The Centre for Internet and Society
http://editors.cis-india.org
These are the search results for the query, showing results 1 to 3.
The Constitutionality of Indian Surveillance Law: Public Emergency as a Condition Precedent for Intercepting Communications
http://editors.cis-india.org/internet-governance/blog/the-constitutionality-of-indian-surveillance-law
<b>Bedavyasa Mohanty analyses the nuances of interception of communications under the Indian Telegraph Act and the Indian Post Office Act. In this post he explores the historical bases of surveillance law in India and examines whether the administrative powers of intercepting communications are Constitutionally compatible.</b>
<h3>Introduction</h3>
<p style="text-align: justify; ">State authorised surveillance in India derives its basis from two colonial legislations; §26 of the Indian Post Office Act, 1898 and §5 of the Telegraph Act, 1885 (hereinafter the Act) provide for the interception of postal articles<a href="#_ftn1" name="_ftnref1">[1]</a> and messages transmitted via telegraph<a href="#_ftn2" name="_ftnref2">[2]</a> respectively. Both of these sections, which are analogous, provide that the powers laid down therein can only be invoked on the occurrence of a public emergency or in the interest of public safety. The task of issuing orders for interception of communications is vested in an officer authorised by the Central or the State government. This blog examines whether the preconditions set by the legislature for allowing interception act as adequate safeguards. The second part of the blog analyses the limits of discretionary power given to such authorised officers to intercept and detain communications.</p>
<p style="text-align: justify; ">Surveillance by law enforcement agencies constitutes a breach of a citizen’s Fundamental Rights of privacy and the Freedom of Speech and Expression. It must therefore be justified against compelling arguments against violations of civil rights. Right to privacy in India has long been considered too ‘broad and moralistic’<a href="#_ftn3" name="_ftnref3">[3]</a> to be defined judicially. The judiciary, though, has been careful enough to not assign an unbound interpretation to it. It has recognised that the breach of privacy has to be balanced against a compelling public interest <a href="#_ftn4" name="_ftnref4">[4]</a> and has to be decided on a careful examination of the facts of a certain case. In the same breath, Indian courts have also legitimised surveillance by the state as long as such surveillance is not illegal or unobtrusive and is within bounds <a href="#_ftn5" name="_ftnref5">[5]</a>. While determining what constitutes legal surveillance, courts have rejected “prior judicial scrutiny” as a mandatory requirement and have held that administrative safeguards are sufficient to legitimise an act of surveillance. <a href="#_ftn6" name="_ftnref6">[6]</a></p>
<h3>Conditions Precedent for Ordering Interception</h3>
<p style="text-align: justify; ">§§5(2) of the Telegraph Act and 26(2) of the Indian Post Office Act outline a two tiered test to be satisfied before the interception of telegraphs or postal articles. The first tier consists of sine qua nons in the form of an “occurrence of public emergency” or “in the interests of public safety.” The second set of requirements under the provisions is “the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of an offence.” While vesting the power of interception in administrative officials, the sections contemplate a legal fiction where a public emergency exists and it is in the interest of sovereignty, integrity, security of the state or for the maintenance of public order/ friendly relations with foreign states. The term “public emergency,” however, has not been clearly defined by the legislature or by the courts. It thus vests arbitrary powers in a delegated official to order the interception of communication violating one’s Fundamental Rights.</p>
<h3>Tracing the History of the Expression “Public Emergency”</h3>
<p style="text-align: justify; ">The origins of the laws governing interception can be traced back to English laws of the late 19th Century; specifically one that imposed a penalty on a postal officer who delayed or intercepted a postal article.<a href="#_ftn7" name="_ftnref7">[7]</a> This law guided the drafting of the Indian Telegraph Act in 1885 that legitimised interception of communications by the state. The expression “public emergency” appeared in the original Telegraph Act of 1885 and has been adopted in that form in all subsequent renderings of provisions relating to interception. Despite the contentious and vague nature of the expression, no consensus regarding its interpretation seems to have been arrived at. One of the first post-independence analyses of this provision was undertaken by the Law Commission in 1968. The 38th Law Commission in its report on the Indian Post Office Act, raised concerns about the constitutionality of the expression. The Law Commission was of the opinion that the term not having been defined in the constitution cannot serve as a reasonable ground for suspension of Fundamental Rights.<a href="#_ftn8" name="_ftnref8">[8]</a> It further urged that a state of public emergency must be of such a nature that it is not secretive and is apparent to a reasonable man.<a href="#_ftn9" name="_ftnref9">[9]</a> It thus challenged the operation of the act in its then current form where the determination of public emergency is the discretion of a delegated administrative official. The Commission, in conclusion, implored the legislature to amend the laws relating to interception to bring them in line with the Constitution. This led to the Telegraph (Amendment) Act of 1981. Questions regarding the true meaning of the expression and its potential misuse were brought up in both houses of the Parliament during passing of the amendment. The Law Ministry, however, did not issue any additional clarifications regarding the terms used in the Act. Instead, the Government claimed that the expressions used in the Act are “exactly those that are used in the Constitution.” <a href="#_ftn10" name="_ftnref10">[10]</a> It may be of interest to note here that the Constitution of India, neither uses nor defines the term “public emergency.” Naturally, it is not contemplated as a ground for reasonably restricting Fundamental Rights provided under Article 19(1). <a href="#_ftn11" name="_ftnref11">[11]</a> Similarly, concerns regarding the potential misuse of the powers were defended with the logically incompatible and factually inaccurate position that the law had not been misused in the past.<a href="#_ftn12" name="_ftnref12">[12]</a></p>
