India in dire need of privacy law; experts say government is ironically creating huge national security risks in attempts to prevent crime and terrorism
Privacy India, the Centre for Internet and Society and the Society in Action Group, with support from Privacy International, have spent 18 months studying the state of privacy across India, conducting consultations in Kolkata, Bangalore, Ahmedabad, Guwahati, Chennai and Mumbai. On Friday (3rd February 2012), the results of their research were discussed by representatives from government, industry, media and civil society at a high-level conclave in Delhi. In attendance were Manish Tewari MP, Microsoft Director of Corporate Affairs Deepak Maheshwari and P.K.H. Tharakan former Chief of the Research and Analysis Wing. A privacy symposium open to the public will be held tomorrow afternoon at the Indian International Centre.
The 130-page long country report details how government bodies like the National Technical Research Organization (NTRO) engage in pervasive and frequently unauthorized wiretapping, listening in on the private conversations of politicians and ordinary citizens alike. The Cabinet Secretary himself, in a report last year, noted that a body like the Central Board of Direct Taxes should never have been authorized to conduct telephone tapping, as the Supreme Court had long ago made clear. Privacy problems are arising from UID, NPR, and other e-governance projects that involve the creation of databases and the collection of personal information. Indian citizens are losing the ability to control who has access to their information, what that information says about them and how that information is used.
Overall, the study paints a picture of a dysfunctional system, with multiple pieces of legislation dealing with sectoral privacy-related issues like health, banking, phone tapping etc and no overarching legal guarantee of privacy. As Manish Tewari observed today, there is a nationwide lack of understanding about new technologies and judges are very rarely technologically literate. This has created a situation in which the government's efforts to fight crime and terrorism by intercepting communications has horribly backfired. By building backdoors into communications systems to allow lawful access, and by restricting cryptography to a 40-bit limit, the authorities have created serious vulnerabilities in India's communications system that can be easily exploited by any malicious third party or foreign government.
Gus Hosein, Executive Director of Privacy International:
In their efforts to preserve and defend democratic society, India has undermined the very thing it wanted to protect. Both citizens and state are now at serious risk of being spied upon by anyone with a small amount of technological know-how and a computer.
Usha Ramanathan, social and political activist, said:
In the name of state transparency, government projects are in fact rendering citizens transparent to the State, rather than the other way round. A comprehensive privacy law for India cannot come soon enough.
Background: Privacy India
Privacy India was established in 2010 with the objective of raising awareness, sparking civil action and promoting democratic dialogue around privacy challenges and violations in India. One of the organization's primary goals is to build consensus towards the promulgation of comprehensive privacy legislation in India through consultations with the public, policymakers, legislators and the legal and academic community.