Goa University pulled up as SIC declares faculty certificates public under RTI Act

Daijiworld: Panaji: Thursday, 27 November 2025.
In a significant setback to Goa University’s claim that faculty qualifications are “personal information,” the Goa State Information Commission has ruled that academic certificates submitted during recruitment are public documents and must be disclosed under the Right to Information Act.

Delivering a strong order, State Chief Information Commissioner Aravind Nair overturned the First Appellate Authority’s decision and directed the University to furnish the Degree, Master’s and PhD certificates of Prof Shaila D’Souza within 10 days. He held that such documents cannot be protected under Section 8(1)(j) nor treated as “third party information.”
Nair observed that once educational certificates are submitted to a public authority for employment, they become part of official service records and fall squarely in the public domain.
Any attempt to withhold them, he said, undermines transparency in public recruitment. “These documents are with Goa University, and they cannot be denied as someone’s personal information,” the Commission stated.
The ruling follows an appeal filed by Nazario Savio P. D’Souza of St Cruz, who had sought 30 details from the University’s Administration (Teaching) section on September 30, 2024. The Public Information Officer responded partly, marking 14 items as “Not Available,” seven as “Third Party,” three as “questions,” and another under Section 8(1)(g), citing confidentiality of the selection panel.
Challenging the selective replies, the applicant moved the First Appellate Authority, which ordered corrections only for the “Not Available” entries while upholding the refusal to release the professor’s certificates on grounds of lack of consent.
Still unable to obtain key documents, the appellant approached the State Information Commission on April 1, 2025.
In its ruling, the SIC stressed that citizens have every right to verify the qualifications of individuals appointed by publicly funded institutions. Ordering complete disclosure, it directed the University PIO to issue certified copies of all three academic certificates within 10 days and submit a compliance report within 15 days of receiving the order.

Gujarat: PIO fined Rs 5k for denying RTI info citing ‘12 applications’ rule

 The Times of India: Ahmedabad: Thursday, 27 November 2025.
In a stern move against misuse of its orders, the Gujarat Information Commission (GIC) has imposed a penalty of Rs 5,000 on the Public Information Officer (PIO) of Sarigam gram panchayat for denying information to an applicant after misinterpreting an earlier commission directive.

The commission has also recommended disciplinary action against the taluka development officer, who served as the first appellate authority, for negligence in the discharge of his duties. The case involved petitioner Pankaj Rai, who had sought documents related to the allotment of house numbers and construction permits.
The PIO rejected his RTI application on grounds that he had filed more than 12 RTI applications a restriction the commission had imposed on specific applicants in an order dated Feb 1, 2025. However, the GIC clarified that the order was not meant for ordinary citizens.
"The order dated Feb 1, 2025, applies only to the petitioner. It does not apply to any ordinary applicant," the commission stated in its ruling.
Despite the clear scope of the original order, the PIO denied the information, and the first appellate authority upheld the denial without proper scrutiny of the facts.
Taking a serious view of this lapse, the commission not only imposed the financial penalty but also directed that it be recovered from the PIO's salary. Additionally, it recommended disciplinary proceedings against the taluka development officer for failing to examine the appeal properly.
At the same time, the commission rejected the petitioner's request for specific documents, ruling that they belonged to a third party and were exempt from disclosure under Section 8(1)(j) of the RTI Act. These included personal details such as names, addresses, property transfer records and construction permits, which the commission deemed confidential in the absence of any demonstrated substantial public interest.
The ruling comes amid widespread misuse of the "12 applications" restriction by PIOs across Gujarat. Expressing concern over this trend, the commission stated that it hoped "henceforth the misinterpretation of the orders will be stopped, and citizens will get relief".

Information from Insolvency Professionals is Exempt Under RTI Act: IBBI - By - Yogitha S. Yoges

Taxscan: Delhi: Thursday, 27 November 2025.

The Insolvency and Bankruptcy Board of India (IBBI) has dismissed an appeal, reiterating that information provided by Insolvency Professionals to the regulator is held in a fiduciary capacity and is exempt from disclosure under Section 8(1)(e) of the Right to Information (RTI) Act.
The order further clarified that the RTI Act is not a grievance redressal forum and that the appellant should use the specific review mechanisms provided under the IBBI regulations.
The Appellant, Nirav Tarkas, had filed an RTI application seeking certified copies of all correspondence and submissions made by the Liquidator of Euro Ceramics Limited to the IBBI. This information was in relation to a complaint he had filed against the Liquidator.
Aggrieved by the CPIO's denial, which claimed the information was exempt under a fiduciary relationship, the Appellant filed an appeal arguing that Section 8(1)(e) of the RTI Act had been wrongly applied. His appeal also raised specific grievances about the procedure of the complaint handling, questioning why he was not given an opportunity to rebut the Liquidator's averments.
The IBBI, represented by its First Appellate Authority, upheld the CPIO's decision. The Authority relied on a Supreme Court observation to establish that the relationship between the regulator (IBBI) and the Insolvency Professional is fiduciary in nature. This is because Insolvency Professionals are legally obligated to maintain confidentiality and provide information to the IBBI in a relationship of trust and reliance. Therefore, the information sought by the Appellant was held in a fiduciary capacity and was rightfully exempt from disclosure under Section 8(1)(e) of the RTI Act.
The Authority further noted that the Appellant had failed to demonstrate any larger public interest that would necessitate disclosure. Crucially, the order distinguished between seeking information and redressing a grievance, stating that the RTI Act is not a grievance forum.
The Appellant's dissatisfaction with the complaint-handling process, the order suggested, should be addressed by filing a review under the specific provisions of the IBBI (Grievance and Complaint Handling Procedure) Regulations, 2017, rather than through an RTI application.

Karnataka Information Commission orders KMF to disclose officials foreign trip details under RTI

The Hindu: Bengaluru: Thursday, 27 November 2025.

