Author Archives: Praveen Dalal

Surveillance And Censorship Under Digital India And Aadhaar Regimes

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBThe recent big profile political drama that we witnessed in the Lok Sabha and Rajya Sabha regarding Aadhaar has once again reminded us how vulnerable we are in India when it comes to Civil Liberties, especially the Civil Liberties Protection in Cyberspace. Aadhaar Bill was imposed upon Indians by introducing it as a “Money Bill” and thereby shielding it from the “Rajya Sabha Scrutiny” and abdicating “Parliamentary Democracy”. The only thing more disturbing than this “Negative Precedent” is the inaction and silence on the part of Hon’Ble President of India and Supreme Court of India. There is no reason why Aadhaar Project has not been declared “Unconstitutional” by the Supreme Court of India so far. Further, there would be no reason why Supreme Court of India would not declare the Aadhaar Bill as Unconstitutional and Void now when the intentions of Indian Government are very clear.

In these turbulent times, it is imperative that we need “Public Discourses” and “Debates” rather than shunning the same. We have been managing few web resources where we discuss critical issues about Indian Politics. We have rejuvenated one such Blog with the new title Internet, Mobile And Social Media Censorship In India By Twitter, Facebook, Google, Etc. It is covering Censorship and E-Surveillance issues existing in India for long. With the changed Socio-Economic and Political situation in India, it is essential that critical debates about controversial issues like Digital India, Aadhaar, National Intelligence Grid (NATGRID), Central Monitoring System (CMS), Internet Spy System Network And Traffic Analysis System (NETRA), E-Surveillance by Secret Wires, etc are discussed at this platform.

The worst scenario has been adopted by Narendra Modi Government by combining the Digital India and Aadhaar Projects. This has made Digital India the biggest Digital Panopticon of Human history. Similarly, the Government has clubbed Aadhaar with virtually everything ranging from Digital Locker, Passports, Birth and Marriage Certificates, Property dealings, Employment related issues, Public Distribution System (PDS), LPG, Scholarships, Domicile Certificate, Income Certificates, seeding with Bank accounts for Pensions, etc. This is despite the fact that Supreme Court of India has specifically ordered that Aadhaar is not mandatory for availing Public Services.

There is no second opinion that successive Indian Government(s) have been engaging in Illegal and Unconstitutional E-Surveillance. India is one of the few Countries where Phone Tapping is done without a “Court Warrant”. Further, with the introduction of Central Monitoring System of India, the scope for Judicial intervention has been absolutely ruled out. Cell Site Location based E-Surveillance is rampant in India with no regard to Privacy of those affected by the same. There is no Constitutional Lawful Interception Law in India as on date. To make the matter worst, we have no dedicated Privacy Law and Data Protection Laws (PDF) in India as on date. Any E-Surveillance Disclosure by companies like Vodafone is dumped inside the so called “Investigation Files” that are either not conducted at all or are not made public.

However, despite this some public spirited Citizens share their critical views and suggestions upon news websites, Blogs, Social Media platforms, etc. At this stage, Indian Government engages in “Censorship” of online contents in collaboration and active support of such Social Media websites. Technology Companies like Google, Microsoft, Twitter, Facebook, etc have been complying with Indian Government’s demands for Censorship and Data details form time to time. This is the reason why we have redesigned this Blog on Censorship and E-Surveillance. We have also opened dedicated page titled Censorship under Digital India that would report Censorship incidences by Social Media websites and Technology Companies from time to time. We are also managing the exclusive Techno Legal Centre Of Excellence For Protection Of Human Rights In Cyberspace (CEPHRC) that would support this Blog and other Public Interest oriented issues. Please visit us again for more details and articles on E-Surveillance and Censorship in India from time to time.

Human Rights Protection In Cyberspace Must Be Internationally Recognised

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBHuman Rights and Civil Liberties are witnessing a precarious time where the respective Governments of various Nations are least concerned about them. Governments and their Agencies are openly engaging in Illegal and Unconstitutional E-Surveillance and Eavesdropping. Since there is no clear cut “International Obligations” on the part of our respective Governments to the contrary, these Governments are absolutely free to do whatever they want. The only solace can be found in the form of the text approved by the United Nations regarding Right to Privacy in the Digital Age.

This situation is further made worst due to Conflict of Laws in Cyberspace that allows the Nations to adopt and use their own Policies regarding E-Surveillance and Eavesdropping. Take the example of India. There is nothing like Civil Liberties Protection in Cyberspace in India. On the contrary, India is one of the most Endemic E-Surveillance Nation of the world. India has been engaging in numerous Illegal and Unconstitutional E-Surveillance Project that also without any Parliamentary Oversight and Judicial Scrutiny. The Privacy Rights in India in the Information Age have no meaning as we have no dedicated Laws in the fields of Privacy and Data Protection (PDF).

