data, the required efort and cost to convert existing data to open data, and the benefts to ridership, revenue, and rider satisfaction would help these staf to make more informed decisions that would beneft riders.297 Likewise, more technical training and capacity building is needed, as some IT staf lack the knowledge to build an API to provide their data, and others are uninterested in providing data to startups or end users.298 Strong policy, however, will provide both the incentive and reason for capacity building, and will provide a nationwide goal of transit data provision.

The Smart Cities Mission provides an excellent opportunity to include capacity building around open transit data, due to the existing inclusion of both urban mobility as a thematic priority, and a capacity-building mechanism. The new National Urban Learning Portal299 will provide an online portal for city ofcials to participate in ongoing trainings relevant to Smart Cities.300 Providing a structure for local ofcials to participate in centrally-endorsed training programs is a good start to spreading good open data practices. As part of the Smart Cities mission, every city has a Chief Data Ofcer, who could act as a key resource for city staf who are deputized to organize and publish public data. Mobilizing existing resources to help promote open transit data would be relatively low-cost, yet could easily impact hundreds of millions of people.

Lastly, many sources have noted that there are few national convenings that bring together decision-makers from transit corporations, government ofcials, NGO representatives, activists, and community groups to discuss and learn about these issues. A forum for all stakeholders could help spur innovation and operationalize some of the research and innovation into the mass transit systems.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 77 301 These events provide space for each stakeholder group to understand the needs and challenges of the other, and to start to address issues and challenges together. As one Delhi transit ofcial shared, the more minds there are involved in solving a problem, the better the ideas.302

Conclusion

In the absence of a central policy or law with clear fow-down requirements to states and clear enforcement mechanisms, transit data provision will continue to be ad hoc and dependent on civil society’s leadership and resources. In conversation with several transit authority leaders, it became clear that central policies with clear incentives and enforcement mechanisms would spur local transit providers to organize and publish transit data. One ofcial highlighted the importance of buy-in from the highest level of public hierarchies, stating that “water can only be poured from the top.”303 Funding should not be overlooked as part of the policy push, as many civil society groups become involved in open transit data due to fnancial constraints within the public transit corporation.304 These NGOs are often able to marshal their own resources, or use related grant funding, to perform tasks that ideally would be the responsibility of the local transit corporation. Capacity building eforts that dovetail with existing government programs can help to socialize information about open data and build comfort and interest amongst both decision-makers and technical staf who will implement open data practices in their organizations.

In order to promote public transit usage and better transit systems in general, cities should invest in transit data.

This paper provides suggestions on amendments to existing policies to include open transit data, proposals on capacity building provision, and technology tools geared to state and city transportation corporations. While civil society has proven to be efective in engaging stakeholders and guiding transit corporations towards understanding the value of open transit data, policy interventions would help to shift the responsibility from NGOs, civic hackers, commuter’s groups, and universities to the government agencies themselves. And while NGOs do a great job spurring transit agencies to adopt open data practices, it is not feasible for them to act as the back ofce for transit agencies in perpetuity.305 In order to

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 78 promote public transit usage and better transit systems in general, cities should invest in transit data. Not only will this increase rider satisfaction, ridership, and revenue, but it will decrease congestion and pollution,306 bettering the quality of life for residents of Indian cities, and cities worldwide.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 79 Blockchain Regulation in the United States: Evaluating the overall approach to virtual asset regulation (Tanvi Ratna)

Tanvi Ratna is a policy analyst and engineer, managing blockchain projects with a leading global consulting frm, based in India. She helped design the blockchain policy framework of the Government of Karnataka, home to India's Silicon Valley, and helps advise the central government in India on blockchain regulation. Her research focuses on designing efective regulatory frameworks for blockchain.

Introduction

Blockchain technology and cryptocurrencies have received more hype and regulatory attention than perhaps any other emerging technology in recent times. There are both private blockchains, where access to the network is permissioned, and public blockchains, where access is open. Public blockchains are powered by virtual currencies or cryptocurrencies. They are diferent from Distributed Ledger Technology (DLT), in that they have a consensus layer powered by cryptography, and the whole system sustains itself with an incentive structure, which is the cryptocurrency. Blockchain, for the purposes of this paper, primarily refers to public blockchains unless otherwise specifed, as the bulk of the regulatory and policy focus has been around public blockchains.

Blockchain ofers a highly compelling case of futuristic regulation and the ability of governments to cope with rapid technological developments for the following reasons:

• Technology with in-built economic model: Public blockchains are diferent from other technological innovations so far, in the sense that they are more than just a technology, but also more than just a currency or fnancial instrument. Blockchains are networks with an unorthodox peer- to-peer economic model. This makes it difcult to defne a policy precedent or approach.

• Multi-faceted and global instrument: Cryptocurrencies can behave as a currency or equity, they are global by nature, and cut across the felds of technology, fnance, and business. Traditionally, all these aspects of economic behavior are regulated in silos.

• Paradigm shift for society and business models: Because of their networked and peer-to-peer nature, blockchains can reorganize existing

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 80 silos in systems and processes, and have far reaching efects on existing social, business and governance structures.

Blockchain is an interesting test of how governments cope with emerging paradigms, as it is a challenge to traditional mindsets and systems across the board. As phrased in a recent report by Don Tapscott, the challenge is to create a regulatory environment that “simultaneously protects investors and consumers, sustains innovation, grows the economy, and cultivates a new kind of society.”307

This study is a brief survey of regulatory actions and capacity building eforts undertaken by diferent agencies of the U.S. federal government towards cryptocurrencies and blockchain technology, and some perspectives from the ecosystem and state government levels. The aim of this study is to assess the overall government strategy being adopted towards this technology in the United States.

The Overall Approach to Blockchain Regulation in the United States

The defnition of cryptocurrencies is still an evolving debate in the United States, with many calls for over-arching defnitions and clarifcations. Even at the time of publication of this paper, a taxonomy act had been introduced in the U.S. Congress to address this precise issue.308 The government, at least at the level of federal fnancial regulators, applies the following system of classifcation towards cryptocurrencies, or their preferred moniker the “digital asset.”

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 81 Figure 1: Classifcation of Virtual Assets by U.S. Financial Regulators

Source: Multiple ofcials, U.S. Department of Treasury, personal interviews, Feb. 2019, Washington, D.C.

There are many other agencies involved, outside of the three major regulators, even at the federal level. These include the U.S. Congress, which has a Blockchain Caucus; criminal enforcement agencies such as the FBI, Department of Justice, and Homeland Security; and a host of inter-departmental task forces.

For the purpose of this study, we explore in some detail the actions of the three major regulators who are the main drivers of activity, as well as some perspectives from the ecosystem and state government levels.

Activity by Major Federal Regulators

Securities and Exchange Commission (SEC)

The SEC has been one of the two most active agencies on cryptocurrency regulation in the United States; the other being the Commodity Futures Trading Commission (CFTC), which will be discussed later. The SEC is not one of the frst agencies to begin regulating but it became more active with the growth of Initial Coin Oferings (ICOs) and security issue related activity in the blockchain

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 82 ecosystem around 2016. The SEC views (some) virtual assets as securities, and recently issued guidance to that efect.

Regulatory Action: From 2014 to 2017, the SEC was cautious of cryptocurrencies. From 2013 to 2014, the agency issued investor alerts on Ponzi schemes and fraudulent activities in virtual currencies.309 The focus was on investor education and fraud prevention.

The DAO hack of 2016 310 was a major turning point in shifting the attention of the SEC towards the classifcation of cryptocurrencies into securities and non- securities. In 2017, the SEC issued an in-depth investigative report defnitively classifying the DAO as a security.311 This spurred intense deliberation globally on security vs. utility tokens, and diferent countries such as Switzerland, Singapore, South Korea issued classifcation frameworks.

ICOs proliferated in 2017-2018 and the cryptocurrency market reached some of its highest valuations by the end of 2017. In the wake of concerns about scams and an unregulated ICO market, the SEC undertook heavy enforcement action in Feb 2018. Over 80 frms that had undertaken ICO oferings were subpoenaed.312

In 2018-20119 the explorations of asset classes deepened with the submission of proposals to launch a Bitcoin exchange traded fund (ETF) to boost institutional investment. The SEC rejected nine of these proposals. Some major decisions on new submissions are expected in 2019.313

On April 3, 2019 the SEC released its most defnitive guidance to date, providing a framework for identifying whether a token was an investment contract or not.314 The SEC has now set a precedent of issuing “no-action letters” to startups after studying their business models. The no action letter lays out conditions to be met and serves as an assurance of no action by the SEC against the startup, for the actions it has disclosed in its application. The SEC issued its frst “no-action letter” after 11 months of deliberation and discussion with the Florida-based startup, TurnKey Jet, Inc. after examining it through the Howey Test, 315 and deciding that their token ofering was not a security, but closer to crypto-based store credit.

Capacity Development: The frst in-depth activity by the SEC on blockchain was the DAO investigation in 2016, and they have been steadily increasing their capacity on the subject ever since. In January 2018, Hester Peirce, a leading champion of blockchain technology, was appointed as one of the fve Commissioners of the SEC.316 The agency already had active working groups looking at the technology, such as the distributed ledger working group.

In June 2018, a new senior advisory position was created at the SEC to coordinate eforts across all SEC divisions and ofces regarding the application of U.S. securities laws to emerging digital asset technologies and innovations, including

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 83 initial coin oferings and cryptocurrencies. Valerie Szczepanik was appointed to this role.317

Similar to the model of LabCFTC,318 in October 2018 the SEC set up a dedicated team, called the Strategic Hub for Innovation and Financial Technology (Fintech Finhub), with a sizeable staf to serve as the focal point for tracking and interacting with fntech issues and innovators.319 The Finhub is also in the process of hiring a crypto securities lawyer at the time of this writing.320

Commodity Futures Trading Commission (CFTC)

The CFTC has been one of the two most active federal agencies in the regulation of cryptocurrencies. It is also widely considered to be the most supportive of the innovation.

Virtual currencies have been determined to be commodities by the CFTC under the Commodity Exchange Act. While its regulatory oversight authority over commodity cash markets is limited, it maintains general anti-fraud and manipulation enforcement authority over virtual currency cash markets as a commodity in interstate commerce.321

Regulatory Action: The CFTC adopts and advocates for a “light touch” approach towards cryptocurrencies. It refrained from issuing any directives or taking any enforcement action until late 2018.

During peaking bitcoin prices, ICOs, and an SEC crackdown, the CFTC also undertook enforcement actions from early 2018. It issued a frst full ban for fraudulent trading activity to the company CabbageTech in August 2018, and issued the arrest of a cryptocurrency trader for fraud in November 2018.322

Capacity Building: The CFTC has been quick to embrace the incoming changes brought about by a host of emerging technologies, including blockchain and machine learning, and focuses on staying on top of developments and innovating its own processes.323

In 2017, they pioneered a forward-looking regulatory model with the launch of LabCFTC, a focal point to make the CFTC more accessible to fntech innovators and serve as a platform to inform the Commission's understanding of new technologies. The lab aims to promote responsible FinTech innovation to improve the quality, resiliency, and competitiveness of U.S. markets, and to accelerate CFTC engagement with fntech and regtech solutions.

The lab has grown to a six-member core team with law and technology backgrounds and serves as an internal platform and think tank for the CFTC. It is structured in a hub and spoke model, with staf from operating divisions who serve as subject matter experts. LabCFTC has an open door policy and pursues active engagement with the startup and stakeholder community including

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 84 through hosting ofce hours in cities across the U.S. It also has international partnerships with governments in the United Kingdom, Australia, and Singapore. 324

In 2017, the Agency launched a podcast series, the frst of its kind for a government regulator, to educate consumers and bring in wider perspectives from government, private sector, and civil society on a range of topics, including FinTech. Over fve podcasts, four consumer advisories, and two primers were released by the CFTC LabCFTC, and the Ofce of Customer Education and Outreach on the topics of cryptocurrencies and smart contracts between 2017 and 2018.325 The lab recently issued a Request for Information on Ether in order to help inform the Agency on aspects of crypto-asset markets and mechanics. 326

The U.S. Department of the Treasury

The U.S. Department of the Treasury and its associated agencies play a host of important roles in setting the direction and coordination on digital asset regulation.

The U.S. Treasury has been looking into cryptocurrencies through its own divisions, the most visible of which have been three of its specialized agencies: the Internal Revenue Service (IRS), Financial Crimes Enforcement Network (FinCEN), and the Ofce of Foreign Assets Control (OFAC). The Treasury and their agencies look at virtual assets in their role as a currency, though as an exception, the IRS defne them as property for tax purposes.

Financial Crimes Enforcement Network (FinCEN) and Ofce of Foreign Assets Control (OFAC)

One of the most active areas of guidance and enforcement by the Treasury has been around anti-money laundering (AML), know your customer (KYC), and Counter Terrorism Financing and Sanctions.

With a mandate to safeguard the U.S. fnancial system from illicit use and combat money laundering, the FinCEN was one of the frst regulators to become active on cryptocurrencies in the United States. As early as 2013, the FinCEN issued guidance that virtual currency exchangers and administrators would be considered money transmission businesses (MSBs).327 In a letter to Congress in 2018, FinCEN reiterated that stance with clarifcations regarding who would be required to comply.328

As a result, virtual currency exchangers and administrators are required to register with the FinCEN, comply with existing AML/KYC requirements, and the Bank Secrecy Act (BSA), including suspicious activity reports (SARs) and currency transaction reports (CTRs).

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 85 As of 2018, there are approximately 100 virtual currency exchangers and administrators that have registered as MSBs with FinCEN.329 FinCEN has examined one third of these MSBs and has brought several enforcement actions.

In 2018, FinCEN and OFAC both released guidance on virtual currencies compliance with sanctions on Iran.330 OFAC added a set of blacklisted digital currency addresses to their Specially Designated Nationals And Blocked Persons (SDN) list.

Internal Revenue Service (IRS)

In 2014, the IRS issued Notice 2014-21 in the form of FAQs to describe how existing tax principles would apply to transactions using virtual currencies.331 In this notice, the IRS stated that virtual currencies would be treated as property for federal tax purposes and provided some information on taxation for some activities such as mining, self-employment, contracting, and third party settlement. However, the technology has matured signifcantly since then, leaving many questions still unanswered. There have been an increasing number of calls from the community, from lawyers,332 and even from Congress333 for the IRS to issue updated information and clearer guidelines.

Capacity Building: There are two aspects of capacity building in the Treasury: one, at the level of coordination of overall fnancial regulation; and two, in terms of internal capacity.

At a high level, the Treasury Secretary has the authority to convene all fnancial regulators. Through the Financial Stability Oversight Council (FSOC), a working group on digital assets was convened in 2017. It was comprised of several regulators, including the SEC, CFTC, the Consumer Financial Protection Board (CFPB), the Federal Reserve, the Ofce of the Comptroller of the Currency (OCC). After 18 months of deliberation over new technologies, including blockchain, the FSOC came out with a seminal report on recommendations for FinTech in general, which included aspects such as the streamlining of state and federal money transmission laws and experimentation with regulatory sandboxes.334 In recent remarks, a senior ofcial also said the Treasury supported the idea of a federal charter for streamlining regulation.335

The Treasury leads the FSOC digital asset working group and the Treasury and FinCEN participate in a host of inter-agency working groups such as the FBI-led Virtual Currency Emerging Threats Working Group, the FDIC-led Cyber Fraud Working Group, and the Terrorist Financing and Financial Crimes-led Treasury Cyber Working Group.336 These groups provide a consistent platform for capacity building and exchange amongst U.S. fnancial regulators on blockchain and virtual assets.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 86 Unlike the other agencies, the FinCEN does not have a public-facing focal point of contact for the blockchain community. It does, however, have a network of dedicated ofcers for virtual currency in its relevant ofces and bureaus, such as the Ofce of Terrorist Financing and Financial Crimes.

In terms of internal capacity building, a unique tool developed by the Treasury is the FinCEN Networking Bulletin that was launched in March 2013. The bulletin provides a more granular explanation of virtual currency movement to law enforcement, and assists them in following the money as it funnels between virtual currency channels and the U.S. fnancial system.337

Among other things, the bulletin addresses the role of traditional banks, money transmitters, and exchangers that come into play as intermediaries by enabling users to fund the purchase of virtual currencies and exchange virtual currencies for other types of currency. It also highlights known records processes associated with virtual currencies and the potential value these records may ofer to investigative ofcials.

More recently, the bulletin has been expanded from only U.S. fnancial regulators to include some international partners as well. The bulletin has a crowd-sourcing feature and asks the readers to provide ongoing feedback on what they are learning through their investigations.

This bulletin has helped the FinCEN create a forum to quickly learn of new developments. Furthermore,based on this information, the FinCEN has issued several analytical products of a tactical nature to inform law enforcement operations.

Perspectives of Other Stakeholders

State Governments

State governments within the United States have their own jurisdiction over money transmission and enforcing fnancial laws, as well as in designing corporate licensing and registration and other incentives to attract startups and investment in their state. New York was the pioneering state in starting these experiments in 2014, and since then several states have come out with their own bills and frameworks.

In 2014, the New York Department of Financial Services created the ‘BitLicense’, a business license for virtual currency activities applying to activities involving New York State or its residents. It included regulation around money transmission, custody, exchange services, and other aspects.338 Although New York had a frst mover advantage and followed a thorough consultation process, 339 the eventual regulation was seen as onerous340 and not well suited to the needs

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 87 of the startup community.341 Since then, several states have developed bills and legislation to incentivize blockchain startups, including Arizona, Delaware, Nevada, Massachusetts, Washington, and others.342 The most comprehensive and innovative reform to date has, interestingly, come from the state of Wyoming.

In early 2019, Wyoming passed a monumental 13 bills to provide one of the most comprehensive legal frameworks for blockchain startups in the United States.343 Unique protections granted under this legal framework are direct property rights for individual owners of digital assets, a state chartered depository to provide banking services to blockchain startups, a series LLC corporate structure, qualifed digital asset custodians, and a regulatory sandbox.344 This framework is the most comprehensive till date in the United States.

Startups and Ecosystem Perspective

The blockchain developer and start-up ecosystems in the United States have faced stark consequences in terms of federal regulations and have their own perspective on how legislation should be created. The signifcant drop in token prices starting in 2018 led to a period of contraction in the industry (termed “Crypto Winter”) that was, in part, attributed to regulatory crackdowns. The author undertook a series of interviews with blockchain startups and venture capital funds in tech hubs on the West Coast to gauge the impact that regulatory action was having on start-up growth in the space. This revealed a number of key points of concern.

• Investment has slowed down considerably for crypto-based blockchain projects based in the United States: Multiple startups spoke of capital becoming very difcult to secure for crypto-based blockchain projects in the United States. While funding does come in for private blockchain startups, and in trading activity, large scale investment into public blockchain protocols has slowed considerably. Regulatory action has slowed both retail and institutional funding into public blockchain projects, and also impeded the fow of private money. Some startups with innovative products were almost on the verge of shutting down because they were unable to fnd funding. Many budding startups spoken with in the Seattle area had shut down over the last year because of funding shortages.345

• Public blockchain frms tend to adopt foreign domiciles: Some venture funds commented that even if they wanted to invest in public blockchain startups and have them based in the United States, the lawyers would advise strongly against domicile in the U.S.346 Multiple startups commented that it was a “no-brainer” for them to domicile their crypto- based startups outside of the U.S., which they saw as “unfriendly to

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 88 cryptocurrencies.”347 A strong sentiment amongst both startups and funds interviewed was that they believed the U.S. government viewed cryptocurrencies negatively and did not support or understand the transformative potential of public blockchains.348

• The regulatory landscape is too confusing for startups: Almost all the startups interviewed found the proliferation of regulators confusing to navigate and said that under current guidelines, they were never sure of when they were under threat of enforcement action. Many startups had taken the initiative of reaching out to their Congressperson and spending signifcant sums on hiring lawyers. However, they were quickly overwhelmed by jurisdictional confusion between who was setting guidelines and policy standards and who was responsible for enforcement. Practitioners and product developers said that despite best eforts, they were left without a clear understanding of how to legally secure themselves according to continuously emerging guidance measures. As a result, the preference was to domicile their start-up in another country with simpler rules.

• Enterprise experiments are becoming larger: Juxtaposed against a shrinking public blockchain start-up scene were also comments of “Big Tech” experiments in blockchain growing larger and more ambitious. There were multiple mentions of Facebook’s upcoming blockchain product, of the IBM and Walmart’s blockchain project, and Microsoft and other Big Tech frms’ experiments gathering scale and momentum. Some concluded that enterprises would outpace disruptive platforms such as Bitcoin and Ethereum in blockchain adoption, which was in some ways inimical to the disruption of blockchains to monopolistic power.349

Overall Conclusions on the U.S. Approach

The U.S. federal government’s approach has been almost entirely regulatory-led. Legislation and policy are absent from federal government action on virtual assets so far. As a quick note, the Congressional Blockchain Caucus has a small number of members, and although they have introduced three bills, it is unlikely that these will pass anytime soon without wider support in Congress.

An overall assessment of the federal regulatory approach so far highlights the following concerns:

The U.S. federal approach is highly fragmented

The most obvious aspect of the federal approach is the highly fragmented nature of regulatory action. In the absence of directives by Congress or the White House, regulators have taken the lead in government action in the sector. This

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 89 has created the risk of patchwork regulation due to a highly proliferated fnancial regulatory system. To their credit, as seen in this paper, federal agencies have put in place many mechanisms for coordination. However, as also seen, this approach has created a lot of confusion and uncertainty on the ground for startups and investors, and has led to the U.S. being seen as an unfriendly destination for crypto-based startups. The model of regulation-by-enforcement, rather than a light touch approach, has deepened this perception and created a clamor for clear rules and guidance before harsh enforcement.

The U.S. federal regulatory approach is missing the paradigm-shifting nature of the technology

Financial regulators have taken a risk-based approach that is technology-neutral. As a result, virtual assets, in their examination by the federal government, have been reduced to their fnancial functions. This is unfortunate, because blockchain technology powered by cryptocurrencies has transformative implications, not just as a currency or payment medium, but as a business model, as a capital formation model, and as a new protocol for transactions that form the basis of the economy and can impact institutional power and social structures.

There is no agency in the federal government that is looking at blockchain technology as a whole. ICOs, for example, have been reduced to whether or not they are security oferings, but no examination has been done of the model with regard to capital formation laws. No examination has been done of banking laws for blockchain business models at a federal level.

Federal regulators have not undertaken any new rule-making on the issue. This is exacerbated by the lack of federal legislative or executive action. The overall approach of the government has been to extend the application of laws, in many cases from the 1960s, to regulate innovations in the space. This can work in the short term; however, this is increasingly getting entrenched as the federal approach. It started with the FinCEN extending the application of MSB laws in 2013 and continues with the latest SEC guidance furthering the application of the Howey Test in 2019.

It is understandable that since blockchain technology is not used on a major scale yet, federal regulators need not engage in a lengthy and expensive rule making process. However, there are also no signals that such thinking is underway. The internet boom taught us that technology may take time to develop, but it proliferates and gets too big to ignore very fast. The world still faces regulatory challenges from the internet revolution, for example, by not thinking ahead around the use of data in business models. However, these technologies are now too big and deeply embedded in the social fabric to be changed drastically. It would be irresponsible to make similar mistakes with blockchain, as many are referring to it as the second internet.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 90 The U.S. federal regulatory approach is possibly entrenching intermediaries and existing power structures

U.S. regulators, to their credit, have been vocal and careful about wanting to regulate abnormal activity without hampering innovation. However, perhaps unintentionally, regulatory action so far has had the efect of entrenching existing power structures and business models, rather than supporting innovation. This has happened on two fronts.

The frst front is entrenched money fows. Blockchain startups had developed an innovative fundraising and user acquisition model with Initial Coin Oferings (ICOs). However, this needed a new regulatory framework, in the absence of which fraudulent activity proliferated. Some countries chose to regulate this by using a sandbox approach. However, the United States undertook a regulation- by-enforcement route, with no clear legal guidelines to hold ICOs. While this did stop fraudulent activity, it also stopped a lot of legitimate activity by scaring away investors and startups, who chose to domicile elsewhere. SEC released its guidelines for ICOs only in February 2019, a year after the wave of enforcement, by which time several other countries had come out with ICO frameworks and startups had relocated. The other efect this had was to reinforce the existing fundraising structures of private, venture capital and institutional money, many of whom were themselves getting disrupted by the ICO model, which had created an alternative avenue of fundraising. It also limited public oferings to traditional listing rules which are notorious in the difculty they create for startups to list. After the JOBS Act and Section D,350 the ICO model was a second alternative to startup funding that should have received greater attention as an innovation that needed to be fenced in by appropriate rules rather than stopped completely by enforcement.

The second front is entrenched advantage for enterprise and large tech frms. Regulatory action against cryptocurrencies has created a preference for private or enterprise blockchain activity. Prescient industry watchers have already pointed out that true disruption is in public blockchains, that siloed private blockchain experiments would not sustain in the long term and would eventually have to move into a semblance of inter-operable public blockchains. The shift to enterprise blockchain has been to the beneft of existing industry leaders in enterprise solutions, and also spurred Big Tech giants such as Facebook, Amazon, and Microsoft to develop blockchain solutions. This is not a bad development, but juxtaposed with a slowdown of funds for public blockchain startup projects, it also implies that we might see further consolidation of Big Tech over a technology that could have disrupted them.

The U.S. regulatory approach is creating opportunities for regulatory arbitrage globally

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 91 The U.S. regulatory approach has been seen by many in the ecosystem as onerous, confusing, and unsupportive, and there is unlikely to be a clear directive from Congress or the White House soon to move towards a single window or more coordinated approach. These conditions have created a ripe environment for global regulatory arbitrage as a lever to attract and retain talented startups and shape the way forward in blockchain technology. Several countries such as Singapore, Malta, and Switzerland have taken a lead in creating sandboxes and other incentives to attract startups and investors, and now have thriving blockchain ecosystems. The timeline for this technology to mature is not too long, and it is likely that mature and scalable solutions will emerge in about fve years.351 Unless the regulatory paradigm changes signifcantly in the United States, other geographies will take a lead in this technology.

Conclusion

The United States’ approach to the regulation of virtual assets has been highly fragmented. Due to the proliferation of federal fnancial regulators, and the lack of policy oversight, diferent regulatory agencies have taken the initiative. While from a regulators perspective, this approach is understandable as they are carrying out their respective economic mandates, blockchain is a multi-faceted technology, where fnancial regulation has direct implications on technological development and business models. Blockchain startups could have served as a disruptor to the centralized infuence of large frms in technology and fnance. However, the current regulatory framework is not supportive of this disruption, as discussed before.

The United States’ approach to the regulation of virtual assets has been highly fragmented.

The patchwork and regulation-by-enforcement nature of government action is confusing for startups and has deterred U.S. investment into the public blockchain space. Most startups that were working in the public blockchain space have relocated to other countries, and many that stayed are facing funding shortages. This has created a large opportunity for regulatory arbitrage globally, and countries such as Singapore, Switzerland and Malta have made themselves leaders in the space very quickly with progressive regulation and robust startup ecosystems.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 92 There are positive aspects of increased capacity building and inter-agency coordination among federal regulators in the United States. States are also developing innovative frameworks. However, virtual assets remain borderless global assets. Regulating them efectively, while harnessing their innovative potential, will require coordinated action at the national level in terms of both regulations and incentives. However, the White House and Congress remain loosely engaged in the process, and such coordination might not materialize soon.

While America remains a leading player in the technology, competition is increasing globally. In the absence of a holistic policy and regulatory approach, the United States might not fully harness its potential in the long run.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 93 Improving India’s Parliamentary Voting and Recordkeeping (Pranesh Prakash)

I would like to thank Alex Howard, Ashok Hariharan, Heather Hurlburt, Jim Magnifcio, PDT Achary, Srijoni Sen, and TK Vishwanathan for talking to me at length and sharing their immense knowledge so freely, and to Chakshu Roy and Eric Mill for the valuable inputs and pointing me in the right direction. I would also like to thank the 2019 cohort of New America’s India-US Public Interest Technology Fellowship for their valuable feedback, and New America—particularly Awista Ayub and Melissa Salyk-Virk—for providing me the fellowship that allowed for this paper, and for their patience. All errors and omissions remain mine.

Parliamentary Voting

Every democratic assembly requires a way of gauging the opinion of the gathering. The most common way to do this in a parliament is through voting. However, there is no standard way of voting. And even when voting is used, as James Carey notes in his book on parliamentary voting, “in most countries, it [is] exceedingly unusual to record how each legislator voted on a given proposal.”352 This is true of India as well: individual legislators’ votes are not usually recorded. It is a common misconception that one can review the voting record of one’s representative in parliament. Voting records cannot serve as a means of accountability for individual members of parliament, nor for the member of the legislative assembly and the local city councillor.353

Voting Procedures in the Indian Parliament

Before getting into the whys and wherefores of parliamentary voting, it is instructive to look at the law in India and to understand how voting currently happens in India’s Lok Sabha (House of the People) and Rajya Sabha (Council of States). Voting procedures are codifed in the “Rules of Procedure and Conduct of Business” that are framed by each House of Parliament. While the Lok Sabha and the Rajya Sabha frame their rules of business and procedures independently, they are similar, if not identical, on most important matters.

All issues that need to be decided by the Lok Sabha and the Rajya Sabha take the form of “motions” proposed by individual members.354 All motions require voting, as mandated by the Constitution of India, art. 100(1), which states:

Save as otherwise provided in this Constitution, all questions at any sitting of either House or joint sitting of the Houses shall be determined

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 94 by a majority of votes of the members present and voting, other than the Speaker or person acting as Chairman or Speaker.355

However, the constitution does not defne what a “vote” is, nor how a determination of a “majority” is to be made.

Voice Votes

The most common form of voting is the voice vote, and it is the default followed in all cases where counted voting is not mandatory. In this form of voting, the Speaker (in the Lok Sabha) or the Chairman (in the Rajya Sabha)356 puts forth the motion, and asks those who agree with the motion to say “Aye,” and those who disagree to say “Nay.” Whichever group seems to have more voices (i.e., is louder) is proclaimed by the speaker to “have it.” After making the declaration once, the Speaker is, in theory, supposed to wait to see if there is any objection. If there is not any objection, she repeats either “the Ayes have it” or “the Noes have it” two more times, after which the motion is considered voted upon.

While the sense of the House as a whole may be determined through a voice vote, it is clear that the views of each member is not. Further, when one watches the proceedings of Parliament as relayed on television, one realizes that this is a mechanical invocation since there is usually no pause between the Speaker asking those who oppose to motion to say “No” and her declaring thrice: “the ayes have it, the ayes have it, the ayes have it,” all in a single go.

Counted Votes

If a member of Parliament objects after the frst declaration of the voice vote, the Speaker may, if she so chooses, opt to put the motion to a counted vote. This can take one of four forms: a head count, a vote using a voting machine, a vote by going into “lobbies,” or a vote by “aye” or “no” slips (this form is only available in the Lok Sabha).

In a head count, those who agree with the motion will stand up when asked to and the number of members standing will be counted, and similarly for those who oppose the motion. While the numbers are recorded (unlike in a voice vote), the names of the voters are not. If the Speaker wishes, she may order a “division.” It is up to the Speaker as to which form of counting to hold, or indeed if counting is required at all.

“Division” is parliamentary parlance for counted voting.357 When a division is ordered by the Speaker, the Secretary-General of the House starts the ringing of the division bell (which rings intermittently for division in the Rajya Sabha, and continuously for division in the Lok Sabha). This bell rings for 3½ minutes,358 after which the doors to the inner lobby of the house are shut, preventing the entry or exit of Members of Parliament (MPs). The Speaker takes one more voice

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 95 vote and declares the results. If the results are challenged a second time, she has to order that votes be counted. The most common form of counted voting in India is through the “automatic vote recorders,” which were introduced in 1956. 359 To use it, the MP presses a “vote activation button” along with a button indicating their vote—“Aye,” “No,” or “Abstention”—for ten seconds (and the results are shown on a board before being declared as fnal). Otherwise, the division may be undertaken by “lobby,” where the ayes and the noes go to opposite sides of the room and a division clerk counts them by name. In the Lok Sabha, one additional method of division is permitted, whereby MPs take “aye” or “no” slips, write their division number on it and sign it, and then hand it to a division clerk. In all cases, members who for some reason cannot vote using the prescribed method (e.g., for reasons of infrmity) are allowed alternative forms of voting as long as they are within the lobby. Further, before the division results are announced, each MP has the opportunity to correct her vote in case she did not cast it correctly, or cast it from the wrong seat. Once the result of a division is announced, however, it may not be challenged.

