---
layout: default
title: "Organisational Policies of the Centre for Internet and Society (2019)"
description: "A historical overview of organisational policies and guidelines maintained by the Centre for Internet and Society in 2019, during Sunil Abraham's tenure as Executive Director."
permalink: /cis/organisational-policies-2019/
categories: ["Centre for Internet and Society"]
date: 2019-07-23
created: 2026-07-18
homepage_featured: true
---
{% include under-construction.html %}
The **Organisational Policies of the Centre for Internet and Society (2019)** documents a collection of policies and guidelines maintained by the [Centre for Internet and Society](/cis/) (CIS) in 2019. The policies covered research ethics, prevention of sexual harassment, non-discrimination and equal opportunities, privacy, travel insurance, and the terms governing use of the CIS website. This page presents a historical overview of these documents as they appeared during this period and does not attempt to document subsequent revisions, replacements, or other changes.
[Sunil Abraham](/sunil/) was the Executive Director of CIS during this period. As part of its documentation of CIS, The Sunil Abraham Project (TSAP) focuses particularly on the organisation's history and work between its founding in 2008 and late 2019, when Sunil stepped down as Executive Director.
## Contents
1. [Ethical Research Guidelines](#ethical-research)
2. [Policy on Prohibition of Sexual Harassment](#posh)
3. [Non-Discrimination and Equal Opportunities Policy](#non-discrimination-equal-opportunities)
4. [Privacy Policy](#privacy-policy)
5. [Travel Insurance Policy](#travel-insurance)
6. [Terms of Website Use](#website-use)
## Ethical Research Guidelines {#ethical-research}
*(Policy as of 23 July 2019. 🗃️ [Archived copy](https://web.archive.org/web/20190723122738/https://cis-india.org/about/policies/ethical-research-guidelines) at the Internet Archive.)*
The Ethical Research Guidelines set out the steps CIS staff and consultants were expected to follow when conducting research involving individuals. The guidelines placed particular emphasis on protecting the physical, social, and psychological well-being of participants and ensuring that people understood the nature of the research before agreeing to take part.
Researchers were expected to inform participants about the aims and methods of the research, their right to decline participation or withdraw at any time, and the confidential nature of their responses, including any limits to that confidentiality. Participants and informants were also to be given the option of remaining anonymous.
Informed consent was required from individuals taking part in research, with parental consent required where children were involved. The consent process was to include information about the purpose and anticipated consequences of the study, the identity of funders and sponsors, the intended uses of the data, and the degree of anonymity and confidentiality available to participants.
The guidelines also covered the use of audio and video recorders and photography. Participants were to be informed when such methods were being used and given the option to request that they not be recorded. Unless a participant consented otherwise, identifying information that was not already in the public domain was to be destroyed at the end of the project.
For public events organised by CIS, attendees were to be informed when recording was taking place. Individuals could object to being recorded or to having their name and organisation included in conference reports, blogs, articles, and other published material. Under the guidelines, where no objection was made, consent was considered to have been given.
The guidelines also stated that CIS followed a strict policy against plagiarism.
## Policy on Prohibition of Sexual Harassment {#posh}
*(Policy as of 23 July 2019. 🗃️ [Archived copy](https://web.archive.org/web/20190723115100/https://cis-india.org/about/policy-on-prohibition-of-sexual-harassment) at the Internet Archive.)*
The Policy on Prohibition of Sexual Harassment set out CIS's internal framework for defining, preventing, reporting, investigating, and addressing sexual harassment in the workplace. It stated the organisation's commitment to maintaining a safe and dignified working environment and required members to undergo anti-sexual harassment training at regular intervals. The policy also provided for an Internal Complaints Committee (ICC) serving the organisation's Bengaluru and Delhi offices.
The policy applied broadly to people working or associated with CIS, including employees, staff, fellows, consultants, interns, board and society members, trainees, volunteers, and contract workers. Its definition of the workplace extended beyond CIS offices to places visited in connection with work and transportation provided for work-related purposes. Complaints could also be made by third parties who alleged that they had experienced sexual harassment at a CIS workplace.
Sexual harassment was defined to include unwelcome physical, verbal, and non-verbal conduct of a sexual nature, including unwanted physical advances, requests for sexual favours, sexually coloured or obscene remarks, showing pornography, sexual teasing, repeated unwanted expressions of romantic or sexual interest, gender- or sexual orientation-based deprecatory conduct, voyeurism, and stalking. The policy also covered circumstances involving promises or threats concerning employment, interference with a person's work, the creation of an intimidating, offensive, or hostile environment, and humiliating treatment affecting health or safety. It emphasised that an allegation was to be understood from the experience of the aggrieved person rather than the intention of the respondent.