As on date, Mass Surveillance in India is omnipresent. For instance, projects like Aadhaar, Central Monitoring System, Network and Traffic Analysis System (NETRA), National Intelligence Grid (NATGRID), National Cyber Coordination Centre (NCCC), etc are E-Surveillance Projects that are not supported by any Legal Framework and Parliamentary Oversight. In fact, Vodafone has confirmed that India has been using “Secret Wires” in the Telecom Infrastructure to indulge in E-Surveillance. Indian Department of Telecommunications suppressed the whole incidence with a mere assurance of “Investigation” that never took place. As per my personal information, no “Public Report” was made available in this regard by Indian Government so far.

Intelligence Agencies like GCHQ and NSA intercepted and stored webcam images of millions of innocent Internet users. The Command and Control (C&C) Servers of Malware FinFisher were found in 36 Countries, including India. There are also strong grounds to believe that India and United States are collaborating on Illegal and Unconstitutional E-Surveillance and Eavesdropping. There is an urgent need to take up the issues of Civil Liberties Violations at the International Level among various stakeholders.

A good initiative in this regard has been taken by the Hague Institute for Global Justice. The Hague Institute has constituted a High Level Commission known as the Commission on Global Security, Justice and Governance (PDF). The official website of the Commission states that Humanity is facing unique and growing range of challenges like political violence, environmental decay, cyber insecurity and cross-border economic shocks. These issues have global security and justice implications that need urgent attention but far exceed state and global institutional capacities.

To overcome this capacity deficit, The Hague Institute for Global Justice and the Stimson Center have convened a Commission on Global Security, Justice, and Governance. The Commission also brings together a select group of eminent statespersons and public intellectuals to draft and recommend reforms in this regard that would be considered during the 70th Anniversary Summit of the United Nations in September 2015.

This can be a good opportunity to consider and debate about Civil Liberties Protection in Cyberspace by various Nations. There is an urgent need to bring Transparency, Accountability and Parliamentary Oversight of the Illegal and Unconstitutional E-Surveillance activities of various Nations, including India.  The United Nations and its Affiliates/Agencies can play a pro active role in this regard.

I hope and wish that the Commission on Global Security, Justice, and Governance would consider all these issues so that Governments can behave in a “Responsible and Accountable Manner”.

E-Surveillance Projects Of India Need Parliamentary Oversight And Judicial Scrutiny

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBThe National Intelligence Grid (NATGRID) Project of India is an intelligence related project of Indian Government that is intended to give Intelligence Agencies a “Centralised Access” to information of Indian Citizens/Residents. It is part and parcel of other Centralised E-Surveillance Projects of India like Central Monitoring System (CMS) Project of India, Internet Spy System Network and Traffic Analysis System (NETRA) of India, Crime and Criminal Tracking Network and Systems (CCTNS) Project of India, Aadhaar Project of India, etc. All these Projects are operating without any Legal Framework and without any Parliamentary and Judicial Scrutiny.

Although the BJP Government has not decided about the fate of National Counter Terrorism Centre (NCTC) of India yet it is supporting the NATGRID project. BJP seems to be following the Congress tradition of Non Transparency and Non Accountability regarding Law Enforcement Agencies and Intelligence Agencies of India. Conferring any sort of Legal Immunity upon such Agencies would further complicate the scenario.

It is not the case that BJP Government is not aware of these circumstances. However, BJP has preferred not to take any action in this regard and this may create serious “Constitutional Issues” in the near future. Indian Citizens, Organisations and Entities are also well within their “Constitutional Rights” to refuse to cooperate with these e-Surveillance Projects as a compliance with illegal demands of projects like NATGRID, CCTNS, CMS, NETRA, Aadhaar, etc would  make them liable for various Civil and Criminal Liabilities. Similarly, Privacy Rights in India and their violations would also raise serious “Legal and Constitutional Issues”.

Recently Banks in India refused Aadhaar based authentication for banking purposes. Reserve Bank of India (RBI) has also postponed the implementation of biometric authentication for credit card swipe machines and ATMs due to protest by Banks of India. Now Banks in India refused to give direct access to NATGRID Project of its Customer’s Details.