While the totals of the ayes and noes from a division are provided when the “unedited” version of the debates are put up on the Lok Sabha and the Rajya Sabha websites the day after a debate, the names of the individual members and the way they voted is not provided until the edited version appears, which may take up to a few weeks.

When are Divisions Mandatory?

There are two situations in which voting by division is provided for under the rules. First, when a member of the house disputes the Speaker’s declaration of a voice vote, and the Speaker using her discretion, opts to order a division.

Second, if a vote requires the assent of at least two-thirds of the members of the House of Parliament. In this latter case, a division is mandatory. This is only required for seven distinct kinds of matters: for amendments to the Constitution of India,360 for removal of the President361 or judges of the Supreme Court,362 for limiting the powers of autonomous tribal states,363 for the power to legislate on behalf of the States,364 for the establishment of all-India services,365 or for the approval or extension of a proclamation of emergency.366 Needless to say, all of these are infrequent occurrences, with constitutional amendments being the most common among them.

Secret Ballots

There are some circumstances in which the votes are recorded secretly. The election of the President and the Vice-President are both done through a “system of proportional representation by means of the single transferable vote and the voting at such election shall be by secret ballot.”367

Voting Procedures in the USA and the United Kingdom

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 96 The U.S. Constitution has a specifc provision on voting that not only talks about voting, but specifcally speaks of recorded votes by stating, “the Yeas and Nays of the Members of either House on any question shall, at the Desire of one-ffth of those present, be entered on the Journal.”368 Given this provision, the default in both the House of Representatives and the Senate is voice votes, with counted votes being the exception. Counted votes in the House can take the form of a division (where names are not counted, only totals), recorded teller votes and ‘yea and nay’ votes (where names and totals are counted in both cases, and both happen electronically). In the Senate, counted votes happen either through a “division” vote or by a roll-call vote, with roll-calls being the ofcial way of deciding contentious issues.369 The rules in the Senate even allow a motion to be passed without a vote if it is “without objection.”370

In the United Kingdom, the procedure is similar to India, with a voice vote being the default, and divisions by going into separate lobbies (chambers to the left and the right of the main room) being held when MPs dispute the Speaker’s assessment of a voice vote.371

In the U.S. Congress, the rules provide 15 minutes as a minimum between the announcement of a roll-call/recorded vote and its conduct. In the United Kingdom, eight minutes is provided from the time the division bell starts ringing to when the lobby doors are closed.372 Both the United States and the United Kingdom allow for deferred voting, thus allowing a number of diferent votes to be held together in a cluster at a pre-announced time, thus simplifying voting signifcantly.373

Voting Freedom

Should a legislator vote in accordance with her conscience, or in accordance with what she believes her constituents (or the majority thereof) want, or in accordance with what her party leadership wants? This is an inescapable and central issue in all party-based democratic systems. Carey dubs this the “fundamental tension between individualism and collectivism,”374 and explains that “individual accountability implies that legislators answer to the specifc demands of citizens in their behavior, including voting. Collective accountability implies that teams of legislators—mainly parties and coalitions, in most legislatures–act collectively to promote a policy agenda and are evaluated by citizens as a group according to their efectiveness in advancing it. Where constituents—even supporters of the same party or coalition—put diverse demands on legislators, the demands of individual accountability can contradict the collective action on which collective accountability is based.”375

This tension also has one other basis, which is the question of who voters and constituents would wish to hold accountable: parties or individual MPs. Do voters vote on the basis of parties, regardless of who is standing for election for

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 97 that party, or do they vote on the basis of individuals, even if that individual shifts between parties? Or does it lie somewhere in between, and if so, closer to which end of the spectrum? There are no clear answers to these questions, and indeed, there might not be one universal answer.

Whips

In diferent parliaments, the term “whip” is used to mean diferent things.376 In the following discussions, the term is mainly used to refer to instructions issued by a political party to its legislators. The negative consequences for disobeying a whip are quite diferent in India from countries like the United States or the United Kingdom. In the U.S. Congress, “disciplinary action for voting against the views of party leaders is rare, although Senators and Representatives may indirectly be sanctioned by denial of assignment to, or leadership positions on important committees.”377 Whereas in the United Kingdom, the measures for disobeying a whip “can include a written reprimand from the party chief whip (also communicated to the Member’s constituency party organization), temporary suspension from the party organization in Parliament, or a ”withdrawal of the whip," a formal expulsion from the party organization."378

However, in India, the anti-defection law passed in 1985 allows an MP to be disqualifed from her parliamentary seat upon disobeying a party whip!379 In the Supreme Court case of Kihoto Hollohan v. Zachillhu, the anti-defection law was upheld.380 However, in doing so, the court also limited the application of the law to no-confdence motions and motions on “integral policy and program of the political party on the basis of which it approached the electorate.”381 This might seem a reasonable limitation, however, it has not worked out in practice since the Supreme Court has also held that the Speaker can unilaterally decide whether a legislator has voluntarily given up her seat or has gone against party directions.382 There is no clear way in which a Speaker can distinguish between disobeying a party on a trifing matter and on an “integral policy and program” since many parties don’t release election manifestos, and even then it is difcult to say which policies and programs are “integral” to the party and which ones aren’t.

Voting Practices Compared

There is a clear historical trajectory to the idea of recorded voting, as David Beetham notes:

[…] the idea of accountability implies a more focused and systematic ‘account-giving’ after the event, to which the public can respond. As we have already seen, constituents are increasingly interested in learning how their representatives have voted on key issues before parliament, and interrogating them about their actions. For members to have their voting record published, and to be able to give a reasoned defense of their record, is of the essence of political accountability. The extension

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 98 of the Internet makes this requirement much more readily realizable, and it is now a standard feature in many parliaments.383

This seems to suggest that recorded voting is now seen as a bare minimum. Importantly, recorded voting by itself does not include justifcation of MPs’ votes to their constituents, nor does it include reporting by MPs to their constituents on other forms of parliamentary activity.384

In 2018, the U.S. House of Representatives had 500 recorded votes,385 and the Senate had 274 (in both cases, not including committees). In 2017, the numbers were 710 and 325 respectively. Since the 2017 general elections in the United Kingdom, there have been 353 divisions in the House of Commons. By comparison, in India, in the 16th Lok Sabha (2014-2019), there have been 90 divisions, 55 of which were mandatory and 35 were non-mandatory. But only 11 bills were voted upon. This is despite the far lengthier and cumbersome processes for recorded voting in both the United States and the United Kingdom.

There is a clear indication that India’s anti-defection law is responsible for this. An insightful study by Shalaka Patil shows that there was a dramatic drop in the number of divisions held in the Lok Sabha after 1985, when the anti-defection law was enacted.386 The 3rd Lok Sabha (1962-67) had 330 divisions, whereas the 14th Lok Sabha had only 20 divisions.

While voice votes implicitly introduce a presumption that the government will carry the motion, the anti-defection law has implicitly introduced a presumption that all the members vote in line with their party even if a division were to be held.

Interestingly, whips are not recorded in the United States, nor in the United Kingdom, though educated guesses can be made by looking at voting records.

Voting Reforms

Recording of Votes

The various forms of voting reveal diferent information to diferent actors. Voice votes and head counts are forms of “signal votes” where individual MP’s positions are not revealed to their constituents or the public, but are revealed to their party leaders. Division votes are “open votes” that show the MP’s position to the public.387 Less than 2 percent of the bills considered by the Lok Sabha are decided by counted votes.388 This needs to change. One cannot sufciently evaluate an MP’s legislative and representative roles without voting records.

At the very least, the most important votes in Parliament—all motions related to bills and subordinate legislation, as well as no-confdence motions which determine whether a government survives or falls—ought to be voted on through divisions. There have been multiple instances of governments, with the help of

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 99 partisan speakers, refusing to hold divisions even on no-confdence motions, as was the case in the state of Maharashtra in 2014,389 and last year in Sri Lanka.390 These are indeed cases of parliamentary procedures being used to undermine democracy in a way that the framers of the procedures never contemplated.

One problem that arises with the recording of votes is that MPs are not always present for votes. To improve attendance and engagement during votes on bills and subordinate legislation, the practice of deferred/clustered divisions should be introduced, allowing Parliamentarians to vote on a number of laws and amendments at the same time. These two sets of changes would need the amendment of Parliamentary rules of procedure.

Recording of Whips

While many political scientists have focused on analyzing votes by legislators in various countries and their public nature,391 not many have studied the public availability of instructions issued by political parties. While this is useful in all democracies with political parties, it is essential in countries like India where disobeying whips issued by political parties can have very serious consequences.

Even if one argues that in a weak parliament (where the legislature largely votes in accordance with the executive’s will) the voting record of individual legislators does not matter, one cannot say the same about political parties. Since the whips that political parties issue to their MPs can have consequences, there ought to be a clear record kept of them. While Patil suggests that whips ought to be conveyed to the Ministry of Parliamentary Afairs, it is better for whips to be conveyed to Speaker or the Secretary-General of each House of Parliament,392 since that would serve two distinct functions. First, since it is the Speaker who has the power to disqualify an MP, whips ought to be available to the Speaker. Second, whips are an important aspect of parliamentary functioning, and as such should form part of the record of Parliament and be published by the same authority that publishes debates and the votes of legislators.

Manifestos by Political Parties

Even if one disagrees with Kihoto Hollohan v. Zachillhu,393 one would agree that in order for any reasonable application of that decision, all political parties should have to indicate to voters what policies and programs are “integral” to the party through a separate section of their manifesto issued in multiple languages before a Lok Sabha election. Currently, many political parties do not even release manifestos.394 Without this, it will be left to the Speaker to judge what issues were advertised to the electorate as “integral” to a party.

Beyond Voting

Voting is only one part of the duties of an MP.395 While it is clear that an individual MP does not have too much leeway to infuence governmental policy

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 100 through votes in Parliament, it is far from clear that MPs don’t have infuence over governmental policy. Most important laws (though not all) are usually referred to standing committees and the inputs of those standing committees, which generally have representation from multiple political parties, are often taken seriously by various ministries and laws are often re-written to address the concerns of the standing committees. As a general practice, standing committee reports are issued collectively (with allowances for dissents) and are helmed by the MP chairing each committee. This makes it harder for MPs to use standing committees as a location for signaling their work to their constituents, and perhaps also accounts for their low attendance rates.396 But this lack of signaling also means that there can be cross-party cooperation, rather than mere contention, in standing committees, which is harder to achieve on the foor of Parliament.

When it comes to legislating from within Parliament, but from outside the government, i.e., what are known as “Private Member’s Bills,” the record is so abysmal in terms of them being passed that it is noteworthy that some MPs continue to introduce private members’ bills. It seems that MPs do so to push discussions on a topic and gain the attention of the government (as happened with MP Kanimozhi’s Transgender Rights Bill, which failed, but led to the government taking up the issue and introducing its own bill), or to engage in signaling to their constituents or their party leaders.

Apart from work within Parliament, MPs undertake much constituency-related work, including the disbursement of the MP local area development (MPLAD) funds and working with various levels of government to implement developmental programs in their constituency.

A few MPs have started issuing reports of their own performance in and outside of Parliament.397 It would be welcome if the press highlighted such reports, and created peer pressure for other MPs to start issuing progress reports to their constituents.

Parliamentary Recordkeeping

Parliamentary functioning can only be judged by the records it keeps, and thus parliamentary records are a critical part of parliamentary accountability.

What kinds of records does parliament generate? There are at least the following forms of records:

• Debate Records, with speaker’s and members’ names and timings

• Voting records, vote counts, and quorum counts

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 101 • Questions and answers, including corrections

• Bills and acts

• Subordinate legislation

• Amendments

• Committee meeting records

• Committee reports, including dissents

• Resolutions, references, announcements, statements, and special addresses

• Summary of work reports

• Reports of elections, inductions, and resignations, and deaths of members

• Rules of procedure and conduct of business

• Stand-alone books, pamphlets, and reports

Technology Use Within Parliament

Is there a uniform and efcient process for handling these records and for making them public? In 2016, an additional director of the Lok Sabha Secretariat noted that “presently, a digitization project is under progress for the creation of PDF fles of the proceedings of Lok Sabha, including Questions and Debates.”398 This makes it clear that there is no digital workfow for these documents. While the Lok Sabha and Rajya Sabha websites are updated on a daily basis, their site architecture, their abysmal search functionalities, and the less-than-useful format of the records on the sites make it clear that the records are both hard to fnd, and hard to make use of by researchers and citizens.

In the Rajya Sabha’s 2017 annual report, the chapter dedicated to LARRDIS (the parliamentary information retrieval system) has a dismal section on achievements related to computerization, where they list only four achievements: “using the Internet” for research, communications being “sent through email,” “soft copies” being emailed, and “all typing work” being “done on computers.”399

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 102 While the National Informatics Centre has a “Parliament Information Division,” which seems to be responsible for maintenance of the Parliamentary websites, there is not much information available about its functioning.

While there are a few Parliament-related fles on data.gov.in, the central government’s open data portal, there are no datasets relating to Parliamentary debates. In response to an email asking for bulk access to the digitized debate dataset, the data custodians (as listed on data.gov.in) for both the Lok Sabha and the Rajya Sabha explained that whatever was on the website was all that was accessible.

How Open Standards Can Help

One technical way to improve the accessibility of parliamentary records, and consequently improve the work of parliamentarians, bureaucrats who work with parliamentary records, and researchers,400 is to use a structured and semantically marked-up format for recordkeeping and to establish a digital workfow for both houses of Parliament. There is an open standard401 for parliamentary (and judicial) records called Akoma Ntoso (“AKN”), which is an XML-based semantic structured format standardized within an international standards body called OASIS. All of the diferent forms of records produced by the Indian Parliament can be represented in the AKN format.

Ashok Hariharan, a software developer who was a coordinator of the Africa i- Parliaments Action Plan within the U.N.’s Department of Economic and Social Afairs, noted that there were several benefts to going in for a semantically marked-up structured format, including efciency; improved collaboration among institutions; preservation; interoperability; cost-efectiveness; value addition; and ease of comparative research.402

Producing Revised Versions of Laws

Various ministries and departments often do not have the latest version of the laws relating to their work on their website, instead opting to put up the base (unamended) statute, with each of the amendments listed separately rather than ofering an integrated view of the law. They do this because integrating all the amendments is not easy in the formats they use (PDF and DOC/DOCX), and the integration has to be done manually. By contrast, if a format like AKN were used for the original statute and the subsequent amendments, then any suitable software can be used to automatically create the integrated version of the law.

Dated Versioning of Laws

At times, especially for judicial cases, government departments (who often fle the cases) and courts need to know what the precise content of a law was on a particular date. In order to have this, the department or court needs to keep an

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 103 integrated version of the law after each amendment. For laws that get amended frequently—e.g., regulations by the Central Board of Direct Taxes and the Reserve Bank of India—this would be quite cumbersome. If AKN were used, then an accurate version of the law as on a particular date could even be generated dynamically.

Tracking Changes During Amendments

One problem that many legislators face is that of keeping track of the amendments proposed for the bills that they are considering. The amendments often take the form of a document which contains cryptic declarations such as, “on page 5, line 17 substitute […].” Neither the Ministry of Parliamentary Afairs, nor the parliamentary secretariats produce redlined versions of the law with all the proposed amendments incorporated. That job is left up to the ofces of each parliamentarian, and can be very cumbersome since all the data for doing this has to be entered manually. If AKN were used with a digital workfow management software, such redlined versions could be created automatically. MPs would even be able to directly edit a copy of the proposed bill and automate the generation of the amendments they wish to propose in forms easily understood by both the software as well as by the parliamentary secretariat.

Making Complex Research Easier

Usage of a structured format like AKN allows for complex structure-aware searches to be conducted, enabling research that otherwise would have been difcult to carry out.403

Examples of Usage of Akoma Ntoso

The European Union uses AKN internally for many purposes, apart from using a platform called AT4AM,404 which also uses AKN, for handling amendments, and which is tightly integrated with their work-task allocation, budgeting, and translation systems. AKN is also used in South Africa, the United Kingdom, Italy, the U.S. state of California, and a host of other jurisdictions. In 2017, a U.N. inter- agency Working Group on Document Standards recommended the formation of a “Semantic Interoperability Framework,” which included the usage of Akoma Ntoso localized for the U.N.’s needs (AKN4UN) as one of the two prongs.405

Many NGOs that work on legislative transparency use a free/libre/open source platform named Indigo,406 which provides a convenient interface for writing laws in AKN, including transforming existing laws into AKN. In India, an NGO named Nyaaya had already converted more than 800 Indian laws into AKN.407

In India, the use of an XML-based format called XBRL is mandated for the submission of all company fnancial reports to the Ministry of Corporate Afairs. Given this, there is precedent for using XML-based semantically-marked up and structured formats within government. Indeed, the National Policy on Open

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 104 Standards mandates the use of open standards for e-governance, and the Interoperability Framework for e-Governance (IFEG) lists a number of standards, but unfortunately, the IFEG does not list Akoma Ntoso as one of the standards since it doesn’t take legislation or parliamentary records as a separate e-governance domain.

Judicial Interventions

An important case in this regard has emerged from a right to information (RTI) query by a law student, wherein he asked the Legislative Drafting Department of the Ministry of Law to provide him a copy of the Indian Christian Marriage Act, 1972 since the version available on IndiaCode.nic.in was not readable. Later, this case was fled as a public interest litigation (PIL) in the Delhi High Court, noting that Section 4 of the RTI Act mandates the proactive uploading of laws by the government. In this regard, Justice Manmohan of the Delhi HC quoted the CIC order:

“Section 4 [of the Right to Information Act] mandates the Ministry of Law to place the texts of enactments. It is the duty of Legislative Department to provide information about access of every updated enactment. It is not just a recommended obligation under Section 4(1) (a) of RTI Act, but a constitutional mandate, a legal necessity, and an essential requirement for peace.”

In one of his orders, Justice Manmohan even asked the Ministry of Law to convene a meeting to consider, among other issues, whether Akoma Ntoso could be used as a standard.408 Unfortunately, the minutes from the meeting convened by the Ministry of Law do not mention Akoma Ntoso.409 It would seem that even this judicial intervention did not sufce to put India on the path to the modernization of parliamentary recordkeeping.

Costs

The Indian Parliament is one of the most underfunded parliaments in the world, getting an annual budget in 2017-18 of 0.049 percent of the total government expenditure, whereas the worldwide average is ten times higher at 0.49 percent. 410 I asked one of the original authors of Akoma Ntoso, who has a long history of consulting on legislative standards transitions, for a cost estimate given the Indian scenario.411 The largest cost, he noted would be for proof-readers for the digitization of existing legislation. Writing the software for parsing of laws is not very expensive, coming to only six to seven months of work for a single person (i.e., six to seven man-months), even taking into account the customizations required.412 The search functionality with a public-facing website would be another six man-months. Automating the production of new documents would be a bit more complicated. Overall, he estimated a cost of around $2-5 million

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 105 USD, which, even on the higher end of the estimate, is less than three percent of the annual Parliamentary budget of $150 million USD.413

Even with this comparatively low overall importance given to parliamentary budgeting, the amount needed for a transformation of records in a minuscule percentage, and even less given the spread of the developmental costs over a multi-year period. Given this, improving the technology on which our Parliament is built is not in the least a difcult choice.

Conclusion

There are multiple aspects to what makes a parliament democratic and legitimate: its representative character, openness and transparency, accessibility, accountability, and efectiveness.414 In this paper, I have focused solely on openness, transparency, and accountability in the form of parliamentary voting and parliamentary records. I have demonstrated that both the practices as well as the rules of procedure covering voting in the Indian parliament require a serious overhaul if we are to have meaningful accountability of Parliamentarians to their constituents for their legislative functions.

We must mandate counted voting on all motions related to bills and delegated legislation, as well as no-confdence motions. The lack of such provisions currently contributes to a lack of legislative accountability, as well as opening up the possibility of a Speaker misusing her powers during a no-confdence motion. Further, we need parliamentary recording of whips issued by political parties to their members in order to enable a Speaker to know when a whip has been disobeyed by a member, as well as for accountability of political parties to those who voted for them. We also need to mandate pre-election declaration of “integral” policies and programs by each political party to ensure that it is clear when there’s a violation of such a policy or program by a member of parliament who got elected on the party ticket.

However, I have also argued that it is insufcient, as Parliamentarians perform many functions beyond legislation. There is a need for greater transparency and reporting by Parliamentarians themselves, in the absence of any other systematic means of reporting to the electorate about their promises and accomplishments.

In relation to recordkeeping, I have pointed out the harms caused by the non- usage of a semantic and structured open standard for legislative records, and the manifold benefts of adopting a format like Akoma Ntoso alongside an appropriate digital workfow, including for bureaucrats, parliamentarians, researchers, and voters. I have also provided a cost estimate for the development of and transition to an Akoma Ntoso-based platform in a way that covers both past and current records.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 106 Finally, I have also pointed out multiple avenues for further research on parliamentary accountability and recordkeeping in the Indian context.

Appendix 1: Examples of Akoma Ntoso

Here is a snippet of the Aadhaar Act (2016) marked up in Akoma Ntoso:

Aadhaar (Targeted Delivery Of Financial And Other Subsidies, Benefts And Services) Act, 2016

A Bill to provide for, as a good governance, efcient, transparent, and targeted delivery of subsidies, benefts and services, the expenditure for which is incurred from the Consolidated Fund of India, to individuals residing in India through assigning of unique identity numbers to such individuals and for matters connected therewith or incidental thereto.

Be it enacted by Parliament in the Sixty-seventh Year of the Republic of India as follows:--

I Preliminary

1. Short title, extent and commencement.-- (1)

This Act may be called the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefts and Services) Act, 2016.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 107

Example of Akoma Ntoso snippet recording the presence of a quorum and a vote in a debate, and then to include that in a summary analysis by linkage:

(Question carried by 72 to 34 votes)

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 108 India and the United States: The Time Has Come to Collaborate on Commercial Drones (Sylvia Mishra)

Sylvia Mishra is a Scoville Fellow and her research focuses on nuclear strategy and nonproliferation, Southern Asian security and nuclear dynamics, U.S. policy in Indo- Pacifc, and emerging and disruptive technologies.

This paper is written from an exploratory strategic lens underscoring why India and the United States ought to focus on bolstering partnership on commercial drones. The paper immensely benefted from interviews and discussions with Peter W. Singer, Arthur Holland Michel, Rachel Stohl, Sharon Burke, Bhaskar Kanungo, Allegra Harpootlian, and Col. Dennis Wille.

Introduction

On December 1, 2018, fying commercial drones became legal in India as the Directorate General of Civil Aviation’s (DGCA) put forward guidelines on how unmanned aircraft can operate within the country.415 The opening up of the drone, or unmanned aerial vehicles (UAV), market is expected to improve efciency and create jobs in certain sectors like agriculture, forestry, media, construction, and disaster management while also expanding the culture of innovation. Commercial drones are among the fastest growing segments in India and their demand is growing exponentially. In some of the public sectors, such as infrastructure, transport, agriculture, and disaster management, drones are already being utilized for land surveillance, improvements to infrastructure, precision agriculture, 3-D digital mapping, and tracking a variety of issues of river erosion and deforestation.416 At the World Economic Forum Annual Meeting in Davos in 2019, the Indian state government of Andhra Pradesh announced that it will start testing a policy framework—Advanced Drone Operations Toolkit developed in partnership with 41 government agencies and private enterprises to enable state-wide drone delivery operations aimed at bringing key medical supplies to communities across the state. The open source guide was developed in collaboration with the governments of Rwanda andSwitzerland, and leverages the work of the Drone Innovator’s Network (DIN) to roll out socially impactful, advanced drone operations.417

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 109 As the utility of drones in the commercial sector grows, several market reports indicate that the Indian commercial drone market will reach $885.7 million by 2021.

The adoption of commercial drone applications is on the rise across sectors. As the utility of drones in the commercial sector grows, several market reports indicate that the Indian commercial drone market will reach $885.7 million by 2021.418 India has been one of the top drone-importing nations, accounting for 22.5 percent of the world’s UAV imports.419 Israel and the United States have emerged as top drone exporters to India as the focus has been on expanding its armed drone inventory. In 2018, the Indian government approved the purchase of Heron TP missile-armed drones from Israel. The United States will export the General Atomics MQ-9 Guardian/Predator-B long-range unmanned combat aerial vehicle (UCAV) to India, making it one of the most signifcant defense sales between the United States and India.420 The sale of drones with military applications has become an important part of bilateral defense ties between India and the United States, and both countries operate under the Defense Technology and Trade Initiative. Breaking away from the dominant narrative that focuses on India-U.S. collaboration on drones for military purposes, this paper aims to underscore that India and the United States have a unique opportunity to partner on commercial drones. Over the coming years, drones will become an integral element to a better standard of living. India and the United States. should partner to harness the benefts of commercial drones by leveraging the technological prowess and culture of innovation that exist in both countries.

The paper aims to develop a framework where India and the United States can cooperate to promote greater use of drone technology in the commercial sector to transform working practices, bring signifcant economic benefts, and boost prosperity. This paper benefted from interviews conducted with several experts in Washington, D.C. and New Delhi, and takes the position that a partnership on commercial drones is essential. It outlines how India and the United States can collaborate on a multilateral level, a bilateral government-to-government level, and an industry-to-industry level. As and how the global airspace becomes congested and increasingly contested, the development of counter-drone technologies is also inevitable. The paper also discusses counter-drone technologies, their evolution and use in the U.S. market, and use by law

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 110 enforcement agencies. It outlines how India can learn how some of the counter- drone technologies are being utilized by law enforcement agencies in the United States.

Why Does India-U.S. Cooperation on Commercial Drones Matter?

As India and the United States continue to bolster their bilateral partnership, one facet of their relationship that remains understudied, and mandates greater attention, is commercial drones and their use for public beneft. As the oldest and largest democracies, the United States and India also need to focus on using drone technologies to drive positive social change, proactively shape demand for commercial drone technology and its applications across various sectors and domestic growth opportunities. India and the United States have a rich pool of resources and talent, the spirit of innovation to build an ecosystem that depends more heavily on the civic use of drone tech. Drone technology is rapidly advancing. Even though the commercial drone sector in India is still evolving and regulations are being formed, this industry has the potential to transform societies. Not to mention that as commercial drones proliferate, the surrounding industry would also grow; jobs in analytics and data processing are just an example. A McKinsey report indicated that the value of the commercial drone industry and activity has risen from $40 million in 2012 to about $1 billion in 2017 421. It is expected that by 2026, commercial drones—both corporate and consumer applications—will have an annual impact of $31 billion to $46 billion on the country’s GDP.422 Despite the drone market in India being in a nascent stage, the paper ofers an overview of how India and the United States can cooperate to incentivize the use of drones for a variety of purposes. Several industries in India will be greatly enhanced, and will enable smarter employment of people with the use of drones as force multipliers in the agriculture, construction, energy and logistic sectors. In much the same way that the Federal Aviation Administration’s (FAA) Part 107 rules have facilitated the spread of commercial drone operations in the U.S., the Directorate of Civil Aviation (DGCA) in India needs to undertake incremental steps to relieve the indigenous commercial drone industries from the scourge of regulations that curtails the sector to fourish.423 It is important that the DGCA undertakes policies that ensure both safety and security of drones, but also gradually encourages operations beyond the current limit of 400 feet of Beyond Visual Line of Sight (BVLOS).

Three Levels of Cooperation on Commercial Drones

The two countries can cooperate on three levels: multilateral, bilateral, and industry-to-industry.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 111 1) Multilateral Cooperation for Responsible Drone Use: There are wide variations in drone laws amongst countries. In fact, even within the United States, drone laws vary from state to state and work on a sort of drone federalism. In 2018, the International Standard Organization (ISO) proposed international standards for drone operations with the expectation that these standards will be adopted by countries globally. The objective of the ISO’s international standards is to establish drone regulation that every country can agree on, and will help normalize drone operations and responsible use throughout the world. The ISO standards focus primarily on data security, air safety, privacy, and facilitating ways where UAVs can be used in a variety of commercial scenarios.424

It is imperative that both India and the United States at a multilateral level push for the spread of safe and responsible practices of common drone laws. While several countries are trying to grapple with this challenge, it is important for the architects of India’s drone ecosystem to keep in mind that adopting the ISO standards needs to be swift and smooth. If the United States and India are able to both converge to the ISO standards and also encourage other countries to join, it will allow for great cross-pollination among businesses across countries. For example, U.S. companies that have already matured in commercial drone technologies would not have to bear a huge cost to restructure their operations in India for compliance. Moreover, the manufacturing of drones and the import and export of hardware and software can become globalized. This means that drone hardware can be manufactured in one country, software developed in another country, and the fnal product can be used in another country. In a globalized and an integrated economic environment, India and the United States adopting ISO standards would make cooperation between them and with other countries easier.

2) Partnership at the Government Level for a Cause: Humanitarian Assistance and Disaster Relief (HADR): In the past decade, India has been a frst responder in several humanitarian disasters and international crises. It demonstrates India's commitment as a responsible actor in the global order and willingness to become a net security provider in the region. New Delhi has contributed its resources to prevent and mitigate regional and international crises.425 India’s leadership role and India-U.S. eforts following the devastating earthquake in Nepal have been noteworthy. Drones have been at the forefront of India’s increased eforts in HADR. Humanitarian organizations and several governments across the world have mobilized drones to collect vital information about collapsed buildings, locate survivors, and supply victims with relief packages. The National Disaster Management Authority (NDMA) helped in Nepal’s relief eforts using the Netra drone for aid.426 Similarly, the NDMA has been using the resources of several indigenous drone manufacturing companies in India. For example, Airpix, a company that specializes in aerial photography and video production, was used in a campaign to rebuild Uttarakhand and to spread awareness about infrastructural defciencies in the mountainous state.427 India has also been

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 112 sending medicine to remote areas in Rwanda, Malawi, Uganda and other places with the delivery of medical services using drones.

While India and the U.S. government have their own mechanisms in dealing with HADR, cooperation on HADR is featured in the New Framework for the U.S.- India Defense Relationship (2005) and was reiterated in the 2015 framework. As India and the United States develop frameworks and models of cooperation and burden-sharing in the Indo-Pacifc, collaboration on HADR using drones is a good starting point. Both countries can beneft from the complementary nature of their eforts and interests in the region.428

There are already a few examples of India-U.S. cooperation on drones with a focus on HADR. Under the Defense Technology and Trade Initiative (DTTI), India and the United States are working on an air-launched unmanned system which would have HADR as one of the targeted uses.429 Another example of cooperation between the two countries on drones is that in the wake of a polio outbreak, a U.S.-based company, WeRobotics, was asked by the Center for Disease Control and Prevention (CDC) to organize training on medical cargo drones in Papua New Guinea (PNG). WeRobotics partnered with two Indian companies,Soli Consultancy and Redwing Labs India, to ensure the project’s completion and success.430

3) Industry-to-Industry Cooperation to Boost India’s Commercial Drones Market: China has emerged as the leading civilian drone exporter.431 India has not been able to become an exporter of commercial drones, and there are several challenges that have stymied the commercial drone ecosystem in India. One factor is the lack of clarity on the drone manufacturing licensing process from the Department of Industrial Policy and Promotion (DIPP). Another challenge is import restrictions on the components (motors, propellers, batteries) for assembling a drone. The export of drones also goes through an inter-ministerial panel due to restrictions under the SCOMET list.432

Under the Civil Aviation Regulations, the DGCA has launched the Digital Sky platform, which is built around the principle of “No Permission, No Takeof.” While Digital Sky will be in charge of handling fights permissions, to give an impetus to the commercial drone industry, some of the issues such as “Beyond Visual Line of Sight” (BVLOS) and Autonomous Operations need to be resolved. 433

Set against some of these challenges and uncertainties are the regulatory framework in India, which are still evolving, and a sweeping cross-pollination between Indian and U.S. industries may not be possible. However, the Indian drone industry will fnd it benefcial to partner with U.S. drone industries on building the software. There are few examples of such cooperation. For instance, Precision Hawk is a U.S. company working in partnership with the FAA and the National Aeronautics and Space Administration (NASA) on Low Altitude

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 113 Tracking and Avoidance Systems (LATAS). The LATAS platform will show pilots of manned aircraft where UAVs are in the airspace before they become a safety hazard. For this project, Precision Hawk is collaborating with a technology partner in India called Webonise on the simulation of drones in a virtual environment to aid the development of this platform.434

Challenges

To foster India-U.S. partnership at the three proposed levels, there are several challenges that the Indian commercial drones’ ecosystem will need to overcome at the policy and regulatory level.435

As drones are gradually incorporated into the Indian airspace, there are several long-standing liability issues and privacy laws that the DGCA will need to clarify. Remotely controlled drones are increasingly cheap, and more widely available, but they pose real privacy risks. Some of the examples include surveillance drones violating property rights, and pervasive surveillance. A research survey, reported by Forbes in early 2019, indicated that fying drones 24/7 generated fears of the police.436 The way commercial drone technology is progressing, it seems quite likely that corporate giants like Amazon, Google, UPS, and Alibaba will be stepping up eforts to enable drones to play a signifcant role in the “last- mile” delivery – transporting items from the warehouse to the customer’s doorstep.437

Policymakers will be required to ensure a balance between the benefts of commercial drone use and its privacy costs. Any framework that provides impetus to a new technology is required to ensure that that spirit of innovation is sustained, while individual rights to privacy and freedom of expression are also maintained. For instance, a Rand report indicates that a team of researchers explored the hidden or indirect costs and potential consequences, both positive and negative, of adopting commercial delivery drones.438 The study revealed that regulators around the world are struggling to keep pace with new drone delivery technology and some countries are banning the use of commercial drones as regulating a technology which is still evolving is a challenge. Moreover, as there are security implications of this technology, regulators are erring on the side of cautious by banning the delivery applications of commercial drones.

