KnowLaw

Is Phone Tapping legal?

/

KnowLaw
Phone Tapping

There is a concern that the internet could be used to commit crimes and that advanced encryption could disguise such activity. However, we do not provide the government with phone jacks outside our homes for unlimited wiretaps. Why, then, should we grant government the Orwellian capability to listen at will and in real time to our communications across the Web?

John Ashcroft, U.S. Senator

Introduction

Today, data is as valuable and restricted as gold or oil. With the ubiquity of smartphones, phone surveillance has become a common practice. This involves accessing, monitoring, intercepting, and recording phone calls for various purposes. Advanced technology now enables detailed metadata analysis, including phone numbers, timestamps, call duration, and location.

Phone tapping and online monitoring are common and considered crucial for national security in India. Mass surveillance includes various methods such as telephone interception, open-source intelligence, and lawful interception under the Indian Telegraph Act, 1885. Key initiatives include DRDO NETRA, developed by the Centre for Artificial Intelligence & Robotics (CAIR) under DRDO, which detects keywords like “bomb” or “attack” in emails, messages, and social media, and monitors suspicious voice communications on platforms like Skype and Google Talk.

However, this act of phone tapping by governmental agencies has been scrutinised and the issue of privacy vs. national security is raised prima facie. The internal and external political environments in India is constantly on peril and vigil due to the dynamic nature of political and global relations. It is thus a need today for the Executive to be a step ahead and be forewarned of any and every possibly disturbing activities, and thus it is imperative that agencies like the CBI, National Investigation Grid among others be provided with access to ample and legal powers for the same purpose. However, two main legal questions arise here – the question of fundamental rights’ infringement, and non-State actors playing the grey domain of law to breach data.

This article aims to analyse the implications of telephone or communication surveillance in the digital age in accordance with the legal framework and national security interests. 

History of Phone Tapping

During colonial India, the police developed surveillance strategies as part of preventive policing, operating believing that a significant portion of crime was committed by suspected repeaters or KDs – Known Depredators. Senior police officials would review criminal records to identify individuals targeted for surveillance by lower-ranking constables. To facilitate this, historical records or “bad character rolls” were maintained for such individuals. These surveillance methods were often implemented at the discretion of local district superintendents and could occur without explicit legislative approval, as allowed by the Police Act of 1861. Given the minimal staffing of the police force and their reliance on indirect authority following the 1857 rebellion, surveillance was considered necessary for maintaining order and public safety.

The Telegraph Act was enacted in 1885 which gave a legal framework to telecommunications and also empowered the State to tap conversations and monitor telegraphic conversations. This Act, however, barred any third-party interception of calls. 

Legal Framework dealing with Phone Tapping

Mobile Encryption

Over the years, many amendments have been introduced by the government to regulate end-to-end encryptions – basically those electronic communications which cannot be brought under surveillance by the government – due to the advancement of technology. 

Section 84A of the Information Technology (Amendments) Act, 2008, Section 69 of the Information Technology Act, 2000, the Information Technology (Intermediary Guidelines) Rules, 2011 and other joint statements of the government together provide the legal framework for communication surveillance in India.

The Tussle between National Security and Personal Liberty

During times of national crisis, citizens are often urged to exchange liberty and privacy for enhanced security measures. Advocates of this approach argue that a small sacrifice of privacy can lead to significant gains in security. They assert that modern surveillance techniques can be implemented without excessive intrusion or disruption to individuals’ lives. With advancements in technology, surveillance methods such as biometric scanners, CCTV cameras, Global Positioning Systems, and data/telephone monitoring offer law enforcement agencies effective monitoring tools without imposing undue burdens on those under surveillance.

Opponents of this perspective caution against the dangers of trading privacy for security. They argue that the potential risks posed by governments, with their unchecked power, outweigh the perceived threats from criminals and terrorists. Citing Lord Acton’s famous dictum that “power corrupts, and absolute power corrupts absolutely,” they highlight the inherent risks of granting authorities total information awareness. The ability to demand access to others’ information while keeping one’s own secret is seen as a clear indication of power, as exemplified by recent events such as the controversy surrounding electoral bonds, as highlighted by the Chief Justice of India.

