Telephone interception (‘tapping’): India
This is a collection of articles archived for the excellence of their content.
The extent of the problem
2013: 9,000 phones, 500 emails intercepted each month
Amid controversy over the Modi government giving "snooping powers" to investigative agencies, a 2013 RTI reply reveals that around 7,500-9,000 phones and 300-500 email accounts were intercepted every month under the then UPA government.
The information was revealed by the ministry of home affairs in response to an RTI query filed by Prosenjit Mondal.
"On an average, between 7,500 to 9,000 orders for interception of telephones and 300 to 500 orders for interception of emails are issued by Central Government per month," the reply dated August 6, 2013 states.
The reply also discloses the list of ten central and state agencies that are authorised for lawful interception, which include Intelligence Bureau (IB), Narcotics Control Bureau, Enforcement Directorate (ED), Central Board of Direct Taxes (CBDT), Directorate of Revenue Intelligence (DRI), Central Bureau of Investigation (CBI), National Investigation Agency (NIA), Cabinet Secretariat (RAW) and the Commissioner of Police, Delhi.
Earlier today, the government reiterated that the notification on surveillance is a reiteration of the order that was amended by the UPA government in 2008, when A Raja was the minister of communication and information technology and Shivraj Patil was the home minister.
The clarification also added that the rules under Section 69 of IT Act [Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules] were framed in 2009, during the tenure of Raja and then home minister P Chidambaram.
It was in 2011 when the home ministry under Chidambaram issued the standard operating procedure (SOP) for interception, handling, use, copying, storage and destruction of messages, telephonic intercepts, emails under section 5(2) of Telegraph Act and Section 69 of IT Act, the statement adds.
Opposition parties on Friday had launched a scathing attack against the government for its move to authorise 10 Central agencies to intercept any information on computers, describing it as "unconstitutional and an assault on fundamental rights" and demanded its immediate withdrawal.
Defending the order, the government said the authorisation was given under 2009 rules and that the opposition was playing with the national security by "making a mountain where even a molehill doesn't exist".
As in 1999, 2007, 2014
The Times of India, Jun 18 2016
Interception norms amended thrice
A few years after the advent of mobile telephony in India, the Centre in 1999 amended the Indian Telegraph Rules to regulate and streamline interception of telephone calls and messages.
With service providers multiplying in different telecom zones, the Centre again amended the rules in March 2007.
After conversations of former lobbyist Niira Radia with politicians, bureaucrats, businessmen and journalists were leaked into the public domain and the Su preme Court expressed concern while dealing with a petition by Ratan Tata complaining of violation of right to privacy , the Centre amended the rules yet again in January 2014 to make the norms more stringent. The basic guidelines remained the same -order for interception could be issued by the home secretary in the Centre and states. In an emergency , such orders could be issued by a home ministry authorised joint secre tary-level officer.
In situations where such orders could not be obtained, the investigating officer could order interception provided this order was approved within 15 days. The 1999 amendment said an order of interception would remain valid for 90 days and was extendable up to 180 days. All interception orders were to be reviewed by a committee headed by the cabinet secretary (at the Centre) or chief secretary (at state level) within 60 days of commencement of interception to prevent misuse of power.
The 2007 amendment limi ted the period of interception to 60 days, extendable up to 180 days. For the first time, it talked about service providers designating two nodal officers who would be responsible for implementation of orders for interception of calls and messages. It reduced the period for approval for interception in emergency situations to seven days from 15 days provided in the 1999 amendment.
The 2014 amendment reduced the various approval periods, recognising that issues relating to interception had to be dealt with expeditiously to prevent misuse.
Tough regime to check phone tapping
The Times of India June
Tapping phone conversations are no longer an easy task with the government putting in place a tough regime to check against possible misuse of powers. Telecom company executives said that only a handful of agencies are authorised to tap conversations and even that has to be authorised by the home secretary. Given the possibility of facing strict punitive action, telecom companies said, the nodal officer in each company ensures that there is no unauthorised access and even the conversation that is recorded is available only to the agency concerned. “There is a log that is maintained and anyone who logs into the server can be tracked. The information is not available internally and only the phone number is available,“ said an executive.
2016: Revised norms
The Times of India, August 4, 2016
Norms on phone tapping revised
The government told Rajya Sabha that guidelines have been revised to curb illegal phone snooping and to tighten the process of obtaining telephone call data records (CDRs) of MPs and other citizens. Acoording to the revised guidelines, head of the police organisation's permission is required for obtaining CDRs of MPs.
Data interception order sparks row, govt cites 2009 UPA rules
10 Agencies Can Snoop On Phones And Computers
The Centre’s notification designating 10 intelligence, tax and law enforcement agencies to intercept and decrypt information in
computers kicked off a political storm on Friday with the opposition accusing the government of snooping and the latter clarifying that the rules actually tightened loopholes in the law.
The opposition alleged that the agencies had been armed with powers to monitor any computer.
The government soon launched a counter-offensive, arguing that the notification was derived from rules framed under the UPA in 2009 and, contrary to charges, the Centre had made the interception regime more precise and less vulnerable to abuse by specifying the agencies which could do so.
‘Must cite reason to decrypt messages’
It also said every case of interception would continue to require permission from the home secretary and review by a panel headed by the cabinet secretary. It added that while seeking permission, the agency concerned would have to specify one of the five grounds on which they could decrypt messages on electronic devices.