<h3>Locating “Public Emergency” within a Proclamation of Emergency under the Constitution (?)</h3>
<p style="text-align: justify; ">Public emergency in not equivalent to a proclamation of emergency under Article 352 of the Constitution simply because it was first used in legislations over six decades before the drafting of the Indian Constitution began. Besides, orders for interception of communications have also been passed when the state was not under a proclamation of emergency. Moreover, public emergency is not the only prerequisite prescribed under the Act. §5(2) states that an order for interception can be passed either on the occurrence of public emergency or in the interest of public safety. Therefore, the thresholds for the satisfaction of both have to be similar or comparable. If the threshold for the satisfaction of public emergency is understood to be as high as a proclamation of emergency then any order for interception can be passed easily under the guise of public safety. The public emergency condition will then be rendered redundant. Public emergency is therefore a condition that is separate from a proclamation of emergency.</p>
<p style="text-align: justify; ">In a similar vein the Supreme Court has also clarified<a href="#_ftn13" name="_ftnref13">[13]</a> that terms like “public emergency” and “any emergency,” when used as statutory prerequisites, refer to the occurrence of different kinds of events. These terms cannot be equated with one another merely on the basis of the commonality of one word.</p>
<p style="text-align: justify; ">The Supreme Court in Hukam Chand v. Union of India,<a href="#_ftn14" name="_ftnref14">[14]</a> correctly stated that the terms public emergency and public safety must “take colour from each other.” However, the court erred in defining public emergency as a situation that “raises problems concerning the interest of the public safety, the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or the prevention of incitement to the commission of an offence.” This cyclic definition does not lend any clarity to the interpretive murk surrounding the term. The Act envisages public emergency as a sine qua non that must exist prior to a determination that there is a threat to public order and sovereignty and integrity of the state. The court’s interpretation on the other hand would suggest that a state of public emergency can be said to exist only when public order, sovereignty and integrity of the state are already threatened. Therefore, while conditions precedent exist for the exercise of powers under §5(2) of the Act, there are no objective standards against which they are to be tested.</p>
<h3>Interpretation of Threshold Requirements</h3>
<p style="text-align: justify; ">A similar question arose before the House of Lords in Liversidge v. Anderson.<a href="#_ftn15" name="_ftnref15">[15]</a> The case examined the vires of an Act that vested an administrative authority with the conditional power to detain a person if there was reasonable cause to believe that the person was of hostile origin. Therein, Lord Atkin dissenting with the majority opinion stated in no unclear terms that power vested in the secretary of state was conditional and not absolute. When a conditional authority is vested in an administrative official but there aren’t any prescriptive guidelines for the determination of the preconditions, then the statute has the effect of vesting an absolute power in a delegated official. This view was also upheld by the Supreme Court in State of Madhya Pradesh v. Baldeo Prasad.<a href="#_ftn16" name="_ftnref16">[16]</a> The court was of the opinion that a statute must not only provide adequate safeguards for the protection of innocent citizens but also require the administrative authority to be satisfied as to the existence of the conditions precedent laid down in the statute before making an order. If the statute failed to do so in respect of any condition precedent then the law suffered from an infirmity and was liable to be struck down as invalid.<a href="#_ftn17" name="_ftnref17">[17]</a> The question of the existence of public emergency, therefore being left to the sole determination of an administrative official is an absolute and arbitrary power and is ultra vires the Constitution</p>
<p style="text-align: justify; ">Interestingly, in its original unamended form, §5 contained a provisio stating that a determination of public emergency was the sole authority of the secretary of state and such a finding could not be challenged before a court of law. It is this provision that the government repealed through the Telegraph (Amendment) Act of 1981 to bring it in line with Constitutional principles. The preceding discussion shows that the amendment did not have the effect of rectifying the law’s constitutional infirmities. Nonetheless, the original Telegraph Act and its subsequent amendment are vital for understanding the compatibility of surveillance standards with the Constitutional principles. The draconian provisio in the original act vesting absolute powers in an administrative official illustrates that the legislative intent behind the drafting of a 130 year law cannot be relied on in today’s context. Vague terms like public emergency that have been thoughtlessly adopted from a draconian law find no place in a state that seeks to guarantee to its citizens rights of free speech and expression.</p>
<h3>Conclusion</h3>
<p style="text-align: justify; ">Interception of communications under the Telegraph Act and the Indian Post office act violate not only one’s privacy but also one’s freedom of speech and expression. Besides, orders for the tapping of telephones violate not only the privacy of the individual in question but also that of the person he/she is communicating with. Considering the serious nature of this breach it is absolutely necessary that the powers enabling such interception are not only constitutionally authorised but also adequately safeguarded. The Fundamental Rights declared by Article 19(1) cannot be curtailed on any ground outside the relevant provisions of Cls. 2-6.<a href="#_ftn18" name="_ftnref18">[18]</a> The restrictive clauses in Cls. (2)-(6) of Article 19 are exhaustive and are to be strictly construed.<a href="#_ftn19" name="_ftnref19">[19]</a> Public emergency is not one of the conditions enumerated under Article 19 for curtailing fundamental freedoms. Moreover, it lacks adequate safeguards by vesting absolute discretionary power in a non-judicial administrative authority. Even if one were to ignore the massive potential for misuse of these powers, it is difficult to conceive that the interception provisions would stand a scrutiny of constitutionality.</p>