The Karnataka Information Commission has pulled up officials of the Karnataka Milk Federation (KMF) and the district milk unions for refusing to share information on their foreign trips, after the officers rejected Right to Information (RTI) applications by claiming that their institutions were not public authorities covered under the RTI Act, 2004. The order came in two related cases where the applicants were denied basic details of the trip.
According to the commission’s order, the KMF officers had repeatedly declined to share the information sought by citizens under the RTI, arguing that they do not fall within the definition of a “public authority” and therefore are not required to respond under the RTI Act. The commission examined the matter and noted that KMF is a cooperative institution that receives substantial financial assistance from the state government, works under various government statutes, and performs functions that have a clear public character.
The commission also noted that when public funds or government-backed resources are involved, citizens have the right to know how the money is used. Such information, the commission observed, is expected to be available to citizens under the RTI Act, 2004.
The commission has directed the public information officers (PIOs) to provide the complete set of records asked in the RTI applications, including all documents related to the foreign tour, such as sanction letters, reasons for the visit, and cost details. The PIOs have been asked to report compliance to the commissioner after supplying the information.

Commission rebukes officers for arbitrary denial of RTI information

Counterview: Ahmedabad: Thursday, 27 November 2025.

The Gujarat Information Commission (GIC) has imposed a penalty of ₹5,000 on the Public Information Officer (Talati-cum-Minister) of Sarigam Gram Panchayat in Valsad district for denying information to an RTI applicant by misinterpreting an earlier order of the Commission.
The Commission has also recommended disciplinary action against the Taluka Development Officer of Umargam, who acted as the First Appellate Authority, for negligence of duty.
The case pertains to a petition filed by applicant Pankaj Kamalashankar Rai regarding RTI queries submitted on documents related to house number allotment and construction permits involving R. Aggarwal Industries. The PIO rejected the request, claiming that the petitioner had submitted more than 12 RTI applications, allegedly exceeding a permissible limit. The First Appellate Authority upheld the denial on the same grounds.
However, at a hearing held on 14 November 2025, the Commission clarified that its earlier February 2025 order—issued in Appeal Nos. A-2178-2024 and A-2739-2024—restricting specific applicants from filing more than 12 applications was applicable only to those particular applicants and not to the general public.
The Commission observed that officers across the state had begun demanding “confirmation forms” from RTI applicants and rejecting requests on the grounds of exceeding 12 applications, leading to widespread harassment and unnecessary appeals.
While penalising the PIO, the Commission noted that both the PIO and First Appellate Authority denied information without proper examination and by deliberately misinterpreting the order. It called the conduct a failure of duty and recommended action under the Discipline and Appeal Rules.
However, the Commission ultimately rejected the applicant’s requested information since it pertained to third-party records protected under Section 8(1)(j) of the RTI Act, which covers personal details such as name, address, property transfer and construction permissions. The Commission found no demonstrated larger public interest to justify disclosure.
Social activists hope that the ruling will put an end to incorrect interpretation of the “12 RTI applications” order and provide relief to citizens facing arbitrary rejection of information requests.

RTI Reveals Delhi Government Wastes ₹38 Lakh On Artificial Rain Experiment : Snehal Srivastava

Outlook India: New Delhi: Wednesday, 26 November 2025.
An RTI filed by activist Ajay Bose reveals the Delhi government paid ₹37.9 lakh to IIT-Kanpur for cloud seeding trials that produced no rain.

Delhi Environment Minister Manjinder Singh Sirsa addressing a press conference over cloud seeding at Delhi Secretariat on July 1, 2025 in New Delhi, India. The Directorate General of Civil Aviation (DGCA) approved the Delhi government s plan to try artificial rain for immediate relief in case of worsening pollution levels in the national capital. The India Meteorological Department (IMD) had earlier approved the pilot project to try artificial rain. Delhi Environment Minister Manjinder Singh Sirsa announced the trial of artificial rain will be held between August 30 and September 10. The first artificial rain pilot project of the Delhi government is completely ready.  Imago /Hindustan Times

A recent RTI revealed that the Rekha Gupta-led Delhi Government spent nearly Rs 38 Lakhs on their artificial rain experiment. The entire amount of Rs 37,93,420 was paid to IIT-Kanpur, which was assigned the project to produce artificial rain via cloud seeding methods using their aircraft. The Delhi government undertook this project as an attempt to improve the deteriorating air quality.
Filed earlier this month by RTI activist Ajay Bose, the information revealed the cost of the Delhi government’s ambitious project to clear the capital’s toxic smog. The effort proved futile on 28 October, as both cloud seeding attempts overseen by IIT Kanpur failed to produce any rainfall.
An initiative already criticised by some scientists as a gimmick, unscientific and political theatre was thus confirmed as an expensive failure.
Initial estimates had pegged the cost of artificial rain to be around ₹1.2 to 1.3 crore, which is almost forty per cent of the Delhi government’s budget of ₹ 3.2 crore for the cloud seeding trials, according to The New Indian Express.
IIT Kanpur Director Manindra Agarwal, too, estimated the cost to be nearly ₹25 crore for an entire winter-long project.
“My back-of-the-envelope calculation is that for continuous seeding through an entire winter season, the cost will be Rs 25 crore or thereabouts,” Agarwal said in a TV interview. “Ideally, one should not need to spend this money. But when there’s an SOS situation, this is the solution available.”
Additionally, he said, “Once things get streamlined and flights operate from near Delhi, all the fixed costs will get amortised. Then the seeding cost will be substantially lower than what these numbers indicate.”
Despite the actual amount spent by the Delhi government ending up being less than what was estimated and intended for the project, this venture by the government highlighted the lack of willingness to take sterner and more effective decisions to cut air pollution in the capital.
Why the ₹37 lakh project failed
On the morning of October 28, IIT Kanpur’s aircraft flew nearly 400 km from Kanpur to Delhi, dispersing a silver iodide mixture over Burari, Mayur Vihar and Karol Bagh to induce rainfall. A second attempt three hours later also failed, and the city’s air quality remained in the “very poor” category.
The next day, Delhi Environment Minister Manjinder Singh Sirsa said, “Rain after seeding could occur anytime in the next 24 hours, depending on cloud moisture. Initial radar readings and ground reports recorded light rainfall at the Delhi–Noida border around 4 pm, indicating some positive response.”
However, Delhi saw no significant rain, only scanty showers near Noida. Scientists blamed the failure on low moisture content in the clouds. Cloud seeding generally requires around 50 per cent moisture, but on the day of the attempt, the clouds contained only 15 per cent. The IIT Kanpur team noted that humidity levels of 10–15 per cent were far below what is considered favourable for success.
IIT Kanpur Director Manindra Agarwal said after the ‘dry run’ that cloud seeding cannot be a long-term solution for Delhi’s persistent pollution problem. According to BBC Hindi, he added: “One measure of success is if it rains, which certainly did not happen. The moisture content in the clouds was very low. We will continue our efforts in the near future.”
There were warning signs
The Indian Meteorological Department (IMD) and the Ministry of Earth Sciences (MoES) confirmed to The Hindu that data on cloud cover and humidity were shared with the IIT Kanpur team before the 28 October cloud seeding flight.
A senior MoES scientist said, “We didn’t give any recommendations but shared our input regarding clouds, which was that there were no clouds.” The scientist added that no advice was offered, citing the precedent set by the Indian Institute of Tropical Meteorology (IITM), Pune, whose previous cloud seeding experiments had shown no reliable evidence of success.
IIT Kanpur Director Manindra Agarwal responded that the team was aware of the IMD forecasts. “The decision to proceed despite unfavourable cloud conditions was deliberate,” he said, as the team wanted to test the efficacy of their proprietary solution. “We knew there was less than 15 per cent moisture in the clouds, which is too little for seeding, but we needed data to assess our indigenously made salt mixture.”
A separate study from IIT Delhi concluded that Delhi’s winter is climatically unsuitable for consistent cloud seeding, due to low moisture and saturation, particularly during December and January, when pollution peaks. IIT research highlighted that the driest winter conditions coincide with the city’s most severe pollution episodes, making cloud seeding impractical.
Despite this data, previous studies and forecasts pointing to an unfavourable outcome, the ₹38 lakh cloud seeding trial went ahead. Agarwal justified it as “collecting data” and noted it had worked in China and the UAE. Had the project continued, costs could have run into crores, yet it failed even as a short-term solution for Delhi’s air quality.
With the city’s AQI at 382, close to the 'severe' threshold, and a plume of volcanic ash from Ethiopia adding to pollution, it is time for the Delhi government to invest in proven measures to protect the capital’s air.