Indian Laws and Polices are heavily leaning in favour of Illegal E-Surveillance, Phone Tapping and Eavesdropping. For instance, there is an urgent need to repeal the Telegraph and Cyber Law of India. There is also an urgent need to formulate a Lawful and Constitutional Interception Law of India as Phone Tapping in India is widely done in an Illegal and Unconstitutional Manner. E-Surveillance Policy of India is also required to be formulated that can specify the modes, manner and scope of E-Surveillance in India.

The Telecom Policy of India and Telecom Security Policy of India must also be aligned with the Constitutional Protections and must be clean from E-Surveillance Oriented Approach. India’s International E-Surveillance Collaborations must be subject to “Constitutional Restrictions and Judicial Scrutiny”. India has been using Illegal E-Surveillance and Secret Wires to indulge in Surveillance related activities. Even the claim of investigation by Indian Department of Telecommunications (DOT) regarding Government Snooping Allegations by Vodafone proved to be a Sham and Façade only as no “Public report” has been shared by DOT and Indian Government in this regard so far. The matter seems to have been “Put Under the Carpet” forever.

Clearly Illegal E-Surveillance, Phone Tapping and Eavesdropping would continue to exist in BJP led regime and Indian Citizens must protect their Civil Liberties in Cyberspace and real space on their own.

Supreme Court Of India Must Immediately Declare Aadhaar Project As Unconstitutional

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLB4Any Government holds the Public Resources in a “Fiduciary Capacity” as a Trustee for the future generation. This is the gist of the Public Trust Doctrine that is frequently applied by Courts around the World while dealing with Environment and natural resources related issues. Can this Doctrine be applied to “Public Money”? I believe it should be made applicable to the hard earned Public Money as well that is given to our Government in the form of various Taxes.

Can Politicians misappropriate Public Money through corrupt means and deposit the same in foreign banks out of the reach of Indian Government? Can Indian Capital be kept out of the reach of Indian Government so that it is not used for Development and Reforms in India? Can Indian Government spend enormous financial resources upon Projects that have no Parliamentary Oversight and are actually violating the protections conferred by the Indian Constitutions?

We all know that the answers to these questions cannot be anything except No. Still all of these Evils and Corrupt Practices are happening in India. When the latest BJP led Government was formed, the Supreme Court of India directed it to Constitute and Notify a Special Investigation Team (SIT) to probe Black Money deposited in Foreign Jurisdictions. The same we promptly done by the Narendra Modi led Government and I really appreciate this “Alacrity and Commitment” of Modi. Now the SIT has been constituted and it has already started functioning.

On the one hand India has recovered $310 million from Finmeccanica helicopter deal while on the other hand a sum of Rs 2,039 crore has been granted in the budget for the Aadhaar Project. India terminated the helicopter deal in January 2014 citing a breach of integrity after allegations of bribery emerged in Italy against executives at Finmeccanica’s helicopter unit. Surprisingly, the Modi Government did not find anything wrong with the Aadhaar Project that has already consumed thousand of Crore of hard earned Public Money without any Parliamentary Oversight, Transparency, and Accountability.

Those who have wasted Crore of hard earned Public Money upon the Illegal and Unconstitutional Aadhaar project must be made answerable to Indian Courts as soon as possible instead of granting further funds to the Aadhaar. This is giving a “Negative Signal” that “Constitutional Norms” are just Paper Words and the Powerful are simply beyond the reach of “Rule of Law”. This is also giving an indication that Politicians are beyond the Scrutiny and Reach of Indian Courts. This is a “Dangerous Trend” that has to be stopped immediately by the Supreme Court of India.

The only solaced for the Modi Government is a promise to formulate Legal Framework for the Aadhaar Project. However, this promise must not face the similar fate as witnessed during the Congress led Government. Even if the Modi Government succeeds in formulating a Law for Aadhaar Project, the same must be Just, Fair and Reasonable. It should not be of the type suggested by the Congress Government as that would not pass the “Test of Constitutionally” before the Supreme Court of India.

The Aadhaar Project is suffering from many “Vices and Illegalities”. These include Civil Liberties Violations, Unconstitutional E-Surveillance Issues, Data security and Cyber Security Issues, Compulsory Nature of Aadhaar, Unaccountable Intelligence Agencies, Foreign E-Surveillance Threats, Telecom Security Issues, Integration with Surveillance projects like NATGRID, Unconstitutional Biometrics Collections, etc. All these aspects make the Aadhaar Project an Unconstitutional Project that was required to be Scrapped by the Modi Government.

The Illegality of Aadhaar Project has already been Challenged before the Indian Courts. The Supreme Court of India has even held that the Aadhaar Number/Card cannot be made Compulsory for availing Public Services in India. The Supreme Court has also prohibited UIDAI from sharing Biometric Data with Indian Government Agencies without Data Owner’s Consent. This may have prompted the Modi Government to suggest Legislation for Aadhaar.

