Blog

Such agencies are empowered to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted, any information generated, transmitted, received or stored in any computer resource

According to a 2019 statement by the government, there are 10 such authorised agencies

Mishra’s comment does not further clarify issues with phone tapping activities or the previous privacy breaches where the government’s role has been questioned

Union Minister Ajay Kumar Mishra said in Lok Sabha recently that only authorised law enforcement agencies are empowered to tap telephones or intercept and monitor any electronically transmitted information.

Mishra said this in response to a question on whether national or international agencies are authorised to monitor and decrypt any digital information, including WhatsApp conversations.

Replying to the written question, Mishra said, “Only authorised law enforcement agencies in the country, are empowered to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted, any information generated, transmitted, received or stored in any computer resource as per legal provisions of section 69 of the Information Technology Act, 2000.”

Safeguards and review mechanisms for telephone tapping have also been prescribed in the Information Technology (Procedure and Safeguards for Interception and Monitoring and Decryption of Information) Rules, 2009, Mishra added further.

According to a 2019 statement by the government, Intelligence Bureau, Central Bureau of Investigation, Enforcement Directorate, Narcotics Control Bureau, National Investigation Agency are among the 10 authorised agencies that were entitled to tap phones of any citizen.

However, Mishra’s latest comment does not give any further clarification on phone tapping activities or the previous privacy breaches where the government’s role has also been questioned.

This comes at a time when Indians are already concerned about privacy issues, especially in a country where all government-mandated data such as Aadhaar continues to be plundered in the name of providing services and with links to the citizen’s mobile numbers, these data are being left out in the open for others to use and abuse, as reported Inc42 in 2020. The concerns have increased further following the Pegasus-WhatsApp spying controversy.

The Pegasus-WhatsApp Controversy

Pegasus, a malware/spyware developed by Israel’s NSO Group, is designed to access any smartphone through zero-click vulnerabilities remotely. Once a phone is infiltrated, the spyware can access the entire data on that phone. 

The Pegasus-WhatsApp spying controversy erupted in 2019 and it alleged the government’s involvement in the data breach of hundreds of Indians through the messaging app. There has also been much mudslinging among organisations as to who was responsible for breaking into the phones of the Indian social activists, lawyers and journalists.

Since the spying controversy happened, the Indian government has been repeatedly questioned on whether it did indeed spy on its citizens. And the government has also denied its involvement in the phone tapping row.

However, the Meta-backed global tech giant WhatsApp, which was being criticised by all corners for the Pegasus spyware and the alleged data breach, revealed in 2019 that the Indian government had previously used the Israeli spyware to spy on a dozen users, including academics, lawyers, activists and journalists, Inc42 reported.

In 2020, the government was actively cracking down on Chinese apps and investors following the Pegasus row with an apparent intention of protecting the data sovereignty of the country. However, it turned out that it’s actually the same data that the Indian government was looking to intercept and monitor.

To that extent, the Indian government launched an official instant messaging platform last year called Sandes amid the controversy surrounding the alleged use of WhatsApp spying tool Pegasus on Indian citizens. Once again this action could not answer as to how safe data would be on this government-backed homegrown messaging platform.

Mishra’s statement on Tuesday still leaves a number of cliffhangers. Cybersecurity expert Anand Venkatanarayanan said a few months back before the Supreme Court-appointed Technical Committee that there are enough indicators that the Indian state had bought Pegasus. He also confirmed that senior journalists Sushant Singh and Siddharth Varadrajan’s phones were Pegasus infected.

The government on the other hand has maintained that Pegasus is being used to malign the Indian government, instead of ordering a probe into the case.