Note4Students
From UPSC perspective, the following things are important :
Prelims level: Pegasus
Mains level: Whatsapp snooping
The Supreme Court has said its technical committee had so far received and tested 29 mobile devices suspected to be infected by Pegasus malware.
Why in news?
- It was alleged that the government used the Israel-based spyware to snoop on journalists, parliamentarians, prominent citizens and even court staff.
What is Pegasus?
- Pegasus is a spyware developed by NSO Group, an Israeli surveillance firm that helps spies hack into phones.
- In 2019, when WhatsApp sued the firm in a U.S. court, the matter came to light.
- In July 2021, Amnesty International, along with 13 media outlets across the globe released a report on how the spyware was used to snoop hundreds of individuals, including Indians.
- While the NSO claims its spyware is sold only to governments, none of the nations have come forward to accept the claims.
Threats created by Pegasus
- What makes Pegasus really dangerous is that it spares no aspect of a person’s identity.
- It makes older techniques of spying seem relatively harmless.
- It can intercept every call and SMS, read every email and monitor each messaging app.
- Pegasus can also control the phone’s camera and microphone and has access to the device’s location data.
- The app advertises that it can carry out “file retrieval”, which means it could access any document that a target might have stored on their phone.
Dysfunctions created
- Privacy breach: The very existence of a surveillance system, whether under a provision of law or without it, impacts the right to privacy under Article 21 and the exercise of free speech under Article 19.
- Curbing Dissent: It reflects a disturbing trend with regard to the use of hacking software against dissidents and adversaries. In 2019 also, Pegasus software was used to hack into HR & Dalit activists.
- Individual safety: In the absence of privacy, the safety of journalists, especially those whose work criticizes the government, and the personal safety of their sources is jeopardised.
- Self-Censorship: Consistent fear over espionage may grapple individuals. This may impact their ability to express, receive and discuss such ideas.
- State-sponsored mass surveillance: The spyware coupled with AI can manipulate digital content in users’ smartphones. This in turn can polarize their opinion by the distant controllers.
- National security: The potential misuse or proliferation has the same, if not more, ramifications as advanced nuclear technology falling into the wrong hands.
Snooping in India: A Legality check
For Pegasus-like spyware to be used lawfully, the government would have to invoke both the IT Act and the Telegraph Act. Communication surveillance in India takes place primarily under two laws:
- Telegraph Act, 1885: It deals with interception of calls.
- Information Technology Act, 2000: It was enacted to deal with surveillance of all electronic communication, following the Supreme Court’s intervention in 1996.
Cyber security safeguards in India
- National Cyber Security Policy: The policy was developed in 2013 to build secure and resilient cyberspace for India’s citizens and businesses.
- Indian Computer Emergency Response Team (CERT-In): The CERT-In is responsible for incident responses including analysis, forecasts, and alerts on cybersecurity issues and breaches.
- Indian Cyber Crime Coordination Centre (I4C): The Central Government has rolled out a scheme for the establishment of the I4C to handle issues related to cybercrime in the country in a comprehensive and coordinated manner.
- Budapest Convention: There also exists Budapest Convention on Cybercrime. However, India is not a signatory to this convention.
Issues over government involvement
- It is worth asking why the government would need to hack phones and install spyware when existing laws already offer impunity for surveillance.
- In the absence of parliamentary or judicial oversight, electronic surveillance gives the executive the power to influence both the subject of surveillance and all classes of individuals, resulting in a chilling effect on free speech.
Way forward
- The security of a device becomes one of the fundamental bedrock of maintaining user trust as society becomes more and more digitized.
- Constituting an independent high-level inquiry with credible members and experts that can restore confidence and conduct its proceedings transparently.
- The need for judicial oversight over surveillance systems in general, and judicial investigation into the Pegasus hacking, in particular, is very essential.
Conclusion
- We must recognize that national security starts with securing the smartphones of every single Indian by embracing technologies such as encryption rather than deploying spyware.
- This is a core part of our fundamental right to privacy.
- This intrusion by spyware is not merely an infringement of the rights of the citizens of the country but also a worrying development for India’s national security apparatus.
UPSC 2023 countdown has begun! Get your personal guidance plan now! (Click here)
Get an IAS/IPS ranker as your 1: 1 personal mentor for UPSC 2024