Big Brother in a Sari: India’s New Rules for Cyber-Cafes

INDIA—New guidelines for cyber-cafes released April 11 by the Indian Ministry of Communications and Information Technology prohibit internet users from accessing porn sites. But that’s the least of the restrictions imposed not just on users but also the café owners, who now have to keep incremental logs of internet activity that effectively destroy any semblance of privacy a user might expect to have. It’s essentially Big Brother in a sari.

Indeed, the very first listed requirement for cyber cafes, all of which must be registered with the government, is one of the most onerous. “Cyber café shall not allow any user to use its computer resource with the identity of the user being established.” A number of acceptable documents are listed, including a passport, voter identity card, college photo I.D., etc.

If a user does not have such a document, “he/she may be photographed by the cyber café using a web camera installed on one of the computers in the cyber café for establishing the identity of the user. Such web camera photographs shall be part of the log register which may be maintained in physical or electronic form.”

If an individual has no I.D., declines to provide one and also refuses to have his or her photo taken, the café cannot allow them to use a computer. Yikes.

But that’s not all.

The café also is required to keep the identifying information in a log for one year, and “prepare a monthly report of the log register showing data-wise details on the usage of the computer resource and submit a hard and soft copy to the person or agency as directed  by the licensing agency by 5th day of next month.”

The information contained in the log must include:

• A history of all websites accessed

• Logs of proxy server installed at the cyber café.

• Mail server logs

• Logs of network devices, (routers, switches and other systems installed at the café)

• Logs of firewall of intrusion prevention/detection systems, if installed

Physical privacy is also under threat. Partitions or cubicles can no longer by more than four and a half feet in height, and all screens must face outward toward a common area. Minors may not access a computer at all without being accompanied by a parent or guardian, and all computers must have filtering software installed to prevent access to sites related to “pornography, terrorism and other objectionable materials.”

Police inspectors may inspect a café at any time to ensure these requirements are being met, and the owner must provide “every related document, registers and any necessary information to the inspecting officer on demand.”

India recently said it intends to filter the Dot-XXX top-level domain from the country. Anyone thinking they were not serious about that intent might want to reconsider that point of view in light of these new regulations that essentially do the same thing for all porn sites, though on a micro level.

Well, at least they’re trying to get a handle on the proliferation of two of the world’s great scourges—terrorism and pornography.

The new Indian cyber-cafe guidelines can be read here.