Recently, former Dean of Law faculty of Delhi University SN Singh had submitted a PIL which sought direction from the government to initiate action against various Internet Companies that were involved in sharing of data from India with US National Security Agency.
PRISM
This PIL was based on the revelations made by Edward Snowden, who was a technical contractor with the Central Intelligence Agency and National Security Agency of USA. He was responsible for leaking out top-secret American and British mass surveillance program to the press. The US mass surveillance program was code named ‘PRISM’.
The objective of PRISM was to gather, store and process the gathered data for the purpose of further analysis of the phone records, phone tapping, emails and internet traffic interception, all without the intervention of the US courts. This was based on the top-secret order passed by the Foreign Intelligence Surveillance Court (US).
Observations by Supreme Court of India
“The petitioner may have right to privacy against foreign companies but this right is not covered under Article 21 of the Constitution. The petitioner can move before any other forum for remedy,”
Article 21 of Constitution of India, which has been used for reference states: "Protection of life and personal liberty No person shall be deprived of his life or personal liberty except according to procedure established by law"
When we look at the observations made by the Supreme Court of India in this regard, Is it to be understood that Non-Indian Organizations, irrespective whether these are commercial or government, do have the right to intrude into the privacy of Indians, unless “any other forum” thinks otherwise. We also have to consider the fact that many of the Indians (including the government officials) use the services mentioned in Project PRISM leak.
Central Monitoring System (CMS)
On the lines similar to PRISM or mass surveillance programs by the governments of other countries, Central Monitoring System (CMS) is a Government of India initiative for mass surveillance and was prepared by the Telecom Enforcement, Resource and Monitoring (TERM) and by the Centre for Development of Telematics (C-DoT) , which incidentally is being manned by the Intelligence Bureau. The Information Technology Amendment Act 2008 allows e-surveillance and facilitates in creation of central and regional databases to assist central and state level law enforcement agencies in interception and monitoring, that too without any intervention from telecom service providers.
The CMS is not only to be used by Law enforcement but also by tax authorities. The CMS also offers un-hindered interception of any electronic transmission which includes interception and access to every chat, email, websites visited etc and the same to be stored for an undefined period of time.
However, it is still unknown whether the jurisdiction of the CMS is restricted to Indian International boundaries or Indians explicitly residing in India or as a matter of fact anyone irrespective of their nationality within the International boundaries of India will be targeted. It is also unknown whether the electronic traffic which flows through India will also considered as one of the Data Inputs for CMS?
Privacy – How is privacy construed in India?
Considering the Internet penetration, which according to the statistics by International Telecommunications Union (ITU), as on 2011-2012, 12.6% of the Indian population are Internet users; How do Indians perceive privacy? Is it limited to the precincts of our home, wherein no one except the Law Enforcement has the right?
In order to speak/understand about privacy, everyone should have proper understanding about privacy. A select handful Indians raising their concerns about privacy isn’t going to help.
The present day scenario when Internet has taken over our lives, meeting friends online, talking/chatting with our relatives from within the security and comfort of our homes, discussing those very private matters either over the phone or through internet, always under the impression that no one is able to listen / tap into our conversations. Wonder how it would feel when a stranger gets to know all about your conversations? Although misuse of this information is a different aspect.
Hence, it would be highly improper/incorrect to state that the privacy of a person is restricted within the precincts of a person’s home.
There have been few observations made by Indian courts pertaining to Article 21, however all these observations fall short of defining “Privacy”, moreover everything comes to a grinding halt at Article 21. Privacy in this new age with the assistance of technology gives us a very different perspective. Hopefully “Privacy” will be dealt with during the next amendment of the various sections of the Indian LAW including the Cyber Law, which hopefully should include the definition of “Privacy”.
Without any specific laws which govern privacy, it would be difficult for Indians to fight CMS or PRISM or their various versions / variants.
CMS on the other hand is a necessary evil, which will affect a select few; however, without any judicial process involved in this, it would be difficult to keep a track on the entire flow of surveillance. It would also be impossible to tell whether the surveillance for a specific target was really required by our agencies or was it a personal favor of some type?
Monitoring the Monitors is essential and an important aspect.
References:
1: Snippet: IT Act (Amended) 2008
Section 69 empowers the Controller, it he is satisfied that it is necessary or expedient so to do in the interest of sovereignty and integrity of India, security of the State, friendly relation with foreign states or public order, to intercept any information transmitted through any computer system or computer network.
As per ITAA 2008, Section 69 is given as follows:[Section 69] Powers to issue directions for interception or monitoring or decryption of any information through any computer resource (Substituted Vide ITAA 2008)
[Section 69 A] Power to issue directions for blocking for public access of any information through any computer resource
[ Section 69B] Power to authorize to monitor and collect traffic data or information through any computer resource for Cyber Security
Right to Privacy
Unni Krishnan, J.P. And Ors. Etc. vs State Of Andhra Pradesh And Ors. https://www.indiankanoon.org/doc/1775396/
References were also made to made to “Karak. Singh [1964] 1 S.C.R. 332” in the above judgement.
