Whatsapp Spyware : Union IT Minister Evades Question In Rajya Sabha On Whether Govt Sought Pegasus Services

Manu Sebastian

28 Nov 2019 11:59 AM GMT

  • Whatsapp Spyware : Union IT Minister Evades Question In Rajya Sabha On Whether Govt Sought Pegasus Services

    'No unauthorized interception has been done, to the best of my knowledge', Minister said.

    The Union Minister for Electronics and Information Technology Ravi Shankar Prasad refused to give a direct answer on the floor of Rajya Sabha on Thursday to a pointed query whether the Government of India have availed the services of Pegasus malware developed by Israeli spy firm NSO to target Whatsapp users.After repeated queries by members, the Minister said "no unauthorized interception...

    The Union Minister for Electronics and Information Technology Ravi Shankar Prasad refused to give a direct answer on the floor of Rajya Sabha on Thursday to a pointed query whether the Government of India have availed the services of Pegasus malware developed by Israeli spy firm NSO to target Whatsapp users.

    After repeated queries by members, the Minister said  "no unauthorized interception has been done, to the best of my knowledge".

    Congress Rajya Sabha MP Digvijaya Singh asked whether the Government of India or any agencies of the Government have done any business transaction or negotiations with NSO.

    Without giving a direct answer, the Minister replied :

    "My reply is very simple. When I say there is a proper operating procedure, under which the security agencies who are doing a tough job of keeping us secure operate, that operating procedure has to be followed. Now they want a specific thing, I have already replied very clearly and categorically".

    When Digivijaya Singh said that he was not challenging the standard operating procedure, but was seeking a specific answer on any deal between Indian government agencies and NSO, the IT Minister replied :

    "I have very specifically stated that the security agencies responsible follow a particular procedure. If there is any violation of particular procedure, we take action, tough action and also impose penalty".

    The minister's evasive reply led to a commotion in the house, with opposition members raising a clamour for a specific answer.

    Following this, Digivijaya Singh alleged that the Government was using Pegasus to spy on citizens, including MPs and judges.

    Anand Sharma, Congress MP, sought a reply from the IT Minister on whether there has been any "unauthorized" use of this spyware by the Government agencies, without following the procedure under the Information Technology Act.

    The Minister replied :

    "Any violation of established procedure is actionable in law. If anyone is having a problem, let them file an FIR or a formal complaint. To the best of my knowledge, no unauthorized interception has been done".

    RJD MP Manoj Kumar Jha then commented that the Minister was supposed to give a clear answer in affirmation or denial.

    The upper house was discussing the "Calling Attention" motion moved by Digvijaya Singh on the Whatsapp-Pegasus issue.

    Watch the reply of Union Minister R S Prasad :


    Earlier in the discussion, the IT Minister said that the Ministry sought a response from Whatsapp on November 1 after news reports about spyware attack on its users, including Indian citizens, appeared in media on October 31. 

    Pegasus Surveillance: All You Want To Know About The Whatsapp Suit In US Against Israeli Spy Firm [Read Complaint]

    Whatsapp sent a mail on November 2 communicating aspects relating to exploitation of vulnerability of its platform by the spyware.

    According to Whatsapp, during April-May, the spyware attacked its servers located in United States and elsewhere to target approximately 1400 users.

    On May 20, 2019, Whatsapp informed CERT-IN that it had identified and promptly fixed certain vulnerability issues in its platform and explained that vulnerability can no longer be exploited to carry out attacks, said the Minister.

    The Ministry had high level engagements with Whatsapp CEO Jan Koum and Vice President Chris Daniels in July and September 2019.

    "On September 5, 2019, WhatsApp wrote to CERT-In providing update to the security incident reported in May 2019 stating that while the full extent of this attack may never be known, WhatsApp continues to review the available info. It also mentioned that  based on Whatsapp log data available, it believed that attackers may have attempted to reach the devices of 121 Indians," Prasad said.

    Based on reports of this breach, the Ministry wrote to Whatsapp on the need to audit the security process of the platform. On November 18, it responded and the Ministry sought further clarification on November 26. CERT-In has also issued a notice to NSO regarding information about its malware and its impact on Indian users, said the Minister.

    "The Government is committed to ensure safety and security on messaging platforms like Whatsapp and others. There are adequate provisions in the Information Technology Act and the rules and regulations under it in this regard.Work is also in progress to strengthen the Information Technology Intermediary Rules 2011",said the Minister in his statement.

    After this, several members spoke, highlighting the reported statement of NSO that it gives services only to government agencies. The Government's failure to bring a data protection law was also underlined. The members also pointed out that only those activists and media persons who question the Government are in the list of suspected victims of the spyware attack.

    Responding to the queries raised by the members, the Minister said that widest consultation was going on data protection law, which was termed a 'work in progress'.

    The Minister also added that the competing interests of right to privacy and national security should be balanced. Citing Section 69 of the Information Technology Act and Section 5 of the Indian Telegraph Act, the Minister said that the interception and decrpytion of data is authorized in certain circumstances in the interests of national security. 

    Asserting that India's data sovereignty will never be compromised, the Minister said that the Government acted tough on Whatsapp on the issue of fake news, following which it introduced features to reduce the forwarding of messages. The Government has also been holding discussions on the traceability of originators of messages having criminal content. Following the initiative by Indian government, other countries such as USA and Australia have also started pressing Whatsapp on traceability issue. 

    "It is too much of a coincidence that a case is filed by Whatsapp in USA on the issue of Pegasus, when Indian government and other governments in the world are raising the issue of traceability", he said.

    The Indian government cannot join a private battle between Whatsapp and NSO in a USA court, he added.

    On reports of Indian activists, journalists and lawyers being targeted, the Minister said that there are enough provisions in the Information Technology Act to file complaints on breach of privacy. Till date no such complaint has been made. Instead, the issue is being politicized, added the Minister.




    Next Story