Facebook-owned messaging platform WhatsApp reportedly said that journalists and activists in India were targets of surveillance that used an Israeli spyware called ‘Pegasus’. WhatsApp filed a lawsuit against Israeli tech firm NSO group and Q Cyber Technologies in US federal court on Tuesday alleging that 1400 users worldwide fell prey to a massive privacy breach. It said the attack was developed to access messages after they were decrypted on an infected device.
At least, two dozen lawyers, academics, dalit activists and journalists have been targets of surveillance in India. 10 activists confirmed receiving alerts from the Facebook-owned chatting app contacting them that their phones had been under state-of-the-art surveillance for two weeks in May 2019, including human rights activist Bela Bhatia and Nihal Singh Rathod - a lawyer involved in the Bhima Koregaon case. However, there has been no physical evidence or screenshots found to substantiate the same.
NSO group is an Israeli firm focused on cyber intelligence that specializes in surveillance technology. It was founded in 2010 by Niv Carmi, Omri Lavie and Shalev Hulio. It had earlier been learnt that the company sells its services to governments across the world. The NSO Group, in a statement said: “In the strongest possible terms, we dispute today’s allegations and will vigorously fight them. Our technology is not designed or licensed for use against human rights activists and journalists.”
The messaging app that has accused NSO of snooping and privacy breach had in 2017 officially confirmed that there are no backdoors to intercept encrypted WhatsApp chats. Also, WhatsApp never stored chats on its servers, even prior to introducing E2E encryption. Only undelivered messages were earlier saved on WhatsApp servers but were automatically deleted after 30 days.
Expressing concerns over people’s right to privacy, the central government swung in immediate action, asking the app to respond by November 4. “We have asked WhatsApp to explain the breach and what it is doing to safeguard privacy of millions of Indians. The government is committed to protecting the privacy of all Indians." said Ravi Shankar Prasad, Union IT Minister
“Government agencies have a well-established protocol for interception, which includes sanction and supervision from highly ranked officials of Central and state governments, for clearly stated reasons in national interest” he added.
While congress criticized the Modi government of violating Right to Privacy and setting up a multi-crore surveillance structure, Prasad hit back reminding them about the bugging instance in the office of the then Finance Minister Pranab Mukherjee during the UPA regime, as well as, spying over the then Army Chief Gen. VK Singh as breach of privacy of highly reputed individuals.
The Telegraph Act:
The Indian Telegraph Act 1883 gives the government of India jurisdiction for establishing, maintaining, operating, licensing and oversight all forms of wired and wireless communications within Indian Territory. It authorizes government law enforcement agencies to monitor and intercept all telegraphic, telephonic, radio and digital communications and tap phone lines under conditions defined within the Indian Constitution. Numerous amendments have been passed to update the act to respond to changes in technology.
In 2017, the ministry of Home Affairs stated that government is aware of Internet becoming a source of terrorist propaganda and recruitment. Section 69 of the Information Technology Act, 2000 provide for the powers of lawful monitoring and interception of communication for reasons such as “public emergency” or “in the interest of the public safety” or in case of any terror related information found. The intelligence and national security agencies will have legal power over technology tools.
Interception was used during the UPA government to vigil the wiretaps of former corporate lobbyist Niira Radia, which local media reports say were done by the income tax department for two-four month stints in 2008 and 2009, during which they logged 5,851 calls. The material helped probe the irregular allocation of mobile phone spectrum to several Indian telecom firms. And investigate into possible money laundering, restricted financial practices and tax evasion. The telephone calls also demonstrated how Radia attempted to use some journalists to influence the decision to appoint A. Raja as telecom minister.
Indian Intelligence has earlier used surveillance to convict Maoist rebel groups involved in subversive terror activities. In 2010, recorded conversations between members of Maoist Frontal Group and People’s Committee against Police Atrocities (PCAPA) confirmed their involvement in a rail crash that killed 146 people in Maharashtra. The Maharashtra-bound Gyaneshwari Super Deluxe Express was subsequently struck by a goods train.
Further the surveillance system was expanded in 2011, with the introduction of Central Monitoring System (CMS) under the Manmohan Singh Government.
WhatsApp is the world’s most popular messaging app used by 1.5 billion users worldwide, with 400 million users in India. While the state is held responsible after a terror attack for not safeguarding its citizens, if the move has been taken to pre-empt a terror attack for national security, it is not to be concluded till the allegations are proved.