Beware, You’re Being Watched!

The Netflix show You has made its way to one of the most talked-about television shows on social media. It revolves around the creepy but hot stalker who spies on women using telescopes and by physically following them. If you think this merely happens in fiction, wait till the end of this article. Before we begin, this article isn’t about a particular political party acting as the villain, though all of them may be considered so.

With the increased use of technology by criminals, government surveillance is inevitable. In almost every nation, a certain proportion of the population is under the scanner of intelligence agencies. However, the potential mass-scale tracking of the data of all citizens has sparked a grave debate.

India’s surveillance systems have access to 100% of all internet activity, with broad surveillance capability based on IP, email addresses, URLs, HTTP, Telenet, or webmail, and even through abroad and blind searches across all traffic in the internet pipe using keywords and key-phrases.

The Central Monitoring System (CMS), launched in 2013, is the surveillance project which allows the Indian government to monitor online and telephonic data of citizens. Unlike its American counterpart PRISM, there is no legal recourse for a citizen whose personal details are being misused or leaked from the central or regional database. CMS does not even have any judicial oversight.In India, most orders are signed by either the Central or State Home Secretary. This causes a conflict of interest, as the executive branch is both undertaking law enforcement and providing oversight on its work.

This pursuit of internet monitoring started following the leak of the Amar Singh tapes, with instructions for ensuring the privacy of communications. This mandated all ISPs (Internet Service Providers) to have designated nodal officers for communicating and receiving the intimations for interceptions. Since the government controlled the LIMs (Lawful Intercept and Monitoring Systems), it directly sent software commands and sucked out whatever information is needed from the internet pipe with no intimation to anyone. The lack of a privacy law made it easier for the government to undertake such radical steps. The Indian Telegraph Act, 1885 and the Information Technology Act, 2008, allowed the government to monitor, intercept, and even block online conversations and websites. The addition of the CMS significantly widened the number of sources and could simplify access to these records. In 2019, the government went even further with this pursuit of privacy, like passing the Data Protection Bill and forming the NATGRID.

The National Intelligence Grid (NATGRID) aims to allow investigation and law enforcement agencies to access real-time information from data stored with agencies such as the Income Tax Department, banks, insurance companies, Indian Railways, credit card transactions, and more. It is meant to connect public and private databases for ten central intelligence agencies. State agencies, however, will not be allowed access to the same.

NATGRID was first introduced post the 26/11 Mumbai terror attacks by the then Home Minister Mr P Chidambaram. After 10 years of delay, on September 12, 2019, Home Minister Amit Shah announced that the NATGRID would be functional by the end of 2019. Along with the Crime and Criminal Tracking Network System (CCTNS), which will integrate the Central and State crime data, NATGRID will give a suspect’s ‘360-degree’ profile. This system could prevent or detect incidents like the 26/11 attacks, claims the Home Minister.

There have been many concerns regarding the dangers of misuse of this system. The unified pooling of vital information from different resources is vulnerable to cyber attacks or espionage from foreign intelligence agencies. Given the recent WhatsApp data breach, this apprehension needs to be addressed by having proper checks and balances in place.

After all, who is watching the notorious chowkidars (watchmen)? Also, if someone violated your privacy, but you never knew about it, did it even happen? This is where the Data Protection Bill, 2019, becomes important. It is India’s first step towards a privacy framework and sets a framework to govern personal data. The bill is meant to ensure that Indian citizens have control of their data. The bill seeks to localise the storage of data and to set up the Data Protection Authority of India. However, under the bill, not only will your sensitive personal information be stored but also information about you and your online habits. It is a potential avenue for the invasion of privacy because it can reveal many personal aspects. Companies, governments, and political parties can further use these to find the most convincing ways to advertise to you online.

The government has exempted its agencies from the rules that govern the processing of personal data citing national security, public order and friendly relations with foreign states. 24x7 surveillance acts as a major threat to businesses. Businesses are formed on the foundations of security and trust: from the purchase of an item on an e-commerce site to a company’s research mechanisms and technologies. Central databases make attacking a company based on such confidential information easier. All one would have to do to go one-up on you is to attack these databases. It was because of this the USA decided not to impose blanket surveillance. Their idea is “while we may live in a society without human rights, we cannot be in one without functional markets”.

Furthermore, it allows the government to manipulate the data patterns and wrongly accuse innocent citizens of being criminals. With NATGRID and the Data Protection Bill, the government shall have access to all data. In a world where the government claims that peaceful protests by the students are a threat to national security and anyone can be labelled a terrorist without evidence, the exemptions in the Data Protection Bill become important.

The government can access private data or government agency data on grounds of sovereignty or public order. This has dangerous implications. While the Indian Constitution recognises the right to privacy, there are very few laws governing government surveillance. Due to this, there is very little legislative oversight, leading to little judicial decision-making regarding surveillance.

Lord Acton had famously prophesied that “power tends to corrupt and absolute power corrupts absolutely”. This peril is more acute when the power is used covertly. Efforts to maintain accountability over intelligence agencies are frequently troublesome. All things considered, intelligence agencies comprise human beings, with their capabilities being circumscribed by human flaws, frailties and defects. Thus, safeguards are unavoidable and unnecessary, unfortunately, or rather, suspiciously, the Indian government seems blissfully unaware of that necessity, betraying its desire to be the stalker in people’s homes.


Devyani Arora

I am a nineteen-year-old student in Delhi University, pursuing bachelor's in commerce. You will find me having an existential crisis almost every two days and listening to The Local Train on loop.

The Pangean does not condemn or condone any of the views of its contributors. It only gives them the space to think and write without hindrance.