When the Indian government announced it would start a Centralized Monitoring System in 2009 to monitor telecommunications in the country, the public seemed unconcerned. When the government announced that the system, also known as C.M.S., commenced in April, the news didn’t receive much attention. After a person at the Centre for Internet and Society wrote about the program and it was lambasted by Human Rights Watch, more reporters started covering it as a privacy issue. But it was ultimately the revelations by Edward J. Snowden about American surveillance that prompted Indians to ask questions about its own government’s surveillance programs.
In India, we have an unusual blend of incredible measures of straightforwardness and almost no responsibility with regards to surveillance and intelligence agencies. Numerous senior authorities are glad to secretly brief reporters about the condition of surveillance, however there is almost nothing that is formally made public, and still less is discussed in the national press and in Parliament.
The absence of accountability has meant that the government has since 2006 been working on the C.M.S., which costs around 8 billion rupees ($132 million) — more than four times the initial estimate of 1.7. Under their licensing terms, all Internet service providers and telecom providers are required to provide the government direct access to all communications passing through them. However, this currently happens in a decentralized fashion, and the government in most cases has to ask the telecoms for metadata, like call detail records, visited Web sites, IP address assignments, or to carry out the interception and provide the recordings to the government.
The tools which the Indian government currently employs for surveillance are as follows:
1.) CMS – The CMS gives India’s security agencies and income tax officials centralized access to India’s telecommunications network and the ability to listen in on and record mobile, landline and satellite calls and voice over Internet Protocol (VoIP), and read private emails, SMS and MMS, geolocate people using Mobile phone tracking, all in real time. It can also monitor posts on social media and Google searches, without any parliamentary or judicial oversight. There was not even any parliamentary talk before this was implemented
2.) DRDO NETRA – NETRA can analyse voice traffic passing through software such as Skype, and intercept messages with keywords such as ‘attack’, ‘bomb’, ‘blast’ or ‘kill’ in real-time from the enormous number of tweets, status updates, emails, instant messaging transcripts, internet calls, blogs, forums and even images generated on the internet to obtain the desired intelligence.
3.) NATGRID – Each individual’s data ranging from land records, internet logs, air and rail PNR, phone records, gun records, driving license, property records, insurance, and income tax records would be available in real time and with no oversight. Data from UIDAI is a part of NATGRID.
4.) LIM – LIM systems are used by the Indian Government to intercept records of voice, SMSs, GPRS data, details of a subscriber’s application and recharge history and call detail record (CDR) and monitor Internet traffic, emails, web-browsing, Skype and any other Internet activity of Indian users. Mobile operators deploy their own LIM system which allows the government to intercept calls. These surveillance systems are under complete control of the government, and their functioning is secretive and unknown to the ISPs.
5.) UIDAI – Collects the biometric (2 iris scans, all 10 fingerprints) and demographic data of residents, store them in a centralized database, and issue a 12-digit unique identity number called Aadhaar to each resident.
6.) Encryption beyond 40 bits is illegal. Banks are exempt from this and can utilize 256 bit encryption. There may be plans to increase encryption allowed to 128 bits. Whatsapp was nearly banned due to the end to end encryption. In the end, there were no laws set in place for Over The Top services.
7.) BOUNDLESS INFORMANT – India is among the countries subjected to extreme NSA surveillance, more than Afghanistan, China, Russia and US.
8.) ITA-2000 – The Indian parliament passed the Information Technology Act of 2008 with no debate, giving the government fiat power to tap all communications without a court order or a warrant.
Section 69 empowers the Central Government/State Government/ its authorized agency to intercept, monitor or decrypt any information generated, transmitted, received or stored in any computer resource. Failure to comply by can result in 7 year imprisonment.
Section 66A has been used to arrest cartoonists depicting corruption, people sharing cartoons depicting politicians via email, tweeting about corruption and nepotism, positing and liking the said post on Facebook insulting politicians.
This systemic mass invasion of privacy will diminish citizens’ autonomy of decision making: the choice of what to make public or keep private will no longer be theirs. In a high-octane, emotionally charged democracy like India, the fear of backlash will stop individuals from expressing disagreement with the government; they will increasingly self-censor their speech and interactions. Subjecting citizens to greater scrutiny and control will tilt the already imbalanced dynamics between the administration and the citizens, leading to erosion of democracy.