The Indian government should enact clear laws to ensure that increased surveillance of phones and the Internet does not undermine rights to privacy and free expression, Human Rights Watch said today.
In April 2013, the Indian government began rolling out the Central Monitoring System (CMS), which will enable the government to monitor all phone and Internet communications in the country.
The CMS will provide centralized access to the country's telecommunications network and facilitate direct monitoring of phone calls, text messages, and Internet use by government agencies, bypassing service providers.
"The Indian government's centralized monitoring is chilling, given its reckless and irresponsible use of the sedition and Internet laws," said Cynthia Wong, senior Internet researcher at Human Rights Watch.
"New surveillance capabilities have been used around the world to target critics, journalists, and human rights activists," Wong added.
Two laws address interception or access to communication data. The Information Technology (Amendment) Act, 2008, allows the government to "intercept, monitor, or decrypt" any information "generated, transmitted, received, or stored in any computer resource" in the interest of "sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States, or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence."
The colonial Indian Telegraph Act, 1885, also allows wire-tapping in conformity with guidelines that are supposed to act as a check on indiscriminate interception by the law enforcement agencies.
An expert group chaired by retired Justice A.P. Shah was created by the Planning Commission to set out principles for an Indian privacy law. In its report in October 2012, it concluded that the two laws were inconsistent on the "permitted grounds for surveillance, the type of interception that is permitted to be undertaken (monitoring, tracking, intercepting etc.), the type and granularity of information that can be intercepted, the degree of assistance that authorized agencies can demand from service providers, and the destruction and retention requirements of intercepted material." These differences, it concluded, "have created an unclear regulatory regime that is nontransparent, prone to misuse, and that does not provide remedy for aggrieved individuals."
Because the CMS was created without parliamentary approval, the government should convene a full public debate about the intended use of the system before proceeding, Human Rights Watch said.
The right to privacy is guaranteed under the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights, to which India is a state party. Article 17 of the covenant provides that, "(1) no one shall be subjected to arbitrary or unlawful interference with his privacy, family, home, or correspondence, nor to unlawful attacks on his honour and reputation; (2) everyone has the right to the protection of the law against such interference or attacks."
Indian activists have raised concerns that the CMS will inhibit them from expressing their opinions and sharing information. India has a poor record of protecting free expression on the Internet.
"The authorities should amend the existing Information Technology Act and rules to protect free speech and expression, and be fully transparent about any surveillance system that might chill people's willingness to share opinions and information," Wong said.