Extant laws and procedures are insufficient to preclude State arbitrariness in an infringement into a citizen’s right to privacy
Sherwyn Correia
The Union Home Ministry’s recent notification enabling ten Central government-controlled intelligence and investigating agencies to undertake surveillance of computers, mobiles and servers has raised the spectre of an Orwellian state and triggered a political storm. In a law students’ perspective, it has reignited the debate on the constitutionality of surveillance measures.
The notification issued under the Information Technology (IT) Act, inter alia, empowers specified agencies to intercept, monitor or decrypt “any information” generated, transmitted, received or stored in “any” computer resource for reasons of threat to sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence or for investigation of any offence.
The ten agencies empowered by the Centre are Intelligence Bureau, Narcotics Control Bureau,
Enforcement Directorate, Central Board of Direct Taxes, Directorate of Revenue Intelligence,
Central Bureau of Investigation, National Investigation Agency, Cabinet Secretariat (RAW), Directorate of Signal Intelligence (For J&K, N-E, & Assam) and Commissioner of Police, Delhi.
Attempting to deflect criticism, the Government has clarified that the notification did not confer any new powers and that “adequate safeguards” were provided in the IT Act 2000 and that similar provisions, procedures and safeguards already existed in the Indian Telegraph Act. But the fact remains that successive Government’s have used surveillance powers to snoop on political opposition, media, civil society activists etc.
One cannot question the State’s surveillance powers through its intelligence and investigation agencies; these are essential in the interest of national security, prevention and detection of serious crimes and maintaining public order. However, the larger question that arises is whether the existing
procedural safeguards are adequate to rule out arbitrary exercise of power.
A nine-judge bench of our Apex Court recently affirmed (in Justice Puttaswamy’s case) that right to privacy is a fundamental right enshrined under the Constitution that flows from right to life and personal liberty that no legislation could unduly violate, while clarifying that it is not an “absolute right” and can be “overridden by competing State or individual interests”.
In People’s Union for Civil Liberties (PUCL) v. Union of India, popularly known as the “telephone tapping case”, Supreme Court looked into the constitutional validity of Sec. 5 (2) of the Indian Telegraph Act 1885, a colonial-era legislation that empowered Government to intercept telephonic conversations. Holding that privacy is an essential ingredient of personal liberty, the Court held that telephone tapping, a form of “technological eavesdropping”, infringed the right to privacy. It was held that “occurrence of a public emergency” or “in interest of public safety” was the sine qua non for exercise of the power. On finding no rules and procedures in place for tapping telephones even after over a century, the Court stepped in to fill the breach.
In brief, the Court directed that (i) an order for telephone tapping could be issued only by the Union or State Home Secretary, (ii) the order be sent to a three-member “review committee” within a week chaired by the Cabinet Secretary/Chief Secretary and comprising the Law Secretary and another Secretary-level officer. The committee could either confirm or set-aside the order and (iii) interception could be for a period of three months, extendable by another three months, and no longer. The Central Government later framed guidelines under Telegraph Rules inspired by the court’s directives.
The Information Technology Act 2000 provided for identical powers to intercept, monitor or decrypt information generated, transmitted, received or stored in a computer resource in the prescribed manner. The IT Rules framed in 2009 provided for procedure and safeguards largely in pari materia with the Indian Telegraph Rules.
The “review committee” is expected to play a pivotal role and provide a check and balance. Recent media reports suggest that about 9000 telephones and 500 email accounts were intercepted by the Central Government every month. It would be humanly impossible for the review committee (required to meet at least once in two months) to scrutinize each and every of the thousands of interception orders in a single meeting. The very credibility of the process and safeguards against executive overreach are in question.
The petitioners in PUCL’s case had called for prior judicial sanction -- ex-parte in nature -- as a safeguard that could eliminate the element of arbitrariness or unreasonableness. However the Court felt that it was not possible to provide for prior judicial scrutiny in the absence of statutory support, and that it was for the Central Government to frame the rules. The Court occupied itself with formulating procedural safeguards with the aim to save the action from the vice of conflict with Part III of the Constitution.
The PUCL judgment dates back in time, while communication technology has advanced leaps and bounds. Extant laws and procedures are insufficient to preclude State arbitrariness in an infringement into a citizen’s right to privacy. Pervasive surveillance has been the single most distinguishing trait of totalitarian regimes. In the backdrop of the Puttaswamy judgment and perception of India turning into a ‘surveillance state’, it is time to seriously consider judicial oversight of surveillance measures.
