Banks In India Refuse To Give Direct Access To Natgrid To Their Data Base And Customers Details

Banks In India Refuse To Give Direct Access To Natgrid To Their Data Base And Customers DetailsNone can deny that Privacy right is a Human Right and not a government charity anymore. Governments across the world are required to keep in mind the Privacy rights in the information era while launching various projects and initiatives. Otherwise, these projects and initiatives can be challenged before the Courts as illegal and unconstitutional.

The BJP led government must protect privacy rights of Indians that has been neglected for decades. However, just like its predecessor Congress party, even the BJP government is also not interested in protecting civil liberties in cyberspace. BJP government has done nothing to bring transparency and accountability of the intelligence agencies of India. Intelligence agencies of India need parliamentary oversight and suitable legal framework regulating their operations.  Similarly, an e-surveillance policy of India is also urgently needed.

The BJP government is supporting the illegal and unconstitutional e-surveillance projects of Congress government. These include projects like National Intelligence Grid (NATGRID) Project of India, Central Monitoring System (CMS) Project of India, Internet Spy System Network and Traffic Analysis System (NETRA) of India, Crime and Criminal Tracking Network and Systems (CCTNS) Project of India, etc. All these projects are operating without any legal framework and without any Parliamentary and Judicial scrutiny.

The Natgrid project is an ambitious project of great utility but it is poorly executed. The Natgrid project of India needs Techno Legal Implementation to be successful and legal. However, BJP government is not paying heed towards these requirements. Successive governments in India have thought that they can force illegal e-surveillance projects upon Indian citizens and organisations.

However, this line of thought of Indian government is not backed by banks of India. For instance, banks in India have already refused aadhaar based authentication as Aadhaar project is the most draconian e-surveillance project of India. Reserve Bank of India (RBI) even postponed the implementation of biometric authentication for credit card swipe machines and ATMs due to protest by banks of India. Now banks of India have taken a firm stand against Natgrid project by refusing to grant it direct access to the details and database of their customers.

This is a significant win for privacy advocates who have been stressing hard to protect privacy rights of Indian citizens. “The issue pertaining to creating institutional framework for sharing of information relating to the banks with Natgrid was examined by RBI in consultation with the Indian Banks Association (IBA)”, minister of state in the ministry of finance Nirmala Sitharaman told Lok Sabha in a written reply. She revealed that RBI and bankers were “unanimously of the opinion that it would not be possible for banks under the current legislative framework to disclose customer information”.

“Accordingly, it was advised that in line with international practices it may not be possible for banks to allow any agency direct access to its database”, said the minister. Further, Ms Sitharaman said that under the “extant legislative framework it may not be possible for banks to share customer related information like name and address of the customer and account number of the customer with any government agency”.

This reply has also hinted towards the need to change the outlook of privacy in the modern times. The BJP government cannot postpone the requirement to enact suitable techno legal laws in the fields of Privacy, intelligence agencies, e-surveillance, cyber security, data security, etc.

However, the ultimate responsibility to protect the privacy rights of Indian citizens lies with them only.  Bank customers and Indian citizens must protest against any possible privacy intrusion attempt of Indian government and its agencies to the maximum possible extents.

Aadhaar In Its Present Form Has No Welfare Elements Attached To It Whatsoever But Is An E-Surveillance Project

Praveen Dalal-Managing Partner Of Perry4Law And CEO Of PTLBAadhaar Project was visualised as a public good project but it ended up being a project that is violating various Constitutional and Statutory Provisions. The Constitutional Validity of the Aadhaar Project has been questioned before the Supreme Court of India. In another related case, the Supreme Court of India has held that the Aadhaar cannot be made compulsory for availing Public Services. Similarly, the Supreme Court has also restrained UIDAI from transferring any Biometric Information of any person who has been allotted the Aadhaar number to any other Agency without his consent in writing (PDF).

Just like Congress Government even the BJP Government has declared that it would bring and ensure a Legal Framework for Aadhaar. However, till the writing of this Article, no news about a Legal Framework for Aadhaar is available. As a result the position on the date is that Aadhaar is operating without any Legal Framework and Parliamentary Oversight.