<p style="text-align: justify; ">Over the course of the last few years, India has been dangerously toeing the line that keeps it from turning into a totalitarian surveillance state. <a href="#_ftn20" name="_ftnref20">[20]</a> In 2011, India was the third most intrusive state<a href="#_ftn21" name="_ftnref21">[21]</a> with 1,699 requests for removal made to Google; in 2012 that number increased to 2529<a href="#_ftn22" name="_ftnref22">[22]</a>. The media is abuzz with reports about the Intelligence Bureau wanting Internet Service Providers to log all customer details <a href="#_ftn23" name="_ftnref23">[23]</a> and random citizens being videotaped by the Delhi Police for “looking suspicious.” It becomes essential under these circumstances to question where the state’s power ends and a citizens’ privacy begins. Most of the information regarding projects like the CMS and the CCTNS is murky and unconfirmed. But under the pretext of national security, government officials have refused to divulge any information regarding the kind of information included within these systems and whether any accountability measures exist. For instance, there have been conflicting opinions from various ministers regarding whether the internet would also be under the supervision of the CMS <a href="#_ftn24" name="_ftnref24">[24]</a>. Even more importantly, citizens are unaware of what rights and remedies are available to them in instances of violation of their privacy.</p>
<p style="text-align: justify; ">The intelligence agencies that have been tasked with handling information collected under these systems have not been created under any legislation and therefore not subject to any parliamentary oversight. Attempts like the Intelligence Services (Powers and Regulation) Bill, 2011 have been shelved and not revisited since their introduction. The intelligence agencies that have been created through executive orders enjoy vast and unbridled powers that make them accountable to no one<a href="#_ftn25" name="_ftnref25">[25]</a>. Before, vesting the Indian law enforcement agencies with sensitive information that can be so readily misused it is essential to ensure that a mechanism to check the use and misuse of that power exists. A three judge bench of the Supreme Court has recently decided to entertain a Public Interest Litigation aimed at subjecting the intelligence agencies to auditing by the Comptroller and Auditor General of India. But the PIL even if successful will still only manage to scratch the surface of all the wide and unbridled powers enjoyed by the Indian intelligence agencies. The question of the constitutionality of interception powers, however, has not been subjected to as much scrutiny as is necessary. Especially at a time when the government has been rumoured to have already obtained the capability for mass dragnet surveillance such a determination by the Indian courts cannot come soon enough.</p>
<div>
<hr />
<div id="ftn1">
<p style="text-align: justify; "><a href="#_ftnref1" name="_ftn1">[1]</a> Indian Post Office Act, 1898, § 26</p>
</div>
<div id="ftn2">
<p><a href="#_ftnref2" name="_ftn2">[2]</a> Indian Telegraph Act, 1885 § 5(2)</p>
</div>
<div id="ftn3">
<p><a href="#_ftnref3" name="_ftn3">[3]</a> PUCL v. Union of India, AIR 1997 SC 568</p>
</div>
<div id="ftn4">
<p><a href="#_ftnref4" name="_ftn4">[4]</a> Govind vs. State of Madhya Pradesh, (1975) 2 SCC 148</p>
</div>
<div id="ftn5">
<p><a href="#_ftnref5" name="_ftn5">[5]</a> Malak Singh vs. State Of Punjab & Haryana, AIR 1981 SC 760</p>
</div>
<div id="ftn6">
<p><a href="#_ftnref6" name="_ftn6">[6]</a> <i>Supra</i> note 3</p>
</div>
<div id="ftn7">
<p><a href="#_ftnref7" name="_ftn7">[7]</a> Law Commission, Indian Post Office Act, 1898 (38<sup>th</sup> Law Commission Report) para 84</p>
</div>
<div id="ftn8">
<p><a href="#_ftnref8" name="_ftn8">[8]</a> ibid</p>
</div>
<div id="ftn9">
<p><a href="#_ftnref9" name="_ftn9">[9]</a> id</p>
</div>
<div id="ftn10">
<p><a href="#_ftnref10" name="_ftn10">[10]</a> <i>Lok Sabha Debates</i> , Minister of Communications, Shri H.N. Bahuguna, August 9, 1972</p>
</div>
<div id="ftn11">
<p><a href="#_ftnref11" name="_ftn11">[11]</a> The Constitution of India, Article 358- Suspension of provisions of Article 19 during emergencies</p>
</div>
<div id="ftn12">
<p><a href="#_ftnref12" name="_ftn12">[12]</a> <i>Lok Sabha Debates</i> , Minister of Communications, Shri H.N. Bahuguna, August 9, 1972</p>
</div>
<div id="ftn13">
<p><a href="#_ftnref13" name="_ftn13">[13]</a> Hukam Chand v. Union of India, AIR 1976 SC 789</p>
</div>
<div id="ftn14">
<p><a href="#_ftnref14" name="_ftn14">[14]</a> ibid</p>
</div>
<div id="ftn15">
<p><a href="#_ftnref15" name="_ftn15">[15]</a> Liversidge v. Anderson [1942] A.C. 206</p>
</div>
<div id="ftn16">
<p><a href="#_ftnref16" name="_ftn16">[16]</a> State of M.P. v. Baldeo Prasad, AIR 1961 (SC) 293 (296)</p>
</div>
<div id="ftn17">
<p><a href="#_ftnref17" name="_ftn17">[17]</a> ibid</p>
</div>
<div id="ftn18">
<p><a href="#_ftnref18" name="_ftn18">[18]</a> Ghosh O.K. v. Joseph E.X. Air 1963 SC 812; 1963 Supp. (1) SCR 789</p>
</div>
<div id="ftn19">
<p><a href="#_ftnref19" name="_ftn19">[19]</a> Sakal Papers (P) Ltd. v. Union of India, AIR 1962 SC 305 (315); 1962 (3) SCR 842</p>
</div>
<div id="ftn20">
<p style="text-align: justify; "><a href="#_ftnref20" name="_ftn20">[20]</a> <i>See</i> Notable Observations- July to December 2012, Google Transparency Report, available at <a href="http://www.google.com/transparencyreport/removals/government/">http://www.google.com/transparencyreport/removals/government/</a> (last visited on July 2, 2014) (a 90% increase in Content removal requests by the Indian Government in the last year)</p>
</div>
<div id="ftn21">
<p style="text-align: justify; "><a href="#_ftnref21" name="_ftn21">[21]</a> Willis Wee, <i>Google Transparency Report: India Ranks as Third ‘Snoopiest’ Country</i>, July 6, 2011 available at <a href="http://www.techinasia.com/google-transparency-report-india/">http://www.techinasia.com/google-transparency-report-india/</a> (last visited on July 2, 2014)</p>
</div>
<div id="ftn22">
