Rohini Lakshané (of The Bachchao Project) and Prateek Waghre (of The Takshashila Institution) spoke with Anirudh Kanisetti on this podcast about their analysis of the 301 entries whitelisted for Internet access in Jammu and Kashmir in January 2020. This episode is a part of the All Things Policy series of The Takshashila Institution. The detailed analysis and test results were published on Medianama — Even the 301 whitelisted sites in Jammu and Kashmir are not entirely accessible: An analysis.
The article “Even the 301 whitelisted sites in Jammu and Kashmir are not entirely accessible: An analysis” written by Rohini Lakshané (The Bachchao Project) and Prateek Waghre (The Takshashila Institution) was published on Medianama on January 28, 2020.
The Supreme Court made a judgement on January 10, 2020 directing the Central government to review the total suspension of Internet services in Jammu and Kashmir imposed since August 5, 2019 and to restore essential services. In response, the government of Jammu and Kashmir issued a whitelist comprising 153 entries on January 18, and increased the number of entries to 301 on January 24. What would the experience of an ordinary resident of Jammu and Kashmir be like under the whitelist arrangement? We conducted a preliminary analysis to empirically determine whether the 301 whitelisted websites and services would be practically usable and found that only 126 were usable to some degree. Before we delve further into the questions the list raises, the role of ISPs, and analyse the list itself, it is pertinent to understand the background and context in which an ordinary resident of Jammu and Kashmir may access the Internet…
126 websites on the whitelist were either usable or partially usable.
31 had to be eliminated for various reasons (duplicates, no URLs, indeterminate URLs, invalid URLs). That leaves 144 which were not usable. As I said earlier, this is subjective to some extent. (2/n) pic.twitter.com/DDZUnshYyK
The new set included search engines. Searches worked, though only results from websites on the whitelist were actually accessible. We classified them as ‘partially’ usable. Indian subdomains were not included but Canadian, French-Canadian versions of some were (3/n)
The official websites for some apps like Notability and Kinemaster were on the list. Of course, the apps themselves cannot be downloaded since app stores are not allowed. Installed versions will likely not work (depends on whether the app is designed to use the same hostname) 5/n
74 websites categorised as “news” (60) and “Technology Updates” (14) were included too. There were affected to varying degrees. Audio/Video did not work for almost all of them (CDN/Youtube). (6/n) pic.twitter.com/BItmmDHT0T
Our method did have some limitations, and there maybe be better/smarter ways to do this. We’ll continue to explore and are also willing to work with anyone who wants to collaborate. (7/7) pic.twitter.com/T8PjdK2aQR
Rohini Lakshané (The Bachchao Project) and Prateek Waghre (The Takshashila Institution) conducted a preliminary analysis of whitelist comprising 153 entries issued by the Home Department, Government of Jammu and Kashmir on 18 January 2020, to empirically determine whether the whitelisted websites and services would be practically usable for an ordinary resident. The Twitter thread published here shines a light on the method of testing and the signficant findings. A detailed write-up will be published soon. The dataset comprising test results is licensed and can be accessed here: https://zenodo.org/record/3627665
Thread on the Kashmir Whitelist.
Earlier this week @aldebaran14 and I analysed the 153 websites on the whitelist as per the 18th Jan Order and found that ~80 were not ‘practically usable’. We wanted to understand how these websites will work/look under this whitelist regime(1/n)
— Prateek Waghre (@prateekwaghre) January 25, 2020
So we setup Chrome with an extension to allow access only to the hostnames listed in the order. Now, there are limitations with this method. We did not test on a 2G network. We could not carry out actual transactions and the assessment of usability is a bit subjective (2/n)
We looked for whether the website was visually affected, if the images loaded, if the login section was accessible and the main function(s) of the website still worked along with some general navigation to see what was affected (3/n)
In perusing the list we found typos, duplicate entries, entries without actual hostnames and some that were indeterminate. After removing these, we were left with 134. Of these we found ~80 websites were not practically usable. Why? (4/n)
Well, the way most websites are designed, a lot of content comes from subdomains, CDNs. They also have 3rd party content like analytics services, ads, various libraries that manage the UI etc. None of this worked because there were not on the whitelist (5/n)
So most of the websites were broken. Here is an example of https://t.co/lrODnoKXrm. We also pulled a request map to highlight how much content comes from other domains. Different websites were affected to varying degrees depending on how they were designed (6/n) pic.twitter.com/IvNOAXjsjG
In case of https://t.co/VZism9Q7nA, we found that though the page was still (sort of) readable, the search feature was unresponsive. The train status feature took us to another link, which of course, was not the on the whitelist. (7/n) pic.twitter.com/CCsuk5L8OA
For the ones classified as banking websites, we found that only 2 of the 15 on the list had accessible login pages (eg. For SBI bank, the whitelisted domain was https://t.co/puxIdFlslj, but to login you need to go to https://t.co/Owwg9o3Qth which was not on the list) 8/n
The inclusion of streaming services seems absurd because:
2) Most of them use CDNs for delivering video content (as I said earlier, these are not on list).
3) No actual hostnames were given – how does the ISP know what to allow? Are they expected to analyse the apps? (9/n)
We excluded these and ‘Jio Chat’, so in reality (esp. over 2G) the number of unusable websites maybe higher than what I said earlier in thread.
Of the ones that worked, 25 were minimally impacted (mainly had textual information). 30 were ‘partially usable’ (10/n)
We ended the exercise with more questions than answers. Some of them are:
1) On what basis are these (and future) domains selected?
2) Why are some some sites on the list while others in the same category are not?