In summary, while some argue for the necessity of compromising privacy for security during times of crisis, others emphasize the importance of maintaining privacy rights to safeguard against potential abuses of power by governments and authorities.

Further, the problem of national security vs. individual’s right to privacy will be dealt with in a three-fold manner – firstly, a legal analysis of the infringement of fundamental rights; secondly, the importance of national security; and lastly, finding a balance between both while maintaining both privacy and accountability

A Constitutional Point of View of Phone Tapping

According to Black’s Law Dictionary, privacy is the “right to be let alone,” free from unwarranted publicity and interference in personal matters. Though not explicitly mentioned in the Indian Constitution, the Supreme Court recognized it as a Fundamental Right in K.S. Puttaswamy vs. Union of India. Despite various attempts to define it, privacy remains broad and elusive. Ruth Gavison’s ‘limited access theory’ is relevant here, linking privacy concerns to fears about accessibility.

In People’s Union for Civil Liberties v. Union of India, the Supreme Court found that monitoring telephone communications infringes on private space and violates Article 21 unless legally sanctioned. Section 5(2) of the Indian Telegraph Act restricts telephone tapping to public emergencies or safety concerns.

To support this argument, the Privacy Act, delineated the establishment of various bodies and a hierarchical structure aimed at safeguarding individuals from infringement by both other individuals and the state, along with specifying corresponding penalties. The judicial system has implemented safeguards to regulate state authority, including telephone tapping, surveillance, search, and seizure, to maintain societal balance and prevent power abuse while upholding individual rights.

In the smartphone era, where mobile devices act as personal diaries, privacy breaches can have severe consequences. The Panama Papers leak, which exposed unethical business practices, illustrates this risk. Applied to an individual’s personal life, such breaches could be catastrophic. Revealing crucial personal information to the government infringes on the Fundamental Right to life and liberty under Article 21 of the Indian Constitution. Thus, the threat of communication or phone tapping to these rights is significant.

National Security trumps Individual Liberty?

India

The rights to freedom of speech and expression, association, and peaceful protest, as well as the right to privacy, are subject to reasonable restrictions outlined in Article 19(2) of the Indian Constitution. Furthermore, even the right to privacy is not absolute and can be reasonably limited to safeguard and uphold the interests of the state.

Justice Dr. DY Chandrachud established that restrictions on the right to privacy must meet three criteria: first, they must be enacted by law; second, they must be necessary and proportionate; and third, they must serve a legitimate state interest. National security has the potential to meet all three criteria as laid down by Justice Chandrachud, dependent upon the specifics and circumstances of each individual case. Considering the legal rights and reasonable restrictions in conjunction, it is safe to say that any legal or fundamental right should not hinder the pursuit of national interest as it then will defeat the very purpose of the Constitution – a Union of States.

However, in a move with the motive of the safeguarding of privacy, the High Court of Bombay, in the case of Vinit Kumar v. Central Bureau of Investigation, highlighted that orders for intercepting phone calls and tapping cannot be justified in the absence of risk to individuals or the interests of public safety. This stance provides robust support for the principle of privacy protection, particularly concerning forms of surveillance such as phone tapping and interception. It establishes that such surveillance measures should only be authorized when there is a specific risk to the public, thereby significantly limiting the discretion of surveillance authorities. This judgment is crucial as it reduces the potential for unnecessary interception of data, which previously may have been justified based on surveillance authorities’ discretionary reasoning.

Past Experiences

The citizens today are hasty about communication surveillance for a reason. The country has previously seen too many data breaches and phone taps which were done by the government arbitrarily and with personal motives. 

In 1998, the former Chief Minister of Karnataka, Ramakrishna Hegde, resigned amidst a phone tapping scandal. He chose to step down on moral grounds after revelations surfaced regarding wiretaps on 50 individuals, including journalists and dissidents within the Janata Party. Subsequently, the authorization granted to the state police for the tapping was also disclosed to the public. 

