Ever since the reports of alleged surveillance of phones of Indian rights activists and journalists via WhatsApp by operators using Israeli spyware Pegasus have come to light, speculations of human rights violation have been doing rounds.
Allegedly, NSO Group's Pegasus can snoop real-time activity on smartphones and can access camera and microphone on command.
Commenting on the issue, (Retd.) Justice B N Srikrishna told the Indian Express,
"If the reports are true, we may be sliding into an Orwellian State with Big Brother snooping on us, as depicted in the novel 1984."
Giving a word of caution to prevent governments and other entities from snooping on citizens, Justice Srikrishna said,
"Ensure that all surveillance is done strictly in accordance with and within the Constitutional parameters laid down in Part III of the Constitution and as interpreted in the Puttaswamy judgment."
"Generate strong public opinion against what you see as a clear onslaught on democratic and Constitutional rights of citizens."
Justice Srikrishna is a pioneer in the data laws regime, having headed the committee of experts on data protection. Whilst the data protection laws were still under consideration by the said committee, the right to privacy of an individual was recognized by the Apex Court in K. S. Puttaswamy v. Union of India, (2017) 10 SCC 1.
Adding to this celebrated ruling, the committee submitted a report and proposed a Draft Data Protection Bill in 2018 to bring about surveillance law reform in India, a bill that is yet to be placed before the Parliament.
Citing violation of the right to privacy, former RSS ideologue KN Govindacharya moved the Apex Court earlier this week, seeking NIA Investigation and lodging of FIR against Facebook, WhatsApp, NSO Group under the provisions of the Information Technology Act and Indian Penal Code.
As an interim measure, he also sought to restrain the Indian Government from using Pegasus for surveillance purposes.
The Ministry of Home Affairs of the Central Government had last year issued notification authorizing ten central agencies to intercept, monitor and decrypt any "computer" information. Considerably, smartphones being 'high-speed data processing devices' can be read into the definition of computer as stipulated under Section 2(i) of the IT Act, 2000 and thus the possibility of surveillance of smartphones cannot be ruled out.
The surveillance order was passed under Section 69(1) of the IT Act and on the rules of monitoring and collecting data, 2009. These rules allow a 'competent authority' to monitor and collect traffic data to prevent/probe matters related to cyber security.
Soon after the order came into public eye, several petitions challenging it were filed. However, the Ministry defended the order, stating that the surveillance will be done based on a stipulated process and purpose only.
"There is no blanket permission to any agency for interception or monitoring or decryption as the authorized agencies still require the permission of the competent authority. i.e Union Home Secretary in each case as per due process of law and justification for interception or monitoring or decryption," read the affidavit filed by the Central Government in Supreme Court.
However, the recent reports of targeted surveillance of Indian journalists have yet again pulled the discussion into mainstream, given smartphones have become a key device for almost all day-to-day activities.