The five grounds are — “in the interest of sovereignty and integrity of the country; defence of India; security of the state; friendly relations with foreign states; public order or for preventing incitement to the commission of any cognisable offence relating to above”.
Apart from the heated politics, before the home ministry order notified on Thursday, every request for interception of information on a computer — emails, chat messages and even drafts on smartphones, tablets and laptops — had to be handled and authorised by the home secretary or state-level competent authority.
Now, the order will allow only the designated agencies — IB, Narcotics Control Bureau, ED, CBDT, DRI, CBI, Cabinet Secretariat (RAW), NIA, Directorate of Signal Intelligence and Delhi Police commissioner — to carry out interception, monitoring and decryption of any information generated, transmitted, received or stored in a computer resource under the Information Technology Act, 2000.
It is only in emergent situations that a designated agency can approach a service provider and seek access, but it will need to notify the home secretary in three days. In case there is no post-facto approval in seven days, the interception will have to stop. Each interception request relating to computers will require prior approval of the home secretary/state government. By passing the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009, the UPA government said only authorised agencies should carry out surveillance but did not notify these agencies.
A total surveillance system?
Cybersecurity Experts, Lawyers Red Flag ‘Power To Snoop’
Cyber security experts, lawyers and activists have raised serious concerns over the Union ministry of home affairs (MHA) order that gives 10 investigating agencies the power to “snoop” into citizens’ digital space.
Executive director of Internet Freedom Foundation Apar Gupta said the recent order will lead to “a complete surveillance system” without any options for safeguards as it is impossible to exist without leaving a digital footprint nowadays.
“The constitutional standing for privacy has become stronger after the Supreme Court’s Aadhaar judgment in 2017. Section 69 was framed nearly a decade ago, so it did not conform to the same standards of privacy. The government cannot use it as grounds to cannot go snooping around without judicial sanctions,” said Gupta.
Prasanth Sugathan, legal director of Software Freedom Law Center, an NGO that supports digital rights across the globe, also called the order an attempt at “digital tapping”, but highlighted that it is only a part of the problem. “Our concern should not be limited to just these 10 agencies. Section 69 should be struck down completely because it lacks judicial oversight. It works at the executive level alone,” he said, adding the “entire surveillance system supported by the state is a problem.” On Twitter, too, several lawyers criticised the order as unconstitutional and a violation of individual freedom. “This is a gross violation of SC judgments, including Shreya Singhal. This is void for vagueness since the expression ‘any information’ could cover anything from our Facebook profiles to WhatsApp messages, to Twitter, it is being challenged as surveillance,” tweeted SC lawyer Indira Jaising. Shreya Singhal v. Union of India is a 2015 Supreme Court judgment on online speech and intermediary liability.
Delhi Police: Special Cell project
Secret Project, In Final Stages, Will Help Special Cell Overhear 120 Calls Simultaneously
In a major revamp of the way it eavesdrops on phone chatter, the Special Cell of Delhi Police, which primarily deals terror cases, is enhancing its call interception system. Officers have confirmed that the highly secretive project is being executed on a priority and the force is in the final stages of the process to procure advanced law enforcement monitoring facilities (LEMF).
The new LEMF will allow the cops to overhear 120 calls simultaneously , sources said.What is being set up is not just a central monitoring system, but an entire network of aro und 100 computers and highspeed servers, equipped with powerful 128GB DDR4 RAMs.These are expected to run up bill running into crores of rupees, officers privy to the plans confirmed.
The New Delhi range of the Special Cell will get a major portion of the acquisitions with 36 computers and servers. The south-western and northern ranges, which focus on organised crimes, will get 20 each, while the southern range will bag 15. A set-up of five computers and the central server will be installed at Police Headquarters and will be overseen by the DCP (Special Cell).
However, though a central monitoring system is expected to check any misuse of the facility, it is unclear if the Union ministry of home affairs has given the project a goahead. Last year, it had objected to the increasing demands for interception approval made by Delhi Police and sought a detailed actiontaken report on the hundreds of numbers that it had approved in a six-month period.
Under the phone-call intercept protocol, the Delhi Police commissioner, DGPs of states, and eight other agencies -Intelligence Bureau, Research & Analysis Wing, Narcotics Control Bureau, Central Bureau of Investigation, National Investi gation Agency , military intelligence of the defence ministry and the Central Board of Direct Taxes are authorised to intercept calls with the prior approval of the home ministry .
The Special Cell is the nodal agency in Delhi for call interceptions. It can give extensions upon approval to police stations. On average, the union home ministry okays around 5,000 requests made by these agencies.
In 2014, the government notified a fresh set of procedures for legal interception of calls under Section 5 (2) of the Indian telegraph Act. However, rule 419A of the Indian Telegraph Rules allows for lawful interception of phones without prior approval under unavoidable circumstances. However, such interceptions have to be approved within seven days.
Lawful interception of calls aids enforcement agencies in obtaining network communications in a clandestine manner. The intercepted data, called handover interfaces, is categorised in three levels, with the one codenamed HI3 being the most critical, an officer explained, because it contains the content of the intercepted communication and can be used by law enforcement agencies as leads or evidence against a suspect.