While some of the current regulations in place cover licensure for pilots, registration, restricted fy zones, and insurance, one of the primary challenges of using delivery drones is a requirement that drones stay within the pilot’s line of sight (which almost defeats the purpose of commercial delivery drones).439 India’s Ministry of Civil Aviation’s framework for Civil Aviation Regulations (2.0) still does not provide specifcs for several issues such as current imports and permission structures, or drone licensing and registrations, among other things. The authorities will also need to devise a regulatory response and guidance for mid-air collisions and injury to property and persons.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 114 To increase bilateral partnership on commercial drones, India will frst need to fne-tune some of its regulatory policies and also look at international standardization of commercial drone laws. One positive development that will spur interest and investments in the Indian drone ecosystem is that the government has allowed for 100% foreign direct investments in manufacturing commercial drones.440

While the Indian government and industry leaders will grapple these regulatory challenges for the commercial drone ecosystem, it is important to remember that drone technology will only advance worldwide. The number of people and industries that sees value in utilizing drones as force multipliers increase. Therefore, India cannot aford to stay behind the curve or stymie talent and technology in this industry.

Counter Drone Technology and Operations

Research indicates that most drone operators fy in good faith; however, there are some actors that can do a lot of damage using commercial drones. There are an increasing number of reports that state that extremist groups, militias, and drug cartels are using commercial drones as weapons.441 The proliferation of drones and the possibility of their use for malignant purposes, such as use of drones by organized criminals to run counter operations against law enforcement, plan robberies and other crimes, have led to the development of counter-drone technologies.442 Industries are investing in developing counter-drone technologies for law enforcement agencies to prevent unwarranted use of commercial drones and to ensure the safety and security of civilians. Counter- drone technology, also commonly known as counter-UAS (C-UAS) or counter- UAV, refers to systems that are used to detect and intercept unmanned aircraft. Drones are dual-use and can pose threats in both civilian and wartime environments. Concerns regarding the weaponization and use of commercial drones in conficts, most notably by non-state actors, are growing. Drones have been used in conficts in Syria, Iraq, and Ukraine. For instance, the Islamic State (ISIS) was able to import and construct several hundreds of inexpensive drones and use them in battlefelds in Iraq and Syria.443 According to a report from the Center for a New American Security, more than 90 countries and non-state actors operate drones and their increasing use will have an impact on the future of confict, crisis stability, and escalation dynamics.444 Non-state actors are increasingly able to transform commercial/hobby drones into military hardware and in the future, this trend will only grow as it provides non-state actors access to the kind of operational awareness that was previously held only by state militaries.445

It is in the context of these developments and security concerns that commercial industries are rapidly investing in counter-drone technologies to keep people safe

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 115 from rogue drones. A report calledCounter-Drones System by the Center for the Study of Drone at Bard College found out that there are at least 235 counter- drone products either available on the market or are in various stages of development.446 Several detection, identifcation, and neutralization technologies are being employed and developed by leading defense contractors. Some of the most prominent counter-drone technologies for detection and tracking include scanning for radio frequency, electro-optical, infrared, acoustic, and combined sensors. Other technologies and methods used for interdiction of drones involve radio frequency jamming, spoofng, laser, nets, and projectiles. 447The global counter-drone market size is expected to reach $1.85 billion by 2024 as incidences of unauthorized use of UAVs and acts of terror using drones rise.448

Given that major proliferation of drones is underway in the Subcontinent, India needs to devote adequate attention to developing and mainstreaming counter- drone technologies. India has a unique opportunity to learn some of the lessons of how counter-drone technology is evolving in the United States and being utilized by federal law enforcement agencies. Given C-UAS technologies are dependent on innovation, industries in India can collaborate with counter-drone tech companies in the United States and become part of the global supply chain of C-UAS tech.

On February 1, 2019, CNBC reported that by 2022 the Federal Aviation Administration (FAA) expects that there will be 2.9 million drones fying in the United States.449 While commercial drones are benefcial to the national economy, the rapid multiplication of drones in the skies poses signifcant security risks. As greater numbers of drones are fying dangerously close to commercial and private aircraft, there have been several near misses between drones and aircraft.450 While reining in rogue drones has received signifcant attention during the last fve years, there are several outstanding challenges as all counter- drone technologies need to reconcile with legal and safety mechanisms. The FAA considers drones to be aircraft and does not allow shooting down an aircraft, thus making shooting down drones illegal and a federal crime in the United States. Only the federal government’s law enforcement agencies have been granted the authority to employ C-UAS technologies,451 thus his suggesting that counter- drone adoption measures will take place in close coordination with FAA laws.

In July 2018, the FAA updated its guidance on “Unmanned Aircraft Systems (UAS) Detection and Countermeasures” and underscored that successful mitigation of rogue drones is reliant on accurate detection. One of the major fndings of the FAA report is that the “low technical readiness of C-UAS systems, combined with a multitude of other factors, such as geography, interference, location of the majority of reported VAS sightings, and cost of deployment and operation, demonstrate this technology is not ready for use in domestic civil airport environments.”452 The report emphasized the challenges of C-UAS

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 116 technologies and the potential risks of targeted UAS when engaged in airport environment, which can introduce greater hazards than it is intended to mitigate.

Despite the slow pace of adoption of counter drone tech, it is pertinent that law enforcement agencies and security ofcials will need to be prepared, trained, and equipped to counter hostile drones. The U.S. Congress recognized that the need for counter-drone tech will only grow and, therefore, in the 2017 and 2018 National Defense Authorization Acts (NDAAs) enabled limited C-UAS authority to the Department of Defense and Energy.453 Notwithstanding these challenges, there are several companies, such as SkySafe, DeDrone, Fortem, that are working with the Department of Defense (DoD) to keep unwanted drones in check; though the real challenge continues to be the regulatory battle. For instance, SkySafe does not only track drones but also intercepts them, but hacking and/or intercepting drones is illegal in the United States.454 It is, therefore, important that companies, local and federal government agencies have a greater level of coordination when it comes to counter drones technologies.

With an increasing boom of the commercial drone market in India, drones are becoming cheaper, smaller, more agile, and stealthier. After several incidents of drone sightings around Indian airports, the government is investing in the development of reliable, safe and secure C-UAS technologies. For example, the Defence Research and Development Organization (DRDO) has taken up the development of high-intensity laser weapons.455 Additionally, the Indian government’s Bureau of Civil Aviation and Security (BCAS) has been engaging with two Israeli companies to develop drone disabling technologies around Indian airports. This technology primarily looks at two categorization of skills – soft kill (a drone which fies into a secured airspace can be destabilized and its system frozen) and hard kill (the drone can be destroyed).456

The growth in the market of counter-drone technology is another area where the industry in both India and the United States can cooperate. The BCAS can work with the U.S. industries and federal law enforcement agencies to navigate the policies adopted and the regulatory challenges involved in the lawful elimination of drones.

There is also a major component of learning lessons from the United States and applying them in the Indian context to foster a culture of safety and responsibility throughout the drone industry. For instance, to mitigate rogue drones near the National Nuclear Security Administration’s (NNSA) sites, the Ofce of Defense Nuclear Security has deployed its frst C-UAS platform. The NNSA worked in partnership with the FAA for the designation of Los Alamos Lab as a “No-Drone Zone” and to set up a system to detect, identify, track, and intercept unsanctioned drones at Los Alamos National Laboratory.457 It would be in India’s security interest to draw upon the lessons from the NNSA-FAA collaboration to better understand the capabilities, functional efcacy, and ease of handling of anti-drone technology. Additionally, training a specifc team – either the Central

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 117 Industrial Security Force (CISF) personnel or the Air Trafc Controllers (ATC) – staf at airports would be highly benefcial for the Indian security establishment.

Some Key Considerations for the Way Forward

The use and utility of commercial drones are on the rise and expectedly will continue to grow. As there are some signifcant developments for new regulatory frameworks for drones in India, there is an opportunity for New Delhi to increase partnership with the United States on commercial drones. India will need to fne- tune its regulatory policies on commercial drone laws according to international standards. The increasing number of drones in the sky and the growing number of violations – accidental or criminal – also incentivizes Indian and American industries to collaborate on counter-drone tools to keep out unwanted drones. Drone technology in the commercial sector has the potential to create tremendous impact with regard to job creation, increasing productivity, and efciency. However, there will be considerable concerns about both the promise of the technology and its ability to carry out tasks while ensuring safety, security and privacy of citizens. Expectations regarding drone technology in the commercial sector need to be more pragmatic and rooted in reality.

Expectations regarding drone technology in the commercial sector need to be more pragmatic and rooted in reality.

Despite the rapid advances of drone technology, there needs to be signifcant progress in several aspects of the technology: autonomous fights (this technology is still developing but it allows drones to fy without a user directing their fight); and battery performance (improvements in battery technology are expected to boost drone fight time). Though some of these improvements will allow commercial drones to fy for longer durations without battery recharging, the drone technology can fall short of the promise. It is important for industry players and policymakers to temper expectations of what drone technology as a whole can achieve, given it is still evolving and is not a fully mature technology.

Drones are not horizontal technology (i.e. the movement and transfer of this technology from one sector to the other is not easily possible.)458 The most disruptive technologies that have made huge impacts on consumer use are horizontal technologies like e-commerce. However, since drones are not a

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 118 horizontal technology, there would be signifcant expenditure on R&D in every sector where drone applications are envisioned. For example, the last-mile delivery drones will require a very diferent approach than farm surveillance by drones. Last-mile delivery will require precision, timeliness, accuracy, interaction with humans, and an understanding of potential obstacles. Farm surveillance applications will require imaging technology, stability in dire environmental conditions, and autonomy. This again indicates that there needs to be a management of expectations on the commercial drones’ impact across sectors.

In the Indian context, it is clear that the development of the commercial drones sector will happen in close coordination with the Indian government. However, experts warn that stif regulations could stife the commercial drones sector from fourishing. There must be a balanced approach where the government is able to safeguard an individual’s privacy, monitor drones that could harm national security, but simultaneously encourage policies that enable the commercial drones sector to fourish.

To conclude, it is important to highlight that although much of the recent debate on drones has centered on the state’s use of drones for surveillance and military purposes, the use of drones by and for civil society deserves attention. For any underlying opportunity in the case of the commercial drone market in India, there is a vital need for enabling policies and handholding between India and the United States. For a smooth launch and progress of the commercial drone industry in India, there needs to be policy consensus and coordination among the Ministry of Defense, the Ministry of Home Afairs, the Ministry of Commerce and Industry, the Ministry of Civil Aviation, the Department for Promotion of Industry and Internal Trade, and Niti Ayog, among others. Moreover, there also needs to be signifcant investment from the government on drone education – training pilots, capacity building for manufacturing, registration and tracking of drones, certifcation of remote pilots and other professional drone services. The time is right and ripe for India to collaborate with the United States on the development of its commercial drone sector, setting and strengthening the regulatory landscape to allow commercial drones to be used efectively and safely and also for the scalability of the technology.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 119 Civic Futures 2.0: The Gamification of Civic Engagement in Cities (Subhodeep Jash)

Subhodeep Jash is a Senior Consultant with FTI Consulting Asia’s Strategic Communications Practice at New Delhi. The idea for this research stemmed from his stint with the WZB Berlin Social Science Center.

Acknowledgements: I would like to express my gratitude to Charru Malhotra, Perry Nunes, Liav Orgad and Jess Riegel for their valuable insights. I wish to express my appreciation for the kind support and guidance of Awista Ayub and Melissa Salyk-Virk at New America. Last, but not the least, I thank the entire cohort of the 2019 India- U.S. Fellows for their feedback towards refning the contours of this paper.

Executive Summary

Citizenship is a fundamentally political institution. This research focuses on the intersection of technology and active citizenship, which is a central component of a republican conception of citizenship where citizens are expected to engage in political deliberation and contribute to the common good of the community. This paper is a primer on the newer forms of civic interactions that emerge when gaming elements (such as points, badges, rankings, rewards, etc.) are introduced into a non-game setting like civic engagement. Further, it maps current trends and variations around the gamifcation of civic engagement. It begins with two unique use-cases from Boston (United States) and Tlalnepantla (Mexico) that illustrate how gamifcation can encourage greater participation in governance processes and possibly address gaps in efciency facing democracies. Finally, the research attempts to form a typology of the various civic innovation projects in Europe and the Americas, and Subsequently, examines the broad level societal benefts and ethical challenges that arise from these interventions.

The closing section of the paper introduces the context of civic engagement in one of the world’s largest digital demos, India and what a potential for gamifcation in that socio-political context could imply. While this potential for gamifed governance looks encouraging, its use is being examined more as a complementary tool to existing approaches surrounding citizen participation and interactions.

Pokemon Gov and “Points” of Kindness

Digital technology is increasingly used to experiment with new forms of encouraging citizen engagement. The spectrum of such experimentation ranges from chatbots that drive interactions between government ofcials and citizens

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 120 in Jersey,459 (an island located in the English Channel), to points-based systems such as catalogues of good deeds (in Mexico) to motivate active citizenship. A common thread behind such ideas is to provide incentives that motivate civic activism, with the hope that, over time, such incentives will create a culture of communal activism. Two such salient use-cases for gamifcation emerging in the U.S. city of Boston and the Mexican city of Tlalnepantla are discussed hereunder that illustrate successful deployment in these new civic interactions.

Digital technology is increasingly used to experiment with new forms of encouraging citizen engagement.

In 2016, the city of Boston in the state of Massachusetts launched a spring-time campaign called “SpotHoles” as a way to encourage constituents to generate more pothole reports during the snow-melt month of March when potholes are especially prevalent. Prior to this campaign, residents could call a helpline to report such civic grievances. However, a major challenge existed within the helpline reporting system: the ability to situate these potholes within the neighborhoods.

Subsequently, the SpotHoles campaign was deployed to report potholes with better accuracy across the city by using a mobile application-based scavenger hunt akin to the augmented reality mobile game, Pokémon Go. After creating a branded campaign with associated digital assets, SpotHoles netted more than 300 percent higher citizen-reported potholes460 than the same period in the previous year. And even better, the increased reports were accompanied by an accurate location because of the mobile reporting application’s ability to geo- locate issues, allowing users to snap a picture and send a note to the city.

The success of the initiative led to a partnership between Niantic Inc., the developer of Pokémon Go and the Boston Mayor’s Ofce of Urban Mechanics to institute a participatory Pokémon Go initiative with school students. The initiative developed “PokéStops,”461 which provided a way of incorporating real- world locations into the game build. For example, the potential locations for PokéStops could be small parks or historic buildings. Students were asked to make short videos explaining why these locations should be included in the game. Then, a youth-led selection jury would pick the winning locations. The idea of involving citizens into this curation exercise was identifed as a way to

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 121 celebrate meaningful and accessible locations in the city and raise civic awareness among youth.

As another example, Tlalnepantla de Baz, a city in Mexico, sufered from low civic engagement and its residents were indiferent to neighborhood problems. There was little interest even in fling reports of criminal acts, which prevented the authorities from taking action. This indiference threatened the city’s social fabric, making citizens feel disconnected and insecure. In 2016, an initiative from the Mayor’s ofce462 encouraged local citizens to participate in the community by choosing a “good deed” from a catalog. Examples of good deeds included voting, assistance to the elderly, job training, frst-aid courses, safety training, professional consultations, organizing cultural events, and self-employment workshops. Good deeds could be municipal, but also universal—for example, the promotion of environmental activities. Each good deed that was performed was recorded and given a score, and citizens were able to claim benefts according to their score from a parallel “Catalogue of Municipal Benefts.” Municipal benefts included bike rental and public transportation, scholarships, tickets to cultural events, and reduced municipal housing. The goal is to motivate civic activism, with the hope that, over time, such incentives will create a culture of communal activism. In the past few years, there have been suggestions to use technology to motivate more active citizenship.

The Tlalnepantla city ofcials were inspired by community network projects that promoted a sense of collaboration in other cities but felt that those projects were too narrowly focused. The city’s Mayor, Guillermo Alfredo Martínez González, said that the initiative led to a closer interaction among residents by promoting good deeds, and had a transformative efect on the entire society by “allowing for greater collective development, confict resolution, stronger identity, and reconstitution of the social fabric.”463

Both these endeavors highlight how game elements such as a points based system or a scavenger hunt akin interface can reinvigorate the interactions between citizens and public policy. This paper examines a range of such similar experiments that brought about this emergence in the gamifcation of civic engagement.

Defining Gamified Civic Engagement

New forms of civic interactions have been driven by the incorporation of game elements (i.e. points, badges, levels, rankings, rewards) into the non-game context of citizen engagement and have created conditions for gamifed civic engagement.464 In recent years, there has been a growing appeal of the gamifcation of civic engagement as a possible solution to reshaping participatory regimes among residents in cities similar to the cases of Boston and Tlalnepantla.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 122 It is important to distinguish gamifcation from “mere games”—since the use of game mechanics does not necessarily make a product a (video-) game.465 While the main scope of games is pure entertainment, gamifcation is aimed at transmitting features that leverage elements of role play, story, and agency.466 According to some authors (Landers et al., 2018), this happens under three conditions:

• The perception of a non-trivial goal that can reasonably be pursued

• The desire to pursue that goal under behavioral rules that difer from the behavioral rules that one would normally apply

• The voluntary nature of the decision to pursue that goal

Background

An increasing number of cities, including a large number in the developed world, sufer from low civic participation, an absence of social solidarity, and a feeling of apathy in creating solutions to common problems. Harvard-based sociologist Robert Putnam suggests that people living in diverse but divided communities tend to “hunker down” and “withdraw from collective life”467 by placing less trust in their neighbors, including those from a similar background. As a result, they assume markedly more negative attitudes towards their local areas, vote less; volunteer less, and give less to charity. A recent report of the City of London portends an alarming development—it indicates a lack of “cross-community contact,” and a low level of active citizenship, especially among newcomers.468 The report fnds this reality to be “one of the key challenges facing cities across the world” and urges the need to fnd solutions to encourage active citizens who “shape the decisions that afect their communities and their city” and share “a sense of rootedness and active participation in community life.”469

The OECD is one of the few public institutions that have guidelines470 on measuring trust, both interpersonal and institutional. A recent OECD study fnds that only 43 percent of citizens trust their government. Trust in government is deteriorating in many OECD countries. Lack of trust compromises the willingness of citizens and business to respond to public policies and contribute to a sustainable economic recovery. Open government policies that concentrate on citizen engagement and access to information can increase public trust.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 123 Early Use Cases

What are the earliest use-cases of gamifcation around civic engagement? One of the early salient cases is the ‘Howard Dean for Iowa Game’,471 the frst ofcial video game commissioned in the history of the U.S. presidential elections in 2003. Players in the game earned points for virtual sign-waving, door-to-door canvassing, and pamphleteering. The engagement for this game led to 100,000 plays before the Iowa caucus and signaled a new form of political campaigning.

Another example occurred in 2004 when the Illinois House Republicans released a game called Take Back Illinois472 designed to represent their political positions on various policy issues (such as economic development, healthcare, and education). The game was at the center of that year’s legislative electoral race. The game attained a fair degree of popularity as it received traction from online distribution channels and supported via local blogs. The game was praised for its attempt to capture political communication rhetoric in a persuasive manner.

During the lead up to Barack Obama’s presidential inauguration in 2009, his team asked American citizens to vote for whichever issue they cared about most on a platform called Change.gov. The idea was to crowdsource the highest- priority issues from American citizens.

Then, in 2016, Hillary Clinton’s presidential campaign team launched an app designed to gamify the campaign process. The application, which was inspired by the Facebook game, Farmville, ofered virtual badges and real-life rewards for activities such as sharing promotional videos through social media platforms.

These scenarios all have a precise scope: to engage potential voters. Albeit, none of these three campaigns led to successful electoral outcomes for the three candidates, they did herald an innovative approach to bolster citizen engagement.

Certain experiments pertaining to gamifcation were seen more in a setting to provoke discussions, as seen in citizen engagement processes with SAM from New Zealand,473 where an AI chatbot simulated interaction between a virtual politician and users on Facebook messenger. All of these early engagement eforts sought to explore ways to reinvent the citizen interaction process through gamifcation as it ofered greater motivation towards participation and a transparent mechanism to engage in governance processes.

The Landscape of Citizen Gamification

During the course of this research, 25 to 30 initiatives that attempted to gamify civic engagement were mapped. These projects were geographically diverse,

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 124 spreading across Europe, North America, and Asia. Based on the mechanisms involved, the projects could be divided into two broad categories:

1. Participatory decision-making: consultation/budgeting forums and crowdsourced decision-making, and

2. Points-based system and community currencies.

Citizen engagement eforts employ several diferent “means” to achieve many diferent “ends.” Depending on the context, citizens can play diferent roles ranging from providing ideas and expertise (as with policy crowdsourcing platforms) to being representatives of specifc interests (as seen with participatory budgeting and deliberative polling).474

Participatory Decision-making: Consultation and budgeting forums

Graham Smith terms “democratic innovations” as the institutions “that have been specifcally designed to increase and deepen citizen participation in the political decision-making process.”475 These innovations, as per Smith, are consequential in that they represent a departure from the traditional institutional architecture of advanced industrial nation-states. Citizen assemblies, participatory budgeting forums, town halls, online citizen groups, and newer legislative forms (such as liquid democracy) would be classifable as democratic innovations based on this taxonomy. In this regard, gamifcation within the context of participatory consultation and budgeting forums has seen use-cases that have boosted the participatory dimension of citizen engagement.

Ovar, a small town in Portugal, saw an impressive 25 percent of its residents turn out to vote in its frst participatory budgeting campaign. A seaside town of 55,398 people, Ovar is one of the oldest municipalities in the country. The city implemented participatory budgeting as a means for the mayor, Salvador Malheiro, to connect with the citizens and better engage with young people. The program, which was allotted €100,000, used a gamifcation strategy with a leader board that highlighted which proposals were receiving the most votes. It also gave people both online and ofine methods of voting, through either paper ballots or a website form.

In 2015, Decide Madrid,476 a platform for public participation in decision- making, was launched by the Madrid city council. Decide Madrid has four main functions: proposals and votes for new local laws; debates; participatory budgeting; and consultations. The platform allows any resident to propose a new local law that other residents can vote on to show support. Proposals that gain support from one percent of the census population are then put to a binding public vote.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 125 A variant similar to participatory budgeting, “CrowdLaw,”477 is a participatory lawmaking process where legislative bodies can tap into new methods for unlocking the intelligence and expertise of the citizenry beyond an electoral process.

In Reykjavik, Iceland, a CrowdLaw web platform for “idea generation” and “policy crowdsourcing” allows citizens to present and discuss ideas related to the services and operations of the city of Reykjavik since 2010. The website has seen a fairly positive response as it’s been used by 20 percent of Iceland’s population. 478

vTaiwan,479 an experimental e-consultation platform, was used to engage 200,000 people in crafting legislation on topics as varied as company shareholder requirements, regulating ridesharing services like Uber, internet alcohol sales, and online education. The online engagement process used a combination of an online system called “pol.is”480 and Slido, a questionnaire tool.

Points-based Systems and Community Currencies

There have been a few cities that have promoted the idea of a local civic currency towards promoting social innovation and as a means to invest in projects at a local level.481 Nu Spaarpas, 482 for example, was a municipal experiment that was launched in Rotterdam in the Netherlands around 2000 to create a loyalty points-like system to incentivize sustainable and eco-friendly consumption choices. Consumers were rewarded when they engaged in behaviors such as buying green or recyclable products. These loyalty points could be redeemed for gifts such as event tickets or public transportation passes.

Cities such as Gent483 (in Belgium), Cascais484 (in Portugal), and the example of Tlalnepantla (in Mexico) have taken the lead in developing similar community currency (digital or physical) driven initiatives that foster active citizenship or sustainability-driven action.

Recently, a system of digital social credit has been ofered by Andrew Yang,485 the founder of Venture for America and U.S. 2020 Democratic presidential candidate. In his view, Digital Social Credits can improve civic engagement, volunteer rates, and social interactions across the community. Credits can be gained by “participating in a town fair,” “tutoring a local student,” or “volunteering at a local shelter.”486

Points- or rating-based system can, however, present a set of technological, psychological, and ethical challenges. Who decides what is a “good deed?” What criteria is used for creating such systems? How should a city disseminate the idea or allow for registering participants or recording data? How efective are such

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 126 incentives likely to be in cultivating positive habits and morals, and what can be the societal side efects?

While these challenges are not examined in this paper, the feasibility and ethical implications of scoring systems, especially in light of the bad reputation earned with the adoption of China’s Social Credit System, become pertinent for further research into the design of scoring systems. Algorithmic citizenship earned a bad reputation following the adoption of China’s Social Credit System (SCS) in 2014. 487 The SCS creates a world in which one’s daily online activities are constantly monitored and evaluated to create a Citizen Score, which is publicly ranked and compared against the entire population. China’s SCS ranks citizens based on criteria such as credit history, consumption behavior, social connections, personal characteristics, and compliance with the government’s ideological framework.488 The Citizen Score afects the eligibility of citizens for basic services (mortgage, job, social benefts, etc.) and provides people with rewards (e.g., one can rent a car without a deposit or have a faster check-in experience at the airport) and punishments (e.g., restricted access to restaurants or removal of the right to travel abroad). As China looks to make this project mandatory by 2020 and its intentions with regard to big data governance systems, notwithstanding, the SCS can be conceived more like an ecosystem of initiatives sharing a similar underlying logic than a fully integrated machine for social control.

The distinction, however, is that unlike the pervasive algorithmic citizenship profles in China that are punitive in nature, the civic experiments outlined here for cities across Europe and the Americas are largely voluntary and not developed around sanctions or any form of activities that are classifed as being negative.

Impact of Gamified Systems

Benefts

What do the gamifed systems mean in terms of social beneft at a local level? Gamifed innovations provide novel solutions that simultaneously solve a social need and augment capabilities and relationships and improve the use of assets and resources. Social innovation models that are driven through citizen engagement lead to a greater good for society and enhance social interaction and engagement levels. It is evident that gamifcation can mobilize citizens efectively to participate in public decision-making. Citizen participation needs to be fun, easy and interactive. People are provided a voice and incentive towards building an engaged society with a sense of fulflling both their rights and responsibilities towards more active civic engagement.489

The efcacy of such platforms depend on a variety of factors, such as: (a) voluntary participation that is sometimes incentivized, but not coerced; (b) trust

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 127 of the civil society placed in the state authorities to provide the motivation accompanied by an underlying assumption of a republican, “active” citizen rather than a “Marshallian” (passive) citizen;490 (c) ca requirement to perform some sort of action, and not just be a passive recipient491 ; (d) digital literacy combined with internet and smartphone proliferation within the ecosystem to allow adequate diversity of participation.

In 2009, a study published by the MacArthur Foundation investigated the correlation between video games and their capacity to stimulate civic and political engagement. The report identifed a direct correlation between the civic potential of video games and further engagement in civic life, especially by young citizens.492

Participatory processes work best at a local level as party politics are less dominant. Citizens also fnd it easier to spot problems, identify solutions and evaluate legislation for issues that directly afect their daily lives.493

With several initiatives, a tech interface is meant to be a layer supplementing an ofine discussion forum, as happened in Decide Madrid and vTaiwan, the use- cases highlighted earlier.

Measuring Engagement Levels

While we have examined the broad strokes of the kinds of gamifcation that are being driven in the civic engagement context, it is important to evaluate whether these civic-driven initiatives encourage low-risk/low-cost engagement or whether they can be a driver of social change (both online and ofine).

In an efort to measure levels of engagement, the International Association of Public Participation (IAP2) has developed a public participation spectrum to help groups defne the public’s role in any public participation process on an increasing level of intensity ranging on a scale of: Inform, Consult, Involve, Collaborate and Empower. These varying degrees of engagement on the participation spectrum can be outlined as follows.

• Inform: To allow citizens with a balanced and objective understanding of a problem alternatives and solutions.

• Consult: To obtain citizen feedback on a policy challenge or problem facing citizens

• Involve: To have a direct engagement mechanism for citizen redressal on their needs and concerns.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 128 • Collaborate: To partner with the public on each aspect of the policy cycle (from the development of alternatives to identifying the preferred solution).

• Empower: To place decision making authority to the public.

Figure 1: Spectrum of Public Participation

(Source: Tim Bonnemann, City of Vancouver Mayor's Engaged City Task Force Final Report on https://www.fickr.com/photos/planspark/12249559465 )

Taxonomy Of Gamifed Civic Engagement Projects

Initiative/Platform (City/Country) Category Mechanics Depth of Participation

Participatory SpotHoles Campaign Hybrid reality Inform, Consult, Involve, (crowdsourced) decision (Boston, USA) game app-based Collaborate making

City Points (Cascais, Inform, Involve, Points/rating based system App based Portugal) Collaborate

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 129 Initiative/Platform (City/Country) Category Mechanics Depth of Participation

Change Tomorrow Participatory decision Web based + Inform, Consult, Involve (Ovar, Portugal) making Offline

Better Reykjavik Participatory decision Inform, Consult, Involve, Web based (Reykjavik, Iceland) making Collaborate, Empower

vTaiwan (Taipei, Participatory decision Web-based + Inform, Consult, Involve, Taiwan) making offline forums Collaborate

Nu Spaarpas Card based Inform, Involve, (Rotterdam, Points/rating based system technology Collaborate Netherlands)

Torekes (Gent, Inform, Involve, Points/rating based system Loyalty card based Belgium) Collaborate

Decide Madrid Participatory decision Web-based + Inform, Consult, Involve, (Madrid, Spain) making offline forums Collaborate

Citizenlab (Brussels, Participatory decision Inform, Consult, Involve, Web + app based Belgium) making Collaborate

Hull Coin (Hull, Inform, Involve, Points/rating based system App based England) Collaborate

Echo Citoyen (Paris, Participatory decision Web-based + Inform, Consult, Involve, France) making offline forums Collaborate

Next Election Participatory decision Inform, Consult, Web + app based (Bangalore, India) making Collaborate

Figure 2: Taxonomy of Gamifed Civic Engagement Projects

It is important to note some commonalities among the 12 initiatives presented in Figure 2. First, most of the experiments were created by non-profts or administered through collaborations between startups and city councils. Second, all the initiatives have a similar goal, which is to inform the public and obtain a reasonable degree of participation. Further, over half of the initiatives have a consultative dimension, (i.e. receiving feedback from the citizens on a civic

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 130 problem) thereby refecting a fair degree of citizen engagement. Third, a majority (over 70 percent) of the initiatives have used a blend of channels for engagement, including either web/app-based platforms and ofine elements. And lastly, all the initiatives are based on positive acts and duties and do not carry any punitive elements.