Kharak Singh vs The State Of U. P. & Others on 18 December, 1962 https://www.indiankanoon.org/doc/619152/
Snippet: The right of privacy is not a guaranteed right under our Constitution, and therefore the attempt to ascertain the movements of an individual is merely a manner in which privacy is invaded and is not an infringement of a fundamental right guaranteed in Part III.
Recientemente, el decano de derechos de la Universidad de Delhi entrego un litigio de interés público (PIL) que busco dirección del gobierno para iniciar acción contra varias empresas de Internet que estaban involucrados en el intercambio de datos de la India con la Agencia de Seguridad Nacional EE.UU.
PRISM
Este PIL estaba basado en las revelaciones hecho por Edward Snowden, un tecnico de la CIA. Edward revelo la existencia de un programa de vigilancia secreta de llamadas telefónicas y de internet. Este programa de vigilancia se llamo ‘PRISM’.
El objetivo de PRISM era a recopilar y almacenar datos para un profundo análisis sobre las llamadas, correos electrónicos y trafico de internet, todo sin la intervención de los Tribunales de los Estados Unidos.
Observaciones por el Supreme Court de la India
“El peticionario tal vez tiene derecho a la privacidad contra empresas extranjeros pero este derecho no se cubre bajo el Articulo 21 de la Constitución.
Artículo 21 de la Constitución de la India, dice:
“Protección de vida y libertad personal Nadie debe ser privado de su vida o libertad personal excepto según el procedimiento establecido por la ley”
Cuando miramos en las observaciones hechos por el Supreme Court de la India, debe ser entendido que las organizaciones no indio tienen el derecho a meterse en la privacidad de los indios. También debemos considerar que muchos de los indios (incluyendo los oficiales de gobierno) utilizan los servicios mencionados en las filtraciones del Proyecto PRISM.
Sistema de Monitoreo Central (CMS)
El Sistema de Monitoreo Central es un programa vigilancia del Gobierno de la India, implementado por “Telecom Enforcement, Resource y Monitoreo (TERM) y C-Dot. La ley de enmienda de 2008 de tecnología permite la vigilancia electrónica y facilita la creación de la base de datos centrales y regionales para asistir las agencias legales de nivel central y estatal en la interceptación y monitoreo. Todo esto sin la intervención de los proveedores telefónica.
El CMS también se utiliza por las autoridades fiscales. El CMS proporciona una intercepción de cualquier transmisión electrónica que incluye acceso a cada chat, email, sitio web visitados etc. Todo esto se almacena por un periodo de tiempo indefinido.
Privacidad – Como está interpretado la privacidad en la India?
Según la Unión Internacional de Telecomunicaciones, 12.6% de la población Indio son usuarios de Internet; Como percibe los indios la privacidad? Las organizaciones de la ley solo tienen el derecho a la privacidad?
Para hablar o tener entendimiento sobre la privacidad, la gente debe tener un buen entendimiento sobre la privacidad. No va ayudar si hay pocos indios que tienen cuestión sobre la privacidad.
Hoy en día la gente utilizan el Internet para conocer la gente y enviar mensajes a nuestros familias teniendo en cuenta que nadie puede escuchar o leer nuestras conversaciones. Te has preguntado cómo te sentirías si un extraño era capaz de escuchar o leer tus conversaciones?
La privacidad hoy con la ayuda de la tecnología nos da una perspectiva muy diferente. Esperamos que la “Privacidad” se tratara durante la próxima ley de las distintas secciones de la ley de la India incluyendo la Ley Cibernética, que debería incluir la definición “Privacidad”.
Por otro lado CMS es algo malo, que afectara pocas personas; sin embargo sería difícil monitorear el flujo completo de vigilancia. También sería imposible decir si la vigilancia para un objetivo especifico fue obligatorio por nuestras agencias o era un favor personal de algún tipo?
La Supervisión de los monitores es esencial y un aspecto importante.
Referencias:
1: Snippet: IT Act (Amended) 2008
Right to Privacy
Unni Krishnan, J.P. And Ors. Etc. vs State Of Andhra Pradesh And Ors. https://www.indiankanoon.org/doc/1775396/
Kharak Singh vs The State Of U. P. & Others on 18 December, 1962 https://www.indiankanoon.org/doc/619152/
Snippet: The right of privacy is not a guaranteed right under our Constitution, and therefore the attempt to ascertain the movements of an individual is merely a manner in which privacy is invaded and is not an infringement of a fundamental right guaranteed in Part III.