<p style="text-align: justify; "><a href="#_ftnref22" name="_ftn22">[22]</a> <i>See</i> Notable Observations- July to December 2012, Google Transparency Report, available at <a href="http://www.google.com/transparencyreport/removals/government/">http://www.google.com/transparencyreport/removals/government/</a> (last visited on July 2, 2014) (a 90% increase in Content removal requests by the Indian Government in the last year)</p>
</div>
<div id="ftn23">
<p style="text-align: justify; "><a href="#_ftnref23" name="_ftn23">[23]</a> Joji Thomas Philip, <i>Intelligence Bureau wants ISPs to log all customer details, </i>December 30, 2010 <a href="http://articles.economictimes.indiatimes.com/2010-12-30/news/27621627_1_online-privacy-internet-protocol-isps"> http://articles.economictimes.indiatimes.com/2010-12-30/news/27621627_1_online-privacy-internet-protocol-isps </a> (last visited on July 2, 2014)</p>
</div>
<div id="ftn24">
<p style="text-align: justify; "><a href="#_ftnref24" name="_ftn24">[24]</a> Deepa Kurup, <i>In the dark about ‘India’s Prism’</i> June 16, 2013 available at <a href="http://www.thehindu.com/sci-tech/technology/in-the-dark-about-indias-prism/article4817903.ece"> http://www.thehindu.com/sci-tech/technology/in-the-dark-about-indias-prism/article4817903.ece </a></p>
</div>
<div id="ftn25">
<p style="text-align: justify; "><a href="#_ftnref25" name="_ftn25">[25]</a> Saikat Dutta, We, The Eavesdropped May 3, 2010 available at <a href="http://www.outlookindia.com/article.aspx?265191">http://www.outlookindia.com/article.aspx?265191</a> (last visited on July 2, 2014)</p>
</div>
</div>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/the-constitutionality-of-indian-surveillance-law'>http://editors.cis-india.org/internet-governance/blog/the-constitutionality-of-indian-surveillance-law</a>
</p>
No publisherbedaavyasaPrivacyInternet GovernanceSurveillancesurveillance technologiesSecurityArticle 19(1)(a)2014-08-04T04:52:42ZBlog EntryModels for Surveillance and Interception of Communications Worldwide
http://editors.cis-india.org/internet-governance/blog/models-for-surveillance-and-interception-of-communications-worldwide
<b>This is an evaluation of laws and practices governing surveillance and interception of communications in 9 countries. The countries evaluated represent a diverse spectrum not only in terms of their global economic standing but also their intrusive surveillance capabilities. The analysis is limited to the procedural standards followed by these countries for authorising surveillance and provisions for resolving interception related disputes.</b>
<table class="grid" style="text-align: justify; ">
<thead></thead>
</table>
<table class="plain" style="text-align: justify; ">
<thead>
<tr>
<th>Sl. No.</th> <th>Country</th> <th>Legislation</th> <th>Model</th>
</tr>
</thead>
<tbody>
<tr>
<td>1.</td>
<td>Australia</td>
<td><b>Telecommunications (Interceptions and Access) Act, 1979</b><br />
<ul>
<li>Governs interception of communications</li>
<li>Relevant provisions: S. 3, 7, 6A, 34, 46</li>
</ul>
<b> Surveillance Devices Act, 2004 </b>
<ul>
<li>Establishes procedure for obtaining warrants and for use of surveillance devices</li>
<li>Relevant Provisions: S.13, 14</li>
</ul>
</td>
<td>
<ul>
<li> <span style="text-align: justify; ">Authorisation for surveillance is granted in the form of a warrant from a <b>Judge or a nominated member of the Administrative Appeals Tribunal</b></span></li>
<li><span style="text-align: justify; ">The warrant issuing authority must be satisfied that information obtained through interception shall assist in the investigation of a serious crime</span></li>
<li>The Acts provide a list of prescribed offences for which interception of communication may be authorized</li>
<li>T<span style="text-align: justify; ">he Acts also specify certain federal and state law enforcement agencies that may undertake surveillance</span></li>
</ul>
</td>
</tr>
<tr>
<td>2.</td>
<td>Brazil</td>
<td><b style="text-align: justify; ">Federal Law No. 9,296, 1996</b><span style="text-align: justify; ">:</span>
<ul>
<li>Regulates wiretapping</li>
</ul>
</td>
<td>
<ul>
<li> <span style="text-align: justify; ">Authorisation for interception is granted on a <b>Judge’s order</b> for a period of 15 days at a time</span></li>
<li>Interception is only allowed for investigations into serious offences like drug smuggling, corruption murder and kidnapping</li>
</ul>
</td>
</tr>
<tr>
<td>3.</td>
<td>Canada</td>
<td><b>Criminal Code, 1985</b>
<ul>
<li><span style="text-align: justify; ">Governs general rules of criminal procedure including search and seizure protocols</span></li>
<li>Relevant Provision: §§ 184.2, 184.4</li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Grants power to intercept communication by obtaining authorisation from a </span><b style="text-align: justify; ">provincial court judge or a judge of the superior court</b></li>
<li>Before granting his authorisation, the judge must be satisfied that either the originator of the communication or the recipient thereof has given his/her consent to the interception</li>
<li>Under exceptional circumstances, however, a police officer owing to the exigency of the situation may intercept communication without prior authorisation</li>
</ul>
</td>
</tr>
<tr>
<td>4.</td>
<td>France</td>
<td><b style="text-align: justify; "><i>Loi d'orientation et de programmation pour la performance de la sécurité intérieure</i></b><b style="text-align: justify; "> (LOPPSI 2), 2011</b><span style="text-align: justify; ">:</span>
<ul>
<li>Authorises use of video surveillance and interception of communications</li>
<li>Relevant Provisions: Article 36</li>
</ul>
<b><i>Loi de Programmation Militaire</i></b><b> (LPM), 2013</b>:
<ul>
<li>Authorises<b> </b>surveillance for protection of national security and prevention of terrorism</li>
</ul>
</td>
<td>
<ul>
<li> <span style="text-align: justify; ">Interception of comm<b>unication under LOPPSI 2 requires previous authorization from an investigating Judge after consultation with the Public Prosecutor</b></span></li>
<li><span style="text-align: justify; ">
<div style="text-align: left; ">Such authorization is granted for a period of 4 months which is further extendable by another 4 months</div>
</span></li>
<li><span style="text-align: justify; ">
<div style="text-align: left; "><span style="text-align: justify; ">
<div style="text-align: left; "><span style="text-align: justify; ">Interception of communication <b>under LPM does not require prior sanction from an investigating judge and is instead provided by the </b></span><span style="text-align: justify; "><b>Prime Minister’s office</b></span></div>
</span></div>
</span></li>
<li>Information that can be intercepted under LPM includes not only metadata but also content and geolocation services</li>