For a subsequent iteration of the synoptic table, a more detailed study of these initiatives would need to be carried out in order to acquire a better measure of how successful these platforms are. While this paper has not delved into these fner details, any subsequent research in this area could look to incorporate the following aspects:

• Creator of the initiatives

• Participation (voluntary/mandated) and opt-out scope

• Privacy and security features for the web/app based platforms

• Transparency in disclosures for activities or lists in the points or rating based systems

• Feedback mechanisms for users or citizens

Challenges to Gamified Systems

Samuel Bowles in his book The Moral Economy494 argues that substituting moral goodness with a reward and punishment system attacks the core of Rousseau’s social contract. Intrinsic motivation, he believes, is a better motivation than extrinsic rewards. Given that several of the game elements border on steering the choice architecture towards a more rewards-centered arc, this is a trade-of that can produce unintended consequences. For example, the ‘paradox of disincentives’495 may be viewed here as the outcome of an authoritarian exercise of power from the moment in which citizens perceive that they lack the ultimate control of their decisions.

Beth Noveck, of the Governance Lab at New York University, argues that civic innovation in governments implies a conceptual shift in the exercise of public power.496 The introduction of gamifed governance implies a shift towards upending the status quo towards reuniting citizenship with expertise. It postulates a bottom-up approach to building public policies, and it necessitates new mental models for conceiving the exercise of regulatory powers from public institutions.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 131 Design becomes a critical challenge, in terms of marshaling convincing evidence for the adoption of new technologies or including the right motivational incentives for a crowdsourced decision-making process.497 Also, the perils of ‘groupthink’ can produce cognitive biases, as studied by eminent behavioral economist, Daniel Kahneman when each decision-maker in a group has too little information to solve a given problem and instead observes others in the hope of becoming wiser.498

With the increased use of computer algorithms to monitor digital activity, any form of scoring systems is bound to raise questions relating to one’s status, identity, and rights. John Cheney-Lippold captured this phenomenon with the term jus algoritmi,499 which describes a new form of citizenship produced by online data collection and used by law enforcement agencies (the NSA’s PRISM Surveillance Program of targeting “algorithmically foreigners,”500 or the U.S. Homeland Security Department’s plan to collect data on immigrants based on search results, social media handles, and mobile phone information501 ). Algorithmic citizenship brings to the fore fundamental questions on the digital sphere and public function of online activity.

Normative citizen scoring (e.g., general assessment of moral personality or ethical integrity) in all aspects and on a large scale by public authorities endangers individual freedom and autonomy, especially when used in violation of fundamental rights, or “when used disproportionately and without a delineated and communicated legitimate purpose”,502 as has been highlighted in the European Commission’s High Level Expert Group on Artifcial Intelligence guidelines titled “Draft Ethics Guidelines for Trustworthy A.I.”503

Scaling solutions is a critical component in the new practice of public problem solving, as argued by Tara McGuinness, Former Director to the White House Task Force on Community solutions and Anne-Marie Slaughter, CEO of New America.504 Some of the startups echoed this sentiment as well in terms of constraints. Navigating the right areas for creating new forms of civic engagement is another important dimension that emerges as a key consideration for some of these projects. The measurement of impact is not quite so straightforward. Accounting for context when measuring impact is imperative, and thereby a theory of change for mapping complex causality is needed. For example, large scale participation if orchestrated by advocacy groups may not be a reliable indicator of citizens’ informed value preferences. In this context, political scientists Robert Dahl and John Dryzek moot the formation of small groups of citizens that comprise the non-elite, typically recruited through random sampling.

These challenges outline the fact that, while it is enticing for gamifed applications to ofer low-cost and higher engagement forms, the design of such systems are intricate in nature and require much deeper deliberation.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 132 Civic Engagement in India: Potential for Gamification?

In India, the Ministry of Electronics and Information Technology (MeitY) launched the National Portal of India (www.india.gov.in) in November 2005 as well as the Open Government Data Platform (www.data.gov.in) in October 2012 for providing easier access to public information and data. In 2014, the Digital India program laid the groundwork towards increasing the level of citizen participation in the decision-making process through digital tools such as MyGov and the eponymous Prime Minister’s mobile app, Narendra Modi. While these platforms have exhibited some initial promise, the lack of an adequate vision means that they no longer remained relevant and have been reduced to a platform for input on various advertising or marketing campaigns instead of substantive issue-driven citizen interactions.

As far as the civic engagement ecosystem in cities goes, there has typically been sporadic levels of engagement. Traditionally, civic engagement has not been a top priority. However, there is potential in its future application with citizens increasingly using technology (especially mobile) with over 175 million smartphone users expected to emerge in the next four years.505 Civil society organizations such as the Janaagraha Centre for Citizenship and Democracy, and the federal government’s eforts under the ‘Digital India program’ have led to strengthening capacities towards digital literacy.

While gamifcation in this context is still at a pretty nascent stage, there are a few applications that have been identifed during this research.

ichangemycity506 is a locational online social networking platform launched in 2012 by Janaagraha Centre for Citizenship and Democracy for civic action. The site uses the power of the internet to connect people who are in the same vicinity and helps them discuss and act on civic issues. The platform largely uses a complaint redressal system for citizens to raise concerns on potholes, unattended garbage, water supply, and related civic issues. There is a system of “upvoting” (where other users can vote for complaints to be prioritized) as part of the interaction mechanism to ensure resolution of a complaint.

Next Election507 is envisaged as a virtual town hall that brings citizens, politicians, and journalists together. It seeks to create a vertical accountability framework among a diverse range of actors in order to bridge the gap between elected representatives and constituents. It has microsites that comprise sentiment analysis on issues such as sanitation and environment as well as scorecard systems that allow individuals to rate elected representatives, building a network of issue-based champions.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 133 Civis508, started of as a web platform and sought to create meaningful engagements with participatory consultation exercises around livability metrics in Bangalore, Gurgaon, and Mumbai. Civis, thus operates more on the participatory or crowdsourced decision-making spectrum. About 1,074 citizens participated in a consultation on the city of Bangalore’s revised master plan.

Reap Beneft509 is an NGO based out of Bangalore that looks to empower civic problem solving among youth through a mix of skill enhancement, local data, and contextual solutions. The NGO wants to build a community of “solve ninjas” around issues such as sanitation, education, and healthcare. The organization does employ game elements in the form of badges for diferent skills: mobilize, report, build, prototyping solutions, and campaigning.

Village Capital,510 a venture capital frm in collaboration with the Omidyar Network, ran an accelerator program last year to support the growing ecosystem of civic tech startups in India. Fourteen platforms that were developing ideas about improving governance and augmenting citizen-facing interactions were part of this program. According to Perry Nunes, a manager at Village Capital, a large part of these initiatives were geared towards streamlining public service delivery and helping local or municipal governments. Transparency and governance and citizen participation were two of the broad themes for civic innovation ideas.

The overarching state of play in India looks to be based around improvements in backend governance delivery. There is a resource constraint present when it comes to capacities for scaling civic engagement models. With this context, gamifcation in India can leverage individual choices at a low cost as it aims to produce a common good. Gamifcation also has more commonalities with crowdsourcing vis-a-vis ‘nudges’511 , which are aspects of a choice architecture that alters people’s behavior in a predictable manner without forbidding any options or signifcantly altering economic incentives. However, the introduction of any sort of game mechanics must ft the right socio-economic context. At present, the focal point for civic innovations is in Southern India (Bangalore in particular). The design of these innovations is largely geared toward problem identifcation or grievance redressal, but there is enough room for new forms to emerge that focus on solution identifcation and crowdsourced policy-making.

The Way Forward: A Blueprint for Gamifying Citizenship

Digital technology is increasingly used to experiment with new forms of encouraging active citizenship. The current spectrum extends from China’s social credit system to ideas such as catalogs of good deeds to motivate active citizenship. While China’s Social Credit System has been unequivocally

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 134 condemned in the Western world, many of its scoring components are also common for social networks outside China.

A scoring system, therefore, needs to have a more contextual and cognitive design. For example, there are certain principles that could be considered while building such systems. Based on the nascent scholarship and conversations with some of the developers of these civic innovations, future scoring systems should be:

• Voluntary. A voluntary system that provides equal forms of participation in terms of allowing each registered resident to participate and the choice to opt out of a system after signing up.

• Deliberative. The public can participate in something akin to the Catalog of Good Deeds idea in Mexico.

• Flexible. Any list of deeds or activities needs to be subject to a review and constant iteration.

• Transferable. Earned points can be transferred among citizens’ subject to certain conditions.

• Secure. The technological infrastructure on which a system is built needs to be safe and secure (in which data is encrypted).

• Positive Acts. The system can be built around rewards, however, a decision to not participate should not impose any negative costs.

• Adaptive. It is interoperable and can be implemented either at a sub- municipal level or supra-municipal level, such as a consortium of cities (e.g. C40 Cities512) where an individual can claim benefts in one participatory city based on good deeds in other participating cities.

• Activity-centric. It is action-based: no score will be given to individuals— this is not a citizen rating method—but to “deeds.” It is imperative that extrinsic rewards don’t become a substitute for intrinsic motivation. The two would need to go hand in hand.

Gamifcation can mobilize citizens to efectively participate in public decision- making. But note that gamifcation can also have detrimental efects if the design is manipulative in terms of the choice architecture it presents or has the unintended consequence of excluding participants in any way. In this regard, it becomes imperative to ensure that any such context starts with the sense of belonging to the local community and to amplify with a smart gamifcation scheme.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 135 The gamifcation of civic engagement syncs well with the ability to create new spatial interactions around local issues (such as waste management, potholes, etc.).

Any adaptation of the innovations discussed in this paper would need to ft into the socio-political context of the region. Blended models or formal and unconventional channels should operate together to engage citizens in policymaking.

Conclusion

Gamifying citizen engagement is certainly not a panacea for all societal ills, and it poses various challenges of its own—notably those linked to aspects of privacy, design, and inclusion. But, in combination with other innovations and methods, especially the interlinkages with behavioral economics and collective intelligence, it does ofer a potentially valuable and still somewhat under- explored approach513 to governance in the 21st century. The motivation towards greater participation and transparency across the public participation spectrum ranges from informing to empowering the public.

While the verdict for attributing success to gamifcation in this space is still not clear, the governance potential ofered by gamifcation stems primarily from the avenues it ofers for greater motivation and participation, inclusion and, consequently, transparency across the full policy life cycle—from agenda setting to solution ideation, policy development, implementation, enforcement, and review of efectiveness.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 136 Key Diferences Between the U.S. Social Security System and India’s Aadhaar System (Kaliya Young)

Kaliya Young also known as "Identity Woman" is the author of A Comprehensive Guide to Self-Sovereign Identity and the Domains of Identity. She holds a Master of Science in Identity Management and Security from the University of Texas at Austin. She currently serves on the faculty of Merritt College in Oakland California.

Acknowledgments: The author would like to thank all the people she spoke with in India about Aadhaar. This paper would not have been possible without the support of New America and the guidance provided by Awista Ayub and Melissa Salyk-Virk. The author would also like to thank the 2019 India-U.S. Fellows.

Introduction

As the world’s largest democracies, with 1.3 billion and 326 million people respectively, India and the United States both need to support the abstract representation of individuals and entities and support their transactions with each other confdently in the digital world.

In a 2013 lecture, Nandan Nilekani, founding chairman of Unique Identifcation Authority of India (UIDAI) stated, "the same thing happened in the 1930s in the United States when Roosevelt passed the Social Security Act as part of the New Deal.”514 Because the United States is often admired as a large functioning democracy, the fact that it uses a national ID number means that there is an assumption that the U.S. system must be a good model.

The United States began issuing Social Security numbers (SSN) to a small segment of citizens in 1935.515 The system has evolved over the past 85 years and now numbers are issued to children at birth. Today, Social Security numbers are used by employers to verify employment eligibility and by the government to track the collection of taxes, social beneft contributions by people, and to support them receiving benefts. Most residents also have a state level driver’s license or ID card that an SSN is required in the application process. This type of ID has a photo biometric and is held by 87 percent of adults.516

Over the past 10 years, India has rolled out an identity system based on the collection of biometrics and simple demographic information from all of its residents. The system is called Aadhaar, meaning foundation in Hindi. To date, Aadhaar claims to have enrolled 1.3 billion residents.

Both Aadhaar numbers and SSN are unique numbers issued to residents by their federal government. A card with the number on it is mailed to the resident. To

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 137 this extent, the numbers are comparable. There are diferences in the registration and enrollment processes, but this is not really where the major diferences lie.

The important diferences center on how numbers serve as part of an overall identity system in both the public and private sector. This paper walks through the specifcs of these diferences comparing the U.S. and Indian systems throughout.

The frst section provides context for each ID and considers the historical and contemporary risks of identity systems.

The second section considers the role of the number itself, and, further, explains how the creators of Aadhaar position the number within a sprawling system that continues to add new features, particularly in contrast with the limited role of the SSN within the U.S. context.

The third section looks at the very diferent legal and regulatory frameworks that inform the operation of the agencies responsible for both Aadhaar and Social Security, along with contrasts in the visibility of operations through the court systems where challenges occur.

The fourth section outlines how the national-level UIDAI worked with state-level governments and consultants in India to create vast databases of information about residents at the local level. These state-level databases are called State Resident Data Hubs. In the United States, there are no large scale databases of this type. This section walks through the range of regulations that have been put in place since the 1960s to guard against the creation of such databases in the United States.

Finally, the paper concludes with a discussion in sections fve and six about how the use of the SSN has become limited to employee enrollment and fnancial services in contrast to the ever-expanding use of Aadhaar in the private sector and employment context.

Risks of Identity Technologies

Identity systems, one of the original public interest technologies,517 arose with the creation of contemporary nation-states.518 The frst identity documents were simply receipts that proved that an individual had been surveyed in a census or that they were registered by a local authority in return for a government service in response to a live event (e.g., birth, marriage, and/or death). As a result, these documents or statuses shaped a citizen’s perception of identity as a member of a common public or state. 519

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 138 Identity technologies have tremendous power. They can enable the constructive engagement of citizens with their government, but can be used by the state in ways that cause great harm.

Democracies beneft from diverse input into the design of identity systems and a broad consensus about their operation, transparency, and accountability to the citizens whose information is managed by these systems.

Existing mental models of how identity and identifcation systems work are based on government registries for births, deaths, and marriages where events are recorded on paper in a ledger book and certifcates issued. Identifer oriented systems like the SSN originated at a time when paper-based punch cards were the latest technology. There were limits to how far and wide a number could circulate when paper technologies like punch cards, index cards, and the physical mail system were the only means of circulation.

Even when identity technology is limited to paper, its abuse could lead to horrifc results. IBM’s punch card technology was instrumental in facilitating the Nazi genocide of Jews in Europe via the census records in various countries.520 Several Indian subjects interviewed for this research paper pointed out that there have been a number of signifcant events of communal and caste violence in India:

• Keezhvenmani521 (Tamil Nadu, 1968)

• Gujarat522 (1969)

• Nellie523 (Assam, 1983)

• The Anti-Sikh Riots (1984)524

• Hashimpura (Uttar Pradesh, 1987)525

• Lakshmanpur Bathe (Bihar, 1997)526

• Gujarat (2002)527

• Khairlanji (Maharashtra, 2006)528

Some of these incidents were facilitated by datasets from Voter IDs and Ration Cards, and some had implicit state involvement.529 Beyond these large incidents involving thousands of deaths at one time, there are also tens of thousands of reports of more isolated incidents of violence every year against Dalits.530

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 139 In the third millennium, computers became ubiquitous and we, i.e., society writ- large, must consider how identifcation-based systems translate into a new digital medium. There are new opportunities and risks created by the design and implementation of identity technologies and the systems they are connected to.

Techno-Utopianism,531 the predominant stance of UIDAI, iSPRIT and India Stack proponents,532 does not address some of the real security risks. In India, security researchers and reporters who have brought to light the faws, vulnerabilities, and leaks of the Aadhaar number system have been prosecuted by the UIDAI as criminals.533 This has led to groups of concerned critics collaborating and publishing under pseudonyms to ensure the public knows about the issues and vulnerabilities while limiting their own risk.534

What is the Role of The Number

Both the U.S. Social Security Number and Aadhaar Number are core to how the respective systems work but the way the number is seen and how the designers of the programs orient around it is quite diferent.

In India, there has been a proliferation of digital services linked to and surrounding the Aadhaar number. Some examples include:

• Aadhaar-enabled payment services for bank transfers using only the Aadhaar number;

• Aadhaar payment bridge for government-to-citizen transfers;

•Ofine authentication with QR code;

• Mobile Aadhaar application including lock and unlock service;

• Aadhaar authentication history logs;

• VirtualID creation;

• Mobile OTP for authentication;

• eKYC (electronic Know Your Customer);

• DigiLocker, a service for people to download all the documents they have been issued by diferent government departments; and

• eSignatures and document signed locker.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 140 However, security researchers I spoke with highlighted major faws in the design of many of these services.535 There has also been a stream of reporting about specifc security vulnerabilities that have been uncovered, like API’s to the core demographic database that was reported to be completely open.536

The creators of Aadhaar and the India Stack led by iSPIRT,537 a trade association of software makers focused on the Indian market, see the Aadhaar number as the center of a bottleneck in an ecosystem. The Aadhar system is built under the assumption that national identity numbers are the equivalent of IP addresses in a digital network.538 This assumption creates signifcant correlation risks and the potential to amass vast datasets that can be used for commercial and government surveillance.

In the United States, public concern about the possible use of the SSN for government surveillance has limited the use of the number and led to regulations about its use in both the public and private sector.

On the other hand, in the India stack model, not only does the Indian government provide an identity card to citizens, acknowledging them and giving them a “proof” to share, but it also provides authentication services.539 Indians can use their UID to log in to services and then either use a biometric or get a one-time password (OTP) sent to their phone which they then enter to complete remote authentication. This means that the UIDAI has a record of all of the places where a person authenticates their identity, and this information is kept in Aadhaar’s logs for six months.

It is very difcult to imagine a proposal by private sector companies or government leaders in the United States that would require individuals to “log

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 141 in” with their SSN.540 U.S. government agencies, both as a matter of policy and law, are reducing or ending their reliance on the SSN as the canonical identifer of people. There is no way an SSN can be used for authentication against a factor of authentication (password, OTP, biometric) held by the Social Security Administration.

There is ongoing work in the United States to develop ways for individuals to prove they are a particular person by leveraging government-issued identity documents in digital form.541 An important feature of some of these systems is that they do not rely on a connection to a central government database to prove their veracity.542

Legal and Regulatory Frameworks

UIDAI and its leadership have a culture of operating just beyond or just within a legal and regulatory framework. Two books about the story of the creation of Aadhaar have been written by journalists.543 Both document how the project did not have a legal or regulatory basis for six years between 2009 and 2016 and operated with a startup culture. They describe how the UIDAI leaders pushed to build out Aadhaar despite this legal limbo.

When it was fnally made legal with the Aadhaar Act of 2016, the UIDAI was also left as its own regulator with enormous freedom to expand aspects of the system and build new “features” without any need to consult the public. UIDAI did not do privacy impact or security assessments that would bring transparency to how the system would work or change in the future and what the implications would be. In my interviews with UIDAI leaders, they described the next new features that were going to be appearing within the India Stack framework while at the same time saying that the UIDAI had no responsibility for how people were asked for their identity information or how that information was used by those requesting it.

Unlike UIDAI, when the U.S. government changes any technology at the core of its operations, it moves with a deliberate and careful approach bound by the legal and regulatory framework of the government, particularly when working with the sensitive personal information of its residents. For decades, there have been extensive on-the-record hearings by various legislative committees and presidential commissions addressing government systems for registering citizens and collecting and using data about them. Hearings of this type are, by default, not public in the Indian parliamentary system.

Another contrast between the two systems is a key mechanism for public accountability. Challenges to U.S. government procedures happen in the courts, where proceedings produce court transcripts. The 38 days of hearings about Aadhaar before the Indian Supreme Court produced no transcripts: the best we

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 142 have are some summaries544 and aggregations of live tweeting545 done by observers in the courtroom.

In contrast to the U.S. Social Security Administration, the UIDAI is its own regulator. This is in part because, in India, most legislation is written in a way that delegates signifcant regulatory power to the government while the law concentrates on legal and policy issues. In the case of the Aadhaar Act, substantial regulatory power was given not to the government but to UIDAI itself, 546 meaning it is not actually accountable to any other organization. And the UIDAI is exempted from Right to Information [RTI] requests and it sets the grievance mechanisms for itself.547 The UIDAI is responsible for regulating the ecosystem around it. Many have questioned the revolving door that is seemingly connecting the UIDAI and private industry and question whether this limits the ability of UIDAI to regulate its own ecosystem.548

From Enrollment to Mass Databases

Governments register people into systems through enrollment. In the United States, enrollment systems are run entirely by government ofcials who are accountable to government agencies within which corruption is very rare. There is coordination between the local county and state levels that have the authority to register births and the federal Social Security Administration through a system called enumeration at birth (EAB).549

Enrolling people in more than one program or system at once is multi-context enrollment. In the United States, legislation at the federal level, colloquially known as the Motor Voter Act and ofcially as National Voter Registration Act550 of 1993 mandates that states provide the opportunity for people who are signing up or renewing a driver’s license to also have the opportunity to register to vote in elections. Individuals getting a driver’s license must proactively choose to be enrolled in this second and very diferent system. A special process pushes data from the driver's license registration process over to the government agency that manages the state-level voter list.

In India, multi-context enrollment takes place with state-level registrars. States are incentivized to enroll their people because they get to collect more information than the basic four felds (name, birthdate, gender, and address) required by the UIDAI “Know Your Resident” rules. Diferent states have added additional felds, such as marital status, house status551 , occupation, and VoterID number.552 This data was intended to be reserved for the state and is known as “Know Your Resident Plus” [KYR+] data.

Indian residents, when they go through the process of getting their Aadhaar number for the frst time, are enrolled in the UIDAI Central Identity Repository and the State Resident Data Hub.553

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 143 Figure 3: Flow of Data from Enrollment into the CIDR and SRDH by Anand Venkatanarayanan https://medium.com/karana/the-360-degree- database-17a0f91e6a33

UIDAI created the software and required that states use this software if they wanted to get UID information and additional KYR information.554

Several years into enrollment, problems surfaced. Some residents were bypassing State enrollment agents by enrolling through banks and other registrars, and states did not have access to that data.555 In response, the UIDAI made a deal with states to share the UID and demographic data from residents of their states that enrolled with other registrars.556

It is claimed that this activity stopped with the passage of the Aadhaar Act in 2016 and that all the State Resident Data Hubs were destroyed.557 However, there is evidence that these Hubs are still operating.558 Even if the data is no longer sent directly from the UIDAI to SRDH, each of the states has agreements to access the KYC API of the UIDAI CIDR, so when they interact with residents they can pull the data from the UIDAI into their state-level databases (see Figure 5).

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 144 Figure 5: SRDH – State Adoption Strategy Document & State Resident Data Hub (SRDH) Application Framework Adoption Guidelines by UIDAI

The State Resident Data Hubs use the UID as the anchor to integrate all data from diferent state databases together. This happens in two ways. One is a linking process where residents who are recipients of a particular subsidy, beneft, or service go to the agency and assert their ID from a given system and provide their Aadhaar number. They may be asked to authenticate via a thumb print. This process is known as linking, or organic seeding.559

Another process, known as inorganic seeding, combines data from SRDH and UIDs together with existing databases from various subsidies, benefts, or services. This process occurs without the awareness or consent of residents. Authorities might check with residents/benefciaries to see if they made the correct link or to fnd benefciaries who “did not match” any particular Aadhaar number and ask them what their number was. This human resolution requires more efort to complete.

The assumption is that only those with matching UID Aadhaar numbers are “real” benefciaries. Everyone else is a ghost or fake and can be eliminated. Indian naming conventions are very fuid,560 and the same people use diferent names in diferent contexts.561 This strategy to address who is on diferent social services programs is causing disruption to clients who have their benefts cut of because their legitimate claims are not recognized by the system.562

The State Resident Data Hubs have applied a computer science data modeling idea of “single source of truth”563 and sought to impose it on Indian society and

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 145 bureaucracy, deciding that whatever is recorded564 in the UIDAI database is the single source of truth about an individual.

Rather than creating mass databases and integrating all data about citizens across all contexts, the U.S. government is actively taking steps to stop or reduce the use of the SSN, even in unlinked discrete databases.565 Currently, the use of the number at the federal level is mandated for only a few agencies and services, such as the Internal Revenue Service (tax authority), Social Security Administration, passport applications, and for loans by any federal agency. Other agencies that request the number must inform residents that sharing it is voluntary, and they will not be denied services if they do not share the number.

This was not always the case. Beginning with an executive order by President Eisenhower in 1953, there was a phase where using the SSN as a key to interact with various services was encouraged and even mandated.566

In 1961 the Internal Revenue Service required the use of SNNs when fling taxes. Increased digitization of records in the 1960s drove the need for common reference systems across government agencies and within the private sector, and they chose the SSN as a way to do this.

In 1965, there was a proposal to create a National Data Center that would pool statistical information held by the Census Bureau, the Internal Revenue Service, the Bureau of Labor Statistics, the Social Security Administration, the Federal Reserve Board as well as a dozen other federal agencies.567 The public reaction to merging all of these bureaucratic records caught proponents of guard because they thought that the composite data were necessary for a well-ordered society, and the benefts were self-evident.568 But the reaction by the public was hostile and sustained when the proposal was foated in 1967, and again in 1970 when it was fnally rejected. There was widespread press coverage that looked at the implications for the present and future by creating such databases (see Figure 8).

Today, India has the type of database the American public rejected in the 1960s and 1970s. The process was started by the UIDAI and their approved consultants (among them Accenture, Ernst and Young, KPMG, PwC, Wipro, and Deloitte) with the software they developed and supported.570 This is particularly true in

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 147 Andhra Pradesh and Telangana, which have recently become separate states. They did intense surveys of their residents, linking all the data collected to a citizen’s Aadhaar number.571 Andhra Pradesh used The People Hub (see Figure 9) to combine 29 diferent department databases.572

Figure 9: Screenshot of Andhra Pradesh online state survey http:// prajasadhikarasurvey.ap.gov.in/PSS2017/index.html [this link is not live]. It is from this

How did the United States move from public outcry against a National Data Center to developing actual laws and regulation that helped citizens accept the same data being collected by discrete agencies to guard against information sharing between agencies? While India adopted the use of Aadhaar across several agencies to deliver services, the U.S. was slower to move in that direction with the SSN, but did get there eventually.

In this time period the late 1960s and early 1970s there were multiple hearings, task forces, and committees convened by various agencies of the federal government and committees in United States Congress. These included The Social Security Number Task Force in 1970.573 In 1973, the Secretary of Health Education and Welfare Advisory Committee on Automated Personal Data Systems issued a report entitled, “Records, Computers and the Rights of Citizens.”574 The committee developed a code of fair information practices, inspired by the code of fair labor practices.

Below is the Committee’s original formulation of the Code:

• Safeguards for personal privacy based on our concept of mutuality in record keeping would require adherence by record-keeping organizations to certain fundamental principles of fair information practice.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 148 • There must be no personal data record-keeping systems whose very existence is secret.

• There must be a way for an individual to fnd out what information about him is in a record and how it is used.

• There must be a way for an individual to prevent information about him obtained for one purpose from being used or made available for other purposes without his consent.

• There must be a way for an individual to correct or amend a record of identifable information about himself.

• Any organization creating, maintaining, using, or disseminating records of identifable personal data must assure the reliability of the data for their intended use and must take reasonable precautions to prevent misuse of the data.

These were the starting points of what evolved to be the Fair Information Practices and Principles,575 and later evolved into the Privacy Act of 1974,576 that prohibits data sharing between government agencies. It states:

No governmental agency can "deny to any individual any right, beneft, or privilege provided by law because of such individual's refusal to disclose his social security account number" except refusal to disclose after a request pursuant to requirements of federal statutes or pursuant to pre-existing federal or state statutes or regulations through which a system of records had already (before January 1, 1975) been set up. (5 U.S.C. § 552a) (note, Section 7 Disclosure of Social Security Number)

Over the next several years, the U.S. government began to move in a direction that would result in expanded use of the SSN. In 1976, the Tax Reform Act expanded the use of the SNN outside of Federal Agencies, by authorizing the direct use of the SSN in state and local government programs.577 In 1977, Personal Privacy in an Information Society by the Privacy Protection Study Commission578 was delivered to President Carter. It covered the relationships among government agencies across a broad range of services and had a special chapter on the SSN.579 The Debt Collections Act of 1982 required that the SSN be collected as part of the applications for all federal loans (student, agriculture, small business—each administered by diferent departments)580 as a standard practice.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 149 It is important to keep in mind that mandating the use of the SSN for privacy protection meant that each of these departments could not share data about residents with each other without consent. Many government departments that encompass workforces and programs like the military or Medicare (healthcare for the elderly), that relied heavily on the SSN as “the identifer,”made signifcant changes to their system and stopped using it altogether.581

The Driver’s License Protection Act of 1994 places strict limits on who can access the Department of Motor Vehicles’ data, and under what circumstances.582 The e-Government Act of 2002583 requires agencies that collect data about citizens to complete a Privacy Impact Assessment (PIA) for electronic information systems and to make the results public. The PIA must be conducted before developing or procuring an ID system that will collect, maintain, or disseminate information in an identifable form or about members of the public. They must also conduct this assessment when merging databases, or when business processes change signifcantly by adding new uses or disclosures of information. Here is what the PIAs must analyze and describe:584

Conducting a PIA.

PIAs must analyze and describe:

1. what information is to be collected (e.g., nature and source);

2. why the information is being collected (e.g., to determine eligibility);

3. intended use of the information (e.g., to verify existing data);

4. with whom the information will be shared (e.g., another agency for a specifed programmatic purpose);

5. what opportunities individuals have to decline to provide information (i.e., where providing information is voluntary) or to consent to particular uses of the information (other than required or authorized uses), and how individuals can grant consent;

6. how the information will be secured (e.g., administrative and technological controls7); and

7. whether a system of records is being created under the Privacy Act, 5 U.S.C. 552a.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 150 Major information systems. PIAs conducted for these systems should refect more extensive analyses of:

1. the consequences of collection and fow of information;

2. the alternatives to collection and handling as designed; and

3. the appropriate measures to mitigate risks identifed for each alternative.

Throughout the last two decades, there have been more reports by the federal government about the SSN.585

Today, in the United States the use of the SSN is strictly regulated and culturally limited, while, in India, there is currently no privacy protection bill of any kind that applies to the government or the private sector.586

Commercial Sector Enrollment and Use

In the United States, several federal government statutes mandate the use of the SSN for particular fnancial service transactions, such as opening a bank account, 587 cashing a check over $3,000 USD, being the benefcial owner of businesses, or applying for a home loan. Because the SSN card is literally just a paper card with a name and number on it, agencies also conduct Know Your Customer (KYC) checks with identity documents that have photographs, such as driver’s licenses, passports, military IDs, and permanent resident cards. Laws require the collection of this type of data, but they also mandate the protection of this information.588

India, like the United States, has a KYC requirement driven by international requirements mandated by the Financial Action Task Force (FATF)589 that put these requirements in place after the September 11, 2001 terrorist attacks. The original design of the UIDAI database would permit residents to do authentication of their name and address. This process would start with a resident sharing personal information with a bank. The bank would then send it to the UIDAI which would send back an afrmative or negative answer to whether it matched. While this design is commonly used to preserve individual privacy, it also limits the amount of information that leaves the database.

Indian addresses are much more complex than U.S. addresses: each building has a name or number, within a block, within a district, and then a city.590 In addition to this complexity, India has 22 ofcial languages. Its administration uses English, which most residents do not read or speak. Language barriers make it difcult to get an accurate answer from the UIDAI database. Lastly, regulated banks require a copy of an identity document, and many people do not have an appropriate one.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 151 In 2014, the UIDAI made a signifcant design change and created a process known as eKYC,591 where banks and telecommunications companies could ask people for their Aadhaar number on enrollment, do a biometric authentication with a fngerprint on a device, and the UIDAI would send the business a digital document with their name, birth date, Aadhaar number, and physical address. They could then use this address to populate their database and keep the digital copy on fle.

In the United States, there are very few services ofered by any government that allows private companies to connect with a government database and extract private citizen data.592 The Social Security Administration has set up a system known as Consent Based SSN Verifcation (CBSV). Various private companies have been granted a special license for $5,000 USD to connect to the government agency to do this type of check (CBSV).

Businesses use one of these agencies to check against the database with the consent of the person whose information is being checked. They share the name, SSN, and date of birth. These are sent to the government, checked against the SSN Master File, and a Yes/No indicator is sent back to the business.

Since it is uncommon in everyday life to have one’s SSN information checked by businesses, banks doing large numbers of transactions with people require a diferent license to participate in this system.