At the same time, the policy recognised that CIS's professional work could legitimately involve discussion or examination of subjects relating to sex, sexuality, or pornography. Such activity was not considered sexual harassment where it was undertaken for a legitimate professional purpose and handled in a professional, respectful, and dignified manner.
The ICC was responsible for receiving and investigating complaints and addressing them in a timely, impartial, and sensitive manner. Complaints were generally to be submitted in writing within one year of an incident, or within one year of the most recent incident where a series of incidents was involved. The policy provided for assistance where a person was unable to make a written complaint and allowed the time limit to be extended in specified circumstances. It also made provision for complaints by another person where the aggrieved person was unable to complain because of physical or mental incapacity, death, or other circumstances.
The complaints procedure provided for an initial exchange of the complaint, supporting material, and the respondent's reply. At the request of the aggrieved person, the ICC could first attempt to resolve the matter through conciliation. Where no settlement was reached, or where conciliation was not sought, a formal inquiry could be conducted by an Inquiry Committee drawn from the ICC.
The inquiry process was required to follow principles of natural justice and provide both parties with an opportunity to present their case, submit evidence, and identify witnesses. Members were required to recuse themselves where a conflict of interest or prejudice was established. The policy also set out procedures concerning hearings, confidentiality, questioning of parties and witnesses, absence from proceedings, preparation of the inquiry report, and communication of findings. It envisaged completion of an investigation within 90 days and required the employer to act on recommendations within the prescribed period, subject to any appeal.
During an inquiry, the policy allowed interim measures to be recommended at the written request of the aggrieved person. These could include transferring either party to another workplace, granting additional leave, preventing the respondent or employer from assessing the aggrieved person's work performance, or providing other appropriate relief. The Inquiry Committee was also expected to take account of power imbalances and vulnerability and to protect the aggrieved person from a hostile environment during proceedings.
The policy provided for action where an allegation was separately established to have been made maliciously or supported by forged or misleading material. It expressly distinguished this from a complaint that could not be substantiated, stating that an inability to prove an allegation did not by itself establish malicious intent.
Confidentiality applied to the identities of the parties and witnesses, statements and evidence gathered during an inquiry, recommendations, and action taken by the employer. The policy also provided a right of appeal in accordance with applicable law.
The policy operated alongside the Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013, and referred to the relevant provisions of Indian criminal law. The policy also provided the composition and contact details of the Internal Complaints Committee. Individual names and personal contact details are not reproduced on this historical overview page.
## Non-Discrimination and Equal Opportunities Policy {#non-discrimination-equal-opportunities}
*(Policy as of 23 July 2019. 🗃️ [Archived copy](https://web.archive.org/web/20190723115155/https://cis-india.org/about/policies/non-discrimination-equal-opportunities-policy) at the Internet Archive.)*
The Non-Discrimination and Equal Opportunities Policy set out CIS's internal approach to preventing discrimination in the workplace and providing equal opportunities in recruitment and employment. The policy described its purpose as creating a safe, diverse, and comfortable workplace, while noting that it was an internal organisational policy rather than a legally mandated or independently judicially enforceable framework. It operated alongside applicable Indian laws concerning discrimination, caste, sexual harassment, criminal offences, and the rights of persons with disabilities.
CIS prohibited adverse discrimination on the basis of religion, race, caste, sex, place of birth, descent, sexual orientation, gender identity, disability, or age. This protection extended beyond employees to other people present on CIS premises. Anyone who believed that they had experienced discrimination was encouraged to raise the matter with the organisation's Diversity Committee.
The policy also prohibited retaliation against people for making a complaint, providing information, participating in an investigation, or otherwise exercising rights provided under the policy. Conduct amounting to unlawful discrimination or another violation of law was to be reported to the police.
Under its equal opportunities provisions, CIS stated that employment, consultancy, and other opportunities would be provided without discrimination on the characteristics covered by the policy. The same principle applied to organisational decisions affecting employees, consultants, advisers, interns, and staff, including decisions concerning compensation, benefits, transfers, leave, layoffs, training, education, and assistance.
The policy also allowed CIS to take positive measures to address an identified lack of diversity within its workforce, workplace, or premises. Such measures were to be used only for the purpose of correcting an imbalance in the representation of people sharing one or more of the characteristics protected by the policy. Individuals who believed that they had experienced either adverse discrimination or impermissible positive discrimination could raise the matter with the Diversity Committee.
Responsibility for receiving concerns under the policy was assigned to the CIS Diversity Committee. The policy identified the individual members of that committee; their names are not reproduced on this historical overview page.