Our readers can access the Interim Order of the Supreme Court at Unique Identification Authority Of India And Anr. v. Central Bureau Of Investigation, SLP (Cr) No(s).2524/2014 (PDF).

Among all this Chaos and Illegalities one this is very clear. The current allocation of Public Funds to Aadhaar Project by the Modi Government has been done at a time when there is neither a Parliamentary Oversight nor any Techno Legal Measures to protect Civil Liberties of Indians. Of course, this is a mere allocation at this time and it would be a totally different story if no fund is utilised till the “Constitutional Roadblocks” are removed by the Modi Government. Till that time the funds must be kept intact.

As per media reports, the UIDAI is planning to spend precious 30 Crore of hard earned Public Money on “Convincing Indians” that Aadhaar is a “Welfare Scheme Project”. This is absurd to even suggest much less accepted as Aadhaar has no “Welfare Elements” attached to it whatsoever. From its present form one can easily deduce that Aadhaar Project is a Draconian E-Surveillance Project that has been launched along with other E-Surveillance Projects like Central Monitoring System (CMS), Internet Spy System Network and Traffic Analysis System (NETRA), etc. The fact is that Indian Government, Aadhaar Project and UIDAI are hiding truth from Indians.

Obviously, the Modi Government would approach the Supreme Court of India to make the Aadhaar Number/Card Compulsory for availing Government Services in India. The scenario has already changed in India as Government Departments are insisting upon use of Aadhaar as the “Exclusive Identity” for availing various Schemes and Services from them. They are making Aadhaar Mandatory despite the “Clear Directions” of Supreme Court. This is not only violation of various statutory provisions but is also a “Contempt of Court” as the Supreme Court’s order is binding upon all Government Authorities.

No Government Agency, Authority or Department can dare to flout Supreme Court’s order unless it has backing of Indian Government either directly or indirectly. If Government Departments and Authorities are insisting upon Aadhaar despite Supreme Court orders and the Indian Government is not taking any “Strict Action” against such Government Departments and Authorities, this is a clear indication that the Modi Government is not interested in following the orders of Indian Supreme Court regarding Aadhaar Project.

It is high time for Indian Supreme Court to declare the Aadhaar Project Unconstitutional and scrap the same till it is in conformity with “Constitutional Norms”. It is equally imperative for the Modi Government to not waste even a single Rupee upon Aadhaar till it is clear of various “Infirmities and Illegalities”.

Narendra Modi Must Scrap Aadhaar Project As Well Along With The Cabinet Committee On UIDAI

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLB4The Aadhaar Project is the most “Obnoxious” and “Evil” Project that Indian Government has been pursuing till now. In my personal opinion, the very foundation of Aadhaar Project is based upon “Lies and Deception” and this Project should have been “Scrapped” long before. However, the previous Government not only deliberately kept this “Illegal and Unconstitutional Project” alive but also wasted crore of “Hard Earned Public Money” on a Project that is clearly Illegal and Unconstitutional.

I still hold the same opinion about Aadhaar Project, i.e. Aadhaar Project must be “Scrapped Immediately” by the new Government. The Truth is that Aadhaar Project has no “Welfare Elements” involved but it is a “Purely E-Surveillance Project” that is operating in great disregard to “Constitutional Rights” of Indian Citizens.

Fortunately, the Constitutional Validity of Aadhaar Project has been questioned in the High Courts and Supreme Court of India. The Supreme Court has even held that Aadhaar Card/Number cannot be made mandatory for availing public services in India. The Supreme Court has also prohibited UIDAI from sharing biometric data with Indian Government Agencies without data owner’s consent. Even a Parliamentary Committed rejected the proposed National Identification Authority of India Bill 2010 finding it “Inadequate and Unsuitable”.

What is surprising is that despite all these “Illegalities and Irregularities”, the previous Government did not deem it fit to scrap the Aadhaar Project. Now it is the “Constitutional Duty” of the Narendra Modi led Government to scrap Aadhaar Project as soon as possible. Both the Judiciary and Parliament have shown their “Displeasures” against Aadhaar Project and this is sufficient hint for the present Executive to scrap this Unconstitutional Project.

Prime Minister Narendra Modi has already scrapped all the Empowered Groups of Ministers (EGoMs) and Groups of Ministers (GoMs). Now it has been reported that Prime Minister Narendra Modi on Tuesday scrapped four Cabinet Committees, including one on Unique Identification Authority of India (UIDAI), as part of his efforts to minimise decision-making processes. The Prime Minister will also be reconstituting the Appointments Committee of the Cabinet, the Cabinet Committee on Economic Affairs, the Cabinet Committee on Parliamentary Affairs, the Cabinet Committee on Political Affairs and the Cabinet Committee on Security.

