Monthly Archives: May 2014

Intelligence Infrastructure Of India Needs Transparency And Strengthening

PRAVEEN-DALAL-MANAGING-PARTNER-OF-PERRY4LAW-CEO-PTLB4The intelligence infrastructure of India is not in a very good shape. It is suffering from numerous evils and deficiencies that are impacting its effectiveness and utility. These shortcomings of intelligence infrastructure of India are, primarily, administrative, legal, financial, technological and human resource oriented. There are other related problems as well. For instance, the intelligence infrastructure of India is in big mess.  We need to develop intelligence gathering skills development in India so that effective intelligence can be generated, processed and used in real time.

On the administrative side there is lack of coordination among various intelligence agencies of India. This is further widened by the bureaucratic hurdles that forbid effective coordination and collaboration among various intelligence agencies of India. In fact, intelligence agencies and their functioning were bifurcated among different Government Departments instead of making them accountable to a single Department.  Now we have a chance to bring them together under a single Ministry/Department under Mr. Narendra Modi’s led BJP Government as the proposed Prime Minister’s Office (PMO) would emerge as a “Centralised National Reforms Point” of India.

On the legal side, there is no Parliamentary oversight of these intelligence agencies as well. The 10 points legal framework (PDF) has already been provided by Perry4Law in this regard. On the legislation front, a legal framework on the lines of Intelligence Services (Powers and Regulation) Bill, 2011 must be formulated and enacted by our Parliament. The National Intelligence Grid (Natgrid) Project of India has already been launched. However, a legal framework for Natgrid project of India is also needed as an unaccountable Natgrid is not a panacea for intelligence failures of India.

Further, we need to repeal the laws like Information Technology Act, 2000 (IT Act 2000), Indian Telegraph Act, 1885, etc and come up with better laws so they remain Constitutional. These laws have become an instrumentality to violate Civil Liberties in Cyberspace of Indian Citizens by both our Politicians and intelligence agencies of India. Even private detectives have been exploiting the loopholes present in these laws to violate Constitutional Rights of Indian Citizens. Similarly, crucial laws are absent from Indian statute books. These include law regarding Privacy, Data Protection (PDF), Telecom Security, Encryption, Cloud Computing, etc. that must be formulated urgently.

On the financial side, proper allocation of funds at appropriate time is need of the hour. Intelligence agencies of India need to upgrade their infrastructure, especially technological ones, and in the absence of adequate and timely funding, this usually receives a setback. Bureaucratic hurdles and Inter-Department rivalries have affected intelligence agencies funding in the past and this mistake must not be repeated now.

The technological challenges before the intelligence agencies are very vexing in nature. There has been very negligible technological upgradation and modernisation of intelligence infrastructure of India. Further, there are numerous Cyber Security Challenges before the Narendra Modi Government as on date. Thus, Indian cyberspace must be protected on a priority basis. Both offensive and defensive cyber security capabilities of India must be developed to tackle any future cyber espionage and cyber warfare activities against India and her critical infrastructures (PDF). If done in a legal and “Constitutional Manner”, even legal immunity can be granted to people working to deter cyber attacks against India.

Similarly, to protect India’s interests, the National Counter Terrorism Centre (NCTC) of India must be constituted urgently. The Unsolvable Terrorism Dilemma of India cannot be resolved in the absence of a NCTC and coordinated efforts in this regard. In short, Indian counter terrorism capabilities need rejuvenation by one means or other.

On the human resources front, the intelligence agencies of India should recruit more manpower, especially the tech savvy and young officers. Young field operatives must be trained to do intelligence works.

In short, intelligence agencies of India must not only be strengthened but they must be made more transparent and accountable.

Right To Be Forgotten Enforced Against Google By Court Of Justice Of The European Union (ECJ)

Right To Be Forgotten Enforced Against Google By Court Of Justice Of The European Union (ECJ)Recently the Court of Justice of the European Union (ECJ) held that Google must ensure “Right To Be Forgotten” to its users. This is a significant and landmark judgment against Google that would have world wide ramifications.

Before we proceed further with the judgment, it would be pertinent to analyse the background documents in this regard. These documents are as follows:

(1) Directive 95-46-EC Of The European Parliament And Of The Council On The Protection Of Individuals With Regard To The Processing Of Personal Data And On The Free Movement Of Such Data (PDF) (Directive 95/46/EC)

(2) Regulation (EC) No 1882-2003 Of The European Parliament And Of The Council Of 29 September 2003 (PDF)

(3) Reference For A Preliminary Ruling From The Audiencia Nacional (Spain) Lodged On 9 March 2012 — Google Spain, S.L., Google Inc. v Agencia Española de Protección de Datos, Mario Costeja González (PDF)

(4) Judgment Of The Court (Grand Chamber) (PDF)

(5) Google Spain SL, Google Inc. v Agencia Española de Protección de Datos Judgment in Case C-13112 (PDF) (Press Release)

The ECJ held that Article 2(b) and (d) of Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data are to be interpreted as meaning that, first, the activity of a search engine consisting in finding information published or placed on the internet by third parties, indexing it automatically, storing it temporarily and, finally, making it available to internet users according to a particular order of preference must be classified as “processing of personal data” within the meaning of Article 2(b) when that information contains personal data and, second, the operator of the search engine must be regarded as the “controller” in respect of that processing, within the meaning of Article 2(d).

Article 4(1)(a) of Directive 95/46 is to be interpreted as meaning that processing of personal data is carried out in the context of the activities of an establishment of the controller on the territory of a Member State, within the meaning of that provision, when the operator of a search engine sets up in a Member State a branch or subsidiary which is intended to promote and sell advertising space offered by that engine and which orientates its activity towards the inhabitants of that Member State.

Article 12(b) and subparagraph (a) of the first paragraph of Article 14 of Directive 95/46 are to be interpreted as meaning that, in order to comply with the rights laid down in those provisions and in so far as the conditions laid down by those provisions are in fact satisfied, the operator of a search engine is obliged to remove from the list of results displayed following a search made on the basis of a person’s name links to web pages, published by third parties and containing information relating to that person, also in a case where that name or information is not erased beforehand or simultaneously from those web pages, and even, as the case may be, when its publication in itself on those pages is lawful.

Article 12(b) and subparagraph (a) of the first paragraph of Article 14 of Directive 95/46 are to be interpreted as meaning that, when appraising the conditions for the application of those provisions, it should inter alia be examined whether the data subject has a right that the information in question relating to him personally should, at this point in time, no longer be linked to his name by a list of results displayed following a search made on the basis of his name, without it being necessary in order to find such a right that the inclusion of the information in question in that list causes prejudice to the data subject. As the data subject may, in the light of his fundamental rights under Articles 7 and 8 of the Charter, request that the information in question no longer be made available to the general public on account of its inclusion in such a list of results, those rights override, as a rule, not only the economic interest of the operator of the search engine but also the interest of the general public in having access to that information upon a search relating to the data subject’s name.

However, that would not be the case if it appeared, for particular reasons, such as the role played by the data subject in public life, that the interference with his fundamental rights is justified by the preponderant interest of the general public in having, on account of its inclusion in the list of results, access to the information in question.

We at Perry4Law and Perry4Law’s Techno Legal Base (PTLB) would analyse the legal implications of this decision in our subsequent post(s) at either this blog or other blogs of Perry4Law/PTLB.