</ul>
</td>
</tr>
<tr>
<td>5.</td>
<td>Germany</td>
<td><span style="text-align: justify; "> </span><b style="text-align: justify; "><i>Gesetz zur Beschränkung des Brief-, Post und Fernmeldegeheimnisses </i>(G10 Act)<i>, </i>2001</b>
<ul>
<li>Imposes restrictions on the right to privacy and authorizes surveillance for protecting freedom and democratic order, preventing terrorism and illegal drug trade</li>
<li>Relevant Provisions: §3</li>
</ul>
<b>The German Code of Criminal Procedure (StPO), 2002</b><br />
<ul>
<li><span style="text-align: justify; ">Lays down search and seizure protocol and authorizes interception of telecommunications for criminal prosecutions</span></li>
<li>Relevant Provisions: §§ 97, 100a</li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Authorises </span><b style="text-align: justify; ">warrantless</b><span style="text-align: justify; "> surveillance by specific German agencies like the </span><i style="text-align: justify; ">Bundesnachrichtendienst </i><span style="text-align: justify; ">(Federal Intelligence Service)</span></li>
<li>Lays down procedure that must be followed while undertaking surveillance and intercepting communications</li>
<li><span style="text-align: justify; ">Authorises sharing of intercepted intelligence for criminal prosecutions</span></li>
<li><span style="text-align: justify; ">Mandates </span><i style="text-align: justify; ">ex post</i><span style="text-align: justify; "> notification to persons whose privacy has been violated but no judicial remedies are available to such persons</span></li>
<li>The Code of Criminal Procedure authorises interception of communication of a person suspected of being involved in a serious offence only on the <b>order of a court</b> upon <b>application by the public prosecution office</b></li>
</ul>
</td>
</tr>
<tr>
<td>6.</td>
<td>Pakistan</td>
<td><b>Pakistan Telecommunications Reorganisation Act, 1996:</b>
<ul>
<li>Controls the flow of false and fabricated information and protects national security</li>
<li>Relevant Provisions: § 54</li>
</ul>
<b>Investigation for Fair Trial Act, 2013:</b>
<ul>
<li>Regulates the powers of law enforcement and intelligence agencies regarding covert surveillance and interception of communications</li>
<li><span style="text-align: left; ">Relevant Provisions: §§ 6,7, 8, 9</span><span style="text-align: left; "> </span></li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Authorisation for interception is provided by the </span><b style="text-align: justify; ">federal government</b><span style="text-align: justify; ">. No formal legal structure to monitor surveillance exists</span></li>
<li>Interception can be authorized in the interest of national security and on the apprehension of any offence</li>
<li><span style="text-align: justify; ">Requests for filtering and blocking of content are routed through the Inter-Ministerial Committee for the Evaluation of Websites, a confidential regulatory body</span></li>
<li><span style="text-align: justify; ">Under the Fair Trial Act, interception can only be authorised on application to the </span><b style="text-align: justify; ">Fedral Minister for Interior</b><span style="text-align: justify; "> who shall then permit the application to be placed before a </span><b style="text-align: justify; ">High Court Judge</b></li>
<li>The warrant shall be issued by a judge only on his satisfaction that interception will aid in the collection of evidence and that a reasonable threat of the commission of a scheduled offence exists</li>
</ul>
</td>
</tr>
<tr>
<td>7.</td>
<td>South Africa</td>
<td><b style="text-align: justify; ">The Regulation of Interception of Communications and Provision of Communication-related Information Act, 2002</b>
<ul>
<li>Regulates and authorizes monitoring and interception of telecommunications services</li>
<li><span style="text-align: left; ">Relevant Provisions: §§ 16, 22</span></li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Warrant for intercepting communications and installing surveillance devices is granted by a </span><b style="text-align: justify; ">designated judge</b></li>
<li>The warrant is issued on satisfaction of the judge that the investigation relates to a serious offence or that the information gathering is vital to public health or safety, national security or compelling national economic interests</li>
</ul>
</td>
</tr>
<tr>
<td>8.</td>
<td>United Kingdom</td>
<td><b style="text-align: justify; ">Regulation of Investigatory Powers Act, 2000</b><span style="text-align: justify; ">:</span>
<ul>
<li>Authorises interception of communications and surveillance</li>
<li><span style="text-align: left; ">Relevant Provisions: §§ 5, 6, 65</span></li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Authorisation for interception is granted in the form of a warrant by the </span><b style="text-align: justify; ">Secretary of State </b><span style="text-align: justify; ">or in certain special cases by a </span><b style="text-align: justify; ">‘senior officer’</b></li>
<li>Communications can be intercepted only it is necessary to do so in the interest of national security or for the purpose of preventing and detecting serious crimes</li>
<li>Complaints of alleged illegal surveillance are heard by the Investigatory Powers Tribunal</li>
</ul>
</td>
</tr>
<tr>
<td>9.</td>
<td>United States</td>
<td><b style="text-align: justify; ">Electronic Communications Privacy Act, 1986 (Title III, Omnibus Crime Control and Safe Streets Act)</b>
<ul>
<li>Governs authorisation for wiretapping and interception</li>
<li><span style="text-align: left; ">Relevant Provisions: §18</span></li>
</ul>
</td>
<td>
<ul>
<li><span style="text-align: justify; ">Authorisation for interception can be granted by </span><b style="text-align: justify; ">a district court or federal appeals court</b><span style="text-align: justify; "> on application by a law enforcement officer duly signed by the attorney general</span></li>
<li>Application mandates obtaining the information through a service provider before invading upon individual’s privacy</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/models-for-surveillance-and-interception-of-communications-worldwide'>http://editors.cis-india.org/internet-governance/blog/models-for-surveillance-and-interception-of-communications-worldwide</a>
</p>
No publisherbedaavyasasurveillance technologiesInternet GovernanceSurveillance2014-07-10T07:50:08ZBlog EntryThe Surveillance Industry in India: At Least 76 Companies Aiding Our Watchers!
