RTI on wheels launched in Ahmedabad

An RTI on wheels is great, definitely the cat’s pyjamas! Indian express reports:

AHMEDABAD, MARCH 18
AMID much fan fare, the RTI on Wheels was launched at the Sardar Patel Institute of Public Administration (SPIPA) here on Monday. The vehicle, conceptualised by the Mahiti Adhikar Gujarat Pehal (MAGP) is poised to take the Right to Information Act to the common man across the city.

Equipped with LCD projector, screen, computer with wireless Internet connection, scanner, printer and copier, and a small library, the vehicle will be manned by two volunteers, who will screen films on RTI, distribute pamphlets, hold discussions, assist people to file applications seeking information about the Act.

While the planned area of operation includes the six districts of Ahmedabad, Sabarkantha, Banaskantha, Surendranagar, Rajkot and Patan, the vehicle will initially start with the city before expanding elsewhere. Harinesh Pandya from the MAGP said the government might replicate this model across other districts later. “This vehicle has been designed by modifying an old Tata Sumo vehicle,” said Pandya.

Natco files for Compulsory License in life-saving cancer drug

! Update – Read Chan Park’s (Lawyer’s Collective) excellent minutes of the Compulsory License proceedings.

In an excellent article today, Latha Jishnu of the Business Standard reports on a Compulsory License case initiated by generic manufacturer Natco to obtain permission to sell its cancer “life-saving” drugs in Nepal (Roche’s erlotinib (brand name Tarceva) and Pfizer’s Sunitinib (sold as Sutent)). Snippets from the full article:

For example, Natco is offering its version of erlotinib at just Rs 1,000 per tablet in Nepal against Rs 4,800 a tablet that Roche charges for Tarceva in India. It’s not so difficult to calculate the implications of this across the spectrum.
..

Natco’s is the first CL application in India and only the second in the world to be made under the Doha Declaration on public health that was incorporated in the TRIPS agreement. This allows developing countries to use CLs to make cheaper versions of patented drugs in special circumstances, each country being free to use the flexibilities within the TRIPS agreement to formulate its own rules. The first time the CL was invoked, and granted, under the Doha Declaration was in Canada on GSK’s AIDS drug, TriAvir, for export to Rwanda. A CL allows a drug company to manufacture a patented drug without the consent of the patent owner by paying what is deemed a reasonable royalty.

Although the application was made in September, 2007, the Controller General of Patents has yet to take a decision on this. Instead, it had convened a meeting of Natco with the two drug majors last month to which the Hyderabad company had objected, saying that the law (Section 92 A of the Indian Patent Act, 2005) did not warrant that the patentee should be given a hearing. Natco has offered a 5 per cent royalty to the two drug majors in its CL application, a rate that is in keeping with the guidelines suggested by the WHO and other international organisations like UNDP.

What the law does state is that the CL can be made available for manufacture and export “to any country having insufficient or no manufacturing capacity for the concerned product to address public
health problems”. For this, Natco needs to have either a licence or a notification from the Nepal government for the contracted amount. So far, there has been no confirmation on this score from either Natco or the authorities in Kathmandu.

In Canada, royalty is capped at 4 per cent of the price of the generic product, the rate being adjusted downwards depending on the importing country’s rank on the UNDP Human Development Index. In the tiered royalty system proposed by UNDP, the base royalty is set at 4 per cent of the price of a product in high-income markets. This rate is adjusted taking into account the relative capacity of a country to pay, based either on the relative per capita income or the national income.

DoT examining encryption code compliance?

As a fallout of the Blackberry illegality “controversy”, the DoT has reportedly begun to insist that all ISPs adhere to the prescribed encryption code. For those who didn’t know, Clause 2.2(vi) of the ISP license issued by the DoT mandates that if encryption technology greater that 40 bits is used, the decryption code must be submitted to the Government.

The Licensee shall ensure that Bulk Encryption is not deployed by ISPs. Further, Individuals/ Groups/ Organizations are permitted to use encryption up to 40 bit key length in the symmetric key algorithms or its equivalent in other algorithms without obtaining permission from the Licensor. However, if encryption equipments higher than this limit are to be deployed, individuals/groups/organizations shall obtain prior written permission of the Licensor and deposit the decryption key, split into two parts, with the Licensor.

So under what law does the Central Government get a monopoly over encryption?

Under the Telegraph Act, the Central Government has the “exclusive privilege” of establishing, maintaining and using telegraphs (which is broadly defined to include anything which is capable of sending and
receiving messages electronically).

So do we understand Clause 2.2(vi) as saying that the Central Government licenses the individual to use his lan card (which is a kind of telegraph) for accessing the internet on the condition that the message is not encoded greater than 40 bits?
Under this interpretation, if anyone contravenes this provision, he/she can be proceeded against under section 20A of the Telegraph Act – contravention of conditions of a license..”fine which may extend to one thousand rupees, and with a further fine which may extend to five hundred rupees for every week during which the breach of the condition continues”.

My web browser uses SSL which is a 128 bit technology!

Alternatively, there is the interpretation that suggests that as a third party to the contract, the DoT cannot proceed against me directly. The best it can do is to cancel the license with the ISP and proceed against the functionaries of the ISP.
But if there is no contract between the DoT and me, and DoT maintains that it owns encryption absolutely, I’m still in trouble. This way, I’m “Establishing, maintaining or working unauthorized telegraph” – an offence punishable with a fine which may extend to one thousand rupees.

Unless the DoT relaxes this rule, this is going to be an interesting fight on the lines of the battle over PGP in the US when it first began.

New Delhi/Mumbai March 18: Online banking operations and e-commerce transactions including purchase through credit cards may be open to Government surveillance as a fallout of the recent Blackberry controversy.

The Department of Telecom is now taking steps to ensure that all providers of Internet services strictly follow the prescribed encryption code. As per the existing law, all Internet-based service providers are required to submit a decryption key to the Government if they use more than 40 bit encryption code to secure the transactions.

Encryption codes are essentially a way to scramble information sent online in such a way that only the desired recipient has the key to unscramble it and convert it back to its original form.

However, as it was found out in the Blackberry case, a number of service providers are not strictly following the rule and have not submitted the decryption code. The issue came to light when telecom operators providing Blackberry services told DoT last week that the Government was singling out one service for allegedly violating the encryption laws.

Most of the e-commerce web sites like those selling airline and movie tickets and banking application web sites use more than 128 bit encryption code. The higher code is required to keep the transactions secure. The problem with using higher encryption codes is that the Indian security agencies find it impossible to track any specific transaction unless they have the decryption codes.

However, the Internet Service Providers termed DoT’s policy as archaic and said that they have already requested DoT to raise the permitted levels from 40 bits to at least 128 bits in line with the changing technology. “The existing encryption laws were made when Internet services were just beginning to take shape in the country. It is really unfair to stick to the same standards when technology is enabling more secure transactions and highly complex transactions. If DoT insists on the 40 bit encryption then it will be taking the Internet back to the dark ages,” said Mr Rajesh Chharia, President, Internet Service Providers Association.

Industry experts said that DoT’s policy was not practical on two counts. First, no company will give away its patented codes to leaky Government departments as it could make e-commerce applications unsecure and, therefore, useless. Second, under the existing rules, the procedure for submitting decryption keys, which is in digital form, has not been laid out. So even if anyone was bold enough to give the code to the Government, they would not know how to submit it. “In developed countries like the US there is no limit on the encryption code. Monitoring is done by their security agencies using the most sophisticated technology. DoT should invest in setting up monitoring centres which can do the job without limiting the scope of Internet services,” said Mr Amitabh Singhal of Elxess Consulting Services.