In contrast, in India residents are regularly asked to show their Aadhaar “card” and this document is regularly photocopied. As a result of this process, a new convention has arisen where individuals take a photocopy of their card and write the purpose for which it was made across the image. This, users hope, is a way to prevent the photo copy from being used by someone else to open an account or to obtain a service in their name.593

Employment Enrollment and Use

When people seek employment in the United States, they are required to share their SSN with their employer. Employers are required by law to verify that the people they are hiring have valid SSNs. The CBSV is used for employee SSN verifcations.

Individuals can also self-check via the e-Verify system set up by the Department of Homeland Security on an online portal. Individuals can enter their SSN with their current citizenship status and receive a report about their current eligibility to work.

Employers can enroll to use the e-Verify system too. They log into the system every time they want to check a potential employee’s status by using information

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 152 listed in the I-9 form (legal name, SSN, date of birth, and current citizenship status). The employer will then receive a report about the applicant’s current eligibility to work.

Employers who want to check if an SSN is valid for the purposes of tax withholding can register with the Social Security Number Verifcation System (SSNVS) to do so. Employers enter the names and SSN of employees that they want to check. The system reports back if they match a person in the system. Employers do this is to ensure that the taxes they are withholding from their employees actually lines up with records at the Social Security Administration.

At the end of every quarter, employers send the government income taxes that they withhold from their employees along with the name and SSN. The government uses the SSN as an index to tax records and social beneft schemes into which they pay social security and Medicare.

While these systems can potentially be used to extract information for other purposes, this is explicitly prohibited.594

In India, the Employees Provident Fund Organization requires Aadhaar (EPFO) 595 to open an account, and participation in PF is mandatory, so employees do not have a choice as to whether or not they want to share their Aadhaar number with their employer who will then pass it along to the EPFO.

In India, several employers, particularly the government, connect to the Aadhaar Enabled Biometric Attendance System.596 This means that every day, when an employee arrives to work, they are required to enter their Aadhaar number but it is authenticated with a fngerprint. The biometric template is sent to the CIDR and the authentication event is logged. This means the government not only has a record of what an employee earned and tax deductions they submitted quarterly, it also knows when the employee was at work in any given day.

Figure 11: Authentication Process of Matrix that Integrates with the AEBAS server. https://www.matrixaccesscontrol.com/aadhaar-enabled-biometric- attendance-solution.html.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 153 Conclusion

The framing of how a national identity number can and must be used, along with the regulation of its use, often determines how companies, other governments, and citizens all use national identity numbers. It is vital that a global dialogue continues about the specifcs of how the identity systems work in the two largest democracies.

While in India I learned there were a lot of assumptions made about how the U.S. system works that are actually incorrect. I hope that this paper provides a starting point to understand the key diferences between the U.S. and Indian systems and made clear to readers from both countries about how the systems work.

In the United States, there is signifcant regulation around the use of SSNs, and extensive privacy protection rules about any personally identifable information. 597 There is public dialogue, which has been ongoing since the creation of the SSN, about how much information is appropriate for the U.S. government to have on residents in order to provide them with services.

The Aadhar system is more exclusively digital because it was created in the last 10 years. There are no privacy or data protection laws in place in India. The creators of the Aadhaar system chose to expand the features of the system without public input and feedback, and because they are their own regulator.

In my research, I have not found any comprehensive government-led privacy impact assessments or evaluations about the use of Aadhaar in any context. Aadhaar proponents see it as having the potential to “solve” a vast range of problems. Yet, there tends to be insufcient consideration of the ways in which the proposed solutions that use Aadhaar might create risks for those individuals and institutions it intends to serve

Identity systems are powerful tools that have the potential for good, but also for great harm. Those highlighting legitimate concerns in democracies should not be fearful that their criticism will be criminalized. Public engagement and robust public dialogue about identity systems in all countries should continue and be supported.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 154 Notes 10 Richard E. Howitt, Richard E. and Kristiana Hansen, "The Evolving Western Water Markets," Choi 1 The Global Risks Report 2018 13th Edition, ces 20, no. 316-2016-6565 (2005): 59. [Geneva: World Economic Forum,2018] http:// www3.weforum.org/docs/WEF_GRR18_Report.pdf. 11 Guy Le MoigneShawki Barghouti, Gershon Feder, Lisa Garbus, and Mei Xie, "Country experiences with 2 The United Nations World Water Development water resources management," World Bank Technical Report 2018: Nature-Based Solutions for Water, Paper 175 (1992). [Paris: WWAP (United Nations World Water Assessment Programme) /UN-Water, 2018, UNESCO] 12 Ereney Hadjigeorgalis, "A Place for Water http://www.unwater.org/publications/world-water- Markets: Performance and Challenges," Review of development-report-2018/. Agricultural Economics 31, no. 1 (2009): 50-67.

3 Martina Flörke, Christof Schneider, and Robert I. 13 George A. Akerlof, "The Market for ‘Lemons:’ McDonald, "Water competition between cities and Quality Uncertainty and the Market Mechanism," Un agriculture driven by climate change and urban certainty in Economics (Academic Press, 1978): growth," Nature Sustainability 1, no. 1 (2018): 51. 235-251.

4 Robert I. McDonald, Pamela Green, Deborah Balk, 14 C. Wilson, Adverse Selection, In: Palgrave Balazs M. Fekete, Carmen Revenga, Megan Todd, Macmillan (eds) [London: The New Palgrave and Mark Montgomery, "Urban growth, climate Dictionary of Economics, Palgrave Macmillan, 2008] change, and freshwater availability," Proceedings of the National Academy of Sciences 108, no. 15 (2011): 15 Y. Kotowitz, Moral Hazard, In: Palgrave 6312-6317. Macmillan (eds) [London: The New Palgrave Dictionary of Economics. Palgrave Macmillan, 2008] 5 Peter H. Gleick, "Global freshwater resources: soft-path solutions for the 21st century," Science 302, 16 J.O. Ledyard, Market Failure, In: Palgrave no. 5650 (2003): 1524-1528. Macmillan (eds)[London: The New Palgrave Dictionary of Economics. Palgrave Macmillan, 2008] 6 Ibid. 17 David S. Brookshire, Bonnie Colby, Mary Ewers, 7 Negative externalities are costs that impact a and Philip T. Ganderton, "Market Prices for Water in party that does not have a role in its creation. For the Semiarid West of the United States," Water instance, vehicular pollution generated by a specific Resources Research 40, no. 9 (2004). individual affecting people nearby. Negative externalities cause market failures. 18 John Freebairn and John Quiggin, "Water rights for variable supplies," Australian Journal of 8 Collection action problem occurs when individuals Agricultural and Resource Economics 50, no. 3 pursuing a common goal do not cooperate due to (2006): 295-312. competing interests. 19 A. Dinar, M. Rosegrant, R. Meinzen-Dick, "Water 9 Free rider issues occur when individuals who do allocation mechanisms: Principles and examples," not pay for a good or service reap its benefit. Too The World Bank Policy Research Working Paper 1779 many free riders results in over-exploitation or under- (June 1997). production of the good or service.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 155 20 Jill E. Hobbs, "Information asymmetry and the 30 "OECD Blockchain Policy Forum – Distributed role of traceability systems," Agribusiness: An Ledgers: Opportunities and Challenges," Releasing International Journal 20, no. 4 (2004): 397-415. the Floodgates: Blockchain for Water Management, Sept. 2018. 21 Max H. Bazerman and James J. Gillespie, "Betting on the future: The virtues of contingent contracts," H 31 "About Water Ledger," How Water Ledger Works, arvard Business Review 77 (1999): 155-162. https://waterledger.com/about-us.

22 Stefaan G. Verhulst, "Information Asymmetries, 32 Ibid. Blockchain Technologies, and Social Change," Mediu m, July 24, 2018, https://medium.com/@sverhulst/ 33 "OECD Blockchain Policy Forum – Distributed information-asymmetries-blockchain-technologies- Ledgers: Opportunities and Challenges," Releasing and-social-change-148459b5ab1a. the Floodgates: Blockchain for Water Management. September 2018. 23 Sloane Brakeville, and Bhargav Perepa, "Blockchain Basics: Introduction to Distributed 34 Ibid. Ledgers," IBM Developer, March 18, 2018, accessed April 14, 2019, https://developer.ibm.com/tutorials/cl- 35 The term “smart” in this context indicates the use blockchain-basics-intro-bluemix-trs/. of internet of things, big data, predictive analytics integrated over blockchain network as underlying 24 Nigel Gopie, "What Are Smart Contracts on technologies to facilitate the operations of a water Blockchain?" Blockchain Pulse: IBM Blockchain Blog, market. July 02, 2018, https://www.ibm.com/blogs/ blockchain/2018/07/what-are-smart-contracts-on- 36 Jayachandran Praveen, “The Difference between blockchain/. Public and Private Blockchain," Blockchain Pulse: IBM Blockchain Blog, Aug. 06, 2018, https:// 25 "Civic Use Cases," Helping Governments to Be www.ibm.com/blogs/blockchain/2017/05/the- More Accessible, Efficient and Effective. https:// difference-between-public-and-private-blockchain/. www.civicledger.com/?page_id=95. 37 J.R. DeShazo, Gregory Pierce, and Henry 26 "Civic Ledger Pty Ltd.," Australian Water McCann, “Los Angeles County Community Water Partnership. https://waterpartnership.org.au/ Systems Atlas and Policy Guide: Supply partners/civic-ledger-pty-ltd/. Vulnerabilities, At-Risk Populations, Conservation Opportunities, Pricing Policies, and Customer 27 "OECD Blockchain Policy Forum – Distributed Assistance Programs,” UCLA: Luskin Center for Ledgers: Opportunities and Challenges," Releasing Innovation, (2015), https://innovation.luskin.ucla.edu/ the Floodgates: Blockchain for Water Management, wp-content/uploads/2019/03/ Sept. 2018. LA_County_Community_Water_Systems.pdf; U.S. Census Bureau Quick Facts: Los Angeles County, 28 "Water Markets and Trade," Australian California," Census Bureau Quick Facts, July 1, 2017, Government - Murray-Darling Basin Authority, Sept. https://www.census.gov/quickfacts/ 29, 2015. https://www.mdba.gov.au/managing-water/ losangelescountycalifornia. water-markets-and-trade. 38 S. Pincetl et al., “Water Management in Los 29 "About Water Ledger," How Water Ledger Angeles County: a Research Report,” Los Angeles: Works, https://waterledger.com/about-us. UCLA, Institute of Environment and Sustainability,

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 156 2015, https://www.ioes.ucla.edu/wp-content/ 48 Tom Hancock and Wang Xueqiao, “China’s DJI uploads/UCLA-CCSC_LAWater_-Haynes1.pdf targets agriculture as consumer drone sales slow,” Fi nancial Times, March 25, 2019, https://www.ft.com/ 39 Ibid. content/afa5e042-4c50-11e9-bbc9-6917dce3dc62.

40 Ibid. 49 Richard Levick, “Drone Industry Just Beginning To Take Off,” Forbes, May 15, 2018, https:// 41 J.R. DeShazo and Gregory Pierce, "Quantifying www.forbes.com/sites/richardlevick/2018/05/15/ the Benefits and Designing Governance Structures drone-industry-just-beginning-to-take-off/ for a Water Market in Los Angeles County," [Los #71c6b76672bc. Angeles: UCLA, Luskin Center for Innovation, Oct. 2016] https://innovation.luskin.ucla.edu/wp-content/ 50 Ujjwal Bakshi and Manash Neog, “Much to Drone uploads/2019/03/ About,” Economic Times, April 4, 2019, https:// Quantifying_the_Benefits_and_Designing_Governan economictimes.indiatimes.com/news/defence/ ce_Structures_for_a_Water_Market_in_LA.pdf opinion-much-to-drone-about/articleshow/ 68724827.cms. 42 Bengaluru Water Board, “Blueprint for Future,” https://www.bwssb.gov.in/images/upload/pdfs/ 51 Therese Jones, International Commercial Drone vision_document_2050.pdf. Regulation and Drone Delivery Services (Santa Monica: RAND Corporation, 2017), https:// 43 Bangalore Water Supply and Sewerage Board, www.rand.org/pubs/research_reports/ "About BWSSB," Bangalore Water Supply and RR1718z3.html. Sewerage Board. https://www.bwssb.gov.in/ com_content?page=3&info_for=4. 52 Ananth Padmanabhan, Civilian Drones and India’s Regulatory Response (New Delhi: Carnegie 44 Bengaluru Water Board, “Blueprint for Future," India, 2017), https://carnegieindia.org/2017/03/10/ https://www.bwssb.gov.in/images/upload/pdfs/ civilian-drones-and-india-s-regulatory-response- vision_document_2050.pdf. pub-68218.

45 Malini Ranganathan, "'Mafias' in the waterscape: 53 Somya Lohia, “Drone Regulations 1.0 Can Fetch Urban informality and everyday public authority in India Major Slice of $100 Billion Industry,” Money Bangalore," Water Alternatives 7, no. 1 (2014). Control, January 9, 2019, https:// www.moneycontrol.com/news/india/drone- 46 George A. Akerlof, "The Market for ‘Lemons:’ regulations-1-0-can-fetch-india-major-slice-of-100- Quality Uncertainty and the Market Mechanism," Un billion-industry-3358411.html. certainty in Economics (Academic Press, 1978): 235-251. 54 Civil Aviation Requirements Series X Part I Issue I: Requirements for Operation of Civil Remotely Piloted 47 Bart Elias, Unmanned Aircraft Operations in Aircraft System (RPAS), F. No. 05-13/2014-AED Vol. IV Domestic Airspace: U.S. Policy Perspectives and the (New Delhi: Directorate General of Civil Aviation, Regulatory Landscape (Washington, D.C.: 2018), http://dgca.nic.in/cars/d3x-x1.pdf. Congressional Research Service, 2016), https:// digital.library.unt.edu/ark:/67531/metadc824644/ 55 Ibid., Reg. 14.2. m2/1/high_res_d/R44352_2016Jan27.pdf. 56 Ibid., Reg. 12.14 & 12.2.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 157 57 Ibid., Reg. 11.2 & 17.1. 69 White Paper of the Committee of Experts on a Data Protection Framework for India (New Delhi: 58 Ibid, Reg. 12.21. Ministry of Electronics and Information Technology, 2017), https://meity.gov.in/writereaddata/files/ 59 DGCA RPAS Guidance Manual (New Delhi: white_paper_on_data_protection_in_india_18122017_ Directorate General of Civil Aviation, 2018), http:// final_v2.1.pdf dgca.nic.in/rpas/ DGCA%20RPAS%20Guidance%20Manual.pdf. 70 Petition to the Federal Aviation Administration: Drones and Privacy (Washington, D.C.: Electronic 60 Procedures for Operation of Civil Remotely Privacy Information Center, 2012), https://epic.org/ Piloted Aircraft Systems (RPAS) in Indian Airspace, privacy/drones/FAA-553e-Petition-v-1.1.pdf. AIP Supplement 164/2018 AAI/ATM/AIS/09-09/2018 (New 71 Margot Kaminski, “Drone Federalism: Civilian Delhi: Airports Authority of India, 2018), https://aim- Drones and the Things They Carry,” California Law india.aai.aero/sites/default/files/aip_supplements/ Review 4 (2013): 57–74. AIPS_2018_164.pdf. 72 Notice of Proposed Rulemaking: Operation of 61 Tender Document: Development, Hosting and Small Unmanned Aircraft Systems Over People FAA– Maintenance of Digital Sky Platform for Ministry of 2018–1087 (Washington, D.C.: Federal Aviation Civil Aviation IT-11042/1/2018-DIRECTORATE OF IT Administration, 2019), https://www.govinfo.gov/ (New Delhi: Airports Authority of India, 2018), content/pkg/FR-2019-02-13/pdf/2019-00732.pdf. https://www.aai.aero/system/files_force/tender/ Tender_DigiSky.pdf?download=1. 73 Ananth Padmanabhan, Civilian Drones and India’s Regulatory Response (New Delhi: Carnegie India, 62 DGCA RPAS Guidance Manual (New Delhi: 2017), https://carnegieindia.org/2017/03/10/civilian- Directorate General of Civil Aviation, 2018), http:// drones-and-india-s-regulatory-response-pub-68218. dgca.nic.in/rpas/ DGCA%20RPAS%20Guidance%20Manual.pdf. 74 Arthur Holland Michel, Drones at Home: Local and State Drone Laws (New York: Center for the 63 Ibid. Study of the Drone, Bard College, 2017), https:// dronecenter.bard.edu/files/2017/03/CSD-Local-and- 64 Ibid. State-Drone-Laws-1.pdf.

65 Drone Ecosystem Policy Roadmap (New Delhi: 75 Amanda Essex, Taking Off: State Unmanned Ministry of Civil Aviation, 2019), https:// Aircraft Systems Policies (Denver, CO: National www.globalaviationsummit.in/documents/DRONE- Conference of State Legislatures, 2016), http:// ECOSYSTEM-POLICY-ROADMAP.pdf. www.ncsl.org/Portals/1/Documents/transportation/ TAKING_OFF- 66 Ibid, 7. STATE_%20UNMANNED_%20AIRCRAFT_SYSTEMS _%20POLICIES_%20%28004%29.pdf. 67 Ibid, 14.

76 An Act Relating To Unmanned Aircraft Systems – 68 The Personal Data Protection Bill, 2018 (New Establishing Statewide Standards, Protecting Privacy, Delhi: Ministry of Electronics and Information And Ensuring Public Safety (Virginia: American Technology, 2018), https://meity.gov.in/ Legislative Exchange Council, 2017), https:// writereaddata/files/ www.alec.org/model-policy/an-act-relating-to- Personal_Data_Protection_Bill%2C2018_0.pdf.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 158 unmanned-aircraft-systems-establishing-statewide- Pennsylvania Law Review 154 (2006): 477, 506 ; Ibid., standards-protecting-privacy-and-ensuring-public- 507–08. safety/. 85 Jordi Soria-Comas and Josep Domingo-Ferrer, 77 Gautam Bhatia, “State Surveillance and the Right “Big Data Privacy: Challenges to Privacy Principles to Privacy in India: A Constitutional Biography,” Natio and Models.” Data Science and Engineering 1 (2016): nal Law School of India Review 26 (2014): 127–158. 21, 22. ; Justice KS Puttaswamy v. Union of India, (2017) 10 SCC 1. 78 (2019) 1 SCC 1. 86 Guide to Basic Data Anonymisation Techniques 79 Ibid, 359. (Singapore: Personal Data Protection Commission of Singapore, 2018), www.pdpc.gov.sg/-/media/Files/ 80 (2015) 5 SCC 1. PDPC/PDF-Files/Other-Guides/Guide-to- Anonymisation_v1-(250118).pdf. 81 Ibid, 167. 87 For a particularly stark situation, where the de- 82 Colin Snow, “Drones Pose a Unique Big Data identification was considered near foolproof and yet Challenge For Business Users,” Forbes, February 6, re-identified, see Jean Louis Raisaro et al., 2019 https://www.forbes.com/sites/colinsnow/ “Addressing Beacon Re-Identification Attacks: 2019/02/06/what-every-cio-needs-to-know-about- Quantification and Mitigation of Privacy Risks,” Journ commercial-drone-data/#5d7fb90389ba ; Michelle al of the American Medical Informatics Association 24 Chan, “What Businesses Need to Know About Drone (2017): 799, 800. Data,” Techwire Asia, February 13, 2019, https:// techwireasia.com/2019/02/what-businesses-need-to- 88 Solon Barocas and Helen Nissenbaum, “Big know-about-drone-data/ Data’s End Run around Anonymity and Consent,” in P rivacy, Big Data, and the Public Good, eds. Julia Lane 83 Information Technology (Reasonable Security et al. (New York, NY: Cambridge University Press, Practices and Procedures and Sensitive Personal Data 2014), 44–45. or Information) Rules ((New Delhi: Ministry of Electronics and Information Technology, 2011), 89 Ira S Rubinstein, “Big Data: The End of Privacy or https://meity.gov.in/writereaddata/files/ a New Beginning,” International Data Privacy Law 3 GSR313E_10511%281%29_0.pdf ; Ibid. ; Rachel Finn (2013): 74, 77–78; Davide Castelvecchi, “Can We and Anna Donovan, “Big Data, Drone Data: Privacy Open the Black Box of AI?” Nature 538, no. 7623 and Ethical Impacts of the Intersection Between Big (2016): 20. Data and Civil Drone Deployments,” in The Future of Drone Use: Opportunities and Threats from Ethical 90 Mireille Hildebrandt, “Defining Profiling: A New and Legal Perspectives, ed. Bart Custers (The Hague: Type of Knowledge?” in Profiling the European TMC Asser Press, 2016), 47-67. Citizen: Cross-Disciplinary Perspectives, eds. Mireille Hildebrandt and Serge Gutwirth (eBook: Springer, 84 As Solove remarks about the “Information Age:” 2008), 17, 20. “The data gathered about people is significantly more extensive, the process of combining it is much 91 Nathaniel A Raymond, “Beyond ‘Do No Harm’ and easier, and the computer technologies to analyze it Individual Consent: Reckoning with the Emerging are more sophisticated and powerful.” See Daniel Ethical Challenges of Civil Society’s Use of Data,” in Solove, “A Taxonomy of Privacy,” University of Group Privacy: New Challenges of Data Technologies,

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 159 eds. Linnet Taylor, Luciano Floridi and Bart van der Amendment”, The Yale Law Journal, volume 126, Sloot (eBook: Springer, 2017): 67, 75. https://www.yalelawjournal.org/forum/apple-and- the-american-revolution-remembering-why-we-have- 92 A Free and Fair Digital Economy: Protecting the-fourth-amendment-1 Privacy, Empowering Indians (New Delhi: Ministry of Electronics and Information Technology, 2018), 102 “ Breaking Down Apple’s iPhone Fight With the https://meity.gov.in/writereaddata/files/ U.S. Government”, The New York Times, March 21, Data_Protection_Committee_Report.pdf. 2016, https://www.nytimes.com/interactive/ 2016/03/03/technology/apple-iphone-fbi-fight- 93 Ibid, 45–46. explained.html?module=inline

94 Ananth Padmanabhan and Anirudh Rastogi, “Big 103 Nick Statt, “Apple’s iCloud partner in China will Data,” in Regulation in India: Design, Capacity, store user data on servers of state-run telecom”, The Performance, eds. Devesh Kapur and Madhav Khosla Verge, July 18, 2018, https://www.theverge.com/ (London: Hart Publishing, 2019): 251, 262. 2018/7/18/17587304/apple-icloud-china-user-data- state-run-telecom-privacy-security 95 Aleecia M. McDonald and Lorrie Faith Cranor, “The Cost of Reading Privacy Policies,” I/S Journal of 104 “Chen Guangcheng, Apple Can’t Resist Playing Law and Policy, 4 (2008): 543, 565. by China’s Rules”, The New York Times, January 23, 2018, https://www.nytimes.com/2018/01/23/opinion/ 96 Arthur Allen Leff, “Contract as Thing,” American apple-china-data.html University Law Review 19 (1970): 131. 105 Alan Z. Rozenshtein, “Surveillance 97 Nikhil Narendran, “Policy Framework for Intermediaries”, Stanford Law Review, volume 70, Protection of Big Data in State Possession,” in Blockc January 2018, https://review.law.stanford.edu/wp- hain for Property: A Roll Out Road Map for India, eds. content/uploads/sites/3/2018/01/70-Stan.-L.- Baladevan Rangaraju and Vishnu Chandra (New Rev.-99.pdf Delhi: India Institute, 2017): 34, 40. 106 Ibid., “Digital Switzerlands”, University of 98 Rahul Matthan, Privacy 3.0: Unlocking Our Data- Pennsylvania Law Review, Volume 164 (forthcoming), Driven Future (Noida: Harper Collins, 2018): 167–171. Developments in the Law — More Data, More Problems, Harvard Law Review, volume 131 no.6 : 99 Carmine Cifaldi, “Unmanned Aircraft System 1715-1722, https://harvardlawreview.org/2018/04/ Privacy and Data Protection,” in Handbook of cooperation-or-resistance-the-role-of-tech- Unmanned Aerial Vehicles, eds. K.P. Valavanis and companies-in-government-surveillance/ G.J. Vachtsevanos (eBook: Springer, 2018): 1–19. 107 “Top 20 Countries with the Highest Number Of 100 Voluntary Best Practices for UAS Privacy, Internet Users”, https://www.internetworldstats.com/ Transparency, and Accountability (Washington, D.C.: top20.htm National Telecommunications and Information Administration, 2016), https://www.ntia.doc.gov/ 108 Bedavyasa Mohanty and Madhulika Srikumar, files/ntia/publications/ “Hitting Refresh: Making India-US Data Sharing uas_privacy_best_practices_6-21-16.pdf. Work,” ORF Special Report 37, https:// www.orfonline.org/research/hitting-refresh-india-us- 101 Clark D. Cunningham, “Apple and the American data-sharing-mlat/ Revolution: Remembering Why We Have the fourth

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 160 109 Ibid. incorporated. The U.S. Department of Justice recently issued clarifications on how the CLOUD Act 110 See Bedavyasa Mohanty and Madhulika will be operationalized available at https:// Srikumar, “Hitting Refresh: Making India-US Data www.justice.gov/opa/press-release/file/1153446/ Sharing Work,” ORF Special Report 37, https:// download?utm_medium=email&utm_a=govdelivery www.orfonline.org/research/hitting-refresh-india-us- data-sharing-mlat/ 118 For more on the privacy protecting requirements under CLOUD Act, both at an institutional level and 111 Krishna Pokharel and Rajesh Roy, “India Says for individual requests, see Madhulika Srikumar, Rumors About Child Snatching on WhatsApp Led to Debrae Kennedy-mayo, Peter Swire and Sreenidhi Mob Killings”, The Wall Street Journal, July 5, 2018, Srinivasan, “India-US Data Sharing For Law https://www.wsj.com/articles/india-admonishes- Enforcement : Blueprint For Reforms,” Observer whatsapp-after-deaths-1530730096 Research Foundation, January, 2019, https:// www.orfonline.org/wp-content/uploads/2019/01/ 112 . Section 91, Code of Criminal Procedure, 1973 MLAT-Book-_v8_web-1.pdf

113 Bedavyasa Mohanty and Madhulika Srikumar, 119 Reserve Bank of India Notifications, “Storage of “Hitting Refresh: Making India-US Data Sharing Payment Systems Data”, Apr. 6, 2018 Work,” ORF Special Report 37, https:// www.orfonline.org/research/hitting-refresh-india-us- 120 Sections 40 and 41, The Personal Data data-sharing-mlat/ Protection Bill, 2018

114 Id. 121 Ibid.

115 “Cross-Border Law Enforcement Demands: 122 Committee of Experts under the Chairmanship Analysis of the U.S. Department of Justice’s of Justice B.N. Srikrishna, “A Free and Fair Digital Proposed Bill”, Center for Democracy and Economy Protecting Privacy, Empowering Indians”, Technology, August 17, 2016, https://cdt.org/files/ 27 July 2018 2016/08/DOJ-Cross-Border-Bill-Insight-FINAL2.pdf 123 Ministry of Electronics and Information 116 Bedavyasa Mohanty and Madhulika Srikumar, Technology, “The Information Technology “Data localization is no solution,” The Hindu, August [Intermediaries Guidelines (Amendment) Rules] 3, 2018, https://www.thehindu.com/opinion/op-ed/ 2018,” https://meity.gov.in/writereaddata/files/ data-localisation-is-not-enough/article24584698.ece Draft_Intermediary_Amendment_24122018.pdf

117 This, however, requires an executive agreement 124 Pranesh Prakash,“Why Data Localisation Might between the United States and the foreign country Lead To Unchecked Surveillance,” Centre for Internet certifying that the state will rely on robust privacy and Society, October 15, 2018, https://cis-india.org/ protections, and respect for due process and the rule internet-governance/blog/bloomberg-quint-pranesh- of law when making requests to companies directly. prakash-october-15-2018-why-data-localisation- Such a framework over time, will not only need to be might-lead-to-unchecked-surveillance ; “US criticises transparent and hold both companies and LEAs India's data localisation norms, draft e-commerce accountable but also be scalable to respond to the policy,” The Economic Times, April 9, 2019, https:// increasing volume and complexity of requests. economictimes.indiatimes.com/news/economy/ Specifically, due process safeguards on user foreign-trade/us-criticises-indias-data-localisation- notification, redressal etc. will need to be

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 161 norms-draft-e-commerce-policy/articleshow/ 132 “India Pushes Back Against Tech ‘Colonization’ 68794927.cms?from=mdr by Internet Giants”,The New York Times, https:// www.nytimes.com/2018/08/31/technology/india- 125 Rishab Bailey and Smriti Parsheera ,“Data technology-american-giants.html localisation in India: Questioning the means and ends,” NIPFP Working Paper Series, no.242, https:// 133 Komal Gupta, “Google Agrees to Comply with www.nipfp.org.in/media/medialibrary/2018/10/ RBI’s Data Localisation Norms,” Livemint , September WP_2018_242.pdf 10, 2018, https://www.livemint.com/Companies/ xEAFZGZ9kOaMz6R4HIgwXK/Google-ready-to- 126 Josh Constine,” Zuckerberg warns of comply-with-RBI-norms-for-payment- authoritarian data localization trend,” Techcrunch, services.htmlSurabhi Aggarwal, “Industry bodies https://techcrunch.com/2019/04/26/facebook-data- write to IT minister Ravi Shankar Prasad against data localization/ bill,” Economic Times, October 4, 2018, // economictimes.indiatimes.com/articleshow/ 127 Rishab Bailey and Smriti Parsheera ,“Data 66062141.cms? localisation in India: Questioning the means and utm_source=contentofinterest&utm_medium=text&u ends,” NIPFP Working Paper Series, no.242, https:// tm_campaign=cppst www.nipfp.org.in/media/medialibrary/2018/10/ WP_2018_242.pdf 134 See U.S. India Strategic Partnership Forum (USISPF) submission to MeitY available at https:// 128 Reserve Bank of India Notifications, “Storage of www.medianama.com/wp-content/uploads/USISPF- Payment Systems Data”, Apr. 6, 2018 Submission-India-Draft-Data-Protection-Bill- Privacy-2018.pdf 129 “RBI data localisation: 80 percent players, including WhatsApp, comply with norms”, Business 135 Aditya Kalra, “U.S. senators urge India to soften Standard, https://www.business-standard.com/ data localisation stance,” Reuters, October 13, 2018, article/technology/rbi-data-localization -80-players- https://uk.reuters.com/article/uk-india-data- including-whatsapp-comply-with- localisation-exclusive/exclusive-u-s-senators-urge- norms-118101500907_1.html india-to-soften-data-localisation-stance- idUKKCN1MN0CY 130 “Facebook takes a tough stand on data storage amidst India’s localisation push”, The Economic 136 Ashish Shukla, “RBI refuses to extend deadline Times, https://cfo.economictimes.indiatimes.com/ for data localisation,” IBTimes, October 14, 2018, news/facebook-takes-a-tough-stand-on-data- https://www.ibtimes.co.in/rbi-refuses-extend- storage-amidst-india-s-localisation-push/68328647 deadline-data-localisation-783058

131 WhatsApp is working to comply with Reserve 137 Bhavin Patel and Hemant Krishna, “Data Bank of India (RBI) regulations on the local storage of Localisation: Here’s why the RBI isn’t listening to the payment-related data, the Economic Times reported. ‘Mirroring’ argument,” CNBC TV18, October 15, 2018, “Only some engineering work is left,” an anonymous https://www.cnbctv18.com/technology/data- senior Facebook executive told ET. https:// localisation-heres-why-the-rbi-isnt-listening-to-the- www.medianama.com/2019/04/223-whatsapp-plans- mirroring-argument-1097451.htm to-comply-with-rbis-data-localization -mandate- report-why-is-it-needed/ 138 Rishab Bailey and Smriti Parsheera ,”Data localisation in India: Questioning the means and ends,”The Leap Blog, February 22, 2019, https://