3) How will ISPs actually implement this? (11/n)
I know the list was updated to approx 300.Haven’t read through it in detail,but a cursory glance was enough to spot duplicates and strange entries (trying hard not to judge).I would love to test the new ones, sadly, we’re caught up with other stuff over the next few days. (12/n)
We’ve also done a detailed write-up that we’re hoping to publish soon. Both @aldebaran14 (credit to her for kicking this off) and I are also happy to release the spreadsheet that we recorded our analysis on, in case anyone wants to build off it. (13/n)
This preliminary analysis was conducted by Rohini Lakshané (The Bachchao Project) and Prateek Waghre (The Takshashila Institution) from 22 and 26 January 2020 IST, to empirically determine whether the whitelisted websites and services would be practically usable for an ordinary resident of Jammu and Kashmir at the time of writing.
This dataset contains an analysis of a whitelist comprising 301 entries issued by the Home Department, Government of Jammu and Kashmir on 18 January 2020 [Order number: Home-05 (TSTS) of 2020]. The department issued an order with the accompanying whitelist in response to a Supreme Court judgement dated 10 January 2020 (Anuradha Bhasin vs. Union of Indian and Ors.) that directed the Government of India to review the blanket suspension of Internet services in Jammu and Kashmir since 5 August 2019. The first version of the whitelist (dated 18 January 2020), and this dataset by extension, comprised 153 entries. The Home Department states in its orders that this whitelist will be continually updated; the next update may be issued on 31 January or earlier.
The first-ever edition of the global pop-up exhibition “The Glass Room” to be held in India was hosted by The Bachchao Project in Bengalurufrom 22 to 24November, 2019. The exhibition was a part of the art gallery event Art Bengaluru 2019.
The three-day exhibition attracted more than 300 visitors, and was supported by 15 trained volunteers. Visitors were also offered the Data Detox.
The Glass Room is a public intervention that provides an interactive, fun, and challenging experience, bringing to life the most pressing challenges facing people and the tech industry today. As technology reaches a global scale and becomes embedded in every part of our lives and our environments, The Glass Room examines its impacts and helps visitors explore practical solutions to mitigate them. The consequences of a “move fast and break things” industry are catching up with us and now we must examine what has been lost and gained along the way. The Glass Room is curated by Tactical Tech, an international NGO based in Berlin.
Exhibits titled “Zuckerberg’s House”, “Alphabet’s Empire” and “The Life of a Selfie” were especially popular amongst the visitors, one of whom wrote, “I know some of the information before (e.g., Zuckerberg’s buy out) but this is way comprehensive [sic] and concise”. Feedback received from the visitors shows that they appreciated the exhibition “for showcasing the need to privacy and bringing digital awareness to the mass audience” and for “creating awareness of the digital footprints we leave”. Some visitors said that they wished to see some exhibits contextualised for the Indian data privacy scenario and audience in the future, while some others wished for a larger exhibition and more exhibits.
Visitors who received the Data Detox kits found them “very interesting and informative” and that “it was scary to realise how much [data] is up for sale like [mentioned in] the [Data Detox] booklet”. Most visitors also stated that they looked forward to taking the 8-day Detox Challenge. Around 150 Data Detox kits were distributed at the event.
The response of the visitors to The Glass Room, Community Edition indicates that it was an interesting and valuable experience for them, and the Complete Edition would be well-received, “[We need] many more such installations at many more art exhibitions.”
At The Bachchao Project we believe that conversations on digital privacy and security must move beyond policy-making and civil society spaces to reach and include the general public. The Glass Room Exhibition is a brilliant medium to have these conversations. Our strongest motivation for hosting The Glass Room was to bring this medium of having conversations about the interplay between technology and privacy to India. In the years to come we hope to continue to host these kinds of events in different parts of the country, with more India-specific content.
Rohini Lakshané (Director, Emerging Research, The Bachchao Project) spoke with Srinivas Kodali (Interdisciplinary researcher) on an episode of Cyber Democracy about the efficacy of technological interventions for public safety. Rohini spoke about CCTVs, mobile phone apps, mobile device-based panic buttons, and the preliminary research report “Evaluating Safety Buttons on Mobile Devices (2017)“, jointly published by the Centre for Internet and Society and The Bachchao Project.
The Bachchao Project invites volunteers for The Glass Room exhibition scheduled to be held in Bengaluru from November 22 to 24, 2019 at UB City. The Glass Room is a global pop-up exhibition that is generating a conversation about data and privacy. This will be the first-ever edition of the exhibition to be held in India.
Tasks for volunteers
Interact with visitors
Talk about the exhibits assigned to them, and answer questions that visitors may have
Distribute handouts to visitors who are interested
Collect feedback from visitors
Who can volunteer?
Live in Bengaluru.
Are available for at least four hours at a stretch during the three-day exhibition.
Are available to attend a briefing session on the evening of November 21.
Have at least a basic knowledge and understanding of common Internet technology and its interplay with privacy (preferable).
All volunteers will receive a daily allowance for covering expenses towards meals and conveyance to and from the exhibition venue.
The Glass Room is a public intervention that provides an interactive, fun, and challenging experience, bringing to life the most pressing challenges facing people and the tech industry today. As technology reaches a global scale and becomes embedded in every part of our lives and our environments, The Glass Room examines its impacts and helps visitors explore practical solutions to mitigate them. The consequences of a “move fast and break things” industry are catching up with us and now we must examine what has been lost and gained along the way. (Text from: https://theglassroom.org/about-us)
The Glass Room is curated by Tactical Tech, an international NGO based in Berlin.
About The Bachchao Project
The Bachchao Project is a techno-feminist collective that undertakes community-centric efforts to develop and support open source technologies and technical frameworks with the goals of mitigating gender-based violence and working towards equal rights for women, LGBTQIA people, and gender non-conforming groups. We conduct research and advocacy in all the above areas and guide communities in determining appropriate technological interventions for themselves. http://thebachchaoproject.org