Aadhaar Project in its “Current Form” is suffering from many “Illegalities and Infirmities”. For instance:

(1) Aadhaar has been made “Mandatory and Exclusive” for availing many Public Services in India despite Supreme Court’s Interim Order and Constitutional Prohibitions.

(2) Aadhaar Project is not supported by any Legal Framework and is not subject to “Parliamentary Oversight”.

(3) Aadhaar Project is violating various “Civil Liberties” like Privacy Rights of Indians.

(4) Aadhaar Project is “Grossly Weak” on the fronts of Cyber Security and Data Security.

(5) Aadhaar is not “Full Proof and Tamper Proof” and it can be “Obtained Illegally” and in Wrong Name.

(6) The “Authentication Mechanism” of Aadhaar Project is also faulty and in many cases gives “False Negative Alarms”.

(7) The present Practices and Methods adopted by Indian Government and its Agencies for Biometric Collection of Indians/Residents is Unconstitutional.

(8) Even “Clubbing/Merging” of Biometric Data of Aadhaar and National Population Register (NPR) has “Serious Constitutional Ramifications” and the same should not be done.

(9) Absence of Encryption Policy of India (PDF) to safeguard Biometrics Data, etc.

If we add the “Unaccountable Intelligence Related Exercises” of Indian Government, its Agencies and Foreign Partners like United States, the list is too bulky to be discussed here. Suffice is to say that the Aadhaar Project is suffering from many “Vices and Illegalities”. These include Civil Liberties Violations, Unconstitutional E-Surveillance Issues, Data Security and Cyber Security Issues, Compulsory Nature of Aadhaar, Unaccountable Intelligence Agencies, Foreign E-Surveillance Threats, Telecom Security Issues, Integration with Surveillance projects like NATGRID, Unconstitutional Biometrics Collections, etc.

All these aspects make the Aadhaar Project an Unconstitutional Project that was required to be Scrapped by the Modi Government. Alternatively, all these Constitutional Infirmities and Illegalities were required to be “Eliminated” by the Modi Government before allotting further funds to Aadhaar Project. There cannot be a “Third Option” for the Modi Government and wasting precious “Public Money” on Unconstitutional Project like Aadhaar “Can Never Be Justified” even by the Standards of the “Fancy Words and Empty Promises” made by the Congress and BJP Governments regarding Aadhaar Project.

Not only this, the entire situation has also raised “Serious Questions” about the “Real Intentions” of Indian Government vis-à-vis Aadhaar Project. The “Present Form” of Aadhaar Project and the behaviour of Indian Government regarding Civil Liberties have definitely negated the theory of Welfare Project as projected by both Congress and BJP Government. But if Aadhaar Project is not a Welfare Project what is its purpose and true nature?

In my personal opinion, Aadhaar in its present form has no Welfare Elements attached to it whatsoever but is an “Endemic E-Surveillance Project” that is operating well beyond the Constitutional Protections, Parliamentary Oversight and Judicial Scrutiny. The sole purpose seems to be to club the Biometric Details of Indian Citizens/resident with other “Centralised Databases” like National Intelligence Grid (NATGRID) Project of India, Central Monitoring System (CMS) Project of India, Internet Spy System Network and Traffic Analysis System (NETRA) of India, Crime and Criminal Tracking Network and Systems (CCTNS) Project of India, etc. Gradually, both Biometrics and Non Biometrics based details and data would be clubbed with the DNA Databank of India that Indian Government would definitely go for in the near future.

It is for You to decide whether You wish to give Your Children a “Free and Transparent India” or You wish Your Children to be a Guinea Pig or Lab Rat for Indian E-Surveillance Projects like Aadhaar that are clearly Illegal and Unconstitutional.

Privacy Is Your Human Right Not A Government Charity

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW AND CEO OF PTLBBenjamin Franklin has rightly said that those who would give up Essential Liberty, to purchase a little Temporary safety, deserve neither Liberty nor Safety. This expression is applicable to all the Countries of the World that are dedicated to kill Privacy Rights under the false pretext of Security/National Security. India is no exception to this practice as Privacy Right in India is, perhaps, “Lowest and Most Negligible” in the World.