In India, the Pegasus Project investigations suggested that the Pegasus spyware was deployed against a wide range of individuals, including ministers, opposition leaders, political strategists, journalists, activists, minority leaders, Supreme Court judges, religious figures, and senior officials such as Election Commissioners and heads of the Central Bureau of Investigation (CBI). The Pegasus Project was a collaborative investigative journalism endeavour conducted by a consortium of 17 media organizations.

Illegal surveillance has been a persistent issue throughout Indian history, and the recent Pegasus virus has raised concerns about the adequacy of existing surveillance legislation in India. This has once again underscored the necessity for revised and more stringent laws concerning surveillance. Illegal surveillance poses a significant threat to electronic communication and jeopardizes individuals’ privacy and security. In addition to individual privacy concerns, it also presents a potential threat to national security. Therefore, there is a pressing need for enhanced legislation to address these issues effectively.

The Way Forward

National security is of utmost importance. The very rights we have spoken about in this article would not be promised to citizens in cases of threat to national security. A national Emergency could be imposed if no forehand knowledge of the threat is available to intelligence agencies and police functionaries. 

Technology is one a key player today in bridging the gap between crime and the prevention of the same. Knowledge is power – necessary data will aid the government in analysing and taking precautionary measures to maintain and safeguard public health. If not, the threat could go unapprehended, and the public at large would be in peril. This is why India requested Research in Motion (referred to as ‘RIM’) BlackBerry to intercept the encryption and transfer the data of the terrorists involved in the 26/11 terror attacks. The Indian government strongly urged RIM to localize its data within India to enhance surveillance capabilities and identify potential threats more effectively. Even the Indian Communications and IT Minister, Ravi Shankar Prasad, emphasized that encryption should not hinder law enforcement agencies, and thus these agencies must have access to such data to address societal concerns effectively.

What can be done?

A few steps should be taken by the government to firstly gain trust of the public, and also to ensure the unarbitrary nature of data collection. 

To prevent potential privacy breaches by law enforcement agencies, a procedure for evidence-based decryption could be implemented, mandated by judicial authority. Under such an approach, law enforcement agencies would be required to present substantial evidence before the judicial authority to demonstrate the necessity of decryption. Ideally, decryption should only be permitted following a proper judicial order. The European Court of Human Rights, in the case of Klass v. Germany, emphasized the importance of judicial oversight in fields prone to abuse, stating that “supervisory control should ideally be entrusted to a judge” given the potential for harmful consequences to democratic societies. Judicial oversight can balance privacy and national security interests. For urgent cases, fast-track or mobile courts could be established.

Following the Puttaswamy judgment, the right to privacy is now recognized as encompassed within Article 21 of the Constitution of India, warranting special protection. While legislative efforts continue, a privacy ombudsman could prevent government misuse of power. Similar to the UK’s Investigatory Powers Tribunal (IPT), this role would curb surveillance and protect privacy rights.

In the case of Weber v. Germany, the European Court of Human Rights interpreted Germany’s G10 Act and stipulated that interception of communications by law enforcement agencies would be permissible only if accompanied by sufficient safeguards and oversight by a qualified judicial member. In India, a privacy ombudsman could oversee governmental actions to prevent power abuse. Clear protocols for data collection, handling, and destruction are essential, free from political influence. Data should be securely stored and automatically destroyed to ensure proper use and protect individual privacy.

Concluding the Discussion

Phone tapping or telephone surveillance has undergone a 180 degree change as compared to what it was when it was enacted by the Colonial government. The purpose then was the curb revolts, and the purpose of the same today has become to protect the interests of the nation. Back then, telephone lines were tapped into, and telegrams were opened. Today, the gambit of communication has undergone a revolution with digitisation, smart web, and radio waves as transmitters, tracking and surveillance has gained new meaning and momentum.

While governmental agencies come up with solutions for these dynamic changes, private entities are at their creative best while creating technological solutions to protect their users’ privacy as seen by the new End-to-End encryption technology. As the largest democracy globally, the Indian Parliament has a responsibility to set an example for other nations in safeguarding the privacy of its citizens while effectively managing the conflicting demands of national security.

References

Submitted by Samudyatha KB, a student of Symbiosis Law School, Pune.