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 162 blog.theleapjournal.org/2019/02/data-localisation-in- to overhaul the current intermediary liability regime india-questioning.html in India. One of the problematic provisions included the requirement for intermediaries to enable tracing 139 Amazon not mirroring it abroad Whatsapp the originator of messages. See Yesha Tshering Paul“ asked for 5 more months, mastercard and rest asked Fake News: Misguided Policymaking To Counter for one year Misinformation,” Bloomberg Quint, January 14, 2019, https://www.bloombergquint.com/opinion/fake- 140 “Russia fines Facebook $50 for failing to comply news-misguided-policymaking-to-counter- with local data privacy law, ” ZDNet, April 12, 2019, misinformation https://www.zdnet.com/article/russia-fines- facebook-50-for-failing-to-comply-with-local-data- 146 The Srikrishna Committee appointed to draft privacy-law/ ; Mark Scott, “Russia Prepares to Block India’s first comprehensive data protection law LinkedIn After Court Ruling,” The New York Times, introduced the term “fiduciaries” in the Personal Data November 10, 2016, https://www.nytimes.com/ Protection Bill, 2018. See Arghya Sengupta, “Why the 2016/11/11/technology/russia-linkedin-data-court- Srikrishna Committee Rejected Ownership of Data in blocked.html?_r= Favour of Fiduciary Duty,” The Wire, August 2, 2018, https://thewire.in/tech/why-the-srikrishna- 141 Bedavyasa Mohanty and Madhulika Srikumar, committee-rejected-ownership-of-data-in-favour-of- “Hitting Refresh: Making India-US Data Sharing fiduciary-duty Work,” ORF Special Report 37, https:// www.orfonline.org/research/hitting-refresh-india-us- 147 For more on how Indian law enforcement data-sharing-mlat/ agencies make requests for data under Indian law, see Chapter 3 in Srikumar et al., “India-US Data 142 Rishab Bailey and Smriti Parsheera ,“Data Sharing For Law Enforcement : Blueprint For localisation in India: Questioning the means and Reforms,” Observer Research Foundation, January, ends,” NIPFP Working Paper Series, no.242, https:// 2019, https://www.orfonline.org/wp-content/ www.nipfp.org.in/media/medialibrary/2018/10/ uploads/2019/01/MLAT-Book-_v8_web-1.pdf WP_2018_242.pdf 148 See Developments in the Law — More Data, 143 Government authorities increasingly rely on More Problems, Harvard Law Review, volume 131 no. blocking access to internet altogether to contain 6 : 1715-1722, https://harvardlawreview.org/2018/04/ cases of public unrest. See Timothy Mclaughlin cooperation-or-resistance-the-role-of-tech- ,“How Whatsapp Fuels Fake News And Violence In companies-in-government-surveillance/ India, ” The Wired, December 12, 2018, https:// www.wired.com/story/how-whatsapp-fuels-fake- 149 See Developments in the Law — More Data, news-and-violence-in-india/ More Problems, Harvard Law Review, volume 131 no. 6 : 1715-1722, https://harvardlawreview.org/2018/04/ 144 “Fighting fake news: Govt asks Whatsapp to cooperation-or-resistance-the-role-of-tech- take immediate action,” Economic Times, July 3, companies-in-government-surveillance/ 2018, https://economictimes.indiatimes.com/et-now/ daily/fighting-fake-news-govt-asks-whatsapp-to- 150 For instance, Facebook commits to fight back in take-immediate-action/videoshow/64846005.cms? court if requests are overbroad or defective. Chris from=mdr Sonderby, “Sharing Our Latest Transparency Report,” Facebook Newsroom, May 23, 2019, https:// 145 The Indian government introduced the draft newsroom.fb.com/news/2019/05/transparency- amendment to the Information Technology Act, 2008 report-h2-2018/

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 163 151 Alan Z. Rozenshtein, “Surveillance realize their rights. See comments submitted by Intermediaries”, Stanford Law Review, volume 70, Dvara Research to MeitY available at https:// January 2018, https://review.law.stanford.edu/wp- www.dvara.com/blog/wp-content/uploads/2018/10/ content/uploads/sites/3/2018/01/70-Stan.-L.- Response-to-draft-Personal-Data-Protection- Rev.-99.pdf Bill_DvaraResearch.pdf

152 The authors in this paper argue that Silicon 156 Jack M. Balkin, "Information fiduciaries and the Valley have been forced to accept their role as our first amendment." UCDL Rev. 49 ,1183, 2015 “corporate avatars” when they possess “neither the will nor the means to effectively challenge 157 See A Free and Fair Digital Economy Protecting government snooping”. See Chapter 1 in Privacy, Empowering Indians: Committee of Experts Developments in the Law — More Data, More under the Chairmanship of Justice B.N. Srikrishna, Problems, Harvard Law Review, volume 131 no.6 : July 27, 2018, available at https://www.meity.gov.in/ 1715-1722, https://harvardlawreview.org/2018/04/ writereaddata/files/ cooperation-or-resistance-the-role-of-tech- Data_Protection_Committee_Report-comp.pdf companies-in-government-surveillance/ 158 Jack M. Balkin, "Information fiduciaries and the 153 The authors in this paper argue that Silicon first amendment." UCDL Rev. 49 ,1183, 2015 Valley have been forced to accept their role as our “corporate avatars” when they possess “neither the 159 Id. , see Jack M.Balkin, "Fixing Social Media's will nor the means to effectively challenge Grand Bargain." Hoover Working Group on National government snooping”. See Chapter 1 in Security, Technology, and Law, Aegis Series Paper Developments in the Law — More Data, More 1814,2018. Problems, Harvard Law Review, volume 131 no.6 : 160 The author of this piece argues that Balkin’s 1715-1722, https://harvardlawreview.org/2018/04/ fiduciary framework could eliminate the third party cooperation-or-resistance-the-role-of-tech- doctrine in the U.S. altogether binding all companies companies-in-government-surveillance/ to a higher duty of care towards users. See Mike 154 The authors in this paper argue that Silicon Godwin, It’s Time to Reframe Our Relationship With Valley have been forced to accept their role as our Facebook,” Slate, November 16, 2018, https:// “corporate avatars” when they possess “neither the slate.com/technology/2018/11/information- will nor the means to effectively challenge fiduciaries-facebook-google-jack-balkin-data- government snooping”. See Chapter 1 in privacy.html; In India, the Supreme Court through the Developments in the Law — More Data, More 2017 ruling recognising privacy as a fundamental Problems, Harvard Law Review, volume 131 no.6 : right invalidated the application of third party 1715-1722, https://harvardlawreview.org/2018/04/ doctrine. See Gautam Bhatia, “The Supreme Court’s cooperation-or-resistance-the-role-of-tech- Right to Privacy Judgment – IV: Privacy, companies-in-government-surveillance/ Informational Self-Determination, and the Idea of Consent,” Indian Constitutional Law and Philosophy, 155 See 3(13), Personal Data Protection Bill, 2018. August 2017, https://indconlawphil.wordpress.com/ Available at https://www.meity.gov.in/writereaddata/ 2017/08/30/the-supreme-courts-right-to-privacy- files/Personal_Data_Protection_Bill,2018.pdf; judgment-iv-privacy-informational-self- Stakeholders in India however have argued that the determination-and-the-idea-of-consent/ draft bill does not imbibe the philosophy of fiduciaries completely since certain sections in the 161 Vivan Sharan, Sidharth Deb, “Reimagining bill still places the disproportionate onus on users to fiduciaries in the digital economy,” Livemint, August,

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 164 15, 2018, https://www.livemint.com/Opinion/ 167 Prashant Reddy, “View: It's time to tame the KkgNtjljNd6Ikmu0qR8hWJ/Opinion--Reimagining- social media beast,” Economic Times, February 13, fiduciaries-in-the-digital-economy.html 2019,//economictimes.indiatimes.com/articleshow/ 67966170.cms? 162 Ariel Dobkin, "Information Fiduciaries in from=mdr&utm_source=contentofinterest&utm_med Practice: Data Privacy and User Expectations." Berkel ium=text&utm_campaign=cppst ey Tech. LJ 33 2018: 1. 168 Ben Brody, “Tech Giants Back U.S. Bill Governing 163 Dalip Singh, “Law enforcement agencies favour Cross-Border Data Searches,”Bloomberg, February 7, data localisation “, Economic Times, October 8, 2018, 2018, https://www.bloomberg.com/news/articles/ https://economictimes.indiatimes.com/news/ 2018-02-07/tech-companies-welcome-cross-border- economy/policy/law-enforcement-agencies-favour- data-search-legislation data-localization /articleshow/66113360.cms 169 Brad Smith, “A call for principle-based 164 India Pushes Back Against Tech ‘Colonization’ by international agreements to govern law enforcement Internet Giants”,The New York Times, https:// access to data,” Microsoft On the Issues, September www.nytimes.com/2018/08/31/technology/india- 11, 2018, https://blogs.microsoft.com/on-the-issues/ technology-american-giants.html 2018/09/11/a-call-for-principle-based-international- agreements-to-govern-law-enforcement-access-to- 165 Aria Thaker, “Behind RBI’s digital payments data/ panel, a controversial firm’s shadow, conflict of interest allegations”, Scroll, January 10, 2019, https:// 170 Michael Punke, “AWS and the CLOUD Act,” scroll.in/article/908802/behind-rbis-digital- AWS Security Blog, May 27, 2019, https:// payments-panel-a-controversial-firms-shadow- aws.amazon.com/blogs/security/aws-and-the- conflict-of-interest-allegations; The Indian cloud-act ; Chaim Gartenberg, “Apple will launch a government’s motivation to create an environment global web portal for law enforcement requests later favourable to domestic tech firms is most evident in this year,” The Verge, September 6, 2018, available at its recent policy on Foreign Direct Investment in e- https://www.theverge.com/2018/9/6/17827352/ commerce. See “What India e-commerce policy apple-global-web-portal-law-enforcement- entails for online retailers”, Livemint, January 16, requests; Kristen E. Eichensehr, “Digital 2019, https://www.livemint.com/Industry/ Switzerlands”, University of Pennsylvania Law 4e8rKuiaJSGmsNU5BXUSvM/What-India- Review, Volume 164 (forthcoming) ecommerce-policy-entails-for-online-retailers.html 171 “One year later: A cybersecurity commitment 166 a. Aditya Kalra and Aditi Shah, “U.S. firms face shared by more than 100 companies,” Tech Accord, off with Indian rival in lobbying against data storage May 9, 2019, https://cybertechaccord.org/one-year- rules,” Reuters, July 24, 2018, https:// later-a-cybersecurity-commitment-shared-by-more- www.reuters.com/article/us-india-data- than-100-companies/ localisation/u-s-firms-face-off-with-indian-rival- in-lobbying-against-data-storage-rules- 172 Mike Isaac, “Zuckerberg Plans to Integrate idUSKBN1KE17Nb. Vidhi Choudhary and Yashwant WhatsApp, Instagram and Facebook Messenger,” Raj, “Cambridge Analytica row: Facebook data The New York Times, January 25, 2019, https:// breach hit 560K Indian users,”Hindustan Times, April www.nytimes.com/2019/01/25/technology/ 5, 2018, https://www.hindustantimes.com/tech/ facebook-instagram-whatsapp-messenger.html facebook-data-breach-hit-over-5-6-lakh-users-in- india/story-S3bafNwwKTtO5q6U7S4FZM.html

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 165 173 Mike Isaac, “Facebook’s Mark Zuckerberg Says Personal_Data_Protection_Bill,2018.pdf; Justice B.N. He’ll Shift Focus to Users’ Privacy,” The New York Srikrishna, “A Free and Fair Digital Economy: Times, March 6, 2019, https://www.nytimes.com/ Protecting Privacy, Empowering Indians,” 2019/03/06/technology/mark-zuckerberg-facebook- (Committee of Experts under the Chairmanship of privacy.html . Facebook’s official announcement is Justice B.N. Shrikrishna, July 2018), https:// available at https://www.facebook.com/notes/mark- meity.gov.in/writereaddata/files/ zuckerberg/a-privacy-focused-vision-for-social- Data_Protection_Committee_Report.pdf. networking/10156700570096634/ 179 Jack M. Balkin, “Information Fiduciaries and the 174 Law enforcement agencies across the world First Amendment,” U.C. Davis Law Review 49, no. 4 make overbroad demands for location data to find (2016): 1234; Lina Khan and David Pozen, “A Skeptical suspects and witnesses at crime scenes. See Jennifer View of Information Fiduciaries” (SSRN, February 25, Valentino-Devries, “Tracking Phones, Google Is a 2019), https://papers.ssrn.com/abstract=3341661. Dragnet for the Police,” The New York Times, April 13, 2019, https://www.nytimes.com/interactive/ 180 Whilst the European Union’s approach in the 2019/04/13/us/google-location-tracking-police.html; GDPR is limited by is focus on privacy. The also on “reverse location warrants” see Aaron Mak, challenges of governing data-driven decision-making Close Enough, Slate, February 19, 2019, https:// go well beyond concerns about privacy. See Talia slate.com/technology/2019/02/reverse-location- Gillis and Josh Simons, “Explanation < Justification: search-warrants-google-police.html; Matthew Haag, GDPR and the Perils of Privacy,” (SSRN, 2019). “FamilyTreeDNA Admits to Sharing Genetic Data With F.B.I.”, The New York Times, February 4, 2019, 181 To use André Béteille’s phrase, one of India’s https://www.nytimes.com/2019/02/04/business/ most important twentieth-century social theorists. family-tree-dna-fbi.html André Béteille, Anti-Utopia: Essential Writings of André Béteille (New Delhi: Oxford University Press, 175 Josh Costine, “Facebook will pass off content 2005); André Béteille, Ramachandra Guha, and policy appeals to a new independent oversight body,” Jonathan P. Parry, Institutions and Inequalities: Essays Techcrunch, https://techcrunch.com/2018/11/15/ in Honour of Andre Beteille (New Delhi: Oxford facebook-oversight-body/ University Press, 1999).

176 For instance, in the UK, https://nyti.ms/ 182 Purva Khera, Macroeconomic Impacts of Gender 2D5bGf7; France, https://techcrunch.com/ Inequality and Informality in India, IMF Working 2019/04/03/how-frances-new-digital-minister-plans- Paper (Washington, District of Columbia DC: to-regulate-tech/; and Germany, https://iapp.org/ International Monetary Fund, 2016); Carol Vlassoff, G news/a/germanys-first-fine-under-the-gdpr-offers- ender Equality and Inequality in Rural India: Blessed enforcement-insights/ with a Son (New York, NY: Palgrave Macmillan, 2013); Stephen M. Caliendo, Inequality in America: Race, 177 Varun Aggrawal, “Infosys to Set up Data Poverty, and Fulfilling Democracy’s Promise, Marketplace for Enterprises - The Hindu Dilemmas in American Politics (Boulder, CO: BusinessLine,” June 19, 2018, https:// Westview Press, 2014); Xavier N. De Souza Briggs, So www.thehindubusinessline.com/info-tech/infosys-to- cial Capital and Segregation: Race, Connections, and set-up-data-marketplace-for-enterprises/ Inequality in America (Cambridge, MassMA.: John F. article24203427.ece.dsllwakwjgthkjj. Kennedy School of Government, 2002).

178 “The Personal Data Protection Bill” (2018), 183 It is important to note that this is not just about https://meity.gov.in/writereaddata/files/ unrepresentative data. Unrepresentative data

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 166 excludes some groups, perhaps because there are 189 Sam Corbett-Davies and Sharad Goel, “The not enough data points about that group, or the data Measure and Mismeasure of Fairness: A Critical points that exist are less numerous or rich. This is an Review of Fair Machine Learning,” 20180731, http:// important problem, particularly in India, where the arxiv.org/abs/1808.00023. underrepresentation of Untouchables and women in data is systemic. But the problems this paper 190 Jon Kleinberg, Sendhil Mullainathan, and considers would remain even in the most accurate Manish Raghavan, “Inherent Trade-Offs in the Fair and careful data sets, which are still a reflection of Determination of Risk Scores,” Proceedings of the structure of our social world, including the Innovations in Theoretical Computer Science (ITCS), inequalities and injustices that characterize it. A 2017. representative dataset is not devoid of injustice. This leaves open a host of important issues about when 191 I am therefore moving beyond privacy as a the representation of injustice in a dataset actually framework for thinking about the governance of constitutes an injustice, an issue I hope to address in data-driven decision-making. Privacy is one concern future work. Cynthia Dwork and Deirdre Mulligan, we might have about those decision-making “It’s Not Privacy, and It’s Not Fair,” Stanford Law procedures, usually called “data processing” in Review 66 (September 2013): 35–40; Kate Crawford, existing legislation in the EU and India. But it is far “The Hidden Biases in Big Data,” Harvard Business from the only concern. Other aims and values need Review, April 1, 2013, https://hbr.org/2013/04/the- to be brought into play. Privacy should not be the hidden-biases-in-big-data; David Garcia et al., sole lens through which to view governance data and “Analyzing Gender Inequality through Large-Scale machine learning. A29WP, “Guidelines on Automated Facebook Advertising Data,” Proceedings of the Individual Decision-Making and Profiling” (Article 29 National Academy of Sciences of the United States of Data Protection Working Party, 2018), https:// America 115, no. 27 (2018): 6958–63, https://doi.org/ ec.europa.eu/newsroom/article29/item-detail.cfm? 10.1073/pnas.1717781115. item_id=612053.; ICO, “Guide to the General Data Protection Regulation (GDPR)” (U.K.: Information 184 Andrew D. Selbst and Solon Barocas, “The Commissioner’s Office, August 2018), https:// Intuitive Appeal of Explainable Machines,” SSRN ico.org.uk/media/for-organisations/guide-to-the- Electronic Journal, 2018, https://doi.org/10.2139/ssrn. general-data-protection-regulation-gdpr-1-0.pdf; 3126971. Srikrishna, “A Free and Fair Digital Economy: Protecting Privacy, Empowering Indians.” 185 Daniel Kahneman, Thinking, Fast and Slow (New York, NY: Farrar, Straus and Giroux, 2011). 192 Most other important pieces of non- discrimination legislation extend the categories to 186 Virginia Eubanks, Automating Inequality: How which duties of non-discrimination apply. These High-Tech Tools Profile, Police and Punish the Poor include the Equal Pay Act of 1963, which prohibits (New York, NY: St. Martin’s Press, 2018). the payment of different wages to employees of different sexes who perform equal work under similar 187 TOI, “Aadhaar Covers over 89% Population: conditions; the Americans with Disabilities Act (ADA) Alphons,” The Times of India, accessed March 5, of 1990, which prohibits discrimination against 2019, https://timesofindia.indiatimes.com/business/ individuals with a disability and requires the provision india-business/aadhaar-covers-over-89-population- of reasonable accommodation to someone who is alphons/articleshow/63202223.cms. legally disabled; and the Genetic Information Non- Discrimination Act of 2008, which protects 188 Cynthia Dwork et al., “Fairness through Awareness,” ITCS ’12 (ACM, 2012), 214–226.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 167 individuals from genetic discrimination in the parties promote discrimination, there will be healthcare and insurance industries. decreased investments in human capital. Such decreased investments will be a perfectly reasonable 193 For instance, U.S. Executive Orders 10925, response to the real world. And if there are 11246, and 11375 require federal contractors who do decreased investments in human capital, then over $10,000 in Government business in one year to prejudice, statistical discrimination, and third-party “take affirmative action to ensure that applicants are effects will also increase. Statistical discrimination employed, and that employees are treated during will become all the more rational; prejudice will employment, without regard to their race, color, hardly be broken down; consumers and employers religion, sex or national origin.” will be more likely to be discriminators.Ronnie J. Steinberg, Applications of Feminist Legal Theory to 194 David Strauss, “Discriminatory Intent and the Women’s Lives: Sex, Violence, Work and Taming of Brown,” University of Chicago Law Review Reproduction. Women in the Political Economy. 56, no. 3 (1989): 935–935. (Temple University Press, 2012), 560; Sunstein, “The Anticaste Principle,” 2431. 195 Jon Kleinberg et al., “Discrimination in the Age of Algorithms,” 2019, http://arxiv.org/abs/1902.03731; 201 Dwork et al., “Fairness through Awareness,” 215. Solon Barocas and Andrew D. Selbst, “Big Data’s Disparate Impact,” California Law Review 104, no. 3 202 As Hannah Arendt argued when comparing the (June 1, 2016): 671–732. American and French revolutions. Rohit De, A People’s Constitution: The Everyday Life of Law in the 196 There is an important emerging debate about Indian Republic (Princeton, CT: Princeton University precisely this point, including a paper of my own. For Press, 2018), 5; Uday S. Mehta, “The Social Question the key protagonists, see Kleinberg et al., and the Absolutism of Politics,” 2010, http:// “Discrimination in the Age of Algorithms,” 2019; www.india-seminar.com/ Barocas and Selbst, “Big Data’s Disparate Impact”; 2010/615/615_uday_s_mehta.htm; Hannah Arendt, O Lior Strahilevitz, “Privacy versus Antidiscrimination,” n Revolution (New York, NY: Viking Press, 1965). Public Law & Legal Theory Working Paper, no. 174 (2007), https://chicagounbound.uchicago.edu/ 203 Sunil Khilnani, The Idea of India (New Delhi: public_law_and_legal_theory/235; Pamela L. Perry, Penguin, 2004). “Two Faces of Disparate Impact Discrimination,” Ford ham Law Review 59, no. 4 (March 1, 1991): 523–595; 204 Kalpana Kannabirān, Tools of Justice: Non- Cass Sunstein, “The Anticaste Principle,” Michigan Discrimination and the Indian Constitution (New York, Law Review, January 1, 1993, 2410. NY: Routledge, 2012), 7.

197 Barocas and Selbst, “Big Data’s Disparate 205 B. R. Ambedkar is a neglected character in Impact,” 724. India’s political history. His ideas have received little attention compared with more widely known figures 198 Sophia Moreau and Deborah Hellman, Philosoph M. K. Gandhi and Jawaharlal Nehru, in part because ical Foundations of Discrimination Law (Oxford: of the Congress Party’s dominant role in shaping Oxford University Press, 2013), 259. India’s national story, and the contours of democratic politics after independence. See Valerian Rodrigues, 199 Béteille, Anti-Utopia. “Justice as the Lens: Interrogating Rawls through Sen and Ambedkar,” Indian Journal of Human 200 Cass Sunstein makes a similar point. If there is Development 5, no. 1 (2011): 153–174; Jean Drèze and prejudice and statistical discrimination, and if third Amartya Sen, “Democratic Practice and Social

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 168 Inequality in India,” Journal of Asian and African 212 Jon Kleinberg et al., “Discrimination in the Age Studies 37, no. 2 (2002): 6–37; Martha Nussbaum, of Algorithms,” 20190210, http://arxiv.org/abs/ “India: Implementing Sex Equality through Law,” Chic 1902.03731. ago Journal of International Law 2, no. 1 (2001): 35– 58. 213 The Personal Data Protection Bill; Srikrishna, “A Free and Fair Digital Economy: Protecting Privacy, 206 Kannabirān, Tools of Justice, 162. Empowering Indians.”

207 Patterns of domination, which produce these 214 Srikrishna, “A Free and Fair Digital Economy: persistent inequalities in the political and economic Protecting Privacy, Empowering Indians,” 8. spheres, have two effects. First, they undermine the liberty of each individual to benefit from an effective 215 De, A People’s Constitution; Béteille, Guha, and and competent use of their powers. Democracy Parry, Institutions and Inequalities; Khilnani, The Idea entailed political equality. Political equality entailed of India. the absence of domination. Second, patterns of domination undermine the possibility of free 216 This is precisely the challenge that Jack Balkin, association. Drawing on John Dewey, Ambedkar who first coined the data fiduciary concept, warned argued that free association – the capacity of groups about. Balkin, “Information Fiduciaries and the First to form links, to self-govern over time – was essential Amendment,” 1232–1324. to democratic life. Democracy is not merely a form of 217 As André Béteille argues, institutional well-being government. It is primarily a mode of associated is an important consideration. He describes this as living, of conjoin communicated experience. It is equality as a matter of policy, not of right, warning essentially an attitude of respect and reverence against placing too much faith specifically in the towards fellow men. Patterns of domination made state to eliminate every social inequality, every impossible the associations and relationships that difference of caste or class. Béteille, Anti-Utopia, 435. encouraged and embodied this attitude of respect and reverence.B.R. Ambedkar, Annihilation of Caste: 218 Joshua A. Kroll et al., “Accountable Algorithms,” The Annotated Critical Edition, ed. S. Anand (New University of Pennsylvania Law Review 165, no. 3 Delhi: Navayana, 2014), 280, 261. (2017): 633–705; Andrew Tutt, “An FDA for Algorithms,” Admin. L. Rev. 83 (2016); Jeremy 208 Béteille, Guha, and Parry, Institutions and Waldron, “Accountability: Fundamental to Inequalities, 342. Democracy,” SSRN Scholarly Paper (Rochester, NY: 209 V. R. Krishnaiyer, Akhil Bharatiya Soshit Social Science Research Network, April 1, 2014), Karamchari Sangh and Others vs. Union Of India, No. https://papers.ssrn.com/abstract=2410812; Craig T. 185 (Supreme Court of India November 14, 1980). Borowiak, Accountability and Democracy: The Pitfalls and Promise of Popular Control (Oxford University 210 J B. Sudershan Reddy, Indian Medical Press, 2011); Adam Przeworski, Susan Carol Stokes, Association vs. Union Of India & Ors, No. 8170 and Bernard Manin, Democracy, Accountability, and (Supreme Court of India May 12, 2011). Representation (Cambridge: Cambridge University Press, 1999). 211 Deepti Shenoy, “Courting Substantive Equality: Employment Discrimination Law in India,” University 219 “World Metro Figures Statistics Brief,” UITP, of Pennsylvania Journal of International Law 34, no. 3 accessed April 29, 2019, https://www.uitp.org/sites/ (2013): 632. default/files/cck-focus-papers-files/UITP- Statistic%20Brief-Metro-A4-WEB_0.pdf; Global BRT

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 169 Data, “Global BRT Data,” accessed April 29, 2019, 226 Available at: https://kochimetro.org/open-data/ https://brtdata.org/. 227 The GPS installation was paid for by the Urban 220 Autorickshaws are three-wheeled vehicles that Mass Transit Company Limited (UMTC), a joint supply much of the last-mile connectivity to mass venture of several national and state government transit in Indian cities. agencies and the private company Infrastructure Leasing and Financial Services Limited (IL&FS). 221 Candace Brakewood, Gregory Macfarlane, and Kari Watkins, “The Impact of Real-Time Information 228 “Kochi Metro Rail Limited signs pact with auto on Bus Ridership in New York City,” Transportation drivers,” Deccan Chronicle, Jan. 24, 2018, https:// Research Part C: Emerging Technologies, 53 (April www.deccanchronicle.com/nation/in-other-news/ 2015): 59-75.; Eric Jaffe, “The Best Evidence Yet That 240118/kochi-metro-rail-limited-signs-pact-with- Real-Time Arrival Info Increases Transit Ridership,” auto-drivers.html. CityLab, accessed Feb. 20, 2019, https:// www.citylab.com/transportation/2015/03/the-best- 229 In Hindi, “Chalo” means “Let’s Go!” evidence-yet-that-real-time-arrival-info-increases- transit-ridership/387220/. 230 “Demographia World Urban Areas,” Demographia, April 2019, http:// 222 Aaron Antrim and Sean Barbeau, “The Many www.demographia.com/db-worldua.pdf Uses of GTFS Data- Opening the Door to Transit and Multimodal Applications,” ITS America’s 23rd Annual 231 G.P. Hari, Personal Interview, Kochi, Feb. 11, Meeting & Exposition, April 2013, https:// 2019. www.researchgate.net/publication/ 232 “Kochi gets Chalo app for live tracking of buses, 268097444_THE_MANY_USES_OF_GTFS_DATA_OP ferries,” The Hindu, accessed Jan. 28, 2019, https:// ENING_THE_DOOR_TO_TRANSIT_AND_MULTIMO www.thehindu.com/news/cities/Kochi/kochi-gets- DAL_APPLICATIONS; Transit Center, “The Data chalo-app-for-live-tracking-of-buses-ferries/ Transit Riders Want “A Shared Agenda for Public article24596526.ece. Agencies and Transit Application Developers,” accessed Feb. 16, 2019, http://transitcenter.org/wp- 233 Aparna Vijaykumar, Personal Interview, Online, content/uploads/2018/12/ March 5, 2019. The_Data_Transit_Riders_Want.pdf. 234 Arjun G., “Delhi Government launches Open 223 “Open Government Partnership,” Open Transit Data Platform for Buses,” Medium, accessed Government Partnership, accessed Jan. 28, 2019, Jan. 28, 2019, https://medium.com/redact/delhi- https://www.opengovpartnership.org/. government-launches-open-transit-data-platform- for-buses-b1ed9b80e996; Open Data Portal available 224 “WRI India,” WRI India, accessed January 28, at: https://opendata.iiitd.edu.in/ 2019, https://wri-india.org/.

235 Pravesh Biyani, Personal Interview, New Delhi, 225 KMRL signed a Memorandum of Understanding Feb. 14, 2019. (MOU) with WRI in February of 2017, which included several initiatives to support urban transport and 236 Ibid. urban development, including public transport, transit oriented policy, electric mobility, and urban 237 Ibid. planning in Kochi.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 170 238 “PoochhO,” Delhi Integrated Multi-modal to-suffer-as-bmtc-squats-on-real-time-data/ Transit System, accessed Feb. 15, 2019, https:// articleshow/67087829.cms. play.google.com/store/apps/developer? id=DIMTS+Ltd. 246 O.P. Agarwal, Personal Interview, New Delhi, March 1, 2019. 239 Samir Sharma, Personal Interview, New Delhi, Feb. 15, 2019. 247 Naveen Menezes, “Two years on, commuters continue to suffer as BMTC squats on real-time 240 Ibid. data,” Economic Times, accessed Feb. 16, 2019, https://economictimes.indiatimes.com/industry/ 241 Pravesh Biyani, Personal Interview, New Delhi, transportation/two-years-on-commuters-continue- Feb. 14, 2019. to-suffer-as-bmtc-squats-on-real-time-data/ articleshow/67087829.cms. 242 Nikhil V.J., “Re: [datameet] – Open Transit Data – Delhi,” Email, 2019. 248 Harsha Krishna, Personal Interview, Bangalore, March 4, 2019. 243 “BMTC to open up transit data enabling entrepreneurs build mobility solutions.” Economic 249 O.P. Agarwal, Personal Interview, New Delhi, Times. https://tech.economictimes.indiatimes.com/ March 1, 2019. news/internet/bmtc-to-open-up-transit-data- enabling-entrepreneurs-build-mobility-solutions/ 250 Tejas Pande, Personal Interview, New Delhi, 59064430; “BMTC’s data-sharing plan on back Feb. 9, 2019;Vinay Sreenivasa, Personal Interview. burner,” The Hindu, accessed Feb. 4, 2019, https:// Online, March 7, 2019; Harsha Krishna, Personal www.thehindu.com/todays-paper/tp-national/tp- Interview, Bangalore, March 4, 2019. karnataka/bmtcs-data-sharing-plan-on-back-burner/ article19874128.ece; Naveen Menezes, “Two years 251 Harsha Krishna, Personal Interview, Bangalore, on, commuters continue to suffer as BMTC squats on March 4, 2019. real-time data,” Economic Times, accessed Feb. 16, 2019, https://economictimes.indiatimes.com/ 252 Ibid. industry/transportation/two-years-on-commuters- 253 “BMTC,” Bangalore Municipal Transport continue-to-suffer-as-bmtc-squats-on-real-time- Corporation, accessed Feb. 20, 2019, https:// data/articleshow/67087829.cms. play.google.com/store/apps/details? 244 ET Bureau, “BMTC to open up transit data id=com.bmtc.mybmtc&hl=en_US. enabling entrepreneurs build mobility solutions,” Eco 254 Ibid; Tanushree Dev Barma, Personal Interview, nomic Times. https:// Bangalore, March 5, 2019. tech.economictimes.indiatimes.com/news/internet/ bmtc-to-open-up-transit-data-enabling- 255 S. Rajagopalan, Personal Interview, Bangalore, entrepreneurs-build-mobility-solutions/59064430. March 5, 2019.

