Related Topic in KAS Prelims Syllabus:
Indian Constitution, Political System and Governance [Paper-I]: Indian Constitution and its salient features, Public Policy and Governance
Information and Communications Technology [Paper-II]: Cyber Security concerns
- On October 2019, many publications reported that phones of several dozen Indian journalists, lawyers and human rights activists had been compromised using an invasive Israeli-developed malware called Pegasus.
- Messaging platform WhatsApp, through which the malware was disseminated, has reported that 121 individuals were targeted in India alone.
Is Surveillance illegal in India?
- There are legal routes to surveillance that can be conducted by the government.
- The laws governing this are the Indian Telegraph Act, 1885, which deals with interception of calls and the Information Technology (IT) Act, 2000, which deals with interception of data.
- Under both laws, under certain circumstances, only the government is permitted to conduct surveillance, and not private actors.
- Hacking is prohibited under the IT Act. Section 43 and Section 66 of the IT Act cover the civil and criminal offences of data theft and hacking respectively.
- Section 66B covers punishment for dishonestly receiving stolen computer resource or communication.
Checks and Balances
Indian Telegraph Act
- In 1996, the Supreme Court noted that there was a lack of procedural safeguards in the Indian Telegraph Act.
- It laid down some guidelines that were later codified into rules in 2007.
- This included a specific rule that orders on interceptions of communication should only be issued by the Secretary in the Ministry of Home Affairs.
Information Technology (IT) Act, 2000
- IT (Procedures and Safeguards for Interception, Monitoring and Decryption of Information) Rules were framed in 2009 under the IT Act.
- The rules state that only the competent authority can issue an order for the interception, monitoring or decryption of any information generated, transmitted, received or stored in any computer resource.
- The competent authority is the Union Home Secretary or State Secretaries in charge of the Home Departments.
Justice B.N. Srikrishna Committee
- In July 2017, the Government of India appointed a 10-member Committee of Experts headed by Justice B.N. Srikrishna “to identify key data protection issues in India and recommend methods of addressing them”.
- It held public hearings across India and submitted a draft data protection law in 2018 which Parliament is yet to enact.
Supreme Court verdict on Privacy
SC in a landmark decision in August, 2017 (Justice K. S. Puttaswamy (Retd.) and Anr. vs Union of India and Others) unanimously upheld right to privacy as a fundamental right under Articles 14, 19 and 21 of the Constitution.
- In October 2019, the U.K.-based security firm Comparitech conducted a survey of 47 countries to see where governments are failing to protect privacy or are creating surveillance states.
- They found that only five countries had “adequate safeguards” and most countries are actively conducting surveillance on citizens and sharing information about them.
- China and Russia featured as the top two worst offenders on the list.
- India was featured as the third worst offender because the country’s data protection bill is yet to take effect and there isn’t a data protection authority in place.