Over 18 lakh users of society management app Adda exposed in alleged data breach: Report

The Indian Express: New Delhi: Wednesday, 26 November 2025.
The ‘stolen’ data includes owner IDs as well as users’ first and last names, phone numbers, email addresses, and passwords.

A hacker has claimed to be circulating an expansive database relating to lakhs of users of Adda, the community and housing society management platform used by several apartments, villas, and gated independent houses in India as well as other countries.
Using the alias ‘Blinkers’, the hacker uploaded the personal details of over 1.86 million (18.6 lakh) Adda users to a popular hacking forum on late Sunday night, November 23, according to a report by data breach monitoring websites Leakd and HaveIBeenPwned.
The trove of personal data is 145 MB in size, when uncompressed, and has reportedly been circulated among “underground cybercrime communities”. The purportedly stolen data includes owner IDs as well as users’ first and last names, phone numbers, email addresses, and passwords (hashed with redundant MD5 hashing algorithm), as per the report.
The hacker claimed that the data breach was carried out in March 2025. The potential exposure of personally identifiable information in this manner could pose several risks to users. For instance, threat actors could leverage names and phone numbers to initiate phishing attacks. The user credentials that surface from one data breach could also be used by threat actors to attempt to log into user accounts on other platforms. This type of cyber attack is known as credential stuffing.
The Indian Express has reached out to Adda for a confirmation of the alleged breach and will update this report once a response is received.
The allegedly stolen Adda user data has surfaced days after the Digital Personal Data Protection (DPDP) Rules, 2025, were notified by the Ministry of Electronics and Information Technology (MeitY), paving the way for India to have a functional data protection law.
While certain provisions of the law such as the Right to Information (RTI) Act amendment and establishment of the Data Protection Board (DPB) of India are currently in force, other sections pertaining to safeguarding citizens are yet to come into effect.
For instance, the requirement for entities to seek informed consent from users before processing their personal data, using their personal data only for specified legitimate uses, and for entities to notify data breaches to users, will all only be operationalised after 18 months.
Though, the compliance timeline may vary for big tech companies and start-ups.
A user’s phone number and email address is classified as ‘personal data’ under the DPDP Act, 2023, which defines ‘personal data breach’ as “any unauthorised processing of personal data or accidental disclosure, acquisition, sharing, use, alteration, destruction or loss of access to personal data, that compromises the confidentiality, integrity or availability of personal data.”
What is ADDA.io?
Adda.io is a digital platform used by residential communities such as apartments, villas, and gated societies to manage daily operations such as visitor management, billing and collection of society dues, sharing community notices, facility booking, assets and inventory management, etc.
The Bengaluru-headquartered company was founded in 2009 by CEO San Banerjee along with CTO Venkat Kandaswamy and Aashika Sripathi. Formerly Apartment Adda, the platform was rebranded to Adda.io in 2019 with a focus on building a private social network at its core. 3Five8 Technologies, the parent company of Adda.io, has several offerings such as an accounting product called Adda Books and Adda Gatekeeper, its gate management solution.
The company has clients in over 10 countries, including India, the US, the Middle East, and Singapore. Its total client base in India exceeds 3,500 Communities with properties of several major developers like DLF, Rustomjee, Prestige, Sobha, Oberoi, Seawoods Estates, and Brigade using the company’s society management software, as per a 2024 PTI report.
Why do gate management apps raise concerns?
During the COVID-19 pandemic, society and community management applications such as MyGate, Adda GateKeeper, and NoBrokerhood surged in popularity among gated communities in India, particularly in metro cities like Delhi and Bengaluru. Though, adoption also quickly expanded to cover smaller cities such as Kochi, Nagpur and Jaipur.
These apps are primarily used to log who enters and exits apartment buildings and other gated colonies. Residents are required to register on the client-side of the application while security guards get the manager side of the app. Nowadays, gate management apps are also used to list service providers like grocery sellers and cleaning services. Some of them are known to record biometric data of domestic workers while others offer built-in chat features for members of the residential communities.
However, privacy experts and digital rights advocates have raised concerns of surveillance and data misuse in the past. While these apps “may seem quite fascinating and convenient, several pressing issues arise including problems of workplace and peer surveillance along with potential function creep for the residents and visitors alike, of the society,” the Internet Freedom Foundation (IFF) said in a 2021 blog post.
“Applications such as MyGate and Adda categorically claim to be compliant with the GDPR [European Union’s General Data Protection Regulation] and the ISO 27001 security standards and have also stated that they use strong encryption while also having purpose limitations and data minimisation built-in. However, often the challenge that emerges from using these applications is not just that of data loss or breach, but rather of workplace and peer surveillance,” the Delhi-based non-profit added.

