Video Producer: Zijah Sherwani
Video Editor: Prajjwal Kumar
Cameraperson: Ribhu Chatterjee
From the much-awaited data protection bill being passed into law to COVID-19 vaccination records being allegedly leaked on Telegram to more internet shutdowns and fears of State surveillance; here's a look back at Digital India in 2023.
#1. India's First Data Protection Law
2023 was the year India finally got its first data protection law after what felt like ages.
The Digital Personal Data Protection Act (DPDPA) was passed by the Parliament in the Monsoon Session on 9 August.
The draft legislation had been in the works since 2017, when a nine-judge bench of the Supreme Court of India ruled in the Justice Puttuswamy vs Union of India case that privacy was a fundamental right.
However, the DPDPA was met with criticism, mainly for granting wide exemptions to the State and its agencies from the provisions of the enacted law. Even certain private actors and employers have been permitted to process personal data of employees without obtaining their specific consent.
Critics fear that these exemptions could lead to potential misuse of personal data and increased State surveillance.
What's in store for 2024?
The Union Ministry of Electronics and Information Technology has drawn up a set of draft rules related to the implementation of the DPDPA and it may be released for public consultation soon, according to a report by Hindustan Times. The architecture and composition of the Data Protection Board (which will oversee compliance with the Act) is also expected to be finalised in the coming year.
#2. CoWIN Data Leak
2023 was the year the personal data of thousands of Indians who had registered for COVID-19 vaccinations was allegedly leaked by a Telegram chatbot.
First reported by The Fourth News and Manorama, the data allegedly leaked on Telegram included the names, date of birth, gender, phone number, Aadhaar details, passport details, and location of where the first dose was administered to the beneficiary.
The leaked dataset had also revealed private information about senior politicians, including former Union Health Minister Harsh Vardhan, Kerala’s Health Minister Veena George, Union Minister Meenakshi Lekhi, Congress leaders KC Venugopal and Karti Chidambaram, and Bharatiya Janata Party’s Tamil Nadu president K Annamalai.
However, the central government continued to deny that the CoWIN portal had been "directly breached" and had directed CERT-In (India's cybersecurity watchdog) to probe the matter.
Months later, a man from Bihar was arrested by the Delhi Police in connection with the alleged data breach. The police reportedly claimed that the man had used the CoWIN ID belonging to his mother, an Auxiliary Nurse Midwife (ANM) in Patna, to access the personal details of several vaccine beneficiaries.
What's in store for 2024?
Beyond the one arrest by Delhi Police, we still don't know any details about CERT-In's investigation of the alleged data breach or if there even was one in the first place. Interestingly, the central government agency was recently granted immunity from Right to Information (RTI) requests.
#3. 'State-Run' Fact-Checking Units
2023 was the year the State decided to turn fact-checker.
In April, the Union IT Ministry notified amendments to the Information Technology (IT) Rules, 2021, mandating media and social media platforms to take down government-related content that had been marked as "false, fake or misleading" by the Centre.
Any content "identified as fake or false" by the Press Information Bureau's (PIB) fact-check unit must also be taken down.
Social media platforms that didn't comply with the takedown request could potentially lose safe harbour protection under the IT Act of 2000.
Meanwhile, state governments in Karnataka and (most recently) Tamil Nadu have established their own fact-checking units to tackle fake news.
What's in store for 2024?
The constitutionality validity of the IT Amendment Rules, 2023, have been challenged in Bombay High Court by several petitioners including standup comedian Kunal Kamra. Since arguments have been concluded, what's left is for the High Court to deliver a verdict in the case. Until then, the central government has reportedly said that it will hold off on notifying its fact-checking unit.
#4. Apple's Spyware Threat Notifications
2023 was the year when receiving a ping from Apple struck dread in the hearts of many.
Towards the end of October, the iPhone maker informed a swathe of Opposition leaders and journalists in India that their devices may have been targeted by "State-sponsored attackers."
