In wake of the furore surrounding USA’s controversial PRISM project, attention has turned homewards with reports indicating that the Indian government is in the process of installing a nationwide surveillance and interception system. The Central Monitoring System (CMS) will provide security agencies with unfettered real-time access to all data exchanged online as well as telephonically. All individuals can be monitored, regardless of whether there is a suspicion of indulging in illegal activities. The CMS has already been tested and has been launched in certain telecom circles. Until now, mobile operators were bound to release information only after the agency showed requisite ‘authorisation’. With CMS, authorisations are no longer required; all authorisations remain secret within government departments.
The Supreme Court recently allowed a PIL asking the Centre to initiate action against US based internet corporations for sharing private data with NSA. It is rather ironic that we’re keeping an eye out on foreign action but there hardly is any discussion happening on similar programs initiated by our own government. A PIL to regulate the CMS should be in order to stop annihilation of privacy under these ‘security’ programs.
Nine Agencies will have access to CMS including the Research and Analysis Wing, the Central Bureau of Investigation, the National Investigation Agency , the Central Board of Direct Taxes , the Narcotics Control Bureau, the Enforcement Directorate, etc.
The Hindu reported that CMS allows the government to spy on any individual communicating through mobile or fixed phone lines and the internet. Everything from social media usage to multimedia exchange to video conferencing, even messages stored as drafts in your e-mail account can be accessed for an indefinite period of time, without letting the target know. You can read more about the intrusive surveillance measures here.
The international organisation Human Rights Watch (HRW) and WikiLeaks recently expressed their horror over CMS’s blatant violation of privacy and free expression. This article highlights the privacy loss due to CMS and its ramifications.
Legality of CMS
There is no legal framework regulating CMS. The Government’s hasty roll out of CMS without adequate regulation is in tradition with other projects such as National Intelligence Grid, Crime and Criminal Tracking Network and Systems (CCTNS), National Counter Terrorism Centre, Centre for Communication Security Research and Monitoring. AADHAR is a prime example of projects running into troubles due to lack of adequate regulation.
Phone tapping is regulated by an archaic legislation (Indian Telegraph Act, 1885) and the Information Technology Act, 2000 legalises e-surveillance. These two legislations have frequently violated constitutional principles. However, CMS was created without parliamentary approval. In 2009, the government told Parliament that CMS’s implementation would overcome “the existing (surveillance) system’s secrecy which can be easily compromised due to manual interventions at many stages.” What strikes extremely strange to me is that CMS was hardly debated in the Parliament, much less opposed, considering that in 2010 there was a huge political uproar over alleged stealth monitoring of phone calls of top government leaders.
Political leaders in the ruling government have defended the need for CMS, saying that it is essential for national security. A disturbing pattern that is emerging is this justification for umbrella surveillance systems. Governments across the world share the conviction that constant monitoring is the most effective way to deter terrorist activities.
The guiding question is how much liberty and privacy can be sacrificed in the name of security? Since all justifications lead to the war against terrorism and crime, the feasibility of mining so much data to counter these issues must be analysed by an official body. This is an excellent article by the Centre for Internet and Society (India) analysing the logistics of using a sweeping program like CMS to detect terrorist activity. It argues that not only it is a logistical nightmare to sift through voluminous and clandestinely collected data, the probability of error in matching profiles also increases. When data is compared against a huge volume of data, the likelihood of charging an innocent person for a crime they did not commit becomes real.
While details of the program are shrouded in secrecy for national security reasons, the government must address these concerns at the earliest to prevent a mammoth scale violation of our fundamental right to privacy.