245 Naveen Menezes, “Two years on, commuters 256 BMTC Data Sharing Policy Draft (July, 2018), continue to suffer as BMTC squats on real-time Bangalore: Bangalore Municipal Transit Corporation, data,” Economic Times, accessed Feb. 16, 2019, 2018. https://economictimes.indiatimes.com/industry/ transportation/two-years-on-commuters-continue- 257 S. Rajagopalan, Personal Interview, Bangalore, March 5, 2019.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 171 258 Ibid. 268 Anant Maringanti, Personal Interview, Hyderabad, March 6, 2019.; Harsha Devulapalli and 259 BMTC Data Sharing Policy Draft (July, 2018). Girish Agrawal, “Mapping bus transit services in Bangalore: Bangalore Municipal Transit Corporation, Hyderabad – an illustrative example of the use of 2018. open geospatial data,” Transportation Research Procedia. 25 (201): 4196-4206. 260 Srinivas Kodali, “BMTC Intelligent Transportation System (ITS) and Need for Open 269 Surya Kandukuri, Personal Interview, Transport Data,” Data Meet, accessed Jan. 28, 2019, Hyderabad, March 6, 2019. http://datameet.org/2016/08/05/bmtc-intelligent- transportation-system-its-open-transport-data/ . 270 Vishal Ramprasad, Personal Interview, Mumbai, Feb. 12, 2019. 261 Naveen Menezes, “Two years on, commuters continue to suffer as BMTC squats on real-time 271 Srya Kandukuri, “Notes from our conversation,” data,” Economic Times, accessed Feb. 16, 2019, Email, 2019.; Surya Kandukuri, Personal Interview, https://economictimes.indiatimes.com/industry/ Hyderabad, March 6, 2019. transportation/two-years-on-commuters-continue- to-suffer-as-bmtc-squats-on-real-time-data/ 272 Ibid. articleshow/67087829.cms 273 Aaron Antrim and Sean Barbeau, “The Many 262 Vinay Sreenivasa, Personal Interview, Online, Uses of GTFS Data- Opening the Door to Transit and March 7, 2019. Multimodal Applications,” ITS America’s 23rd Annual Meeting and Exposition, April 2013, https:// 263 Yunus Y. Lasania, “Telangana’s ‘open data’ policy www.researchgate.net/publication/ to help start-ups address public issues,” LiveMint, 268097444_THE_MANY_USES_OF_GTFS_DATA_OP accessed March 15, 2019, https://www.livemint.com/ ENING_THE_DOOR_TO_TRANSIT_AND_MULTIMO Companies/iZKdgU1KkQh4azdSKCZ31O/ DAL_APPLICATIONS Telanganas-open-data-policy-to-help-startups- address-pub.html 274 Harsha Devulapalli and Girish Agrawal, “Mapping bus transit services in Hyderabad – an 264 Telangana Open Data Policy 2016, Hyderabad, illustrative example of the use of open geospatial Telangana: Government of Telangana, accessed data,” Transportation Research Procedia, 25 (201): March 15, 2019, https://data.gov.in/sites/default/files/ 4196-4206. Telangana-Open-Data-Policy-2016.pdf 275 Anumita Roychowdhury, Gaurav Dubey, Anu 265 Ibid. Soman, Waiting for a Bus: Strategies to improve Delhi’s bus system. (New Delhi: Centre for Science 266 Yunus Y. Lasania, “Telangana’s ‘open data’ policy and Environment, 2017). to help start-ups address public issues,” LiveMint, accessed March 15, 2019, https://www.livemint.com/ 276 Ibid. Companies/iZKdgU1KkQh4azdSKCZ31O/ Telanganas-open-data-policy-to-help-startups- 277 O.P. Agarwal, Personal Interview, New Delhi, address-pub.html March 1, 2019.

267 “Background,” Factly, accessed Feb. 18, 2019, 278 In many cases, transit operators do not make a https://factly.in/about/ system map or timetable available. Data can be used

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 172 to provide these more analog solutions in order to sites/default/files/resources/ meet the information needs of riders who do not nuis_master_doc_07.01.19_v5_0.pdf possess smartphones or do not access transit data in an online format. Other technologies may prove 287 “DataSmart Cities: Empowering Cities through useful to encompass groups of people who might not Data,” Ministry of Housing and Urban Affairs, use smartphones, such as text or voice-based Government of India, https://smartnet.niua.org/sites/ services. default/files/resources/datasmart_cities.pdf

279 Open Government Data Platform India, 288 “We Continue to Create an Open Data Culture,” “National Data Sharing and Accessibility Policy,” Makaia, accessed March 5, 2019, https://makaia.org/ accessed Jan. 28, 2019, https://data.gov.in/sites/ we-continue-to-create-open-data-culture default/files/NDSAP.pdf 289 “National Urban Transport Policy (2006),” New 280 “Open Government Data Platform India,” Open Delhi, India: Ministry of Urban Development, Government Data Platform India, accessed Jan. 28, Government of India, 2006. https:// 2019, https://data.gov.in smartnet.niua.org/sites/default/files/resources/ National%20Urban%20Transport%20Policy.pdf 281 Mohd Ujaley, “Countries to Ride on India’s Open Government Data Platform,” Express Computer, 290 “National Urban Transport Policy (2014),” New https://www.expresscomputer.in/interviews/ Delhi, India: Ministry of Urban Development, countries-to-ride-on-indias-open-government-data- Government of India, 2014. http://www.itdp.in/wp- ogd-platform/11567 content/uploads/2014/11/NUTP-2014.pdf

282 Simonti, Chakraborty, “Open Data Policy of the 291 “National Urban Transport Policy,” New Delhi, Government of India: What has it achieved?” CBG India: Ministry of Urban Development, Government India, http://www.cbgaindia.org/blog/open-data- of India (2006), https://smartnet.niua.org/sites/ policy-government-india-achieved default/files/resources/ National%20Urban%20Transport%20Policy.pdf 283 Joel Gurin, Personal Interview, Online, March 1, 2019. 292 Ibid.

284 Mark Headd, “New Thinking in How 293 GP Hari, Personal Interview, Kochi, Feb. 11, Governments Deliver Services,” in Beyond 2019. Transparency, ed. Brett Goldstein with Lauren Dyson. (San Francisco: Code for America Press, 2013): 278-9. 294 Harsha Krishna, Personal Interview, Bangalore, March 4, 2019. 285 Rajarshi Sahai, “Going Public with Public Transport Data For Public: Dilemmas of Developing 295 Harshith Gokulendra, Personal Interview, New Cities,” accessed Jan. 28, 2019, https://india.uitp.org/ Delhi, March 1, 2019. articles/open-data-public-transport-data-for-public 296 O.P. Agarwal, Personal Interview. New Delhi, 286 “National Urban Innovation Stack: Strategy and March 1, 2019. Approach,” New Delhi, India: Ministry of Housing 297 Srinivas Kodali, Personal Interview, New Delhi, and Urban Affairs, Government of India, 2019, Feb. 5, 2019. accessed Feb. 8, 2019, https://smartnet.niua.org/

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 173 298 Rajarshi Sahai, Personal Interview, Online, Jan. 2017, https://www.investor.gov/system/files/news/ 30, 2019. documents/english/ia_virtualcurrencies.pdf

299 Available at: https://smartnet.niua.org 310 The DAO is one example of a Decentralized Autonomous Organization, which is a term used to 300 Kunal Kumar, “Building National Urban describe a “virtual” organization embodied in Innovation Stack for Indian Smart Cities Mission - computer code and executed on a distributed ledger Technologies and Financing Model,” (Panel or blockchain. presentation, Smart Republic Conference, New Delhi, India, Feb. 27-28, 2019). 311 U.S. Securities and Exchange Commission, “Report of Investigation Pursuant to Section 21(a) of 301 Srinivas Kodali,. Personal Interview. New Delhi, the Securities Exchange Act of 1934: The DAO,” July Feb. 5, 2019. 25, 2017, https://www.sec.gov/litigation/ investreport/34-81207.pdf 302 Samir Sharma, Personal Interview. New Delhi, Feb. 15, 2019. 312 Lester Coleman, "SEC Subpoenas 80 Cryptocurrency Firms," CCN, March 04, 2018, 303 GP Hari, Personal Interview, Kochi, Feb. 11, accessed May 16, 2019. https://www.ccn.com/sec- 2019. subpoenas-80-cryptocurrency-firms-including- techcrunch-fund. 304 Vishal Ramprasad, Personal Interview, Mumbai, Feb. 12, 2019. 313 Nikhilesh De, "SEC Again Delays Decision on Bitwise Bitcoin ETF Approval," CoinDesk, May 15, 305 Harsha Krishna, Personal Interview. Bangalore, 2019. accessed May 16, 2019, https:// March 4, 2019;Vipassana Vijayarangan, Personal www.coindesk.com/sec-again-delays-decision-on- Interview, Online, Jan. 15, 2019. bitwise-bitcoin-etf-approval.

306 “National Urban Transport Policy,” New Delhi, 314 U.S. Securities and Exchange Commission, India: Ministry of Urban Development, Government Fintech Finhub, "Framework for “Investment of India, 2006, https://smartnet.niua.org/sites/ Contract” Analysis of Digital Assets," April 3, 2019, default/files/resources/ accessed April 14, 2019, https://www.sec.gov/ National%20Urban%20Transport%20Policy.pdf. corpfin/framework-investment-contract-analysis- digital-assets. 307 Don Tapscott, “2018 Regulation Roundtable: Addressing the Regulatory Challenges of Disruptive 315 The Howey Test is the standard methodology, Innovation,” Summary of 10 May 2018 Proceedings put in place by the U.S. Supreme Court to determine held at KPMG Toronto, Blockchain Research Institute, whether a transaction is an example of an Aug. 8 2018. "investment contract,” i.e., a security. It derives from a 1946 case, SEC v. W.J. Howey Co., a lawsuit 308 Warren Davidson, R-OH, "Text - H.R.7356 - 115th involving the Howey Company of Florida. In the Congress (2017-2018): Token Taxonomy Act." context of blockchain tokens, the Howey test can be Congress.gov. December 20, 2018, accessed April 14, expressed as three independent elements: (1) An 2019, https://www.congress.gov/bill/115th-congress/ investment of money, (2) in a common enterprise, (3) house-bill/7356/text. with an expectation of profits predominantly from 309 U.S. Securities and Exchange Commission, the efforts of others. “Ponzi Schemes Using Virtual Currencies,” July 23,

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 174 316 "A New Commissioner at America's Main 324 Daniel Gorfine (Director, LabCFTC), personal Securities Regulator Causes a Buzz," The Economist, interview, Washington, D.C., April 2019. Nov. 08, 2018, accessed April 14, 2019, https:// www.economist.com/finance-and-economics/ 325 Daniel Gorfine, "Podcasts." Commodity Futures 2018/11/08/a-new-commissioner-at-americas-main- Trading Commission, accessed April 14, 2019. https:// securities-regulator-causes-a-buzz. www.cftc.gov/Media/Podcast/index.htm.

317 Stan Higgins, "The SEC Just Appointed Its First- 326 Commodity Futures Trading Commission, Ever Crypto Czar," CoinDesk, June 04, 2018, "Request for Input on Crypto-asset Mechanics and accessed April 14, 2019, https://www.coindesk.com/ Markets." December 11, 2018, accessed May 12, 2019, sec-just-appointed-first-ever-crypto-czar. https://www.cftc.gov/sites/default/files/2018-12/ federalregister121118.pdf. 318 Detailed in the next section, LabCFTC is a pioneering regulatory model in dealing with fintech 327 United States Financial Crimes Enforcement innovations Network, Department of Treasury, Guidance: Application of FinCEN’s Regulations to Persons 319 Stephan O'Neal, “SEC Launches FinHub to Administering, Exchanging, or Using Virtual Communicate With Industry, But What Does It Have Currencies, FIN-2013-G001, March 18, 2013, https:// to Say?" Cointelegraph, Feb. 13, 2019, accessed April www.fincen.gov/sites/default/files/shared/FIN-2013- 14, 2019, https://cointelegraph.com/news/sec- G001.pdf. launches-finhub-to-communicate-with-industry-but- what-does-it-have-to-say. 328 Peter Van Valkenburgh, "FinCEN Raises Major Licensing Problem for ICOs in New Letter to 320 Yogita Khatri, "The SEC Wants to Hire a 'Crypto Congress," Coin Center, March 6, 2018, accessed Securities' Advisor," CoinDesk, April 01, 2019, May 12, 2019, https://coincenter.org/link/fincen- accessed April 14, 2019, https://www.coindesk.com/ raises-major-licensing-problem-for-icos-in-new- the-us-sec-is-hiring-a-crypto-specialist-legal-advisor. letter-to-congress.

321 Commodity Futures Trading Commission, “An 329 Timothy Spangler and Robert J. Rhatigan. Introduction to Virtual Currency,” 2017, https:// "FinCEN Warns That Virtual Currency Activities Are www.cftc.gov/sites/default/files/idc/groups/public/ Subject to Anti-Money Laundering Obligations," Lexo %40customerprotection/documents/file/ logy, April 03, 2018, accessed April 14, 2019, https:// oceo_aivc0218.pdf. www.lexology.com/library/detail.aspx? g=67eaaff2-3d48-4e39-a1b7-8cf1651099df. 322 Khatri, Yogita, "CabbageTech CEO Indicted in New York for Defrauding Crypto Investors," CoinDes 330 FinCEN, "Advisory on the Iranian Regime’s Illicit k, March 27, 2019, accessed April 14, 2019, https:// and Malign Activities and Attempts to Exploit the www.coindesk.com/cabbagetech-ceo-indicted-in- Financial System," FIN-2018-A006, October 11, 2018, new-york-for-defrauding-crypto-investors. accessed April 14, 2019, https://www.fincen.gov/ sites/default/files/advisory/2018-10-11/Iran Advisory 323 Chris Giancarlo, "CFTC Chairman Chris FINAL 508.pdf. Giancarlo,” DC Blockchain Summit 2019, Georgetown University, Washington, D.C., March 6, 331 Internal Revenue Service, "Notice 2014-21," 2019. March 2014, accessed April 14, 2019, https:// www.irs.gov/pub/irs-drop/n-14-21.pdf.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 175 332 "Tax Treatment of Cryptocurrency Hard Forks 341 Anonymous New York venture capitalist in for Taxable Year 2017," American Bar Association to blockchain, personal interview, March 2019. Internal Revenue Service, March 19, 2017, Washington, D.C. 342 Gage Lathrop and Dale Werts, "Blockchain and Cryptocurrency: State Law Roundup," JD Supra, July 333 "IRS Treatment of Virtual Currencies," U.S. 10, 2018, accessed April 14, 2019, https:// House of Representatives Committee on Ways and www.jdsupra.com/legalnews/blockchain-and- Means to Internal Revenue Service, Sept. 19, 2018, cryptocurrency-state-law-84534/. Washington, D.C. https://republicans- waysandmeansforms.house.gov/uploadedfiles/ 343 Long, Caitlin, "What Do Wyoming's 13 New letter_irs_virtual_currencies.pdf. Blockchain Laws Mean?" Forbes, April 08, 2019, accessed April 14, 2019, https://www.forbes.com/ 334 Steven T. Mnuchin and Craig S. Phillips, “A sites/caitlinlong/2019/03/04/what-do-wyomings- Financial System That Creates Economic new-blockchain-laws-mean/#11ecd0575fde. Opportunities Nonbank Financials, Fintech, and Innovation,” U.S. Department of the Treasury, July 344 Caitlin Long (Co-Founder, Wyoming Blockchain 2018. https://home.treasury.gov/sites/default/files/ Coalition), personal interview, Feb. 2019. 2018-07/A-Financial-System-that-Creates-Economic- Opportunities---Nonbank-Financi....pdf. 345 Multiple start-up founders and business strategy leads (anonymous), personal interview, April 335 Craig S. Phillips "Fireside Chat with Counselor 2019, Seattle. Craig Phillips, U.S. Dept. of the Treasury," Speech at the D.C. Blockchain Summit 2019, Georgetown 346 Greg Heuss (Managing Partner, Counterpoint University, Washington, D.C., March 6, 2019. Ventures), personal interview, April 2019, Seattle, Washington. 336 Statement of Jennifer Shasky Calvery, Director, Financial Crimes Enforcement Network, United States 347 Multiple start-ups (anonymous), interview by Department of the Treasury (2013) (testimony of the author, April 2019, Los Angeles and San Jennifer Shasky Calvery).https://www.fincen.gov/ Francisco, California. news/testimony/statement-jennifer-shasky-calvery- 348 David Otto (Founder and Managing Partner, director-financial-crimes-enforcement-network-0. Martin Davis PLLC), personal interview, April 2019, 337 Ibid. Seattle, Washington.

338 "Virtual Currency Business (BitLicense)," New 349 Multiple start-ups and Venture Capitalists York Department of Financial Services, 2015. https:// (anonymous), interview by the author, April 2019, Los www.dfs.ny.gov/apps_and_licensing/ Angeles and San Francisco, California. virtual_currency_businesses/license_management. 350 The SEC, as well as the securities laws it 339 Patrick Murck, (Partner, Cooley LLP), personal enforces, have come under bipartisan criticism from interview, March 2019. academics, entrepreneurs, investors, and members of Congress for creating red tape that makes it 340 Marco Santori and Maria Vullo, "Legal Tender? difficult both for entrepreneurs to raise capital in the The Regulation of Cryptocurrencies," June 7, 2018, public markets and for investors to find wealth- accessed April 14, 2019, https://www.cfr.org/event/ building opportunities. This concern prompted legal-tender-regulation-cryptocurrencies. Congress to pass regulatory relief overwhelmingly in

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 176 the Jumpstart Our Business Start-ups (JOBS) Act, 357 A head-count is not seen as a “division” under which was signed by President Obama in 2012. In the Rules of Procedures of the Lok Sabha and the 2018, the U.S. House of Representatives passed a bill Rajya Sabha, even though votes are counted. allowing further relief, the Jobs and Investor Confidence Act. The JOBS Act eased some burdens 358 This was increased from 2½ minutes in 1989 on entrepreneurs by exempting small and “emerging (Lok Sabha) and 2006 (Rajya Sabha). growth” companies from some of the costly burdens of securities laws like the Sarbanes-Oxley Act of 359 It was in 1956-57 that the Indo-German Trade 2002 and the Dodd-Frank Act 2010.For further Centre was contracted to install ‘automatic vote reference: John Berlau, "Cryptocurrency and the recording equipment,’ i.e., voting machines, SEC's Limitless Power Grab," Competitive Enterprise manufactured by Telefonbau und Normalzeit Institute, April 11, 2019, accessed April 14, 2019, G.M.B.H. of Frankfurt, West Germany, in both the https://cei.org/content/cryptocurrency-and-secs- Lok Sabha as well as the Rajya Sabha. Incidentally, limitless-power-grab. this contract led to what was the first ruling on parliamentary privilege within the Rajya Sabha, and 351 Multiple venture capitalists, interviewed by the second in the Lok Sabha in relation to a case author, Feb./Apr. 2019, New York, Seattle, San before the Election Tribunal and the Calcutta High Francisco. Court on disqualification of a member. See, Rajya Sabha Committee on Privileges, “First Report,” May 352 John M. Carey, Legislative Voting and 1958, https://rajyasabha.nic.in/rsnew/ Accountability, Cambridge Studies in Comparative privileges_digest/priv-18.pdf; Lok Sabha Committee Politics (Cambridge University Press, 2009), ix. on Privileges, “Second Report,” April 1958, https:// eparlib.nic.in/bitstream/123456789/57641/1/ 353 This expectation was, in some part, because of privileges_02_02_1958.pdf; and Brojo Gopal Das v. K the way I had seen the voting records of American alipada Banerjee, January 1959, https:// members of Congress being used to discuss their indiankanoon.org/doc/1158907/?type=print. Given past positions on legislative matter, as well as to that the equipment did not have any means of the examine the linkages between the funding they MP authenticating herself (unlike the machine used received and the positions they espoused. in the U.S. House of Representatives), that necessitated the allocation of specific seats to each 354 Rule 246, “Rules of Procedure and Conduct of member, which had not been fixed (except the Business in the Council of States (Rajya Sabha),” reservation of a few rows for government ministers) August 2016, https://rajyasabha.nic.in/rsnew/rs_rule/ until then. As a book on Indian parliamentary rules_pro.pdf; and Rule 364, “Rules of Procedure and procedure notes, “each member is now allotted a Conduct of Business in Lok Sabha,” April 2014, http:// fixed seat from where he has to address the House 164.100.47.194/loksabha/rules/RULES-2010-P- unless it otherwise directed by the Chair, and at the FINAL_1.pdf. time of a division he has to record his vote by operating the apparatus fixed to his seat.” MN Kaul 355 “Constitution of India,” 1950, http:// and SL Shakdher, Practice and Procedure of www.legislative.gov.in/constitution-of-india. Parliament, 3rd ed., vol. 1 (Metropolitan Book Co., 1979), http://archive.org/details/in.ernet.dli. 356 For the sake of brevity, the term “Speaker” shall 2015.111150; this is also encapsulated in the Lok Sabha be used to cover both the Speaker of the Lok Sabha Rules of Procedure. Rule 349(vii), “Rules of Procedure as well as the Chairman of the Rajya Sabha. and Conduct of Business in Lok Sabha”

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 177 360 India Const., art. 368(2). to just attend a particular session of parliament. The term can also be used to describe the privilege of 361 India Const., arts. 61(2)(b) and 61(4). belonging to a political party; thus when an MP’s whip is removed, that MP is expelled from the party, 362 India Const., art. 124(4). until that MP’s whip is restored. Finally, the term can also be used to describe the senior political party 363 India Const., art. 244A(3). functionaries whose job it is to issue and remove whips, and otherwise ensure cohesion among their 364 India Const., art. 249. fellow party members. Whips are statutorily 365 India Const., art. 312. recognized in multiple parliaments, and draw salaries from the public exchequer as well in countries like 366 India Const., art.352(6). India and the U.K.

367 India Const., arts. 55(3) & 66(1). 377 R. Eric Petersen, “Parliament and Congress: A Brief Comparison of the British House of Commons 368 U.S. Const., art. I, . 5, cl. 3. and the U.S. House of Representatives,” 2005, 4, https://fas.org/sgp/crs/misc/RL32206.pdf. 369 Elizabeth Rybicki, “Voting and Quorum Procedures in the Senate,” (Congressional Research 378 Petersen, 4. Service, August 2013), 5. 379 The law allows for disqualification if there is 370 Rybicki, 5. “voluntarily giving up of seat” or if an MP “votes or abstains from voting in such House contrary to any 371 “Divisions,” UK Parliament, accessed 10 March direction issued by the political party to which he 2019, https://www.parliament.uk/about/how/ belongs or by any person or authority authorized by business/divisions/ it in this behalf, without obtaining, in either case, the prior permission of such political party, person or 372 Ibid. authority and such voting or abstention”. There are limited circumstances in whips may not be issued, 373 Shalaka Patil, “Push Button Parliament - Why namely in the election of presidents and vice- India Needs a Non-Partisan, Recorded Vote System,” presidents. Anuario Colombiano de Derecho Internacional 4 (2011): 182, https://heinonline.org/HOL/Page? 380 Kihoto Hollohan v. Zachillhu, 1992 SCR (1) 686. handle=hein.journals/ The court noted that, “there are certain side effects acdin4\&id=154\&div=\&collection=. and fall out which might affect and hurt even honest dissenters and conscientious objectors, but these are 374 Carey, Legislative Voting and Accountability, the usual plus and minus of all areas of experimental 166. legislation.” 375 Carey, 166. 381 Ibid.

376 Whips can be the letter that are issued by a 382 Mannadi Satyanarayan Reddy v. Andhra senior functionary of a political party, issuing Pradesh Legislative Assembly and Others, 2009 (3) directions to the members of that party in parliament ALT 32. —usually directing them to vote in a particular manner on a motion, to abstain from voting, or even

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 178 383 David Beetham, Parliament and Democracy in 2018-11-14/sri-lanka-parliament-passes-no- the Twenty-First Century: A Guide to Good Practice confidence-vote-against-new-pm. (Inter-Parliamentary Union, 2006), 96, https:// www.ipu.org/resources/publications/handbooks/ 391 See Hug, Wegmann, and Wüest,”Parliamentary 2016-07/parliament-and-democracy-in-twenty-first- Voting Procedures in Comparison.” century-guide-good-practice. 392 For this to happen, it ought to be taken up by 384 Beetham, 96. the Rules Committee of either house, and a change recommended. Thereupon, the rules of procedure of 385 The situation before 1972-73 when the U.S. the Lok Sabha and the Rajya Sabha should be House of Representatives moved to electronic voting amended by each house. While the lack of a clear was described by the Clerk of the House: “Voting in rule is not a bar for this practice to be implemented, the House was something of a mystery, unless you it would give it a more binding character if it found were present in the chamber when the roll was expression in the rules of procedure. As a start, called, and attentive to the Members’ responses, and though, it would be judicious for political parties to then, of course, people in the gallery then, as now, start publicly documenting every whip they issue could not take notes. You did not know until the next (whether one-line, two-line, or three-line whips) on day when the vote was recapitulated in the their website. Congressional Record how the Members individually had voted.” - Donnald K. Anderson, Clerk of the U.S. 393 Patil, “Push Button Parliament — Why India House of Representatives (2006) Needs a Non-Partisan, Recorded Vote System,” 191.

386 Patil, “Push Button Parliament - Why India 394 Patil, 192. Needs a Non-Partisan, Recorded Vote System,” 170– 72. 395 MPs have at least four distinct kinds of duties: (1) Legislative and deliberative: MPs debate, draft, 387 Simon Hug, Simone Wegmann, and Reto and pass statutes, they amend or reject subordinate Wüest, ‘Parliamentary Voting Procedures in legislation promulgated by the Executive; (2) Comparison’, West European Politics 38, no. 5 Oversight: they exercise budgetary oversight, (September 2015): 943, https://doi.org/ participate in committees that examine the workings 10.1080/01402382.2015.1045290. of the government, and have powers to conduct special investigations via “joint parliamentary 388 Patil, “Push Button Parliament - Why India committees,” fell governments through “no- Needs a Non-Partisan, Recorded Vote System,” 171. confidence motions,” impeach the President, approve or disapprove declarations of emergency, 389 Varghese K. George, “Voice Vote Valid Only and interrogate the functioning of the government When Nobody Questions It,” The Hindu, November through a variety of means [Question Hour, Calling 2014, https://www.thehindu.com/news/national/ Attention Motion, etc.], and impeach judges of other-states/voice-vote-valid-only-when-nobody- constitutional courts; (3) Elective: they vote for the questions-it/article6596275.ece. elections for the president and vice-president of India (apart from parliamentary functionaries such as the 390 Anusha Ondaatjie and Iain Marlow, “No Speaker of the Lok Sabha, etc.; (4) Representative: Confidence in New PM, Sri Lanka Lawmakers Tell MPs represent their political parties, and represent Parliament,” Bloomberg, accessed 29 April 2019, their constituents by raising issues relevant to their https://www.bloomberg.com/news/articles/ constituents in Parliament [or in parliamentary committees and processes], by aiding their

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 179 constituents in communicating with governmental 403 John Sheridan and Jim Mangiafico, ‘Structure- bodies and getting their concerns heard by the Aware Search of UK Legislation’, in XML London 2016 government and local bodies, and recommending Conference Proceedings (London, United Kingdom: specific developmental projects be undertaken in XML London, 2016), 78–81, https://doi.org/10.14337/ their constituency and providing the funding for that XMLLondon16.Sheridan01. through the MPLAD fund. 404 ‘AT4AM.eu’, AT4AM.eu, accessed 30 January 396 Lok Sabha Secretariat, “Resumé of Work Done 2019, https://at4am.eu/. by Lok Sabha: 16th Lok Sabha, 13th Session,” February 2018, 32–33, http://164.100.47.193/ 405 “U.N. Semantic Interoperability Framework for resumeofwork/XIII/5163LS.pdf. Normative and Parliamentary Documents (UNSIF) | United Nations System Chief Executives Board for 397 MP’s Reports, Dr. Shashi Tharoor’s Official Coordination,” United Nations System, accessed 16 Website, 2019, http://shashitharoor.in/mp_reports. April 2019, https://www.unsystem.org/content/ MP Shashi Tharoor has been leading the way, having akn4un. The blog post on this notes: ‘The adoption of issued such reports since his first term from [the UN Semantic Interoperability Framework] has 2009-2014. Instructively, in his latest end-term report put the foundations for the establishment of a UN- covering 2014-2019, he only dedicates two sections wide ecosystem of machine-readable documents for work within the Lok Sabha and a Standing that will foster collaboration and reduce costs in Committee, while eleven sections are dedicated to information management across the system by work outside of Parliament. transforming the web of information enclosed in traditional word processing documents into a web of 398 Manju Jain, “Delivering Parliamentary Library data that can be interpreted by computers to create and Research Services in an Interconnected World: innovative services. By having documents available in The Case of the Parliament of India,” IFLA - Library a common semantically rich format will raise and Research Services for Parliaments, September dramatically the UN capacity to coordinate activities, 2016, https://www.ifla.org/node/10848. create synergies and respond to clients’ information demands, improve the efficiency and quality of 399 Rajya Sabha Secretariat, ‘Rajya Sabha Annual information processing, dissemination and Report 2017’, 2017, https://rajyasabha.nic.in/rsnew/ accessibility, and bring significant benefits in terms annual_report/2017/LARRDIS.pdf. of governance, accountability and transparency.”

400 Empirical research for this paper would have 406 “Indigo Platform for Publishing Beautiful been aided greatly if Parliamentary debates were Legislation: Laws-Africa/Indigo’ (Laws.Africa, March available in a structured format such as Akoma 2019), https://github.com/laws-africa/indigo. Ntoso. 407 Nyaaya, “Laws of India in Akoma Ntoso XML 401 There are many definitions of open standards, format,” https://github.com/nyaayaIN/laws-of-india/ but for the purposes of this section I mean that it has tree/master/consolidated. been standardized by a committee with open participation and an open process, and is available 408 Union of India v. Vansh Sharad Gupta, W.P. (C) for free, and may be implemented in free/libre/open 4761/2016, order dated May 25, 2017, http:// source software without payment of any royalties. delhihighcourt.nic.in/dhcqrydisp_o.asp? pn=106443&yr=2017. 402 Ashok Hariharan, interview by author, March 2019.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 180 409 Union of India v. Vansh Sharad Gupta, W.P. (C) revolution-pilots-new-open-source-guide-for- 4761/2016, order dated December 15, 2017, http:// governments/. delhihighcourt.nic.in/dhcqrydisp_o.asp? pn=240305&yr=2017. 418 FE Bureau, “India’s Drone Market Expected to Grow $885.7 mn by 2021,” Financial Express, October 410 Chakshu Roy, “Budgeting for Democracy,” The 8, 2018, https://www.financialexpress.com/industry/ Indian Express, February 2017, https:// technology/indias-drone-market-expected-to- indianexpress.com/article/opinion/columns/union- grow-885-7-mn-by-2021-jobs-look-like-a-guarantee- budget-parliament-democracy-lok-sabha-rajya- here/1340848/. sabha-4511240/. 419 Mallapur, Chaitanya, “India Tops List of Drone- 411 Ashok Hariharan, interview with author, March Importing Nations,” Business Insider, May 4, 2015, 2019. Hariharan.’ https://www.business-standard.com/article/specials/ india-tops-list-of-drone-importing- 412 Hariharan. nations-115050400136_1.html.

413 Hariharan. 420 Panda, Ankit, “US Approves Sale of Armed Predator-B Drones to India,” The Diplomat, May 2, 414 Beetham, Parliament and Democracy in the 2018. https://thediplomat.com/2018/05/us-approves- Twenty-First Century, 7. sale-of-armed-predator-b-drones-to-india-report/.

