The use of FinFisher is just a small step in this wrong direction. Similarly, the efforts on the part of countries like Japan to block Tor are just another reflection of this e-surveillance attitude. All these efforts are going to increase in future and we need to ensure civil liberties protection in cyberspace.
In the Indian context, there is a gross violation of civil liberties in cyberspace. Illegal and unconstitutional projects like Aadhaar, central monitoring system, etc have been launched by Indian government without any legal framework and in active violation of civil liberties in India. The civil liberties and national security requirements must be reconciled by India and giving too much importance to e-surveillance is a bad policy decision.
Some public spirited initiatives have been launched in this regard in India. For instance, the efforts named StopICMS, Know ICMS, etc are trying to spread awareness about civil liberties protection in Indian cyberspace. However, the Indian central monitoring system project needs PMO intervention so that its illegality and unconstitutionality can be judged at the highest level. Further, by this scrutiny even the PMO cannot subsequently take a stand that it was not aware of the illegal projects like Aadhaar and CMS as is happening mostly these days.
Indian government is also adopting double standards while dealing with privacy rights and data protection. The standing committee on home affairs has recommended safeguards for phone tapping of politicians. There was no mention about rights of common man and the need to formulate a constitutionally sound lawful interception law in India.
There are open and blatant unconstitutional and illegal biometrics collection practices in India. Some areas that require special attention of PMO in general and Indian Parliament in particular are human rights protection in cyberspace, e-surveillance in India, cell site location based e-surveillance, cell site data location laws in India, lawful interception laws in India, etc.
We need to formulate dedicated laws like privacy laws, data protection laws, data security laws and cyber security laws in India. Further, the cyber law of India must be repealed as it carries many unconstitutional provisions.
However, what if Indian government and parliament fails to perform its constitutional duties and Indian judiciary fails to take note of these anti constitutional activities happening in India? You can safely exercise self defense in Indian cyberspace as human rights protection in cyberspace is our birth right. When rights are outlawed only outlaws would have the rights and this is exactly what is going to happen in India when projects like Aadhaar and CMS are actually implemented in a full fledged manner.
I am really grateful for the makers of Tor software, PGPfone, GnuPG, Hushmail, Enigmail, etc. The Silent Circle is a good commercial alternative for the abovementioned encryption facilitating products.
It is only a matter of time when the masses of India would start using self defence mechanisms to protect their civil liberties. It is in the larger national interest of India to formulate suitable policies and laws so that civil liberties and law enforcement requirements can be reconciled.