Turning India into a surveillance state I
On August 23, 2013, Milind Deora – the Minister of State in the Ministry of Communications and Information Technology – told the Rajya Sabha that the Central Monitoring System project (CMS), which is currently being rolled out across India in stages, is merely an attempt to automate existing mechanisms of intercepting and monitoring telephone communications. This innocuous conception of the CMS is at odds with public perceptions of the project, which see the project is being tested and put in place without the sanction of a specific Act of Parliament. In the latter imagination, the CMS is a project that will eventually result in the ability to intercept, in real-time, and monitor voice and data communications throughout India.
The uncertainty surrounding the project appears to be deliberately constructed: public statements by the national leadership on the CMS can be counted on the fingers of one hand, and the project is being tested and put in place without the sanction of a specific Act of Parliament. Although not strictly illegal, the absence of a stated law worries many analysts. Deora’s claim about the CMS was made in response to a question posed by Rajeev Chandrasekhar, MP, asking the Central Government to publicly identify the law upon which the CMS is being created. Instead, Deora told Parliament that existing Indian statutory law and some minimal guidelines issued by the Supreme Court of India in 1996 were sufficient.
Surveillance is a tool used by modern governments to detect behaviour that does not conform to law or to constructed national and social norms. Yet, surveillance pre-dates both modernity and the nation-state. As far back as the 4th century BCE, Kautilya’s Arthasastra recognised espionage as an institution in itself and, besides devoting a separate chapter to spies, enjoined good rulers to study and heed information collected by spies. The underlying connection between effective government and information collection is one that is often made in other texts and treatises as well. Technological advancements have enabled the widespread use of sophisticated surveillance devices to mould social control. However, the power to detect non-conformist behaviour can often extend to its punishment to silence individual expression and dissent. For this reason, liberal democracies regulate surveillance to protect individual freedoms.
Surveillance is diverse and manifold. From being physically followed by a local beat constable to having your electronic communications mined for patterns to being geospatially trackedby satellites, surveillance occurs everywhere and all the time. Of all the forms of surveillance, the interception of communications is unique because the law often places an evidentiary premium on the information it yields. Put otherwise, because verbal communications more easily admit to intent and complicity, even guilt, the privacy of communications is usually accorded enhanced protection in democratic countries. The legal threshold necessary to invade locational privacy by, say, police surveillance or radio frequency identification (RFID) queries, is lower than the threshold prescribed for communications made with an expectation of privacy, such as an email or phone call made using a private communication device or personal account from a private place.
Verbal communication is mostly of two types – written and oral. Around the world and in India, the law has evolved mechanisms to intercept these types of communications. The colonial state began by empowering itself to intercept postal and telegraph messages. Postal articles can be intercepted under section 26 of the Indian Post Office Act, 1898 “on the occurrence of any public emergency, or in the interest of the public safety or tranquillity.”
The same section goes on to declare that the government shall be final judge of whether a public emergency exists or whether an interception carried out in the interest of public safety was valid. In 1986, Rajiv Gandhi’s government, which had an absolute majority in Parliament, proposed to amend the Post Office Act to permit more intrusive interceptions of letters and communications. However, President Zail Singh, whose nominal assent was necessary for the amendment to become operational law, effectively vetoed the amendment by refusing to acknowledge its existence and, in 1990 after a new government took over, the amendment was withdrawn.
Almost similar standards for interception exist under the Indian Telegraph Act, 1885 that governs the use of telegraphs – including telex and telegrams, the last of which was sent in July – and phone communications. Section 5 of the original Telegraph Act permitted the government to “take possession of” any telegraph on a threshold of public emergency and public safety quite identical to the regime under the Post Office Act.
After an amendment in 1972, section 5(2) of the Telegraph Act lays down the current conditions for intercepting phone calls. The initial conditions – “on the occurrence of any public emergency, or in the interest of the public safety” – were required to be tied to one of these following additional considerations: the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, or for preventing incitement to the commission of an offence.
After independence, the Indian Telegraph Rules, 1951 were issued and rule 419 attempted to put in place a procedure to regulate interceptions of communications. Both section 5(2) of Telegraph Act and rule 419 of the Telegraph Rules were challenged and subsequently examined by the Supreme Court in 1996. In a landmark decision, the Supreme Court held that phone communications were protected by the right to privacy which flowed from the right to personal liberty. Following a seminal 1978 decision that required intrusions into personal liberty conform to a procedure that is just, fair and reasonable, the Supreme Court measured the interception provisions of the Telegraph Act against that standard and found it wanting.
However, instead of striking down the provisions, it introduced basic procedures to accompany such phone-taps to meet the ‘just, fair and reasonable’ benchmark. Thereafter, in 1999, the government incorporated these procedures into a new rule 419-A of the Telegraph Rules. The new rule 419-A restricted the power to order phone-taps to only senior administrative officers, required them to exhaust other less intrusive means, created a review committee to verify all phone-taps, required the interception orders to be targeted and specified and mandated record-keeping to create a paper-trail. These rules were expanded in 2007.
Similarly, provisions exist under sections 69 and 69B of the Information Technology Act, 2000 to intercept and monitor electronic communications sent using a computer. These interception empowerments are conditioned upon the same grounds that exist in the Telegraph Act – the sovereignty and integrity of India, the security of the State, friendly relations with foreign States, public order, or for preventing incitement to the commission of an offence – but, significantly, they do away with the outer threshold requirements of public emergency and public safety that exist for phone-taps.
In doing so, they lower the privacy standard for emails, chats, and so on. The two interception sections of the IT Act were introduced by way of an amendment in 2008 and were operationalised through two sets of rules issued in October 2009.
Bhairav Acharya is a constitutional lawyer practising in the Supreme Court of India. He advises the Centre for Internet & Society, Bangalore, on privacy law and other constitutional issues.
Also read: Turning India into a surveillance state - II
Such articles are only possible because of your support. Help the Hoot. The Hoot is an independent initiative of the Media Foundation and requires funds for independent media monitoring. Please support us. Every rupee helps.