Govt is ‘judge, jury, and executioner’ with new digital rules, says Press Club of India

News Laundry: New Delhi: Wednesday, 26 November 2025.
In a detailed statement, the Press Club of India expressed “deep anguish” over the manner in which the Narendra Modi government notified the Digital Personal Data Protection Rules under the Digital Personal Data Protection Act, 2023 (DPDPA, 2023).

Notified on November 15, the rules “lay out procedures for consent managers, data retention norms, processing of children’s data, obligations of significant data fiduciaries, and carve-outs for the state when processing personal data”. But, like other journalist associations, including the Editor's Guild of India and the DIGIPUB News India Foundation, the club has noted that these rules erode press freedom, dilute the Right to Information framework, and leave journalists vulnerable to unclear and burdensome compliance demands.
Moreover, according to the club, despite their best efforts to engage proactively and positively with the Modi government, they have been met with “a wall of obfuscation from the executive”.
The statement on Monday began by noting that the club and 22 other press bodies, representing "thousands of working journalists”, submitted a detailed Joint Memorandum in June 2025 to the Ministry of Electronics and Information Technology (MEITY), to highlight the “serious lacunas” in the DPDPA, 2023 that they believe "impinge of press freedom and directly hit Article 19(1).”
In its statement, the club noted that the intention behind presenting the joint memorandum, while engaging “the government in the most constructive and democratic manner”, was to produce rules that wouldn’t hamper the functioning of journalists and media organisations. Additionally, through this joint memorandum, the club sought to demonstrate how sections of the law “were riddled with serious ambiguities due to their sweeping definitions and scope” that open up “numerous possibilities of weaponisation of the law with the purpose of curtailing press freedom”. The memorandum even offered “real-world scenarios” from experienced journalists to illustrate how provisions of this law could deter them from their duties.
The Press Club of India was clear in its intent. They did not want the law repealed. They understand the need for a law that protects citizens’ personal data. Instead, by submitting this memorandum, they sought to carve out “exceptions for people and organisations performing journalistic duties”.
In addition to the joint memorandum, the club and Indian Women’s Press Corps also submitted a set of 35 questions in the form of FAQs to a senior bureaucrat in the MEITY on July 28 to seek further clarification on multiple sections (2, 5,6, 7, 10, 17, 28, 33, 36 and 37) of the DPDPA 2023 and their sub-clauses and how they apply to journalistic work.
As the statement noted: “Both the Joint Memorandum and FAQs also held that the dilution of Section 8(1)(j) of the RTI Act, 2005 – via Section 44 of the DPDP Act, 2023 was detrimental to the functioning of the press. The RTI section, in its original form, was a vital tool for journalists and media organisations to access information in the public interest.” Furthermore, the statement made clear how “thousands of journalists walked the extra yard” for the government in flagging some of the major issues pertaining to the DPDPA.
The club stated that it has a “long and distinguished history of expanding and upholding press freedom”. It cited its role during the Emergency in 1975, when some of its members were imprisoned for “acts of defiance”. The statement also harked back to the protest undertaken by its members, including Kuldip Nayyar, HK Dua, Hiranmay Karlekar, and Pritish Chakravarty, among others, in 1988, when it challenged the Rajiv Gandhi government's Defamation Bill, 1988.
Despite their best efforts, the club stated unequivocally that the government showed no intention to provide “legally binding assurances” and that the clauses in the DPDPA 2023 “won’t be weaponised to hamper or curtail the functioning of the press”.
It also accused the political executive of donning “the mantle of the judge, jury, and executioner,” and hoped that “better sense prevails and the government provides clear-cut exemptions for journalistic purposes from the ambiguous provisions” of the DPDPA.
If the government can hike print ad rates by 26 percent, we can drop our subscription prices by 26 percent. Grab the offer and power journalism that doesn’t depend on advertisers.

Automatic train protection system Kavach commissioned on 654 km of routes till Sep 2025: RTI

ET Infra: National: Tuesday, 25 November 2025.
The ministry also said the Kavach system has been installed at 155 railway stations and 2,892 locomotives.

