Internet Lockdowns: Is There Any Other Way Out?

Internet Lockdowns: Is There Any Other Way Out?

Analysis

By Abhinav Pandya

India's internet revolution is fast transforming its political, social, cultural, and technological landscape. One of the most critical factors that ensured the landslide victory of PM Modi with his razor-sharp and a straight-forward nationalist discourse, in a polity where extreme minority appeasement has been the accepted consensus, was the revolutionary role played by social media.

Following Modi’s successive landslide electoral victories, India is rediscovering itself in myriad ways. However, the advent of the internet and social media has not only been beneficial in the electoral arena, its pernicious role was clearly manifest during the Arab Spring, where Facebook and Twitter became the vehicles of revolutions, uprooting the most powerful dictators.

Internet and social media can play havoc in a case like India, which has an impressive but easily exploitable array of social, political, religious, regional and cultural fault-lines. Social media can be used to foment communal riots, civil unrest, anti-national protests, and internet campaigns. Early last year, during former US President Donald Trump's visit to India (February 2020), the Popular Front of India (PFI) and some foreign forces had reportedly, tried to orchestrate bloody communal riots using social media1. The rioters used Whatsapp group of 125 members for spreading hate messages because of its encryption facilities2. During the on-going farmers' unrest, anti-India forces, including pro-Khalistan terrorist groups, had planned to use Twitter to campaign against the government. Similarly, after the abrogation of Article 370 in J&K, Turkey and Pakistan had extensively used Youtube to radicalise the youth with provocative videos and rap songs3. It is well established that in Kashmir, the militants use encrypted communication apps for their communication.

As a result, it should not come as a surprise that India has become home to some of the most extended internet lockdowns. Between 2012 and 2020, Kashmir witnessed 300 internet lockdowns. After the abrogation of Article 370, Kashmir had the most prolonged lockdown of about 213 days4. The state of Rajasthan stands second with 72 lockdowns5.

It needs no reiteration that internet lockdowns make life immensely difficult for the ordinary citizens, even causing severe economic damages. Therefore, the question arises as to whether there could be any other way of meeting the requirments of maintaining peace and order without taking recourse to extended periods of internet lockdowns.

Participating in a recent webinar discussion on cyber threats to national security, organised by Bridge India, a British Diaspora Think-tank, Logically India, and The Quint, the author outlined the following measures to counter cyber threats, aimed at minimising the use of lockdowns as last resort, i.e., the complete internet shutdown:-

