The recent exposure of United States e-surveillance exercises through PRISM project by National Investigation Agency (NSA) is now well known and globally protested. India has not only expressed its concerns regarding e-surveillance exercises by U.S. agencies but has also demanded information about the data and information of Indians accessed during such project that has resulted in violation of their civil liberties.
This reaction is natural as James Clapper, director of NSA, has confirmed that NSA has been targeting foreign citizens for surveillance and this includes Indian citizens as well. Speculations about use of Utah data centre for e-surveillance purposes have also been raised but NSA has denied the same in the past. Further, national security letters (NSLs) are openly used by FBI to gather warrant less information.
The command and control servers of malware and e-surveillance tool FinFisher have also been found in 36 countries including India. Cyber espionage tools like Stuxnet, Duqu, Flame, etc are already used widely by national governments. In the absence of internationally acceptable cyber law and cyber security treaties, there is no uniform application of international law to tackle cyber terrorism and cyber warfare. Even Tallinn manual is not applicable to international cyber warfare attacks and defence.
Meanwhile, India has launched its own version of PRISM in the form of Central Monitoring System (CMS) that is extremely dangerous in nature. India has also announced initiatives like national critical information infrastructure protection centre (NCIPC), national cyber coordination centre (NCCC), national intelligence grid (Natgrid), etc. None of these projects are governed by any regulatory framework and parliamentary oversight.
Further, in the absence of privacy laws and constitutional lawful interceptions laws in India, the CMS is even worst than the PRISM project of NSA. Nevertheless no sovereign government would allow other government to do e-surveillance and eavesdropping upon its citizens, at least not openly.
Civil liberties protection in cyberspace is a very difficult process. This is the reason that even the United Nation has taken decades to raise protest against e-surveillance. So we have governments that are well committed to indulge in e-surveillance, we have inadequate or no laws to protect privacy and we have no international organisation to support civil liberties protection in cyberspace.
So what is the alternative left to us to protect our civil liberties in cyberspace? We believe that self defence in cyberspace is the only viable option left to those who wish to exercise their civil liberties in cyberspace. Technology can assist us in achieving this task.
We can use disposable e-mails to avoid e-mail surveillance, safeguards like TOR against illegal Internet eavesdropping and sniffing, use TOR for instant messaging (IM) and mobile phones for private and secure conversations, for Blackberry users and those believing in a good combination of privacy and security, use Pretty Good Privacy (PGP) along with any good smart phone, use Enigmail for encrypted e-mails, use VPNs and reliable proxies, use open source browsers like Firefox with addons, use secured connections while communicating online, use of search engines like Startpage or DuckDuckGo, etc.
There are many more options available here that can be availed of by civil liberty activists around the world. We hope these tools and resources would help Indian citizens to reclaim their privacy and civil liberties in Indian cyberspace.