http://editors.cis-india.org/internet-governance/blog/the-surveillance-industry-in-india-at-least-76-companies-aiding-our-watchers
<b>Maria Xynou is conducting research on surveillance technology companies operating in India. So far, 76 companies have been detected which are currently producing and selling different types of surveillance technology. This post entails primary data on the first ever investigation of the surveillance industry in India. Check it out! </b>
<hr />
<p style="text-align: justify; ">This blog post has been <a class="external-link" href="http://www.medianama.com/2013/05/223-surveillance-industry-study-shows-at-least-76-companies-aiding-surveillance-in-india-cis-india/">cross-posted</a> in Medianama on May 8, 2013. <i>This research was undertaken as part of the 'SAFEGUARDS' project that CIS is undertaking with Privacy International and IDRC</i>.</p>
<hr />
<p style="text-align: justify; ">So yes, we live in an <a href="http://www.schneier.com/blog/archives/2013/03/our_internet_su.html">Internet Surveillance State</a>. And yes, we are constantly under the microscope. But how are law enforcement agencies even equipped with such advanced technology to surveille us in the first place?</p>
<p style="text-align: justify; "><span>Surveillance exists because certain companies produce and sell products and solutions which enable mass surveillance. Law enforcement agencies would not be capable of mining our data, of intercepting our communications and of tracking our every move if they did not have the technology to do so. Thus an investigation of the surveillance industry should be an integral part of research for any privacy advocate, which is why I started looking at surveillance technology companies. India is a very interesting case not only because it</span><a href="http://editors.cis-india.org/internet-governance/blog/report-on-the-first-privacy-round-table-meeting"> lacks privacy legislation </a><span>which could safeguard us from the use of intrusive technologies, but also because no thorough investigation of the surveillance industry in the country has been carried out to date.</span></p>
<p style="text-align: justify; "><span>The investigation of the Indian surveillance industry has only just begun and so far, 76 surveillance technology companies have been detected. No privacy legislation...and a large surveillance industry. What does this mean?</span></p>
<h2><b>A glimpse of the surveillance industry in India</b></h2>
<p style="text-align: justify; "><span>In light of the </span><a href="http://uidai.gov.in/">UID scheme</a><span>, the </span><a href="http://cybersecurityforindia.blogspot.in/2012/12/national-intelligence-grid-natgrid.html">National Intelligence Grid</a><span> (NATGRID), the </span><a href="http://ncrb.nic.in/cctns.htm">Crime and Criminal Tracking Network System</a><span> (CCTNS) and the </span><a href="http://editors.cis-india.org/internet-governance/blog/indias-big-brother-the-central-monitoring-system">Central Monitoring System</a><span> (CMS), who supplies law enforcement agencies the technology to surveille us?</span></p>
<p style="text-align: justify; "><span>In an attempt to answer this question and to uncover the surveillance industry in India, I randomly selected a sample of 100 companies which appeared to produce and sell surveillance technology. This sample consisted of companies producing technology ranging from internet and phone monitoring software to biometrics, CCTV cameras, GPS tracking and access control systems. The reason why these companies were randomly selected was to reduce the probability of research bias and out of the 100 companies initially selected, 76 of them turned out to sell surveillance technology. These companies vary in the types of surveillance technology they produce and it should be noted that most of them are not restricted to surveillance technologies, but also produce other non-surveillance technologies. Paradoxically enough, some of these companies </span><a href="http://www.infoserveindia.com/products/26/Internet-Monitoring-System.html">simultaneously produce internet monitoring software and encryption tools</a><span>! Thus it would probably not be fair to label companies as ´surveillance technology companies´ per se, but rather to acknowledge the fact that, among their various products, they also sell surveillance technologies to law enforcement agencies.</span></p>
<p style="text-align: justify; ">Companies selling surveillance technology in India are listed in <a href="http://editors.cis-india.org/internet-governance/blog/table-1.pdf" class="internal-link">Table 1</a>. Some of these companies are Indian, whilst others have international headquarters and offices in India. Not surprisingly, the majority of these companies are based in India's IT hub, Bangalore.</p>
<p style="text-align: justify; "><span><a href="http://editors.cis-india.org/internet-governance/blog/table-2.pdf" class="internal-link">Table 2</a> shows the types of surveillance technology produced and sold by these 76 companies.</span></p>
<p style="text-align: justify; ">The graph below is based on <a href="http://editors.cis-india.org/internet-governance/blog/table-2.pdf" class="internal-link">Table 2</a> and shows which types of surveillance are produced the most by the 76 companies.</p>
<table class="invisible">
<tbody>
<tr>
<th><img src="http://editors.cis-india.org/home-images/copy_of_Surveillancetechgraph.png" alt="Surveillance Graph" class="image-inline" title="Surveillance Graph" /></th>
</tr>
</tbody>
</table>
<p style="text-align: justify; ">Graph on types of surveillance sold to law enforcement agencies by 76 companies in India</p>
<p style="text-align: justify; "><span>Out of the 76 companies, the majority (32) sell surveillance cameras, whilst 31 companies sell biometric technology; this is not a surprise, given the </span><a href="http://www.economist.com/node/21542814">UID scheme</a><span> which is rapidly expanding across India. Only </span><a href="http://www.clear-trail.com/">one company</a><span> from the sample produces social network analysis software, but this is not to say that this type of technology is low in the Indian market, as this sample was randomly selected and many companies producing this type of software may have been excluded. Moreover, many companies (13) from the sample produce data mining and profiling technology, which could be used in social networking sites and which could have similar - if not the same - capabilities as social network analysis software. Such technology may potentially be aiding the </span><a href="http://editors.cis-india.org/internet-governance/blog/indias-big-brother-the-central-monitoring-system">Central Monitoring System (CMS)</a><span>, especially since the project would have to monitor and mine Big Data.</span></p>