The starting point to protect the Privacy Rights in India is to understand that Privacy is your Right not a Charity. We expect our Government to protect our Privacy Rights rather than protecting same ourselves. We are very comfortable in surrendering our Privacy in exchange of slightest “Convenience” and our Governments take advantage of this attitude of ours. This has also made India a “Sitting Duck” in the fields of Cyberspace and Civil Liberties Protection Regime.

For those who care for their Privacy Rights, our Indian Government has introduced “Technological Methods” to invade our Privacy. For instance, India has been using, and is still using right now, the Unconstitutional E-Surveillance Projects like Central Monitoring System and NETRA. The Narendra Modi Government has still not “Cleared its Stand” on these Unconstitutional E-Surveillance Projects that must have been done long before. This means that the BJP led Government would also continue with CMS, NETRA, etc.

Further, there are little chances of getting Parliamentary Oversight of Intelligence Agencies of India. Similarly, there are almost no chances of Intelligence Agencies Reforms in India that can bring their functioning in lines with Constitutional Requirements. Illegal and Unconstitutional E-Surveillance and Phone Tapping is rampant in India with no Judicial and Parliamentary Oversight.

However, nothing can match the “Draconian and Unconstitutional Project” named Aadhaar as managed by UIDAI. In fact, the illegality of Aadhaar Project has been questioned before the Constitutional Courts of India. The Supreme Court of India has been critical about the Aadhaar Project and its implementation. The Supreme Court has held that “Aadhaar cannot be made Mandatory” for availing public services in India. Similarly, the Supreme Court has also prohibited UIDAI from Sharing Biometric Data with Indian Government Agencies without data owner’s consent.

These were sufficient hints that the Aadhaar Project, in its present form, must be scrapped by the Narendra Modi Government. Nevertheless, as per media reports, the Modi Government has decided to continue the Aadhaar Project. Some hints have been given by the Government that a “Legal Framework” would be formulated to grant “Legal Status” to Aadhaar/UIDAI but that is just “Part of the Solution”. Other considerations like Cyber Security, Data Security and Civil Liberties Implications of Aadhaar Project and Unconstitutional Biometric Collection by UIDAI in India have still to be resolved. It is high time for the Modi Government to sort out these issues before rolling out the Controversial and Unconstitutional Aadhaar Project in India.

Privacy Is Your Right Not A Charity And National Security In India Is A White Lie Not A Reality

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW AND CEO OF PTLBWhat would you do if somebody tries to invade your Privacy or the Privacy of your Family? Most of us would fight back to protect the same. However, almost none of us fights back if the same violation is done by or own Government or Government of Foreign Nations. Even our own Government ditches us and supports such foreign Governments in their illegal E-Surveillance activities.

India is one such Country that is not only indulging in Illegal and Unconstitutional E-Surveillance upon Indian Citizens but is also allowing other Countries like United States to do the same. For instance, India has been using, and is still using right now, the Unconstitutional E-Surveillance Projects like Central Monitoring System and NETRA. The Narendra Modi Government has still not “Cleared its Stand” on these Unconstitutional E-Surveillance Projects that must have been done long before.

After more than a month of being in power, it is safe to presume that the Modi Government “Intends to Continue” with these Illegal and Unconstitutional Projects just like its predecessor Congress Government. This may prove that the Modi Government is worst than Congress Government as far as Civil Liberties Protection in Cyberspace is concerned. Atleast Congress Government was “Honest Enough” to admit launch and use of these E-Surveillance Projects. But Modi Government is “Notoriously Silent” on these Issues and Projects.

In fact, India is Collaborating with other Countries to facilitate “Mutual E-Surveillance” in an Illegal and Unconstitutional manner. Recently, Telecom Company Vodafone confirmed that Secret Wires have been used around the World to indulge in Illegal Eavesdropping. India is also doing the same but all that Modi Government has done in this regard is ordering a Sham, Ineffective and Casual Analysis of the situation. After more than two weeks, the Department of Telecommunication is still not been able to provide a “Public Report” in this regard and the same may never see the light of the day as well.