The latest version of the automatic train protection system, Kavach 4.0, has been installed and commissioned on 654 km of rail track by September 2025, the Railway Ministry said in an RTI response.
The ministry also said the Kavach system has been installed at 155 railway stations and 2,892 locomotives.
Railway ministry officials said that extensive work is happening in all 18 railway zones across the country, and very soon, more sections will start being commissioned.
Kavach helps loco pilots operate trains within specified speed limits by automatically applying brakes if they fail to do so.
It is an indigenously designed, developed, and manufactured system whose first field trials on passenger trains began in February 2016 and was adopted as the national Automatic Train Protection (ATP) system in July 2020.
Responding to a Right to Information Act (RTI) query, the Railway Ministry gave details of the specified routes.
The 324 route km Kota-Mathura section was commissioned on July 30, 2025, and subsequently the contiguous 225 route km Kota-Nagda section was commissioned on October 7, 2025.
In rail terms, "route km" refers to the distance of a transportation route, irrespective of the number of tracks.
"With this, the entire Mathura-Nagda (549 route km) section has been provided with Kavach 4.0," the ministry said.
"In addition, Kavach 4.0 has also been commissioned on the Howrah-Bardhaman section of Eastem Railway covering 105 route km on 12.09.2025," it added.
Chandra Shekhar Gaur, the RTI applicant, also sought information regarding the number of stations and locomotives where Kavach has been installed till September 2025.
Kavach is a complex system having multiple components, such as loco kavach, station kavach, telecom Towers, RFID tags throughout the track length, among many others.
"As on 31.10.25, a total of 2,892 numbers of locomotives have been equipped with the Kavach System," the ministry said.
It added that 77 stations between Mathura-Kota, 53 between Kota-Nagda in West Central Railways (WCR) and 26 stations between Howrah-Barddhaman in Eastern Railways have been equipped with station Kavach, totalling 155 stations up to September this year.
The ministry has also revealed the year-wise expenditure on Kavach since 2020. It spent ₹66.04 crore in 2020-2021, ₹98.42 crore in 2021-22, ₹156.26 crore in 2022-23, ₹669.76 crore in 2023-24 and ₹926.37 crore in 2024-25.
In the current financial year, the total expenditure incurred on Kavach installation up to September 2025 is ₹351.49 crore, which amounts to ₹2,268.34 crore in six and a half years, the ministry said.
Gaur questioned the slow pace of Kavach installation. "The Railway Ministry claimed that the entire rail network of about 1,13,000 km will be brought under Kavach in another six years but seeing the current rate of installation, it looks impossible."
"There are over 15,000 locomotives and 7,000 railway stations where the equipment needs to be installed," he added.
Officials said that with the arrival of new companies, the installation work has accelerated.
"It is a complex technology. Initially, the Kavach 3.2 was installed on 1,465 km for the trial process in South Central Railway. Kavach 4.0 version was approved on July 16, 2024, and since then its deployment is going on a war footing," a railway official said.
He added, "Initially, only three companies were allowed to install Kavach, but today more than half a dozen companies are doing it, and more than 15 are in the approval process. So, the installation work is going to accelerate manyfold in the coming few months."

India’s New Data Protection Rules Put State Above Privacy, Imperil Democracy & Investigative Journalism : Akhil Yadav

Article 14: Ahmedabad: Tuesday, 25 November 2025.
India’s new data protection rules issued eight years after the Supreme Court declared privacy a fundamental right create a system that puts State authority first and privacy later. They allow officials to quietly demand personal data without judicial oversight, while forcing companies to keep citizens in the dark. They endanger investigative journalism, curb the right to information, and place whistleblowers, sources, and democratic accountability at risk.