<p style="text-align: justify; "><span>On countless occasions I have been told that surveillance is an issue which concerns the elite and which does not affect the poorer classes, especially since </span><a href="https://opennet.net/research/profiles/india">the majority of the population in India does not even have Internet access</a><span>. However, the data in the graph above falsifies this mainstream belief, as many companies operating in India produce and sell phone and SMS monitoring technology, while </span><a href="http://www.thehindu.com/news/national/half-of-indias-homes-have-cellphones-but-not-toilets/article2992061.ece">more than half the population owns mobile phones</a><span>. Seeing as companies, such as </span><a href="http://www.clear-trail.com/">ClearTrail Technologies</a><span> and </span><a href="http://www.shoghicom.com/">Shoghi Communications</a><span>, sell phone monitoring equipment to law enforcement agencies and more than half the population in India has mobile phones, it is probably safe to say that surveillance is an issue which affects everyone, not just the elite.</span></p>
<h2>Did you Know:</h2>
<table class="invisible">
<tbody>
<tr>
<th><img src="http://editors.cis-india.org/home-images/spywarepic.jpg" alt="Spyware" class="image-inline" title="Spyware" /></th>
</tr>
</tbody>
</table>
<p style="text-align: justify; "><span>CARLOS62 on flickr </span></p>
<ol>
<li>WSS Security Solutions Pvt. Ltd. is <a href="http://www.wssgroup.in/aboutus.html">north India´s first CCTV zone</a></li>
<li>Speck Systems Limited was <a href="http://www.specksystems.com/sub-links/Strengths/core-strengths-UAV.htm">the first Indian company to design, manufacture and fly a micro UAV indigenously</a></li>
<li>Mobile Spy India (Retina-X Studios) has the following <a href="http://www.mobilespy.co.in/">mobile spying features</a>: </li>
</ol>
<ul>
<li><i>SniperSpy</i>: remotely monitors smartphones and computers from any location</li>
</ul>
<ul>
<li><i>Mobile Spy: </i>monitors up to three phones and uploads SMS data to a server using GPRS without leaving traces</li>
</ul>
<p>4. Infoserve India Private Limited produces an<a href="http://www.infoserveindia.com/products/26/Internet-Monitoring-System.html"> Internet monitoring System</a> with the following features:</p>
<ul>
<li>Intelligence gathering for an entire state or a region</li>
<li>Builds a chain of suspects from a single start point</li>
<li>Data loss of less than 2%</li>
<li>2nd Generation Interception System</li>
<li>Advanced link analysis and pattern matching algorithms</li>
<li>Completely Automated System</li>
<li>Data Processing of up to 10 G/s</li>
<li>Automated alerts on the capture of suspicious data (usually based on keywords)</li>
</ul>
<p>5. ClearTrail Technologies<b> </b>deploys <a href="https://www.documentcloud.org/documents/409231-111-cleartrail.html#document/p3/a68269">spyware into a target´s machine</a><br />6. Spy Impex<b> </b>sells <a href="http://www.tradedir.in/s/coca-cola-tin-camera">Coca Cola Tin Cameras</a>!<br />7. Nice Deal<b> </b>also sells Coca Cola Spy Cameras, as well as Spy Pen Cameras, Wrist Watch Cameras and <a href="http://www.indiamart.com/nicedeal/spy-hidden-cameras.html">Lighter Video Cameras</a> to name a few...<br />8. Raviraj Technologies<b> </b>is an Indian company which supplies <a href="http://www.ravirajtech.com/index.html">RFID and biometric technology</a> to multiple countries all around the world... Countries served by Raviraj Technologies include non-democracies, such as Zimbabwe and Saudi Arabia...as well as post-revolutionary countries, such as Egypt and Tunisia... Why is this concerning?</p>
<ul>
<li style="text-align: justify; ">Non-democracies lack adequate privacy and human rights safeguards and by supplying such regimes with biometric and tracking technology, the probability is that this will lead to further <a href="http://www.rogerclarke.com/DV/Biometrics.html">oppression</a> within these countries </li>
</ul>
<ul>
<li style="text-align: justify; ">Egypt and Tunisia had elections to transit to democracy and by providing them biometric technology, this could lead to further oppression and stifle efforts to increase human rights safeguards</li>
</ul>
<h2><b>“I´m not a terrorist, I have nothing to hide!”</b></h2>
<table class="invisible">
<tbody>
<tr>
<th><img src="http://editors.cis-india.org/home-images/surveillancetechpic.jpg" alt="Surveillance Tec" class="image-inline" title="Surveillance Tec" /></th>
</tr>
</tbody>
</table>
<p><span> </span><a href="http://www.flickr.com/photos/r1chard/">r1chardm</a> on flickr</p>
<p style="text-align: justify; ">It´s not a secret: Everyone knows we are being surveilled, more or less. Everyone is aware of the CCTV cameras (luckily there are public notices to warn us...for now). Most people are aware that the data they upload on Facebook is probably surveilled...one way or the other. Most people are aware that mobile phones can potentially be wiretapped or intercepted. Yet, that does not prevent us from using our smartphones and from disclosing our most intimate secrets to our friends, from uploading hundreds of photos on Facebook and on other social networking sites, or from generally disclosing our personal data on the Internet. The most mainstream argument in regards to surveillance and the disclosure of personal data today appears to be the following:</p>
<blockquote class="italized"><i>“I´m not a terrorist, I have nothing to hide!”</i></blockquote>
<p style="text-align: justify; "><span>Indeed. You may not be a terrorist...and you may </span><i>think </i><span>you have nothing to hide. But in a surveillance state, to what extent does it really matter if you are a terrorist? And how do we even define ´risky´ and ´non-risky´ information?</span></p>
<p style="text-align: justify; "><span>Last year at the </span><a href="http://lcaunderthestars.org.au/programme/schedule">linux.conf.au</a><span>, </span><a href="http://www.youtube.com/watch?v=GMN2360LM_U">Jacob Appelbaum</a><span> stated that in a surveillance state, everyone can potentially be a suspect. The argument “I´m not a terrorist, I have nothing to hide” is merely a psychological coping mechanism when dealing with surveillance and expresses a lack of agency. </span><a href="http://www.schneier.com/essay-155.html">Bruce Schneier</a><span> has argued that the psychology of security does not necessarily reflect the reality of security. In other words, we may feel or think that our data is secure because we consider it to ential ´non-risky´ information, but the reality of security may indicate that our data may entail ´risky information´ depending on who is looking at it, when, how and why. I disagree with the distinction between ´risky´ and ´non-risky´ information, as any data can potentially be ´risky´ depending on the circumstances of its access.</span></p>
<p style="text-align: justify; "><span>That being said, we do not necessarily need to disclose nude photos or be involved in some criminal organization in order to be tracked. In a surveillance society, </span><a href="http://www.schneier.com/blog/archives/2013/03/our_internet_su.html">we are all potentially suspects</a><span>. The mining and profiling of our data may lead to us somehow being linked to someone who, for whatever reason, is a suspect (regardless of whether that person has committed an actual offence) and thus may ultimately end us up being suspects. Perhaps one of our interests (as displayed in our data), our publicly expressed ideas or even our browsing habits may fall under ´suspicious activity´. It´s not really an issue of whether we are involved in a criminal organisation per se or if we are disclosing so-called </span><a href="http://www.computerworld.com/s/article/9176265/Half_of_social_networkers_post_risky_information_study_finds_">´risky information´</a><span>. As long as our data is being surveilled, we are all suspects, which means that </span><a href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2239412">we can all potentially be arrested, interrogated and maybe even tortured</a><span>, just like any other criminal suspect.</span></p>