This is a “Bold and Good Decision” in the “Right Direction”. The next step should be Scrapping of Aadhaar Project of India as it is a “Remedy Worst than Malady”. Narendra Modi Government must get rid of burdensome projects like Aadhaar and save valuable financial resources for useful public projects alone.

Natgrid Project Of India Needs Techno Legal Implementation

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLB4With the new Government in power, National Security and Internal Security Projects and Initiatives were on the cards. However, none could have anticipated that they would be taken up so early. In some positive developments, the efforts to strengthen the Internal Security of India have already been started. The appointment of the duo of Mr. Nripendra Mishra and Mr. Ajit Kumar Doval was the most crucial step in this direction.

The present efforts to streamline the establishment and running of the National Intelligence Grid (NATGRID) Project of India is another step in this direction. As per media reports, the contractual term of NATGRID CEO Mr. Raghu Raman have come to an end as his tenure has not been extended by the Government. However, avoidance of the establishment of a National Counter Terrorism Centre (NCTC) of India is a major setback for India’s Internal Security. Similarly, Indian Cyberspace must also be protected on a priority basis that has been neglected for long.

The NATGRID Project of India is a very ambitious Intelligence Gathering and Processing mechanism. NATGRID Project of India has gone through numerous stages and finally it is ready to be rolled out. However, from the very beginning NATGRID Project has not been implemented in a coherent and systematic manner due to internal turf wars and bureaucratic hurdles.

There is no doubt that NATGRID Project of India is of tremendous importance for the National Security of India on the one hand and Law Enforcement and Intelligence Requirements on the others. In fact, NATGRID is an essential part of the Law Enforcement Technologies in India.

NATGRID Project of India is not by itself “Intelligence Related Project” but a Project to facilitate Law Enforcement and Intelligence related inputs. Its purpose is to transform raw intelligence information and inputs in a more meaningful “Intelligence Lead”.  The present times is a time of do or die for NATGRID Project. This is more so when its counterpart Crime and Criminal Tracking Network and Systems (CCTNS) Project of India is performing much better.

NATGRID may be a good platform for India to strengthen its Intelligence and Law Enforcement Initiatives. However, it cannot survive in the absence of “Political Will” to make it an effective and responsible tool. With the benefits of NATGRID come the issues of “Accountability and Fairness” in its operation. India must formulate adequate “Safeguards” before making NATGRID functional. NATGRID is an essential requirement for robust and effective Intelligence Agencies and Law Enforcement Functions in India. The only requirement is to ensure that its “Abuses can be Anticipated, Prevented and Remedied”. The NATGRID project must not die like the other projects handled by India from time to time. NATGRID would also require skilled workforce and for that Skills Development for Intelligence Workforce is need of the hour. This would also be required to perform Open Source Intelligence through Social Media Platforms and Internet.

However, above all we have to make necessary changes at the Policy and Legislation Levels. For instance, the National Security Policy of India and Telecom Security Policy of India must be Techno Legal in nature that must “Balance” the National Security and Civil Liberties Requirements in India. There must be “Severe Punishment” for Illegal Phone Tapping that is rampant in India. The Intelligence Agencies of India Need Parliamentary Oversight and the Intelligence Infrastructure of India needs Transparency and Strengthening. There should not be any “Legal Immunity” to Intelligence Agencies of India in the absence of Parliamentary Oversight and the system of “Using Executive Orders” to confer “Legitimacy” upon Intelligence Agencies must be abandoned as soon as possible by the Government.

Enough time has already been wasted for the implementation of NATGRID Project and it is high time to deliver results. Once this is successfully done, the way to constitute National Counter Terrorism Centre of India would also be clear. I hope and wish that NATGRID Project of India would be operational very soon.

Intelligence Agencies Of India Need Parliamentary Oversight

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLBLaw enforcement and intelligence agencies of India are operating in a manner that cannot be considered to be legal and Constitutional in nature. The truth is that intelligence infrastructure of India needs transparency and strengthening. Privacy rights in India in the information age are blatantly violated that also with the aid of unconstitutional laws. Surprisingly India has no e-surveillance policy in effect and illegal e-surveillance projects like NETRA and Central Monitoring System (CMS) are openly operating in India with great disregard to our “Constitutional Norms”.