India’s new data protection rules place the State above citizens, weaken hard-won transparency rights and safeguards for journalists and others probing the government and make investigative journalism almost impossible.
On 14 November 2025, the government cleared the Digital Personal Data Protection (DPDP) Rules—which clarify a new data protection law issued in 2023—creating a new digital regime that hobbles the very rights meant to protect citizens, to the State’s advantage.
Meant to safeguard personal digital information, the new rules come eight years after the Supreme Court declared privacy to be a fundamental right. But while they provide immediate powers to the government, they postpone citizens’ rights by 18 months.
The real substance of privacy—clear consent, the ability to take back permission, the right to correct or delete your data, and enforceable timelines for grievances—will not come into effect until mid-2027.
“[The rules] delay the implementation of practically all key protections to 2027, while implementing the dilution of the (right to information) RTI Act immediately; public information officers are now authorised to decline any personal information except what is already required to be published by other laws—an all-too-thin slice of the pie for citizens seeking accountability,” said an editorial in The Hindu on 17 November 2025.
Experts have pointed out (here and here) that there is no independence evident in the institutions that are meant to ensure accountability. A supposedly independent data protection board, for instance, will function under the union ministry of electronics and information technology.
In other words, the government, which solicits business from the world’s big tech companies and seeks access to their data, will supervise the institution meant to protect Indians from any violations of privacy.
“For all practical purposes, [the DPDP rules] do not offer any real remedy… the rules will only be a nominal checkbox,” Apar Gupta, co-founder of the Internet Freedom Foundation (IFF), a think tank, had said in January. That is what has happened.
The new law provides the State with overwhelming power and few corresponding responsibilities, according to a reading of the rules.
Consider Rule 23.
A Carte Blanche For The State
Rule 23 allows the union government to demand any information from digital platforms, such as Google, Whatsapp, YouTube and Meta, and prohibits them from informing those whose information the State demands.
The rule does not require prior judicial authorisation, transparent reporting, or independent review. It permits authorities to acquire call logs, identity records, or location metadata without leaving any visible trace.
The proportionality standard laid down in the landmark 2017 Puttaswamy judgement, which requires legality, necessity, using the least intrusive option and strong safeguards, remains unaddressed.
Rule 23 builds a zone of unaccountable State access within which scrutiny becomes impossible.
The consequences will be immediate.
Investigative journalists working on corruption or illegal surveillance have no way to know if the government has silently requisitioned their metadata.
Metadata refers to data about data, which can reveal patterns about a person’s life—relationships, movements, habits—even without accessing the actual content. That includes emails, call records, photos, documents and browsing history.
Similarly, citizens using the 20-year-old right-to-information law to ask questions of the government, document corruption and other malfeasance run the same risk.
Power Imbalances Deepen
Until 2027, when the rules for users take effect, a person who finds data inaccurate, misused, or retained beyond necessity has no enforceable right to demand correction or deletion.
The introduction of consent managers—intermediaries that centralise how individuals give, track, or withdraw consent—creates further risks, as these gatekeepers could consolidate control over privacy choices and influence how users navigate consent itself.
Marketed as tools of empowerment, the consent-manager structure threatens to create new concentrations of control. If a very few large companies dominate consent management, they could shape how privacy choices are presented—for instance, making it easier to agree than to refuse, effectively nudging users toward decisions that benefit commercial interests rather than their own.
The Rules also place a heavy onus on Aadhaar or DigiLocker-based verification for children's data and the data of persons with disabilities.
Such identity-linked verification extends the exchange of sensitive information between private platforms and government databases, raises the possibility of exclusion, creates unnecessary linkages and amplifies the longstanding concerns around biometric dependence.
India's experience (here, here and here) with Aadhar-based authentication, centralised biometric databases, and large-scale identity-linked welfare systems repeatedly demonstrates that centralised identity systems create vulnerabilities, not resilience.
The Rules appear to ignore this lesson.
Crippling Journalism & Transparency
The most serious consequence of India’s new digital regime, according to experts and industry bodies (here, here and here), is the way it deals with journalism and public-interest transparency.
Once the Rules kick in, journalists may be unable to protect sources or access information essential for reporting.
Under most modern data-protection laws (including the EU’s General Data Protection Regulation), a “journalistic exemption” protects the press from strict data-processing rules when reporting in the public interest.
A journalistic exemption usually allows journalists to: collect, store, and publish personal data without needing consent; avoid certain obligations, such as giving notice to the data subject, retain data used for reporting, and protect confidential sources.
Under India’s DPDP rules journalists—and documentary filmmakers and independent content creators—are treated like any other data processor or collector. This means they may be required to seek consent from the very people they are investigating.
Journalists often rely on confidential documents, whistleblowers, victims, or officials who speak only on the condition of anonymity. Requiring “permission” in these situations is not just unrealistic; it fundamentally misunderstands how accountability reporting works.
It also gives the State an easy route to question, delay or intimidate journalists through opaque data-access demands. As the Editors Guild of India warned in a statement on the DPDP Rules, removing clear safeguards for journalistic work “creates a chilling environment for reporters and weakens the public’s right to know.”
There is no explicit protection for handling leaked documents, confidential data, or source-provided information, and publishing certain personal data—even if crucial to a public-interest story—could technically violate the law.
Press bodies, digital-rights groups, RTI campaigners and legal experts submitted detailed objections to the draft rules, focusing on journalism, source protection and the weakening of the RTI Act.
The government appears to have accepted none of these.
‘Indirect Censorship’
“By excluding journalists from any statutory exemption and granting the State broad access and enforcement powers, the Rules open the door to indirect censorship, a chilling effect on free expression, and disproportionate surveillance of legitimate newsgathering activities,” said a statement issued on 18 November by DIGIPUB News India Foundation, a body of more than 100 independent digital news media.
A statement from DIGIPUB News India Foundation, a body of more than 100 independent news organisations
“The absence of any journalistic exemption, coupled with wide-ranging powers granted to the government to obtain personal data, poses a direct threat to press freedom and weakens the institutional safeguards necessary for public-interest reporting,” the Editors Guild of India said.
“DPDP rules introduce breach notifications, correction and erasure rights, but govt exemptions, loopholes, weak oversight threaten user privacy,” said Nikhil Pahwa, founder of MediaNama, a media website.
Earlier versions of India’s data-protection proposals—the 2018 Srikrishna Committee draft bill and the 2019 Personal Data Protection Bill—explicitly included an exemption for journalistic purposes, similar to the GDPR model.
The DIGIPUB statement said despite consultations with the electronics and information technology ministry, it “neither responded to these questions nor addressed any of the concerns raised by journalists and digital media organisations”.
“This reflects a serious departure from the democratic consultative process expected in delegated legislation and demonstrates disregard for press freedom,” said the statement.
The erosion of third-party transparency—one of the few ways journalists can detect surveillance—makes it all but impossible to assess whether State power is being misused.
Muzzling Citizens
The DPDP Act and Rules primarily dilute the RTI Act by amending section 8(1)(j), which had an override for disclosure in the public interest, so that citizens could expose corruption, misuse of power, or irregularities in a public authority or institution.
The removal now empowers authorities to deny information by merely labeling it “personal data” when the public interest clearly requires that it be released. The weakening of RTI and the increased risk for journalistic sources combine to choke the public's access to the truth.
Anjali Bhardwaj, a veteran RTI activist, warned that “the amendment imposes a blanket exemption on personal data… undermines transparency, weakens the public’s ability to hold authorities accountable, and restricts access to critical government records”.
In July, Justice (retd) A P Shah, former chief justice of the Delhi High Court and former chairman of the Law Commission of India, in a letter to the advocate general of India, had urged the repeal of the changes to section 8(1)(j).
“These changes represent a seismic shift in India’s transparency framework for the worse, threatening to dismantle RTI Act’s core purpose of democratic accountability and citizen empowerment,” wrote Justice Shah.
RTI advocates warned that the new framework will restrict access to information. Bhardwaj said the changes “undermine the public’s right to know” by replacing the RTI Act’s public-interest test with a far narrower standard.
Shah also warned that the removal of a proviso to section 8(1) of the RTI Act—which mandated that information not deniable to Parliament or a State Legislature would not be denied to any person—was “alarming for democracy”.
“These amendments are manifestly ill-thought-out, raising critical legal issues that are ripe for constitutional challenge,” wrote Justice Shah.
The DPDP Rules strike directly at Article 19(1)(a)—the right to free expression, which includes the right to gather information safely, communicate with sources without fear and publish freely.
The Rules do indeed have a grievance procedure, but there is a striking lack of independence in the regulator, a data protection board.
A Regulator Beholden To Govt
The Data Protection Board, which is supposed to act as the main oversight body under the new law, is not independent, as many experts have pointed out (here, here and here).
The government controls who is appointed, how long they serve, and can influence their removal. So, the Board depends on the very authority it is expected to supervise.
Gupta of the IFF said that the data protection board—it will have a chairperson and three members—“is not an independent authority for adjudication because it does not have any autonomy and is appointed, selected, and its tenure and service conditions are determined by the central government”.
In 2018, the Justice Srikrishna Committee, set up by the union government to create a draft law, had recommended that in order to ensure independence, the selection committee should also include the Chief Justice of India or her nominee.
That never happened.
The Regulation Of Regulators
When a regulator relies on the executive for its functioning, it becomes harder for it to question government departments that hold the most extensive access powers.
Examples of receding independence of regulators include the Election Commission of India, the Central Bureau of Investigation, the Central Information Commission, the Telecom Regulatory Authority of India and the National Human Rights Commission of India.
In most of these cases, government departments—usually the biggest violators—now escape serious scrutiny. This is the structural risk critics point out with the data protection board, especially since the government is itself the largest data collector with the broadest access and exemption powers.
The Rules deepen this problem by offering very few safeguards around government access to people’s data. There is no requirement for an independent authority to approve access requests, no proportionality check, no routine public reporting of how often data is sought, and no limit on how long secrecy orders may last.
Much of the problems in the Rules stem from widespread ambiguity, experts have said, apparently a deliberate feature of a law that does not engage meaningfully with the concept of privacy and lacks a clear foundation.
The vagueness in the rules flows from the parent act of 2023, allowing the government many exemptions that benefit itself.
“Now, the problem with a vague law is that its enforcement is uncertain,” Gupta of the IFF had said. “The protection it provides people and the exemptions it provides businesses—both are up to the government’s discretion without any foundational principle attached to it.”
(Akhil Yadav is a millennium fellow and law student at Gujarat National Law University, Gandhinagar.)

