By Hera Rizwan
The Ministry of Electronics and Information Technology (MeitY) amended the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, last week .
According to a gazette notification dated February 26, the revisions now authorise the Union and state home secretaries to instruct the removal of surveillance data six months after its collection.
As per the previous system, the power to delete surveillance records was exclusively held by the security agency conducting the surveillance, whether under the authorisation of the home ministry or a competent court, and with no specified timeframe for data deletion.
In addition to the amendments related to surveillance data deletion, MeitY also notified the computer resources of the National Investigation Agency (NIA) as "critical information infrastructure" under Section 70 of the IT Act 2000.
Also Read:New Criminal Reform Laws Will Bring
What do "intercept, monitor and decrypt" mean?
Tech lawyer Salman Waris said intercept means interfering with and recording telecommunication messages (calls, emails, etc.) in transit, whereas monitor refers to continuously observing the content of a communication and its usage.
Lastly, decrypt means deciphering encrypted communication back into its original, readable form.
These orders can be issued by the Union Home Secretary or authorised state officials in specific situations, such as, national security, to maintain public order or prevent incitement to an offence, and lastly, investigation of offences such as terrorism or organised crime.
Adding to this, Radhika Roy of Internet Freedom Foundation (IFF), explained, “These orders mainly mandate subscribers/intermediaries/person-in-charge to provide access to the information in computer resources or to intercept, monitor or decrypt information, as the case may be.”
Also Read:Ground Report: What Really Happened At Sandeshkhali?
‘Death knell of privacy’
According to Roy, the very aspect of “interception, monitoring and decrypting” information through any computer resource is an invasive process. “Further, the fact that these orders are to be destroyed every six months makes it difficult to hold the entity issuing the said order accountable. The new amendment, instead of enlarging transparency around such orders, widens the scope for the authorities that can destroy the orders,” she said.
Calling it a “death knell for privacy”, Roy flagged that this could allow the government to evade any responsibility surrounding intrusion into the communication of any citizen, “be it an opponent or a journalist”.
Besides, as per Waris, the said amendment to the rules can be construed as unconstitutional notification as it violates a series of judgments.
Some of these include, People’s Union for Civil Liberties (PUCL) v. Union of India, (1997) where the Supreme Court had laid down certain guidelines for interception of telephone calls under the Telegraph Act, 1885, and stressed the need for procedural safeguards and judicial review to protect the right to privacy.
In another case, Manohar v. Union of India, which came in the aftermath of Pegasus spyware attack, the apex court found that there was a prima facie case to create an Expert Committee to examine the allegations of unauthorised surveillance and privacy breaches by the Indian government and foreign parties on Indian citizens.
The Court also added that unauthorised surveillance of stored data from the digital devices of citizens through spyware for reasons other than the nation’s security would be illegal and objectionable.
Also Read:Can A Retweet Be Defamatory? What SC Said In The Kejriwal Defamation Case
Impacts on investigations
According to both experts, destroying records after 6 months might hamper ongoing investigations.
Waris explained, “The move will hinder the ability to pursue future investigations requiring historical data. The short retention period limits opportunities for independent oversight and judicial review to ensure the legality and necessity of surveillance methods.”
Speaking on how the amendment will jeopardise investigations related to abuse of power due to lack of any records or information, Roy said that IFF has been trying to secure the statistical data of the number of such orders issued since 2018.
She said, “We are yet to receive any information solely because the information has been destroyed and they do not even have any information about the number of orders issued. The matter is now before the Delhi High Court.”
Also Read:Secret PINs, Disappearing Chats: Telegram Is A Nightmare For Police