Firstly, there is an urgent need to repeal draconian laws like Telegraph Law and Indian Cyber Law. Secondly, there is a dire need to formulate dedicated telephone tapping law of India as soon as possible. Unfortunately, Indian Government is not serious about formulating a dedicated privacy law for India. Data protection and privacy rights in India are in real bad shape.

There is no second opinion that a lawful interception law is urgently needed in India. There have been some efforts in this direction in the form of a privacy law for India. It has been proposed that illegal phone tapping in India may attract Rs 2 crore penalties in future. However, before this provision becomes a part of any future law, the intelligence agencies of India have already expressed their apprehensions and reservations in this regard. Intelligence agencies of India are also demanding legal immunity against cyber deterrent acts without any transparency and accountability.

It is also true that the intelligence agencies of India are also not subject to Parliamentary Oversight that is need of the hour. This is more so when even the Right to Information Act, 2005 is not applicable to intelligence agencies and many law enforcement agencies of India. India “must reconcile” the civil liberties and national security requirements but the same is presently missing.

India’s own Projects like Aadhar, National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), Internet Spy System Network And Traffic Analysis System (NETRA) of India, etc are violative of civil liberties protection in cyberspace. None of them are governed by any legal framework and none of them are under Parliamentary scrutiny.

If this is not enough, phone tapping in India can be performed as a “Purely Executive Act” without any “Procedural Safeguards”, including the absence of a “Judicial Scrutiny”. India is one of the few Nations where phone tapping can be done without a “Court Warrant” at the “Executive Level” itself.  The digital life of Indian citizens is not at all safe and is open to various forms of e-surveillance and eavesdropping. In the absence of support form Indian Government, self defence is the only viable option left before Indian citizens to safeguard their digital lives.

Intelligence Infrastructure Of India Needs Transparency And Strengthening

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLB4The intelligence infrastructure of India is not in a very good shape. It is suffering from numerous evils and deficiencies that are impacting its effectiveness and utility. These shortcomings of intelligence infrastructure of India are, primarily, administrative, legal, financial, technological and human resource oriented. There are other related problems as well. For instance, the intelligence infrastructure of India is in big mess.  We need to develop intelligence gathering skills development in India so that effective intelligence can be generated, processed and used in real time.

On the administrative side there is lack of coordination among various intelligence agencies of India. This is further widened by the bureaucratic hurdles that forbid effective coordination and collaboration among various intelligence agencies of India. In fact, intelligence agencies and their functioning were bifurcated among different Government Departments instead of making them accountable to a single Department.  Now we have a chance to bring them together under a single Ministry/Department under Mr. Narendra Modi’s led BJP Government as the proposed Prime Minister’s Office (PMO) would emerge as a “Centralised National Reforms Point” of India.

On the legal side, there is no Parliamentary oversight of these intelligence agencies as well. The 10 points legal framework (PDF) has already been provided by Perry4Law in this regard. On the legislation front, a legal framework on the lines of Intelligence Services (Powers and Regulation) Bill, 2011 must be formulated and enacted by our Parliament. The National Intelligence Grid (Natgrid) Project of India has already been launched. However, a legal framework for Natgrid project of India is also needed as an unaccountable Natgrid is not a panacea for intelligence failures of India.

Further, we need to repeal the laws like Information Technology Act, 2000 (IT Act 2000), Indian Telegraph Act, 1885, etc and come up with better laws so they remain Constitutional. These laws have become an instrumentality to violate Civil Liberties in Cyberspace of Indian Citizens by both our Politicians and intelligence agencies of India. Even private detectives have been exploiting the loopholes present in these laws to violate Constitutional Rights of Indian Citizens. Similarly, crucial laws are absent from Indian statute books. These include law regarding Privacy, Data Protection (PDF), Telecom Security, Encryption, Cloud Computing, etc. that must be formulated urgently.

On the financial side, proper allocation of funds at appropriate time is need of the hour. Intelligence agencies of India need to upgrade their infrastructure, especially technological ones, and in the absence of adequate and timely funding, this usually receives a setback. Bureaucratic hurdles and Inter-Department rivalries have affected intelligence agencies funding in the past and this mistake must not be repeated now.

The technological challenges before the intelligence agencies are very vexing in nature. There has been very negligible technological upgradation and modernisation of intelligence infrastructure of India. Further, there are numerous Cyber Security Challenges before the Narendra Modi Government as on date. Thus, Indian cyberspace must be protected on a priority basis. Both offensive and defensive cyber security capabilities of India must be developed to tackle any future cyber espionage and cyber warfare activities against India and her critical infrastructures (PDF). If done in a legal and “Constitutional Manner”, even legal immunity can be granted to people working to deter cyber attacks against India.

