Photo: Mint
Photo: Mint

‘Empowered’ by law to monitor, decrypt digital information, says govt

  • Minister of state for home affairs G. Kishen Reddy says only authorized agencies are allowed to intercept digital data
  • This comes weeks after WhatsApp sued NSO Group for helping govt spies break into phones of 1,400 users

The Union home ministry on Tuesday informed the Lok Sabha that it was “empowered" to intercept, monitor and decrypt digital information within the ambit of the law. The development comes weeks after messaging platform WhatsApp said it had sued Israel’s NSO Group for the use of its Pegasus spyware for targeted surveillance of individuals in 20 countries.

Even though the ministry did not directly allude to episodes of surveillance over digital platforms it had ramped up its surveillance mechanism last year. It has also sought a status report from WhatsApp on the breach of privacy event.

“Section 69 of the Information Technology Act, 2000, empowers the central government or a state government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted, any information generated, transmitted, received or stored in any computer resource in the interest of the sovereignty or integrity of India," minister of state for home affairs G. Kishen Reddy told the Lower House. “Section 5 of the Indian Telegraph Act, 1885, empowers lawful interception of messages on occurrence of public emergency or in the interest of public safety. This power of interception is to be exercised as per provisions of law," he added.

Last December, the home ministry had issued a blanket order allowing 10 government agencies to monitor and decrypt any information stored in any computer on grounds of internal security, with the primary intent of monitoring the exchange of information and material between individuals and banned or militant groups.

Reddy added that each case of surveillance was “approved by the Union Home Secretary and the state Home Secretary of the State concerned", with the task of interception, monitoring or decryption of any information being done “only by the authorized agencies as per the due process of law, and subject to safeguards as provided in the rules and standard operating procedure".

The messaging platform sued the NSO Group, accusing it of helping government spies break into the phones of roughly 1,400 users across four continents in a hacking spree whose targets included diplomats, political dissidents, journalists and senior government officials. As part of this security breach at least two dozen Indian journalists, activists, lawyers and academics were targeted.

According to Reddy, the Centre has not given a blanket permission to any agency for interception or monitoring or decryption of digital information. For each case, permission will be required either by a panel chaired by the Union cabinet secretary or the chief secretary of a state, as per due process of law and rules.

The Centre has currently authorized the Intelligence Bureau, Narcotics Control Bureau, Enforcement Directorate, Central Board of Direct Taxes, Directorate of Revenue Intelligence, Central Bureau of Investigation, National Investigation Agency, Cabinet Secretariat (R&AW), Directorate of Signal Intelligence and the Commissioner of Police, Delhi, for surveillance.