The Third Eye: Strategic significance of transparency

 IANS: New Delhi: Monday, 24 November 2025.
A democratic order is the best form of governance because it promotes transparency, that makes it possible to fix accountability. Accountability is necessary to run a corruption-free system that was primarily dependent on right decisions and transparency helped the scrutiny of the decision-making process.

Execution of a decision can be marred by inefficiency, neglect or corruption and here also, transparency of the processes, including adherence to timelines and rules, could prove to be of great importance. Further, performance at any level involved effective supervision- the role of supervisors often goes unscrutinised- and transparency was required to make it possible to examine this aspect of the organisational functioning too. Anti-corruption bodies themselves fail to produce deterrence if their performance was not subjected to scrutiny from outside.
An independent high-powered watch body outside of the political executive was necessitated because of the growing perception that there was a political-bureaucratic nexus as brought out by the Vohra Committee report way back in 1993. The reports of the numerous Administrative Reforms Commissions(ARCs) on delegation of decision- making, restricting the number of levels through which a file would pass for reaching the final decision and creation of inter-disciplinary teams to address cross-cutting issues in a transparent way, had not been implemented. It goes to the credit of Modi regime that inter- ministerial coordination had vastly improved and preceded the placing of any matter before the cabinet according to a timeline.
There is an inherent contradiction between confidentiality and transparency and the former has to be practised within rules that gave it legitimacy. The RTI Act 2005 deals with this matter and strikes a balance between transparency and confidentiality- for the sake of the nation, the society and the individual. There is a provision in the Act saying that notwithstanding anything in the Official Secrets Act or any of the exemptions permissible in RTI Act, a public authority may allow access to information if ‘public interest in disclosure outweighs the harm to the protected interests’.
The 1967 exemptions from disclosures granted by OSA stand in the RTI Act as well since they related to matters pertaining to ‘sovereignty and integrity of India’, security of the State or friendly relations with other countries. Maintenance of secrecy of information requires ‘Security Classification’ which in turn defines the ‘Restrictive Security’ or the ‘Need to Know’ parameters for accessing it. It may be mentioned that a job that called for handling of secret information, required a certain amount of mental strength and it did not belong to people who were credulous, who lacked self-discipline or who did not have the ability to distinguish between an authoritative opinion and gossip. All of this highlights the strategic significance of transparency in the context of the governance of a democratic state.
This is the era of proxy wars and one way of damaging a target country without recourse to an ‘open’ warfare, is to attack its economic strength and assets. Warren Christopher, Bill Clinton’s Secretary of State famously said in 1993 that ‘ National security was inseparable from economic security’. Pak ISI chose Mumbai for 26/11 attack for it is the economic capital of India. It follows, therefore, that any enterprise that gave economic strength to the country must have a set up of professionally trained people to safeguard its security and handle what is termed as ‘insider threat management’.
The latter is what brings together the functions of Vigilance and Security because a corrupt employee can fall for the enemy’s designs more easily. Both these functions are now to be integrated with the mainline management because the source of ‘insider threat’ may be hibernating in any part of the enterprise making it incumbent on Vigilance and Security to have a thorough knowledge of how the organisation was run and how were its operations conducted. This validates the principle that Security and Vigilance must derive their authority from the person at the top. These functions depend for their success on the ability and outreach of the handlers who were required to convince the senior supervisors of the mainstream that the latter had to act as the ‘eyes and ears’ for the former in various segments of the enterprise.
The work of Vigilance and Security begins with a look out for members who seemed to be ‘vulnerable’ to the adversary’s influence. Vulnerability is universally ascribed to ‘notable addiction’, ‘greed’ and ‘disgruntlement’. Security and vigilance staff trained in Intelligence trade craft like surveillance and secret enquiries, can check out on such individuals and also counsel them against their ‘weakness’ in suitable cases.
The increasing importance of these functions is reflected in the new areas where the security executives may be asked to extend their helping hand. Back ground checks, re-verification of antecedents of those who handled ‘sensitive’ work and even ‘due diligence’ tasks may come to them. They may be required to help in the interviews for recruitment, formulation of the organisation’s Do’s and Dont’s and building up of the information security system of the enterprise.
They would give special attention to this last mentioned work in view of the fact that a subverted insider was likely to make an unauthorised communication with an entity outside. Above all, vigilance and security set up should perform the role of a mentor by organising formal or informal programs to promote the organisational culture of ethics, loyalty and honesty of purpose that should drive the execution of tasks assigned to members of the organisation.
Transparency in governance has emerged as a new challenge facing the people because of the tendency of the political rulers to hide their shortcomings and their reluctance to punish corrupt insiders on one hand and the social media campaign of the opposition to pull down the regime through an ‘influence war’, on the other.
The universal adult franchise of India is an ideal for democracy but the prevalence of caste, creed and regional divides in the backdrop of poverty and limited education encouraged recourse to undemocratic means by all parties, for winning an election. Indian electorate has proved its democratic credentials and retained its trust in nationalism and peace even in a situation of personal economic problems facing them.
India has to specially rely on its youth and its women power for judging the rulers on merit. The foreign and domestic policies of the Modi government based on mutually beneficial bilateral relations without India getting aligned with any world power, promotion of infrastructure for the benefit of all Indians as well as encouragement of digital connectivity for economic empowerment of youth, are the hallmarks of this regime and they have served the democratic state well. A conscientious judiciary, a strong social media and a constructive opposition are symbols of a transparent and viable democracy and citizens of India can derive satisfaction from the fact that they were all in place, in India.
(By D. C. Pathak, The writer is a former Director Intelligence Bureau)

Right to Information Commission complains of lack of resources and misleading news reports

The Island.lk: Sri Lanka: Monday, 24 November 2025.
The Right to Information Commission (RTIC), in a public statement issued last week in connection with it 10th anniversary that is approaching, said that despite all its achievements and high global ranking it is burdened with chronic under-staffing and said requests for legal staff and other essential cadre has been ignored.