Not only did the incident reignite fears of being targeted by the highly sophisticated Pegasus spyware, it also set off a political row with Congress leader Rahul Gandhi calling it the "work of criminals."
Just this month, Amnesty International said that it has found traces of Pegasus spyware on the iPhones of two Indian journalists (The Wire's Siddharth Varadarajan and OCCRP's Anand Mangnale) in fresh instances of attempted hacking.
What's in store for 2024?
Pegasus continues to be like Damocles' Sword in India as the central government is yet to give a straight answer on whether it has purchased the highly sophisticated spyware. Meanwhile, Israeli surveillance firm NSO Group (which developed the spyware) maintains that Pegasus is only sold to sovereign States as well as "vetted law enforcement and intelligence agencies."
#5. A Retrofitted Telecommunications Act
2023 was the year when the Indian government was reluctant to let go of colonial baggage in the form of the new Telecommunications Act, 2023.
After being passed by Parliament during the recently concluded Winter Session, the Telecommunications Act has repealed and replaced the British-era Indian Telegraph Act, 1885; the Indian Wireless Telegraphy Act, 1933; and The Telegraph Wire (Unlawful Possession) Act, 1950.
The legislation has attracted significant attention for two main reasons:
The sweeping powers given to the State that has led to fears of mass surveillance and violation of the right to privacy.
The potential inclusion of online platforms such as WhatsApp under the same regulatory umbrella as telecom companies, though IT Minister Ashwini Vaishnaw informally clarified to the Economic Times that this won't happen.
While the Act was welcomed by Indian telcos, it was criticised by digital rights activists for having "broad" and "vague" language that could lead to OTT regulation, interception of encrypted messages, arbitrary internet shutdowns, mandatory verification of social media users, and more.
What's in store for 2024?
Several parts of the Telecom Act leave the door open for future rule-making by the central government. In fact, the phrase "as may be prescribed" has been used 46 different times in the Act. Besides this, the Broadcasting Services Bill that looks to regulate digital news content could also be passed and enacted into law in 2024.
#6. An Internet Blackout in Manipur
2023 was the year India saw the second-longest internet shutdown in its entire history.
Since violence erupted on 3 May, Manipur has been plunged in digital darkness that has reportedly had a chilling affect on the livelihoods and education plans of many in the northeastern state.
On 23 September, the Biren Singh-led state government lifted the ban on mobile internet access – only for it to be reimposed two days later.
So far, there have been a total of 92 internet shutdowns across India in 2023, according to a tracker run by the Software Freedom Law Centre (SFLC). The 165-day blackout in Manipur is the second-longest internet shutdown in India's history, after the 552-day internet shutdown in Jammu and Kashmir (from 2019-2021).
Internet shutdowns in India in 2022 cost the country $174.6 million, according to a report by Top10VPN.
What's in store for 2024?
Unfortunately, internet shutdowns may continue to be excessive under the new Telecom Act which empowers the State to take "temporary possession" of any telecom service or network in the event of a public emergency or for the purposes of disaster management or public safety.
The legislation has been criticised due to its lack of adequate checks and balances related to internet shutdowns that had been recommended by the Supreme Court as well as a parliamentary standing committee.
#7. Deepfakes: A Recurring Nightmare
2023 was the year India woke up to the threat of AI-generated deepfakes.
The need for stronger regulations around deepfakes resurfaced after an AI-generated deepfake video of actor Rashmika Mandanna went viral online in November.
The video was created by morphing Mandanna's face onto the body of Zara Patel, a social media influencer.
"Technology-facilitated online gendered violence is a reality, and deepfakes are just another form of perpetuating such violence," Radhika Roy, advocate and associate legal counsel at Internet Freedom Foundation (IFF), had told The Quint.
Even Prime Minister Modi sounded the alarm on the rise of deepfakes, calling it a "new and emerging crisis."