415 Ministry of Civil Aviation, Government 421 Pamela Cohn, Alastair Green, Meredith Announces Regulations for Drones, New Delhi, India: Langstaff, and Melanie Roller, “Commercial Drones Press Information Bureau, Government of India, are Here: The Future of Unmanned Aerial Systems”, August 27, 2018, http://pib.nic.in/newsite/ McKinsey Report, December 2017, https:// PrintRelease.aspx?relid=183093; Gill, Prabhjote, www.mckinsey.com/industries/capital-projects-and- “Flying Drones are Finally Legal in India.,” Business infrastructure/our-insights/commercial-drones-are- Insider, August 29, 2018, https:// here-the-future-of-unmanned-aerial-systems www.businessinsider.in/flying-drones-is-finally-legal- in-india/articleshow/65573434.cms. 422 Pamela Cohn, Alastair Green, Meredith Langstaff, and Melanie Roller, “Commercial Drones 416 For a discussion on how unmanned aerial Are Here: The Future of Unmanned Aerial Systems,” vehicles or commercial drones are being utilized in McKinsey Report, December 2017, https:// some of the core public sectors and allowing civilian www.mckinsey.com/industries/capital-projects-and- uses of aerial monitoring, see: Padmanabhan, infrastructure/our-insights/commercial-drones-are- Ananth, “Civilian Drones and India’s Regulatory here-the-future-of-unmanned-aerial-systems. Response,” Carnegie India, March 10, 2017, https:// carnegieindia.org/2017/03/10/civilian-drones-and- 423 “Drone Certification: A Step-by-Step Guide to india-s-regulatory-response-pub-68218. FAA Part 107 for U.S. Commercial Drone Pilots,” UAV Coach, https://uavcoach.com/drone-certification/. 417 “Cleared for Take-Off: India Ready for the Drone Revolution, Pilots New Open Source Guide for 424 Dukowitz, Jack, “ISO Releases Draft of First Governments,” World Economic Forum, January 25, International Drone Standards for Public Comment,” 2019, https://www.weforum.org/press/2019/01/ UAVCoach. November 30, 2018, https:// cleared-for-take-off-india-ready-for-the-drone- uavcoach.com/iso-standards/.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 181 425 Government. Ministry of External Affairs. Respo 00f88670a97ee6715c92afc0199aec8c_6.6Mr.Pranab nding First as a Leading Power. https:// KumarDas.pdf. www.mea.gov.in/Portal/IndiaArticleAll/ 636548962666860480_Responding_First_Leading_P 433 Ministry of Civil Aviation. Operations of ower.pdf Remotely Piloted Aircraft System (RPAS) to be Enabled through Digital Sky Platform, Press 426 Kuronuma, Yuki. ‘Drones Help Rescue Efforts in Information Bureau, August 27, 2018. http:// Nepal.’ Nikkei Asian Review. May 11, 2015. https:// www.pib.nic.in/PressReleseDetail.aspx? asia.nikkei.com/Business/Drones-help-rescue- PRID=1544087 efforts-in-Nepal 434 Mathews, Neelam, “India Struggles With Drone 427 Parmar, Tekendra, “Drones in India,” Center for Issues.” AINOnline, February 17, 2016, https:// the Study of the Drone. December 4, 2014. https:// www.ainonline.com/aviation-news/aerospace/ dronecenter.bard.edu/drones-in-india/. 2016-02-17/india-struggles-drone-issues

428 Rossow, Richard M. and C. Raja Mohan, Deepen 435 For a detailed discussion on the various ing India-U.S. Cooperation on Humanitarian challenges to bolster the commercial drone sector in Assistance and Disaster Relief in the Indian Ocean India, see “Make in India for Unmanned Aircraft and the Asia-Pacific Regions, CSIS, Wadhwani Chair Systems: Awaiting its Kitty Hawk Moment,” FICCI in U.S.-India Policy Studies, October 2015. https:// and EY, https://www.ey.com/Publication/ csis-prod.s3.amazonaws.com/s3fs-public/ vwLUAssets/ey-make-in-india-for-unmanned- legacy_files/files/publication/ aircraft-systems/$File/ey-make-in-india-for- 151021_Rossow_DeepeningUSIndiaCooperation_Web unmanned-aircraft-systems.pdf .pdf. 436 Rice, Stephen, “Eyes in the Sky: The Public has 429 Mehta, Aaron, “US, India Collaborating on Air- Privacy Concerns About Drones”, Forbes, February 4, Launched Drone,” Defense News, March 18, 2019, 2019, https://www.forbes.com/sites/ https://www.defensenews.com/global/asia-pacific/ stephenrice1/2019/02/04/eyes-in-the-sky-the-public- 2019/03/18/us-india-collaborating-on-air-launched- has-privacy-concerns-about-drones/#a0432c06984c drone/ 437 A doorstep delivery would entail collection of 430 “Building Cargo Drone Expertise in Papua New customer data at levels which would be considered Guinea,” iRevolutions, February 25, 2019, https:// private such as residence address, timings for irevolutions.org/2019/02/25/building-cargo-drone- deliveries among other detailed information on expertise-in-papua-new-guinea/. customers.

431 “Is China at the Forefront of Drone 438 Lohn, Andrew J, Gulden, Timothy R. Xu, Jia. Technology?”, CSIS ChinaPower, May 29, 2018, Jones, Therese, Kuhn, Kenneth, Welser IV, William. https://chinapower.csis.org/china-drones-unmanned- “What’s in Store for Commercial Delivery Drones,” Ra technology/ nd Research Brief, https://www.rand.org/pubs/ research_briefs/RB9995.html 432 Das, Pranab K, “The Customs Paradigm in Combatting Weapons of Mass Destruction,” Ministry 439 Lohn, Andrew J, Gulden, Timothy R. Xu, Jia. of Finance, Government of India. https:// Jones, Therese, Kuhn, Kenneth, Welser IV, William. www.eiseverywhere.com/file_uploads/ “What’s in Store for Commercial Delivery Drones,” Ra

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 182 nd Research Brief, https://www.rand.org/pubs/ 448 Grand View Research, “Anti-Drone Market Size research_briefs/RB9995.html Worth $1.85 Billion By 2024 | CAGR: 24.1%,” accessed April 26, 2019. https://www.grandviewresearch.com/ 440 ET Bureau, “Drones: Out of Sight, but in Indian press-release/global-anti-drone-market Govt’s Mind,” Economic Times, January 16, 2019, https://economictimes.indiatimes.com/industry/ 449 “Why We Need Counter-Drone Technology transportation/drones-out-of-sight-but-in-indian- Now More than Ever,” CNBC, February 1, 2019, govts-mind/articleshow/67550036.cms https://www.cnbc.com/video/2019/02/01/counter- drone-companies-like-dedrone-fortem-are-policing- 441 Isaak, Adam “With More Drones in the Sky the-skies.html Every Year, ‘Counter-Drone’ Tech Can Keep the Bad Ones at Bay”, CNBC, February 2, 2019, https:// 450 Federal Aviation Administration, Pilot Reports of www.cnbc.com/2019/02/02/counter-drone-tech-is- Close Calls With Drones Soar in 2015, August 12, needed-more-than-ever.html 2015, https://www.faa.gov/news/updates/? newsId=83445 442 Chang, Lulu “FBI Rescue Hostage Team Bamboozled After Criminals Unleash Drone Swarm”, 451 Goglia, John,“FAA Confirms Shooting a Drone is Digital Trends, May 4, 2018, https:// a Federal Crime. So When Will U.S. Prosecute?” Forb www.digitaltrends.com/cool-tech/drones-fbi-raid/ es, April 13, 2016, https://www.forbes.com/sites/ johngoglia/2016/04/13/faa-confirms-shooting-drone- 443 Brennan, David. “Why are Militants Using federal-crime-so-when-will-us-prosecute/ Drones? UAV Weapons Have Spread Far Beyond #15ca2e562a25 Nation States,” Newsweek, April 24, 2018, https:// www.newsweek.com/why-are-militants-using- 452 U.S. Department of Transportation, Updated drones-uav-weapons-have-spread-far-beyond- Guidance on Unmanned Aircraft System (UAS) nation-899076. Detection and Countermeasures, Federal Aviation Agency. July 19, 2018, https://www.faa.gov/airports/ 444 “Game of Drones-Proliferated Drones,” Wargam airport_safety/media/Counter-UAS-Airport-Sponsor- e Report, Center for New American Security, June Letter-July-2018.pdf 29, 2016, http://drones.cnas.org/wp-content/ uploads/2016/06/Game-of-Drones-Proliferated- 453 Snead, Jason, John-Michael Seibler, and David Drones.pdf. Inserra, “Establishing a Legal Framework for Counter- Drone Technologies,” The Heritage Foundation, April 445 Harper, Alexander, “Drones Level the Battlefield 16, 2018, https://www.heritage.org/technology/ for Extremists,” The Interpreter, April 20, 2018, report/establishing-legal-framework-counter-drone- https://www.lowyinstitute.org/the-interpreter/ technologies drones-level-battlefield-extremists. 454 French, Sally, “Department Of Defense Is Using 446 Michel, Arthur H, ‘Counter-Drone Systems.’ The SkySafe To Crack Down on Rogue Drones,” Drone Center for Study of Drone, Bard College, February Girl, July 20, 2017, https://thedronegirl.com/ 2018, accessed April 26, 2019. https:// 2017/07/20/skysafe-anti-drone/ docs.google.com/viewerng/viewer?url=http:// dronecenter.bard.edu/files/2018/02/CSD-Counter- 455 Peri, Dinaker, “Expanding Anti-UAVs Market to Drone-Systems-Report.pdf&hl=en_US Counter Drone Technology,” CLAWS Journal, Winter 2015, https://www.claws.in/images/journals_doc/ 447 Ibid.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 183 246665511_ExpandingAnti- Law and Comparative Law, Humboldt University of UAVsMarkettoCounterDroneTechnology.pdf Berlin and Friedrich Naumann Stiftung for Freedom, November 2018. 456 Ahuja, Namrata B, “Govt Plans to Deploy Anti- Drone Facilities at Airports,” The Week, March 14, 465 Alan Ivan Chorney, "Taking the Game out of 2018, https://www.theweek.in/news/india/ Gamification," Dalhousie Journal of Interdisciplinary 2018/05/14/govt-plans-to-deploy-anti-drone- Management, Vol. 8, No. 1 (2012). facilities-at-airports.html 466 Jane McGonigal, Reality is broken: Why games 457 National Nuclear Security Administration, NNS make us better and how they can change the world. A Deploys its First Counter-Unmanned Aircraft (New York: Penguin, 2011). System, Nov. 19, 2018, https://www.energy.gov/nnsa/ articles/nnsa-deploys-its-first-counter-unmanned- 467 Robert D. Putnam, "E Pluribus Unum: Diversity aircraft-system and Community in the Twenty-first Century." (The 2006 Johan Skytte Prize Lecture, 2007). 458 Horizontal technology refers to application of a technology across different sectors without much 468 Nicholas Plumb, Hannah Millinship Hayes, et al, investment in R&D. An example would be e- “Integration City: A new communities agenda for commerce where selling a book is similar to selling a London,” October 2016, https://the-challenge.org/ laptop. uploads/documents/TCN-Integration-City.pdf.

459 “The Chatbots Taking Over Government: What 469 Ibid Jobs Can They Do?” October 17, 2017, https:// apolitical.co/solution_article/chatbots-government- 470 OECD Guidelines on Measuring Trust, Nov. 23, what-jobs-can-they-do/. 2017, http://www.oecd.org/sdd/oecd-guidelines-on- measuring-trust-9789264278219-en.htm. 460 Lindsay Curdele, “Pokemon Gov: Gamifying Civic Engagement,” July 28, 2016https:// 471 I. Bogost, “The rhetoric of video games” in K. mediacause.org/pokemon-go-gamifying-civic- SALEN (ed.), The Ecology of Games: Connecting engagement/. Youth, Games, and Learning, (MIT Press, 2008), p. 130. 461 Participatory Pokemon Go, last modified July 5, 2017, https://www.boston.gov/departments/new- 472 Ibid. urban-mechanics/participatory-pokemon-go. 473 Gianluca Sgueo, “Games, Powers & 462 “Catalog of Good Deeds: Building Civil Society Democracies: Chapter 1,” Games, Powers & Through Daily Acts of Kindness, Tlalnepantla De Baz, Democracies, (Milan: Bocconi University Press, 2018). Mexico: Mayors Challenge Finalist, 2016,https:// 474 , Barnett et al., “Toward Metrics for mayorschallenge.bloomberg.org/ideas/tlalnepantla- Re(imagining) Governance: The Promise and de-baz/. Challenge of Evaluating Innovations in How We 463 Ibid. Govern,” GovLab Working Paper, April 18, 2013.

464 G. Sgueo, A discussion on gamified digital 475 Graham Smith, Democratic innovations: advocacy, Workshop The Future of Law. Technology, Designing institutions for citizen participation Innovation and Access to Justice, Chair for Public (Cambridge: Cambridge University Press, 2009).

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 184 476 Decide Madrid, https://decide.madrid.es/. 488 Rogier Creemers, "China's Social Credit System: An Evolving Practice of Control." (2018) 477 CrowdLaw Introduction, The GovLab, Sep. 2017, https://crowd.law/crowdlaw-introduction- 489 A. Davies and J. Simon, “Citizen engagement in baef458325ae social innovation – a case study report,” adeliverable of the project: “The theoretical, empirical and policy 478 “Over Half of Reykjavik Residents Steer foundations for building socialinnovation in Europe” Policymaking - Here's How,” Apolitical, Sept. 2017, (TEPSIE), European Commission – 7th Framework https://apolitical.co/solution_article/half-reykjavik- Programme, Brussels:European Commission, DG residents-steer-policymaking-heres/. Research, 2012.

479 Vtaiwan, https://info.vtaiwan.tw/. 490 Fred Powell, "Civil society, social policy and participatory democracy: Past, present and future." S 480 “Taiwan Is Using Social Media to Crowdsource ocial Policy and Society 8, no. 1 (2009): 49-58. Legislation,” Apolitical, June 2017, https:// apolitical.co/solution_article/taiwan-using-social- 491 Ibid media-crowdsource-legislation/. 492 Joseph Kahne, Ellen Middaugh, and Chris 481 Beth Noveck, “More Than A Coin: The Rise Of Evans. The civic potential of video games. Civic Cryptocurrency,”June 25, 2018, https:// (Cambridge, MA: MIT Press, 2009). medium.com/@bethnoveck/with-victoria-alsina- reproduced-from-forbes- 493 “Who Knows Best? Cities Consult Citizens for march-27-2018-600db3e64131. Fresh IdeasPlace,” Feb. 2019, http:// www.thisisplace.org/i/?id=8bce0a3d-3179-4bf9- 482 Paul van Sambeek, Edgar Kampers, “NU- ad79-e5f52e186062. spaarpas, the Sustainable Incentive Card Scheme, 2004. 494 Samuel Bowles, “The Moral Economy: Why Good Incentives are no substitute for good citizens,” 483 De Torekes, https:// (New Haven, CT: Yale University Press, 2017). samenlevingsopbouwgent.be/wat-doen-we/ projecten/de-torekes/ 495 Cass R. Sunstein, “Why nudge?: The politics of libertarian paternalism,” ((New Haven, CT: Yale 484 “Engage Your Citizens with Gamification,” University Press, 2014). Innowave, https://content.campaignspartner.com/ link/innowave-download-wp-en-lk. 496 Beth Noveck, Smarter Citizens, Smarter State, (Harvard, MA:Harvard University Press, 2015). 485 Peter Hasson, “Social Credit,” Daily Caller, Nov. 2018, https://dailycaller.com/2018/11/17/andrew- 497 BETH Noveck, "Wiki-government: How yang-2020-social-credit/. Technology Can Make Government Better, Democracy Stronger, and Citizens More Powerful,” 486 Andrew Yang, “Modern Time Banking,” https:// (Washington, DC: Brookings Institution 2009). www.yang2020.com/policies/modern-time-banking/. 498 Amos Tversky and Daniel Kahneman, 487 Rachel Botsman, “Big Data Meets Big Brother "Judgment Under Uncertainty: Heuristics and As China Moves To Rate Its Citizens,” Wired, Oct. 21, Biases," Science 185, no. 4157 (1974): 1124-1131. 2017, https://www.wired.co.uk/article/chinese- government-social-credit-score-privacy-invasion.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 185 499 John Cheney-Lippold, "A New Algorithmic 511 Richard H. Thaler and Cass R. Sunstein, Nudge: Identity: Soft Biopolitics and the Modulation of Improving Decisions about Health, Wealth, and Control," Theory, Culture & Society 28, no. 6 (2011): Happiness, (New York: Penguin, 2009). 164-181. 512 “C40 Cities | Networks,” https://www.c40.org/ 500 John Cheney-Lippold, "Jus algoritmi: How the networks National Security Agency Remade Citizenship," International Journal of Communication 10 (2016): 22. 513 Stefaan Verhulst, Towards a Science of Gamification and its Relationship to Governance and 501 Colin Daileda “The U.S. Will Start Collecting Democracy (2018). Social and Search Data on Every Immigrant Soon,” M ashable, September 2017, https://mashable.com/ 514 Nilekani, Nandan ‘Technology to Leapfrog 2017/09/26/us-government-social-media-data- Development: The Aadhaar Experience’ Center for immigrants/. Global Development, The Eighth Annual Richard H. Sabot Lecture. 502 Draft Ethics Guidelines for Trustworthy AI, European Commission, December 2018, https:// 515 “Social Security.” Social Security History, Social ec.europa.eu/digital-single-market/en/news/draft- Security Administration, www.ssa.gov/history/ ethics-guidelines-trustworthy-ai. hfaq.html.

503 Ibid. 516 This statistic was reported in 2009 by “Highway Finance Data Collection.” Policy and Governmental 504 Tara McGuinness and Anne-Marie Slaughter, Affairs Office of Highway Policy Information, U.S. “The New Practice of Public Problem Solving,” Stanfo Department of Transportation/Federal Highway rd Social Innovation Review, Spring 2019. https:// Administration, www.fhwa.dot.gov/ ssir.org/articles/entry/ policyinformation/pubs/hf/pl11028/chapter4.cfm. the_new_practice_of_public_problem_solving# 517 Public Interest Technology is a field dedicated to 505 Bharath Visweswariah, “Solving India's Most leveraging technology to support public interest Pressing Challenges with Civic Tech,” Medium, May organizations and the people they serve. For 21, 2018, https://medium.com/positive-returns/ decades, public interest organizations have worked solving-indias-most-pressing-challenges-with-civic- to improve the lives of the general public. They work tech-f2caea4a4c76. on issues that shape our everyday lives, including protecting the environment, human rights, child 506 “About: ichangemycity,” https:// welfare, and reforming criminal justice. Source New www.ichangemycity.com/about-us. America about Public Interest Technology

507 “Next Election: Make It Count!,” https:// 518 Mawaki, Chango, "Becoming Artifacts: www.nextelection.com/home. Medieval Seals, Passports and the Future of Digital Identity" (2012). The School of Information Studies- 508 “Civis,” https://civis.vote/. Dissertations. Paper 74.

509 “Building Young India's Champions | Solve ninja, 519 Benedict Anderson, Imagined communities: Reap Benefit,” https://reapbenefit.org/ reflections on the origin and spread of nationalism, London: Verso, 1983. 510 “Home.” Village Capital, vilcap.com/.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 186 520 Edward Black, IBM and the Holocaust: The Strat KJ, “UIDAI files FIR against journalist for exposing igic Alliance Between Nazi Germany and America’s flaws in Aadhaar enrolment,” Medianama, March 29, Most Powerful Corporation. New York: Random 2017; Rachna Khaira “Rs 500, 10 minutes, and you House 2001) have access to billion Aadhaar details, ”Tribune News Service Jan. 4, 2018. 521 M Manikandan ‘Fire of 1968 still burning inside’ The New Indian Express. Dec 24, 2017 534 Interviews with subjects in India who participate in groups to do research and publish their 522 1969 Gujarat riots work either under the name of someone who has enough power to reduce the risk they will have a FIR 523 Nellie Massacre (first information report) filed against them or under a group name. 524 1984 Anti-Sikh Riots 535 Anand Venkatanarayanan, Security Analysis of 525 Hashimpura massacre mAadhaar, Oct 30, 2017Derick Thomas, “What UIDAI doesn’t tell you about offline use of Aadhaar for 526 Laxmanpur Bathe Masacare KYC,” Nov. 18, 2018. Karan Saini, “Extracting personal 527 ‘Timeline of the Riots in Modi’s Gujarat’ New phone numbers linked to Aadhaar,” May 8, 2018. York Times, Aug 19, 2015 536 Zack Whittaker. “A new data leak hits Aadhaar, 528 Khairlanji Massacre India's national ID database.” ZDNet/ZeroDay, March 23, 2018. 529 See Kaur, Jaskaran; Crossette, Barbara (2006). Twenty years of impunity: the November 1984 537 Original content by iSpirit https://ispirt.in pogroms of Sikhs in India (2nd ed.). Portland, OR: 538 Cameron, Kim, Laws of Identity See the 4th Ensaaf. p. 29. and Rao, Amiya; Ghose, Aurobindo; Law of Identity. in the Directed Identity: A universal Pancholi, N. D. (1985). Truth about Delhi violence: identity system must support both “omni- report to the nation. India: Citizens for Democracy. directional”identifiers for use by public entities and Retrieved 4 August 2010. “unidirectional” identifiers for use by private entities, 530 Dabas, Maninder, ‘11 Major Incidents of thus facilitating discovery while preventing Violence Against Dalits Which Show How Badly We unnecessary release of correlation handles. Treat Them’. Indian Times. July 25, 2016 539 Identification vs. authenticationIdentification is 531 A Techno-Utopian strongly believes that the process of establishing who an entity is within a technology allows mankind to make social, given population or context. It often takes place economic, political, and cultural advancements and through identity proofing, which verifies and validates that technology’s impacts as extremely positive. attributes (such as name, birth date, fingerprints or iris scans) that the entity presents.Authentication is 532 Nandan Nilekani and Viral Shah, Rebooting the process of determining if the authenticators India: Realizing a Billion Aspirations (Penguin Books, (such as a fingerprint or password) used to claim a India 2015) digital identity are valid – that they belong to the same entity who previously established the 533 This was the case for several of my interviees identity.World Economic Forum, Identity in a Digital for this research and why I have chosen not to World: A new chapter in the social contract, 2017 disclose their names. Examples include: Shashidhar

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 187 540 This scenario was imagined by the American 549 Social Security Administration, Enumeration at Civil Liberties Union and a short film was created of Birth what this would be like when ordering pizza. 550 Department of Justice About the National Voter 541 Better Identity in America: A Blueprint for Registration Act Policymakers, Better Identity Coalition, June 2018. 551 Number of rooms, type of room, material of the 542 See: Department of Homeland Security, Silicon building construction. Valley Innovation, Program. ‘Preventing Forgery and Counterfeiting of Certificates and Licenses 552 Government of Kerala, Aadhaar Application (70RSAT19R00000002)’, Other Transactions Solicitations Link to site. Direct link to PDF. 553 Anand Venkatanarayanan and other security researchers have examined the software used for 543 Aadhaar: A Biometric History of India’s 12-Digit enrollment and in particular the encryption keys used Revolution by Shankkar Aiyar and The Aadhaar Effect: in the enrollment software. Why the World’s largest identity project matters by N.S. Ramnath, Charles Assisi. 554 All of these are available on the Internet Archive versions of UIDAI sites. UIDAI, State Resident Data 544 Updates on Aadhaar Final Hearing: Day 1 Hub (SRDH) State Adoption Strategy Document v1.2 March, 2012. UIDAI Doc Number: UID _603_ECMP, 545 Vidyut, Constitutional validity of Aadhaar Series Aadhaar Enrolment Client-Registrar Integration MediaNama Manual Pre-Enrolment Data, Security & KYR+ Data. Document Version 2.2; UIDAI, Approach Document 546 Prashant Reddy Thikkavarapu, ‘The Aadhaar Bill for Aadhaar Seeding In Service Delivery Databases Is Yet Another Legislation That Leaves Too Much Version 1.0. 2010; ITE & C Department Govt. of Power With The Government At The Centre’, Carava Andhra Pradesh. State Resident Data Hub SRDH; n Magazine 14 March 2016 UIDAI, SRDH Application Deployment Guide Version No.1.5; State Resident Data Hub (SRDH) Application 547 Prashant Reddy Thikkavarapu | ‘New Aadhaar Framework Adoption Guidelines; UIDAI, Regulations Grant The UIDAI Unchecked Power, And Memorandum of Understanding between the Unique Offer Little Convenience To Users’, November 21, Identification Authority of India And the State 2016 Government for the Implementation of SRDH Project

548 The Ecosystem Around Aadhaar mapped by 555 UIDAI State Resident Data Hub (SRDH), State Vidyut https://aadhaar.fail/aadhaar-ecosystem/ and Adoption Strategy Document v1.2, March, 2012 IDAI Dr. Usha Ramanathan’s Talk on the UIDAI Litigation A Portal and allows a Registrar to access ONLY its own n argument was made by private individuals and KYR data – hence, a State Registrar cannot access private companies to allow them to use the data as a data enrolled by Non State Registrars. business database, to use it as an identity platform on which many apps would be built. When the case was 556 UIDAI Data Sharing Policy Annexure-B, under way, five such businesses came to the court to Memorandum of Understanding between the Unique be a part of the litigation. They requested the court to Identification Authority of India And the State not change anything or their businesses would Government for the Implementation of SRDH Project. collapse. The link between businesses and the government in this project was extraordinary. 557 U Sudhakar Reddy, “Aadhaar-linked SRDH Data was shared in the past,” Times of India Mar. 9, 2019.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 188 558 Digital India Site: Kerala State Resident Data 565 United States Government Government Hub Lookup Service Accountability Office,Social Security Numbers Federal and State Laws Restrict Use of SSNs, yet 559 UIDAI, Standard Protocol Covering the Gaps Remain, Testimony Before the Committee on Approach & Process for Seeding Aadhaar Numbers in Consumer Affairs and Protection andCommittee on Service Delivery Databases June 2015 Version 1.1 Governmental Operations, New York State Assembly, Statement of Barbara D. Bovbjerg, SOCIAL 560 The same person may have many different SECURITY NUMBERS, Federal and State Laws names or variations of name based on context. It is Restrict Use of SSNs, yet Gaps Remain, For Release also true that different parts of India have different on Delivery Expected at 10:30 a.m. EST Thursday, naming conventions. Naming Conventions In India, September 15, 2005. RitiRiwaz, Aug. 2, 2018, Naming Traditions: How to Name Babies in India Last Updated on Sept. 12, 2017 566 Meiser, Ken, Opening Pandoras Box: The Social by Team Babygogo, Security Number from 1937-2018, 2018. (master’s thesis) 561 Subjects I interviewed in India went into great detail explaining how the name on their birth 567 Sarah Igo, the Known Citizen: A history of certificate was their grandfathers and matched what Privacy in Modern America was on their marriage certificate but this was different from the name they had on all their school 568 Sawyer and Schechter, “Computers, Privacy records and this was different from how they listed and the National Data Center” 811. In the Known their name on government documents like PAN Citizen: A history of Privacy in Modern America by cards. Sarah Igo

562 Niha Masih Lost in transition: Has linking 569 The cover story on the Atlantic in November Aadhaar to government welfare schemes made it 1967 was The National Data Bank; They July 1970 difficult for beneficiaries to avail of aid? Hindustan News Week Cover Is Privacy Dead; The Computer Times Oct. 08, 2017; Namita Singh Centre: States Data Bank: Will it Kill your Freedom, July 1968 Look need to speed up Aadhaar seeding with benefit Magazine. schemes, MediaNama, Nov. 12, 2018; Reetika Khera, Impact of Aadhaar in Welfare Programmes. The 570 UIDAI, ‘State Resident Data Hub (SRDH) government's estimates of savings are examined, but Institutional Framework Document’, April 2012. See these do not stand scrutiny. What passes as 'savings' Section 2.1.3.1 UIDAI Empanelment List is often the result of denial of legal entitlements for lack of Aadhaar. In that sense, the Aadhaar project 571 Government of Telegana, Intensive Household undermines the right to life. Survey 2014

563 Feggins, R. DevOps Best Practice - Establishing 572 Aman Sethi, ‘Why state data hubs pose a risk to a “Single Source of Truth,” July, 14, 2014. Aadhaar security’, Hindustan Times, March 13, 2018

564 Government of Odisha, State Resident Data 573 Social Security Number Task Force, Social Hub. http://archive.is/wBrqeOdisha SRDH is a Security Administration, Report to the Commissioner centralized, secure & single source of information on (1971) state residents and will be integrated with departmental applications for the purpose of availing Government Welfare Scheme benefits.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 189 574 Records, Computers and the Rights of Citizens, 586 Laws currently being proposed would only Report of the Secretary's Advisory Committee on apply to the private sector. Automated Personal Data Systems July, 1973 587 Consumer Identification Program 31 C.F.R 575 See Robert Gellman, Fair Information Practices: 1020.220 A Basic History 588 The Privacy of Financial Information 12 C.F. R. pt 576 U.S. Department of Justice, United States 332 and the Interagency Guidelines Establishing Department of Justice Overview of the Privacy Act Information Security Standards 12 C.F.R. pt 364. App. 1974, 2015 Edition B (and corresponding regs) together with several laws mandating reporting to consumers of mis-use 577 Meiser, Ken, Opening Pandora’s Box: The Social and theft of their information; Disclosure by CRA of Security Number from 1937-2018, 2018. (master’s Consumer File to Consumer; Free Annual Report; 15 thesis) U.S.C. §§ 1681g, 1681h, 1681j(a); 12 C.F.R. pt. 1022, subpart N. Duties of Consumer Reporting Agencies 578 Personal Privacy in an Information Society, The Regarding Identity Theft 12 C.F.R. § 1022.123 Report of The Privacy Protection Study Commission, July 1977 589 FATF - http://www.fatf-gafi.org

579 Chapter 16: The Social Security Number. 590 Indian Postal Addresses, Real Addresses taken Personal Privacy in an Information Society, The from Kamat's Address Book, Report of The Privacy Protection Study Commission, 591 Nandan Nilekani and Viral Shah, Rebooting 580 Meiser, Ken, Opening Pandoras Box: The Social India: Realizing a Billion Aspirations (Penguin Books, Security Number from 1937-2018, 2018. (master’s India 2015) Page 113-120 thesis) 592 There are a few limited cases such as private 581 Meiser, Ken, Opening Pandoras Box: The Social investigators, for example, can run license plates if Security Number from 1937-2018, 2018. (master’s they are in the course of an investigation. Towing thesis) companies can run a license plate to locate the owner of a towed vehicle. 582 Better Identity Coalition, Better Identity in America: A Blueprint for Policy Makers, 2018. Page 4. 593 I worked with advocates in India to survey accessed people to create a list of how and where this happens. This was an informal survey via Twitter to 583 E-Government Act of 2002 (Pub.L. 107–347, 116 get a sense of the range of every day activities that Stat. 2899, 44 U.S.C. § 101, H.R. 2458/S. 803) require photocopies of Aadhaar Cards - https:// twitter.com/godavar/status/1112556629390692353? 584 M-03-22, OMB Guidance for Implementing the s=19Patient transfer between hospital dfKotak Privacy Provisions of the E-Government Act of 2002 Mahindra Bank Mobile App for updating mobile number.private hospitals like #RNTagoreHospitalsAll 585 Congressional Research Services The Social banks ask for #Aadhaar photocopiesnew SIM card in Security Number: Legal Developments Affecting Its Chennaiprivate and public schoolsA workshop on Collection, Disclosure, and Confidentiality, Feb. 21, Digital marketingRooftop gardening lecture 2008State Department Report to Congress on Social demoHAM Radio classesVoter Id Security Number Fraud Prevention Act 2017 applicationinsurance of many typesshare

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 190 market,Office HR deptMedical insurance renewalPassport office during renewalPost office, when creating new post office schemes like National Saving CertificatesPAN card data correctionCell phone connection - AirtelVodafone while upgrading SIMElectoral Bond purchaseIndane gas agency for KYC. Sundaram Motors Honda dealer processing insurance claimTCS World 10k Race, BengaluruTamilnadu Ration (TN EPDS)the DTDC courier took my Aadhar card photocopy while sending one package outside India - claimed the authorities at the airports are asking them to submit it as one of the required documents.Livpure RO water purifier.Central University of Himachal Pradesh. For admission related paperwork.

594 As stated on their website: “Anyone who knowingly and willfully uses SSNVS to request or obtain information from Social Security under false pretenses violates Federal law and may be punished by a fine or imprisonment, or both.” Business Services Online BSO Suite of Services Page”

595 EPFO Scheme How to Link Aadhaar Card With EPFO & UAN Account 2018

596 Aadhaar Enabled Biometric Attendance Solution (AEBAS) is an attendance management system designed for government organizations by Government of India to improve productivity of employees. The system authenticates attendance using Aadhaar number created by Unique Identification Authority of India (UIDAI). It is a cloud based BAS that monitors attendance of government employees in real-time.

597 Stephen Cobb, Data privacy and data protection: U.S. law and legislation:an ESET White Paper. 2016

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 191

This report carries a Creative Commons Attribution 4.0 International license, which permits re-use of New America content when proper attribution is provided. This means you are free to share and adapt New America’s work, or include our content in derivative works, under the following conditions:

• Attribution. You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.

For the full legal code of this Creative Commons license, please visit creativecommons.org.

If you have any questions about citing or reusing New America content, please visit www.newamerica.org.

All photos in this report are supplied by, and licensed to, shutterstock.com unless otherwise stated. Photos from federal government sources are used under section 105 of the Copyright Act.

newamerica.org/fellows/reports/anthology-working-papers-new-americas-us-india-fellows/ 192