It has also complained that statutory safeguards regarding funding and recruitment has suffered a similar fate. The following is the text of the statement issued by Mr. KDS Ruwan Chandra, the Director General of the RTIC “for and behalf of the RTIC”: “Sri Lanka is nearing the 19-year anniversary (2026) of enactment of the Right to Information Act, No 12 of 2016 (RTI Act), globally ranked among the best in the world which has enabled thousands of Sri Lankans to exercise their right to obtain information from state and non-state bodies.
“The vigorous use of the RTI Act by the public with principles of public transparency emphasized by the Right to Information Commission of Sri Lanka (RTIC) has been affirmed by the appellate Courts.
“In 2020, UNESCO’s global report presented to the UN-GA’s High Level Political Forum on Sustainable Development ( ‘From Promise to Practice…’) singled out Sri Lanka as a ‘best practice’ model, illustrating the release of information in key cases before the RTIC. Among others, the World Bank has called upon the Government of Sri Lanka to ensure the ‘primacy of transparency’ and the International Monetary Fund (IMF) has acknowledged the measures taken by the RTIC to foster ‘an (embryonic) culture of transparency among public authorities’ (Governance Diagnostic Report, September 2023).
“Despite these progressive developments, the RTIC expresses serious concern regarding the chronic under-staffing of its Office. The RTI Act divides responsibilities on two entities, the RTIC with the primary responsibility of hearing appeals and the nodal agency, namely the Ministry assigned the subject of mass media which must ‘ensure the effective implementation of the Act,’(Section 2).
“Under Section 41, the nodal agency issues RTI Regulations which must be placed before Parliament for approval. In contrast, Section 42 states that the Commission’s Rules on Fees and Appeals Procedure, published in the same gazette (ie; Gazette Extraordinary No 2004/66), are not legally required to be placed for parliamentary approval. Two different procedures apply in each instance.
“Under Section 41, the nodal agency issues RTI Regulations which must be placed before Parliament for approval. In contrast, Section 42 states that the Commission’s Rules on Fees and Appeals Procedure, published in the same gazette (ie; Gazette Extraordinary No 2004/66), are not legally required to be placed for parliamentary approval. Two different procedures apply in each instance.
“While the RTIC and the nodal agency must harmoniously work together to maximize the effectiveness of the Act, the RTIC has a particular duty to maintain its independence from Public Authorities which are summoned before it as parties to appeals. Specifically, the independent recruitment of staff and a dedicated Fund (Sections 13 (3) and 16) secures the financial independence of the Commission without which there is no functional independence.
“It is therefore highly regrettable that these statutory safeguards have been ignored by successive Governments. No dedicated Fund has been allowed to be operated. The RTIC has been functioning with a skeleton staff, one legal officer and two legal assistants (later increased to three) to handle an increasing case load of appeals.
“Requests for additional legal staff and other essential cadre including approval to recruit mid-
level positions such as information technology (IT) assistant have been ignored. In forwarding the RTIC’s requests for staff to the Ministry of Finance, which the RTIC is compelled to do through the nodal agency, the process has been inexplicably delayed, in one instance by eight months.
“Further, the RTIC has repeatedly informed the Government of the need to allocate a separate line item in the National Budget in line with its budgetary allocation in 2017 which was thereafter taken away and the allocations placed under the nodal agency, undermining the RTIC’s financial and functional independence. This too has been ignored.
“Additionally, serious damage has been done to the RTIC’s appeal function by misleading media reports on 11th November 2025 using a wrong English translation of a response sent in Sinhala by the Office of the RTIC on 15th October 2025 to the Ministry of Health and Mass Media regarding a Parliamentary question asked by Opposition MP Hon. Ajith P.Perera.
The RTIC is unaware as to the origin of the English translation on which these inaccurate media reports are commonly based.
“On 15th October 2025 and in response to a routine parliamentary question asking for appeal statistics,, the Office of the RTIC under the hand of the Director General responded via the Ministry of Health and Mass Media that 308 appeals had been ‘adjourned’ out of 1,306 appeals received by the Office of the RTIC during 1st January 2025-30th September 2025.
“The RTIC has handed down final decisions and concluded appeals in 1,157 appeals (out of 1,306) up to 30th September 2025. Adjournment for justifiable reasons, including request of parties, legal complexity of the subject matter etc are part of the normal hearing process of any tribunal. Reporting ‘adjourned’ appeals as ‘failing to attend to’ is a serious misrepresentation and a deliberate interference with the RTIC’s quasi-judicial appeal function.
“Typically, adjourned appeals are either resolved during the remainder of the year or brought over to the next year to conclude hearings. For example, by 15th November 2025, the number of adjourned appeals had decreased to 244. Correspondingly, the number of appeals received by the Office of the RTIC had increased to 1,538 and concluded appeals to 1,304 There has been no ‘reduction’ in the number of appeals being filed.
The RTIC further clarifies that there has been no reduction of its fund allocation. As reported in the Hansard of 23rd October 2025 in the answer to the said Parliamentary question, the budgetary allocations referred to therein are not the budgetary allocations of the RTIC which are publicly available on https://www.rticommission.lk /web/images /pdf/Budget/Annual-Budgetary-Allocation- and-Expenses. pdf “The RTIC exercised a Right of Reply in regard to such misleading news reports on 13th November 2025. However, the said newspapers have failed to publish that response up to this date violating the code of ethics for newspapers and necessitating a public Statement to be issued by the RTIC.
“In conclusion, the RTIC emphasizes that any attempt to amend Sri Lanka’s RTI Act in a manner that dilutes the nature of the information right will be to the detriment of citizens, will undermine Article 14A of the Constitution and constitute a grave setback to progressive gains made so far under the RTI regime.”
Mr KDS RuwanChandra
Director General, RTIC
(for and on behalf of the RTIC)