The December 20th government notification has authorised the 10 security and intelligence agencies to intercept and decrypt messages being ‘generated, transmitted, received or stored’ in any computer. The government claims it is merely notifying an existing legal provision that had been in place since 2009 when the UPA was the ruling party. But the notification flies in the face of the Supreme Court judgment of last year which had declared privacy to be a fundamental right, and this year’s decision restricting the use of Aadhaar.
Intercepting information being exchanged by the bad guys is important. But there is just one Internet. Why does the government have to give the authority to 10 agencies, thus making the task of preserving the secrecy of that information more complex? Can’t a single dedicated agency do that task and feed the other departments? Right now it appears that the entire government machinery has been given a carte blanche to snoop not just your emails, but your entire life.
The Information Technology Act, 2000, had given the Electronics and IT Ministry the right to surveil the newly emerging Internet, more with a view of regulating it and preventing its misuse. But Section 69, added in the wake of the Mumbai attack, gave the Union government authority ‘to intercept, monitor, or decrypt… any information generated, transmitted, received or stored in any computer resource’.
Till this amendment, interception of communications was governed by the Indian Telegraph Act, 1885, which permitted the authorities to block or intercept telegraphic messages in the interests of public order, sovereignty and so on. In 1996, the Supreme Court held that the broad powers of interception assumed by the government must be guided by established legal procedures and the SC laid down guidelines on requests for authorisation of interception, their period, the destruction of older intercepts and so on. Subsequently, these were notified as rules by the government.
On paper, the Union Home Secretary or his counterpart in the state governments provides the authorisation for interception in writing. But, typically, powers are delegated so widely so as to make the restriction near meaningless. Officials can on most occasions get retroactive authorisation.
On paper, there is a review mechanism headed by the Cabinet Secretary and his counterpart, the state Chief Secretary, which must receive a copy of every interception order. All this looks very good on paper, but we do not know how effective both mechanisms have been. Some years ago, journalist Saikat Dutta filed an RTI application asking how many phones were tapped at the Union level every year. The answer was 1 lakh. The question then is, was the Union Home Secretary able to apply his mind and sign 300 orders per day?
In the US, the authorisation process goes through a duly constituted court and the requests for surveillance can only deal with foreign powers or their agents, the US agencies cannot target US nationals. Even so, the total requests to the court in 2016 were 1,485, and have averaged 1,200 since 2001.
Then there is the problem of highly secretive agencies like the IB and R&AW that are unlikely to share their activities with the Union Home Secretary, or even the Cabinet Secretary. They do not come under the ambit of any law and operate more or less directly under the PMO, and in the present case, the National Security Adviser.
The Radia tapes made a mockery of all these procedures when private telephone conversations of Nira Radia and a number of journalists, corporate leaders and others were disseminated. The recordings were reportedly done by the income tax authorities, but they became part of political football and no one has been held to account for their leakage.
As it is, whether it was the UPA amendments of 2008, or the current government’s new rules authorising almost all its agencies to snoop, has little to say about the rights of the citizen. The government has not explained why it has entirely excluded state intelligence agencies and their police forces.
We are talking about tens of billions of email messages, chat strings and other communications going over the Internet every day. Does the government have the capacity to handle that traffic? Decrypt, translate and digest it? What exactly is being authorised? Will it be the messages of an individual or a group? Or is the government giving a blanket go-ahead to the agencies to indulge in a big fishing expedition to scoop up whatever information they can? Where are the safeguards? Leave alone the Radia tapes, has any government official or functionary ever been punished for illegal interception of information or phone-tapping?
All this is not by way of rhetoric, but to say that experience has taught us that the government is not too good in preserving the privacy of the citizen. That can only be achieved by an informed citizenry. But all we have here are bland notifications and usual obfuscations and arguments. Just what persuaded the Union government to undertake this course at this juncture is not known, but coming as it does on the eve of the elections, it is likely to damage the ruling party’s standing in the computer-using middle class constituency.
National security is very important for all countries, but for democracies like India, personal freedoms are the very foundation of our polity. There is no point in having security minus liberty.
Tribune December 24, 2018
No comments:
Post a Comment