<p style="text-align: justify; "><span>But what fuels a surveillance society? How can law enforcement agencies mine such huge volumes of data? Many companies, such as the 76 listed in this research, equip law enforcement agencies with the technology to monitor the Internet and our phones, to deploy malware to our computers, to mine and profile our data on social networking sites and to track our vehicles and movement. A main reason why we currently live in a Surveillance State is because the surveillance industry is blooming and currently equipping law enforcement agencies with the technology to watch our every move. Thus companies producing and selling surveillance technologies play an essential role in maintaining the surveillance state and should be accountable for the implications their products have on individuals´ right to privacy and other human rights.</span></p>
<p style="text-align: justify; "><span>Surveillance technologies, however, are not the only factor which fuels a surveillance state. Companies produce technologies based on the market´s demand and without it, the surveillance industry would not exist. The </span><a href="http://www.sourcesecurity.com/news/articles/co-1753-ga.4047.html">market appears to demand for surveillance technologies</a><span> because a pre-existing </span><a href="http://www.abc.net.au/tv/bigideas/stories/2012/04/16/3476847.htm">surveillance culture</a><span> has been established which in turn may or may not have been created by political interests of public control. Nonetheless, surveillance appears to be socially integrated. The fact that some of the most profitable businesses in the world, such as </span><a href="http://money.cnn.com/magazines/fortune/global500/2012/snapshots/284.html">3M</a><span>, produce and sell surveillance technologies, as well as the fact that, in most countries in the world, it is considered socially prestigious to work in such a company is minimum proof that </span><a href="http://www.sscqueens.org/davidlyon/">surveillance is being socially integrated</a><span>. In other words, companies should be accountable in regards to the technologies they produce and who they sell them to, but we should also take into consideration that the only reason why these companies exist to begin with is because there is a demand for them.</span></p>
<p style="text-align: justify; "><span>By not opposing to repressive surveillance laws, to the CCTV cameras in every corner, to surveillance schemes -such as </span><a href="http://cybersecurityforindia.blogspot.in/2012/12/national-intelligence-grid-natgrid.html">NATGRID </a><span>and the </span><a href="http://editors.cis-india.org/internet-governance/blog/indias-big-brother-the-central-monitoring-system">CMS</a><span> in India- or by handing over our data, </span><a href="http://www.schneier.com/essay-167.html"><i>we </i></a><a href="http://www.schneier.com/essay-167.html">are fuelling the surveillance state</a><span>. Unlike Orwell's totalitarian state described in 1984, surveillance today does not appear to be imposed in a top-down manner, but rather it appears to be a product of both the Information Revolution </span><i>and </i><span>of our illusionary sense of control over our personal data. Our ´apathy´ enables surveillance laws to be enacted and companies to produce the technology which will aid law enforcement agencies in putting us all under the microscope. As easy as it would be to blame companies for producing surveillance technologies, the reality of surveillance appears to be much more complicated than that, especially if surveillance is socially integrated.</span></p>
<p style="text-align: justify; "><span>Yet, the reality in India is that at least 76 companies are producing and selling surveillance technologies and equipping law enforcement agencies with them. This is extremely concerning because </span><a href="http://editors.cis-india.org/internet-governance/blog/report-on-the-first-privacy-round-table-meeting">India lacks privacy legislation </a><span>which could safeguard individuals from potential abuse. The fact that India has not enacted a privacy law ultimately means that individuals are not informed when their data is collected, who has access to it, whether it is being processed, shared, disclosed and/or retained. Furthermore, the absence of privacy legislation in India also means that law enforcement agencies are not held liable and this has an impact on accountability and transparency, as it is not possible to determine whether surveillance is effective or not. In other words, there are currently absolutely no safeguards for the individual in India and simultaneously, the rapidly expanding surveillance industry poses major threats to human rights.</span></p>
<p style="text-align: justify; "><span>Not only does India urgently need privacy legislation to be enacted to safeguard citizens from potential abuse, but the use of all surveillance technologies should be strictly regulated now. As previously mentioned, some companies, such as </span><a href="http://www.ravirajtech.com/index.html">Raviraj Technologies</a><span>, are exporting biometric technology to non-democratic countries and to fragile states transitioning to democracy. This should be prevented, as equipping a country - which lacks adequate safeguards for its citizens - with the technology to ultimately control its citizens can potentially have severe effects on human rights within the country. Thus </span><a href="https://www.privacyinternational.org/reports/our-response-to-eu-consultation-on-legality-of-exporting-surveillance-and-censorship-3">export controls</a><span> are necessary to prevent the expansion of surveillance technologies to countries which lack legal safeguards for their citizens. This also means that there should be some restrictions to international companies selling surveillance technologies from creating offices in India, since the country currently lacks privacy legislation.</span></p>
<p style="text-align: justify; "><span>Surveillance technologies can potentially have very severe effects, such as innocent people being arrested, interrogated, tortured...and maybe even </span><a href="http://edition.cnn.com/2013/03/15/world/asia/u-n-drone-objections">murdered</a><span> in some states. Should they be treated as weapons? Should the same export restrictions that apply to arms apply to surveillance technologies? Sure, the threat posed by surveillance technologies appears to be indirect. But don't indirect threats usually have worse outcomes in the long run? We may not be terrorists and we may have nothing to hide...but we have no privacy safeguards and a massively expanding surveillance industry in India. We are exposed to danger...to say the least.</span></p>
<p>
For more details visit <a href='http://editors.cis-india.org/internet-governance/blog/the-surveillance-industry-in-india-at-least-76-companies-aiding-our-watchers'>http://editors.cis-india.org/internet-governance/blog/the-surveillance-industry-in-india-at-least-76-companies-aiding-our-watchers</a>
</p>
No publishermariasurveillance technologiesInternet GovernanceSAFEGUARDS2013-07-12T11:59:10ZBlog Entry