Similarly, to protect India’s interests, the National Counter Terrorism Centre (NCTC) of India must be constituted urgently. The Unsolvable Terrorism Dilemma of India cannot be resolved in the absence of a NCTC and coordinated efforts in this regard. In short, Indian counter terrorism capabilities need rejuvenation by one means or other.

On the human resources front, the intelligence agencies of India should recruit more manpower, especially the tech savvy and young officers. Young field operatives must be trained to do intelligence works.

In short, intelligence agencies of India must not only be strengthened but they must be made more transparent and accountable.

Radio Waves And Malware Used By United State’s NSA For World Wide E-Surveillance

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLBE-Surveillance and Eavesdropping is on rise World over.  It is wrong to blame United States (U.S.) alone for E-Surveillance as it is difficult to accept that other Nations, including India, are not engaging  in such activities. Spying and E-Surveillance has many decades of history and only the form has changed with the advent and use of Information and Communication Technology.

However, what is problematic is the “Fact of Denial” of such E-Surveillance by various Countries. Even worst is the fact that almost all of these E-Surveillance and Eavesdropping activities are performed in an “Unconstitutional Manner”.

In the past it has been reported that U.S. is the biggest buyer of Malware in the World. It is well known that Global Cyber Espionage Networks are being actively and covertly used to Spy on other Nations. This is evident from the fact that the Command and Control Servers of Malware FinFisher were also found in 36 Countries, including India.

Countries across the World have started to strengthen their Cyber Security Capabilities. While protecting their own Cyberspace domain, various Countries must understand that Cyber Security is an International Issue (PDF) and not a National one. Therefore, an International Cyber Security Treaty is Required (PDF). As far as India is concerned, the Cyber Warfare Policy of India (PDF) and E-Surveillance Policy of India (PDF) must be urgently drafted and implemented. Similarly, Self Defence and Privacy Protection in India must be ensured.

During the exposure of engagement of E-Surveillance by the National Security Agency (NSA) of U.S., James Clapper confirmed that NSA is targeting Foreign Citizens for Surveillance. This E-Surveillance is further “Combined” with Tactics and Techniques of Cyber Warfare, Cyber Espionage and Cyber Terrorism, etc. Highly Sophisticated Malware like Stuxnet, Duqu, Flame, etc have been made and used by Nations as Cyber Tools to launch Stealth Cyber Attacks against other Nations.

These Malware used Cyber Attack Methods and Vectors that are far beyond the Capacity of Traditional Cyber Security Mechanisms to Trace and Prevent. This becomes a serious Cyber Security Issue when Critical ICT infrastructures are at stake. For instance, the critical Infrastructure Protection in India and its Problems, Challenges and Solutions (PDF) are still to be looked into with Great Priority by Indian Government. It is only now that India has declared that NTRO would protect the Critical ICT Infrastructures of India. Similarly, a Tri Service Cyber Command for Armed Forces of India is in Pipeline. Nevertheless, the Cyber Security Infrastructure of India is Weak and it must be improved as soon as possible.

Recently, Defence Research and Development Organisation (DRDO) Computer Systems were breached and sensitive files were leaked. India must ensure both Offensive and Defensive Cyber Security Capabilities. Cross Border Cyber Attacks, Authorship Attribution and Cyber Crimes Convictions are very “Difficult to Prove”. This gives lot of space for “Blame Game” and denying the “Culpability” for Cyber Attacks. Countries around the World are blaming each other for Cyber Espionage and Cyber Attacks while not admitting their own Acts and Omissions.

The present Cyber Attack Techniques and Methods are not only “Evolving” but they are “”Specifically Designed” do that they remain “Untraceable” and “Anonymous”. For instance, it has been reported that NSA has been using Radio Waves and Malware for engaging in world wide E-Surveillance. Thus, whether a Computer System is Online, Offline or an Isolate one, the “Combined Technique” of Malware Imbedded Hardware, Spyware and Malware and Radio Waves can allow NSA to get the “Relevant Information” with some effort in this regard.

India’s own Projects like Aadhar, National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), Internet Spy System Network And Traffic Analysis System (NETRA) of India, etc are violative of Civil Liberties Protection in Cyberspace. None of them are governed by any Legal Framework and none of them are under Parliamentary Scrutiny.

Recently United Nations (UN) Third Committee Approved Text Titled Right to Privacy in the Digital Age. However, this is not “Deterring” Countries to engage in E-Surveillance in an “Unconstitutional Manner”. Privacy Rights in India in the Information Age need to be protected at the “Constitutional Level” otherwise Privacy would have no meaning in India. This equally applies to other Countries and something must be “Seriously Done” in this regard so that Civil Liberties in Cyberspace can be protected. We must not forget that When Rights are Outlawed only Outlaws will have Rights.