## Privacy Policy {#privacy-policy}
*(Policy as of 21 March 2019. 🗃️ [Archived copy](https://web.archive.org/web/20190321111746/https://cis-india.org/about/policies/privacy-policy) at the Internet Archive.)*
The Privacy Policy set out CIS's internal rules for the collection, storage, processing, security, and disclosure of personal data. It stated that the policy was intended to comply with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
Under the policy, CIS was not to collect personal data unless it was necessary for a purpose connected with a stated organisational function. Collection required the prior consent of the person concerned, and such consent was not to be obtained through threats, duress, or coercion. If consent was later withdrawn, the personal data collected on the basis of that consent was to be destroyed or anonymised.
Personal data was not to be retained for longer than necessary for the purpose for which it had been collected. Once that purpose had been achieved or ceased to exist, the information was to be destroyed or anonymised. Longer retention was permitted where the person concerned consented, where retention was required by law, or where the information was connected with pending legal proceedings.
The policy limited the processing of personal data to the purpose for which it had originally been collected unless further consent was obtained. CIS was also required to maintain appropriate technological, physical, and administrative safeguards to protect personal data against unauthorised disclosure, theft, loss, damage, or destruction. Anyone handling personal data on behalf of CIS was subject to duties of confidentiality and secrecy.
Where the security or confidentiality of personal data was compromised, the policy provided that CIS would, to the extent possible, notify the person concerned. Personal data was generally not to be disclosed to third parties without consent. It could, however, be shared for processing connected with its original purpose where the recipient was bound by an agreement providing protections equivalent to or stronger than those contained in the CIS policy.
The policy also provided for disclosure without consent in specified circumstances involving a reasonable threat to national security, defence, or public order, or the prevention, investigation, or prosecution of a cognisable offence. Such disclosure required a written order from a judicial authority or law enforcement officer. Where possible, CIS was to notify the person concerned about the disclosure and the identity of the recipient.
Finally, individuals whose personal data was collected, stored, or processed by CIS were to be given a reasonable opportunity to review their information and correct details that were inaccurate or no longer up to date.
## Travel Insurance Policy {#travel-insurance}
*(Policy as of 23 July 2019. 🗃️ [Archived copy](https://web.archive.org/web/20190723115626/https://cis-india.org/about/policies/travel-insurance-policy) at the Internet Archive.)*
The Travel Insurance Policy set out the circumstances in which CIS provided insurance for overseas travel. Coverage was available only to people of Indian origin or those holding qualifying residential visas or permits, Overseas Citizen of India (OCI) cards, or Person of Indian Origin (PIO) cards.
For eligible overseas travel, CIS provided insurance through the "Travel Companion" policy, which offered medical and health coverage to Indian nationals travelling abroad. The policy did not provide travel insurance for domestic travel within India.
## Terms of Website Use {#website-use}
*(Policy as of 23 July 2019. 🗃️ [Archived copy](https://web.archive.org/web/20190723115651/https://cis-india.org/about/policies/website-use) at the Internet Archive.)*
The Terms of Website Use governed access to and use of the CIS website and the information, tools, and services made available through it. They stated that use of the website constituted acceptance of its terms, conditions, policies, and notices, and identified CIS as the owner of the website's domain. The terms also set out rules governing material that users could host, upload, publish, transmit, or share. Prohibited material included content that violated another person's rights or applicable law, harmed minors, infringed intellectual property rights, impersonated others, contained malicious software, or threatened specified public and national interests. CIS reserved the right to terminate access and remove material considered non-compliant with these requirements.
Users were prohibited from interfering with the operation of the website, attempting unauthorised access to CIS systems, using contact information for unauthorised purposes such as marketing, or employing technologies intended to damage the website or intercept systems, data, or personal information. The terms also cautioned that information published on the website might not always be accurate, complete, or current and should not necessarily be relied upon as the sole basis for decisions. Historical information was provided for reference, while CIS reserved the right to modify website content or discontinue products and services without an obligation to update previously published information.
The provisions concerning intellectual property restricted unauthorised framing of the website and the use of proprietary marks, website content, trademarks, logos, and service marks. Rights in third-party marks remained with their respective owners. The terms also contained disclaimers concerning the availability, security, accuracy, and reliability of the website and its content, stating that use of the website and downloading of materials were at the user's own risk. Their limitation-of-liability provisions addressed losses or damages connected with website use, interruptions, technical problems, unauthorised access, loss of data, and the conduct of other users.
Users further agreed to indemnify CIS and associated persons and service providers against specified losses, liabilities, expenses, damages, and costs arising from their use of the website, violations of the terms, or technical disruption caused by them. The terms were governed by Indian law and provided for the courts at Bangalore to have exclusive jurisdiction over disputes arising from use of the website. They stated that they were published in compliance with the Information Technology (Intermediaries Guidelines) Rules, 2011, and constituted an electronic record for the purposes of the Information Technology Act, 2000.
{% include navbox-cis.html %}