"We need to educate people about artificial intelligence and deepfakes, how it works, what it can do, what all challenges it can bring and whatever can be made out of it," PM Modi had said in a speech.
What's in store for 2024?
Amid the mounting concerns over deepfakes, the central government is contemplating new legislation. "We will start drafting the regulations today itself and within a very short timeframe, we will have a separate regulation for deepfakes," Union Minister of Electronics and Information Technology Ashwini Vaishnaw had said in a press conference on 23 November.
Most recently, the IT Ministry issued an advisory to all intermediaries, ensuring compliance with the existing IT rules. "The directive specifically targets the growing concerns around misinformation powered by AI – Deepfakes," the press release said.
#8. Blackmailing Loan Apps Galore
2023 was the year Indians were threatened and harassed by agents of instant loan apps, resulting in 94 such apps being banned by the central government in February.
Furthermore, a BBC documentary called The Trap that was released in October, highlighted the vicious circle of extortion allegedly faced by borrowers of digital lending apps.
“I was numb, shocked. I thought of suicide but did not have the courage...Morphed photos showing me nude were sent to everyone in my contact list, including my daughter, my father’s acquaintances, and children for whom I am like a mother,” Bhumi Sinha, one of the victims that faced harassment after borrowing money from a Chinese loan app, was quoted as saying by BBC.
What's in store for 2024?
In an attempt to tackle the menace of sketchy lending apps, the IT Ministry had urged the Reserve Bank of India (RBI) to come up with a KYC-like verification process called Know Your Digital Finance App (KYDFA), according to a report by Moneycontrol. More recently, the IT Ministry issued an advisory to all digital platforms, directing them to not carry ads of "fraudulent loan apps." It remains to be seen whether these measures will help curb the proliferation of illegal loan apps on app stores next year.
#9. Taxman Comes for Online Gaming Industry
2023 saw a 28 percent GST levied on the gross revenue earned from online games – including games of skill and chance.
The new tax rate faced pushback from the online gaming industry as well as real-money gaming players. Under the previous tax regime, only an 18 percent GST was applicable on platform fees charged by gaming companies.
Soon after the new GST rate went into effect, the online gaming sector saw layoffs and shutdowns.
“The gaming companies want to be regulated, but Central Govt is being unrealistic & unreasonable with their demands, which is not only killing employment in the sector, but is also driving away gamers to Chinese & European gaming sites where they are getting duped,” Karnataka’s IT Minister Priyank Kharge had tweeted in December.
Meanwhile, several states have sought to ban real-money games after an increase in suicides among players who have lost vast amounts of money in such games.
What's in store for 2024?
Besides the new tax regime, a self-regulatory framework is also expected to be introduced by the IT Ministry after discussions with various stakeholders.
10. A Few More Shout-Outs
Flip-flop on laptop, tablet imports: Initially, the central government placed imports of laptops, tablets, all-in-one personal computers, and ultra-small form factor computers, and servers under the ‘restricted’ category, making their imports permissible only under a valid licence. However, the restrictions on the imports of such devices were rolled back after US, China, and a few other countries voiced their concerns at a World Trade Organisation (WTO) meeting, according to The Indian Express.
Apple retail stores in India: In April, CEO Tim Cook made his way to India to launch the first Apple retail stores in India, specifically in Mumbai's Bandra Kurla Complex (BKC) and New Delhi's Saket. Later, in September, the made-in-India units of the iPhone 15 were made available for purchase in the country on the same day as the global launch day.
India's DPI pitch: At the 2023 G20 Summit held in New Delhi, India showcased its digital public infrastructure (such as UPI for payments) as a model for other countries to follow. “The UPI platform has gained significant popularity in India; more than 9.41 billion transactions valuing about Rs 14.89 lakh crore were transacted in May 2023 alone. For the fiscal year 2022–23, the total value of UPI transaction was nearly 50% of India’s nominal GDP,” said a World Bank report published ahead of the G20 Summit.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)