  1. IP address:- The desktops and laptops have a permanent IP address while using the internet, which can help track the location if some incendiary social media post originates from any desktop/laptop. However, in the case of mobile phones, there are no permanent or static IP addresses. As a result, when one uses the internet through a mobile device, the individual uses multiple IP addresses, which keep changing at some frequency, maybe an hour or so. The mobile phone may thus end up using 30 to 40 IP addresses in a day, making it almost impossible to track the divice from which any objectionable material was posted on any social media. The remedy to this is to provide the mobile phones with static IP addresses, enabling the law enforcement machinery to track down the device that was used to post any provocative material.
  2. Spammer Technology- Social media portals like Facebook, WhatsApp, and Youtube can have some in-built spammers that identify the words, pictures, and other material posted with a deliberate intention to spread hate, incite a riot or hurt sentiments of a particular community. However, it must be ensured that this tool does not become an instrument to suppress the freedom of expression. There has to be a systematic and organised way to identify the hate words. For example, if someone is making a logical argument against a particular religion or its text without using slander, it should not be banned. Then, the purpose of the post and the more extensive network, and the coordinators in the form of account handlers also need to be factored in. In an example concerning the recent "toolkit" controversy, it was evident that the purpose of the twitter campaign was to mobilse a large number of people for orchestrating a massive protest, with a solid potential to go violent6. Hence, such pre-planned and synchronised attempts must be identified and stopped in advance.
  3. Tackling cyber threats needs a robust legal mechanism. To open a Twitter/Facebook/ Instagram/Youtube account, it can be made mandatory to provide the registered phone number instead of an email ID. In the case of email, the offenders can create multiple fake email IDs and set up multiple Twitter accounts.
  4. It needs to be mandatory for social media outlets to share details of the accounts posting hateful messages or using the portals for an organised information war, orchestrate a propaganda drive or protests from India or some foreign location. Social media companies must be motivated to install AI-based guards and firewalls to identify such activities. Suppose one gets to know about such activity from a foreign country; in that event, the government can use official diplomatic channels or otherwise to stop the activity and book the offenders.
  5. Legal action against those handles posting hateful messages will be a robust deterrent. India's recently-announced social media policy slapping five-year imprisonment for such offenders, could be an effective instrument to control misinformation campaign.
  6. The intelligence agencies already know a great deal about groups likely to engage in anti-India activities, such as the PFI, Khalistan-related groups, and the ultra-leftist entities. Conventional intelligence methods can be employed to identify, track and monitor their key coordinators and online and offline activity. If done on a regular basis, it will enable the agencies to take pre-emptive action to thwart any planned sabotage during a critical event like anti-CAA/NRC protest or the on-going farmers' unrest. The best example can be IB's operation "chakravyuh," in which they infiltrated ISIS groups in India, prevented hundreds of youth from joining ISIS7.
  7. The intelligence agencies should have an excellent team of trained IT experts, social media experts, OSINT experts, and fact-checkers. They should be hired to monitor social media regularly.
  8. There can be the systematic influence and information operations to shape the social discourse, intellectual narrative and counter the misinformation campaigns. For example, what Turkey and Pakistan are doing in Kashmir through TRT world (Turkey's official broadcasting arm) and DGISPR (ISI's public relations wing ) feeds, need a systematic and proactive effort in the information war. If we are always reactive, they get the first opportunity to shape the discourse. It is advisable to be proactive, credible, and aggressive.
  9. No matter howsoever hard we work, foreign agencies' complete trust in such matters can always backfire. Therefore, it is advisable to encourage the local versions of Facebook, WhatsApp, Youtube, and Instagram and web-conference platforms like zoom so that their owners can be held accountable if they are found guilty.
Encrypted Communication by Terrorist Groups

In the case of militant groups using encrypted apps for communication, the challenges become formidable. During the recent internet lockdown in Kashmir, they bypassed the ban by using VPNs. They also used TOR (The Onion Router)- based communication apps such as Conion. They operated in the dark web, which made it immensely challenging to monitor them. Reportedly, some Foreign Terrorists were reportedly using Satsleeve, a device that can link one's phone to a satellite, turning a regular phone into a satellite phone.

Initially, militants were using Telegram and Signal, as they started distrusting the WhatsApp because during the Pulwama investigation, the law enforcement agencies could retrieve the WhatsApp chats. Then, they shifted to more customised apps made by Pakistan's intelligence agencies. Some of them, like ‘Calculator’ and Skipe, are not even on Google play stores, making it complicated to track them. Skipe has the facility of VoIP, enabling the user to make a regular call on other numbers.

When the weapons coordinators and terror handlers, and FTs (Forein Terrorists) are sent to India, they meet their local handlers and ask them to download those unique and customised apps on their phones. Later, all the communication with Pakistan happens on those apps.

It is extremely tough to address this communication challenge. Hackers can hack a device by bugging it or inserting malware. However, the militants keep changing the device, and by the time one gets to know the number, they dump it and get another number. The encryption apps are highly sophisticated with strong safety features. They can be accessed only if one has access to servers. However, if the servers are in a foreign or hostile country, it is impossible to access the information. For example, recently, a Turkish app BiP was downloaded by millions of people in Kashmir8. Its servers are in Turkey, and Turkey supports the terrorist and separatists in Kashmir. So the trust factor in using BiP is high, and the challenge for us is daunting.

One way to access the details would be to identify the vendors from where the Overground Workers (OGWs) buy the phone SIM cards. The OGWs buy it only from trusted ones. However, through good HUMINT, if they are identified, the numbers can be tracked and monitored. Nevertheless, in the case of encryption apps, the militants will continue to switch to new and sophisticated apps with more advanced safety features, which will make it more challenging to track them.

Abhinav Pandya is the Founder and CEO of Usanas Foundation, an India-based geopolitics and security affairs think-tank. He has authored “Radicalization in India: An Exploration (Pentagon Press,2019).”

Disclaimer:  This paper is the author’s individual scholastic contribution and does not reflect the organisation’s viewpoint.

This article was originally published by Vivekananda International Foundation