Privacy Rights In India In The Information Age

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLB4We have no Dedicated Privacy Laws in India and Data Protection Laws in India. In fact, when it comes to respecting Privacy of Indian Citizens, Government of India tries its level best to avoid the same.

For instance, India has launched Projects like Aadhar, National Intelligence Grid (NATGRID), Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre (NCTC), Central Monitoring System (CMS), Centre for Communication Security Research and Monitoring (CCSRM), Internet Spy System Network And Traffic Analysis System (NETRA) of India, etc. None of them are governed by any Legal Framework and none of them are under Parliamentary Scrutiny.

Further, India is the only country of the World where Phone Tapping and Interceptions are done without a Court Warrant and by Executive Branch of the Constitution of India. Phone Tapping in India is “Unconstitutional” and the Parliament of India has not thought it fit to enact a “Constitutionally Sound Law” for Phone Tappings and Lawful Interceptions. Even the Supreme Court’s directions in PUCL case have proved futile and presently the Court is dealing with the issue once more.

Phone Tapping in India has been in controversies for long. Whether it is Illegal Phone Tapping by Private Individuals or Unaccountable Phone Tapping by Indian Government and its Agencies, Phone Tapping in India has never been smooth.

There is a blessing in disguise in Ratan Tata’s Petition before Supreme Court of India. This is a golden chance for the Supreme Court of India to analyse the “Implementation” of its decision in the PUCL case (Phone Tapping Case). The Supreme Court must “Widen” the scope of Privacy Rights in India not only in the context of Phone Tapping but in an “Overall Manner”. The Supreme Court must formulate and lay down the widest possible “Guidelines” regarding Privacy Protection in India as it has done in the Vishaka’s Case (Guidelines against Sexual Harassment). The Supreme Court has even said that with the Technological Advancement, Privacy is virtually disappearing.

On the front of Legal Framework as well we have no Dedicated and Constitutionally Sound Lawful Interception Law in India. The Indian Telegraph Act, 1885 and other similar Laws are not in “Conformity” with the Constitution of India, especially Fundamental Rights of Indians. Even the Home Ministry of India is considering enactment of a Lawful Interception Law in India.

However, what is more surprising is the fact that the Law Enforcement Agencies and the Intelligence Agencies that indulge in Unconstitutional E-Surveillance and Phone Tapping are themselves Governed by No Law. It is no surprise that the Central Bureau of India (CBI) is also not governed by any Law and it is operating in India Without any Law. It is only now that the Central Bureau of investigation act 2010 was drafted. Till now it is a mere draft and has not become an enforceable law. Even the Constitutional Validity of the National Investigation Agency Act 2008 is doubtful. Even the Draft Intelligence Services (Powers and Regulations) Bill, 2011 has been recently circulated in the Parliament of India. India must urgently formulate E-Surveillance Policy so that the E-Surveillance conducted by Intelligence Agencies and Law Enforcement Agencies of India can be regulated.

Surprisingly, we have no E-Surveillance Policy in India and Legal Framework in this regard. This is despite the fact that many Indian Projects are so E-Surveillance Oriented that they cannot pass the scrutiny provisions of Indian Constitution. Of all these E-Surveillance Projects Aadhar Project of India or Unique Identification Project of India (UID Project of India) is the most “Dangerous Project” that should not be there at the very first place. It is based upon Deceit and Deception and both Indian Government and Unique Identification Authority of India (UIDAI) are Hiding Truth from Indians. There is no Legal Framework, no defined Policies and Guidelines and most importantly no Procedural and Civil Liberty Safeguards.

If this was not enough the sole Cyber Law of India (Information Technology Act 2000) was amended through the Information Technology Amendment Act 2008. The IT Act 2008 made the Cyber Law of India an “Unregulated and Unaccountable” piece of E-Surveillance Legislation. It is now wide open to misuses by Indian Government and its Agencies. Further, the IT Act 2008 also violated various provisions of Indian Constitution and hence is “Unconstitutional” as well. Ideally Cyber law Of India must be repealed as soon as possible.

If Parliament of India has abdicated its duties and Indian Judiciary is watching as a moot spectator, it becomes of paramount importance for Cabinet Committee on Security (CCS), Union Cabinet and Prime Minister’s Office (PMO) to “Disallow” all such Projects till proper Civil Liberty Safeguards and Legal Frameworks are at place.