On the contrary, the Modi Government has given hints that it is not at all willing to let go the Illegal and Unconstitutional E-Surveillance Projects like CMS, NETRA, etc. These hints can be found in the proposed National Telecom Security Policy of India 2014 wherein Snooping and Eavesdropping have found mention without any Privacy and Procedural Safeguards.

For instance, the draft Telecom Security Policy prescribes that cellular operator will mandatorily have to allow Law Enforcing Agencies to intercept calls, messages, and any other communications and the access to monitor it in real time, while keeping the communications secured. However, there is no Constitutional Lawful Interception Law in India as on date and this requirement would be a violation of Fundamental Rights of Indian Citizens.

If all this is not enough, the U.S. Foreign Intelligence Surveillance Act (FISA) Court has been Issuing Orders to allow U.S. National Security Agency (NSA) to indulge in E-Surveillance at a “Global Scale”. This includes conducting E-Surveillance upon Indian Citizens, Political Organisations like Bharatiya Janata Party (BJP), etc. It is really surprising how India allows a local U.S. Court to play with its “Sovereignty and Constitution”.

The fact is that India is a Sitting Duck in the Cyberspace and Civil Liberties Protection Regime. Similarly, India is also a Sitting Duck in the Cyber Security Field. This position is “Serving Indian Government’s Purpose” and this is not going to change very soon. So there must be an “Alterative” to this whole chaos and “Civil Liberties Violation Fiasco”.

It is well understood that those who surrender their Liberty in exchange for “False Promises of National Security” would loose both. This equally applies to Indian Citizens as well. Privacy is your Right and not a Charity and National Security of India is a White Lie and not A Reality.

Indian Government is not going to safeguard our Privacy Rights and we have to “Reclaim” the same ourselves. There are little chances of getting Parliamentary Oversight of Intelligence Agencies of India. Similarly, there are almost no chances of Intelligence Agencies Reforms in India that can bring their functioning in lines with Constitutional Requirements.

We cannot “Enact Laws” but we can use “Counter Technologies” to prevent Illegal and Unconstitutional E-Surveillance and Eavesdropping. Self Defence and Privacy Protection in India must be ensured by us at our own levels. The initiatives titled PRISM Break and Reset the Net are the “Starting Point” in this regard. I would come up with detailed articles dedicated to protection of Civil Liberties of all those who care for their Privacy and Right to Speech and Expression in Cyberspace and this Information Era.

US Foreign Intelligence Surveillance Act (FISA) Court Is A Trouble For Indian Privacy Rights And Civil Liberties

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW AND CEO OF PTLBThere are many “Double Standards” that United States Government is adopting vis-à-vis India in general and Indian Citizens in particular. There is no second opinion that U.S. is the biggest and most blatant violator of Civil Liberties in Cyberspace. Whether it is use of Malware of the types of Stuxnet or Duqu or a combined use of Radio Wave and Malware, U.S. is on the top in the list.  U.S. Government is also the biggest purchaser of Malware in the World. In short, U.S. is the most prominent and notorious purchaser and user of Malware at the Cyber Warfare and Cyber Espionage levels.

U.S. has been indulging in “Illegal and Unconstitutional” E-Surveillance and Eavesdropping in India for long. Sometimes it is “Covert” while other times it is “Overt” and with the “Active Collaboration of India”. In fact, James Clapper had confirmed that NSA has been targeting Foreign Citizens for Surveillance. Surprisingly, this is happening despite the fact that the Constitutions of both Countries forbid such blatant “Privacy Rights Violations”. Recently, the U.S. Supreme Court in Riley v. California, No. 13–132, 573 U. S. (2014) held that “Digital Data” requires protection from “Warrantless Searches” and generally a warrant is required to conduct search of a cell phone of an arrested person.

