Logo

Defender of your Digital Freedom

Home > Digital Privacy > Surveillance – Is there a need for judicial oversight?

Surveillance – Is there a need for judicial oversight?

Sep 25,2013 | 04:10 am

Recent reports released by Yahoo and Facebook on requests for user data sent by Governments paint a grim picture of surveillance. The transparency report released by Yahoo on September 6, 2013 shows that the Indian Government sent 1,490 requests asking information about 2,704 user accounts. On August 27, 2013, Facebook released its first Global Government Requests Report. The figures revealed in the report accord India, the dubious distinction of being the country with the highest number of user data requests after the United States. The United States Government submitted 11,000-12,000 requests to Facebook demanding information about 20,00-21,000 users while the Indian Government submitted 3,245 requests demanding information of 4,144 users during the period from January to June 2013.

The data earlier released by Google and Microsoft also portrays an alarming picture. The Indian Government sent 2431 user data requests to Google demanding information about 4106 users during July – December 2012. In the case of Microsoft, the Government sent 418 user data requests asking for information regarding 594 user accounts in 2012. Considering these numbers, the data sought by the Government from Indian online service providers ranging from Rediff.com to MouthShut.com could also be huge. However, no such information is available.

The biggest hurdle to get information related to requests made by the Government about electronic records is the provision in the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 which makes all this information confidential. Rule 25(4) of these Rules mandates that strict confidentiality has to be maintained in respect of direction for interception or monitoring. Although Section 22 of the Right to Information Act, 2005 overrides the provisions in any law which are inconsistent with the RTI Act, the Government often cites national security as the reason to prevent access to this information. Thus, all we have to gauge the quantum of electronic surveillance which is going on are the transparency reports released by these online service providers.

SFLC.IN had filed an application under the RTI Act to obtain information on tapping of telephones and monitoring of emails. The Ministry of Home Affairs in its reply dated August 6, 2013 has stated that on an average 7500 to 9000 orders for interception of telephones and 300 to 500 orders for interception of emails are issued by the Central Government every month. If you add to this the orders issued by the State Governments for telephone tapping and email monitoring, the numbers will be shocking.

These figures could only be the tip of the iceberg as the legal provisions make it fairly easy for law enforcement agencies to gather this data. In India, S.91 of the Code of Criminal Procedure, 1973 (CrPC) gives powers to any officer in charge of a police station to ask for production of any document for the purpose of investigation. This broad provision is often misused by law enforcement agencies to get information from Internet Intermediaries.

Moreover, sub-rule 7 of Rule 3 of the Information Technology (Intermediaries Guidelines) Rules, 2011 makes it even easier for any law enforcement agency to obtain information from an intermediary. In addition to this, the Controller of Certifying Authorities(CCA) also has the power to request information from providers. Earlier, the CCA in reply to an application that we had filed under the RTI Act informed us that the CCA has received 103 requests for investigation from all agencies of the Government of India and State governments in the last three years and that the CCA has issued notices to Intermediaries in 73 instances. The CCA had in fact fined Yahoo for not complying with its order to provide user information. The Writ petition filed by Yahoo before the High Court of Delhi challenging this order and Rule 7(3) of the Intermediaries Guidelines Rules is pending.

Such broad provisions in the law, combined with the absence of a legislation which restricts such requests, has resulted in the Government and its agencies sending huge number of user data requests to service providers. These requests are made by agencies ranging from the Home Ministry to the local police stations. The huge numbers show that there clearly is a need for proper safeguards to be built into the system to protect the right to privacy of citizens. The sheer number of telephone tapping orders issued per month shows that the current mechanism consisting of top level officials for reviewing tapping orders, which is supposed to be a safeguard has been reduced to a mere formality.

There is an urgent need to evolve a proper legal framework to protect privacy of citizens when Government agencies request user information and monitor telephonic and electronic communication. The Supreme Court in the PUCL case had framed various guidelines to be observed while issuing orders to tap telephones. The review mechanism by which the tapping orders are reviewed by a team consisting of the Cabinet Secretary, Secretary in the Ministry of Law Affairs and Secretary of the Department of Telecommunications in the Centre and a similar mechanism in the state has in effect resulted in a system where the powers for issuing orders, execution and review are with the executive. The current legal framework as per the Telegraph Act or the Information Technology Act do not provide for a judicial oversight. In fact, the Supreme Court held in the PUCL case that that in the absence of any provision in the statute, it is not possible to provide for prior judicial scrutiny as a procedural safeguard. In view of the current surveillance rich environment cloaked in secrecy, it is time to start discussing whether judicial interference is required to balance privacy of citizens with compelling interests of the state.

Letter to Delhi Government Against Mandatory

Letter to Delhi Government Against Mandatory Installation of Aarogya Setu by Licensees of Wholesale Liquor Vends Recently, the Department of ...

Letter to Telangana Government Against Mandatory Aadhaar Data for Non-Agricultural Land Records

Letter to Telangana Government Against Mandatory Aadhaar Data for Non-Agricultural Land Records As Telangana's Dharani Portal goes live today, we wrote ...

Letter to Jawaharlal National University Against Mandatory Installation of Aarogya Setu by Employees and Students

Letter to Jawaharlal National University Against Mandatory Installation of Aarogya Setu by Employees and Students Recently, the Jawaharlal National University ...

Karnataka High Court Orders That State Cannot Deny Services or Benefits To Citizens Who Do Not Have Aarogya Setu

Update on Anivar A Aravind v. Ministry of Home Affairs, GM PIL WP (C) 7483 of 2020 : Karnataka High Court ...

Update on Anivar A Aravind v. Ministry of Home Affairs, GM PIL WP (C) 7483 of 2020

Update on Anivar A Aravind v. Ministry of Home Affairs, GM PIL WP (C) 7483 of 2020 SFLC.in’s advisory board ...

Our Comments on Draft Health Data Management Policy of the National Digital Health Mission

Our Comments on Draft Health Data Management Policy of the National Digital Health Mission The Ministry of Health and Family ...

Our Comments on the Non-Personal Data Governance Framework Report

Our Comments on the Non-Personal Data Governance Framework Report A committee of experts under the Chairpersonship of Mr. Kris Gopalakrishnan ...

RTI Reply by NITI Aayog on Working Document on Responsible AI: #AIForAll

RTI Reply by NITI Aayog on Working Document on Responsible AI: #AIForAll On July 30th, NITI Aayog had released a ...

Government of Rajasthan clarifies to SFLC.IN that Aadhar is not mandatory for COVID-19 testing

Government of Rajasthan clarifies to SFLC.IN that Aadhaar is not mandatory for COVID-19 testing Recently, it was brought to our notice that the Rajasthan ...

SFLC.IN’s Comments on NITI Aayog’s Working Document on Responsible #AIForAll

SFLC.IN's Comments on NITI Aayog's Working Document on Responsible #AIForAll The NITI Aayog released its working document on “Responsible #AIforAll” ...