However, the Supreme Court of India and U.S. Supreme Court are “Helpless and Powerless” when it comes to exercise of “Extra Territorial Powers” by the U.S. Foreign Intelligence Surveillance Act (FISA) Court. What is frustrating is how a local court like FISA can exercise “Powers” over an “Independent and Sovereign Nation” like India. What gives a FISA Court power to violate provisions of Indian Laws and Indian Constitution? Either this is happening with the “Active Assistance of India” or our Indian Government is a “Sitting Duck” incapable of protecting the Civil Liberties of its Citizens from foreign players and foreign Intelligence Agencies like NSA.

Not only the U.S. Government is indulging in double standards but even U.S. Companies are doing the same. For instance, if information is sought from U.S. Companies they insist upon following U.S. Laws. However, if the same Companies are asked by U.S. Government or U.S. Intelligence Agencies to provide data and details stored even in Foreign Jurisdictions and Data Centres, they are more than willing to help them. This is happening despite the fact that the Laws of such Foreign Jurisdictions also forbid sharing of such data or information but they become simply “Inapplicable” in such cases. Many U.S. Companies have been providing information and data about Indian Citizens even in active violation of Indian Laws and our Government is not doing anything in this regard. All that is required for such U.S. Companies is an order from a FISA Court that, in most cases, is not even “Public” but is shrouded in complete “Secrecy”.

According to leading Academics of U.S. the Secret Loopholes Exist that could allow the NSA to bypass Fourth Amendment protections to conduct massive domestic surveillance on U.S. citizens. For instance, the Research Paper released on Monday by researchers at Harvard and Boston University details how the U.S. Government could “conduct largely unrestrained surveillance on Americans by collecting their network traffic abroad,” despite Constitutional protections against warrantless searches. U.S. surveillance Laws presume Internet traffic is non-American when it is collected from overseas. This is a “Very Convenient Arrangement” as India can “Collect” information and data in India on behalf of U.S. and U.S. can collect information and data on behalf of India in U.S. This way “Constitutional Protections” available in both the Countries can be “Bypassed” without attracting the wrath of Courts of both Countries. And this is exactly what is happening as per my personal opinion.

The ultimate effect of this situation is that both India and U.S. can “Collect Information” about their own Citizens as well as those of other Nation’s. It would be a “White Lie” if India and U.S. suggest that they are not indulging in E-Surveillance and Eavesdropping that is violative of the Constitutional Protections.

As per media reports, the Bharatiya Janata Party (BJP) was one of the six non-US political parties across the Globe that the NSA received official permission in 2010 to covertly spy upon. So U.S. cannot deny anymore that Indian Citizens and Indian Political Organisations are under “Constant Scrutiny” of her Intelligence Agencies like NSA.

The natural question is should we “Trust” U.S. Companies, Software and Hardware while providing “Sensitive and Crucial Information” and utilising the same for Critical Infrastructures (PDF). The Cyber Security Trends in India (PDF) clearly indicate that we must stress more upon “Indigenous Capabilities” when it comes to Cyber Security and Cyber Technologies. When Anti Virus updates are themselves source of Malware India cannot trust Foreign Cyber Security Products in this regard.

The Security Agencies of India have stressed upon using “Indigenously made Cyber Security Softwares”. Similarly, Indian Government has also given approval to establish two Semiconductor Wafer Fabrication Manufacturing Facilities in India (PDF). This would benefit Companies of Japan and Korea in expanding their bases in India. The Electronic System Design and Manufacturing (ESDM) Policy of India has also been streamlined by Indian Government. The U.S. Companies must be allowed to sell their Products and Services in India only once their Products or Services are “Rigorously Tested” before being used in India, Government Departments or Public Services providing Organisations.

U.S. Companies are hiding behind the veil of Conflict of Laws in Cyberspace and India must pierce the same to ascertain the true identity of “Rouge Companies”. Internet Telephony and VOIP Service Providers must “Mandatorily Establish Servers in India”. The Intelligence Bureau (IB) is also expediting the testing of VOIP Interception System in India. The ultimate solution is that India Must Ensure Techno Legal Measures to Regulate Indian Cyberspace that can prevent Illegal and Unconstitutional E-Surveillance and Eavesdropping from Foreign Nations. Otherwise, Judicial Orders from Courts like FISA would keep on violating the Civil Liberties of Indian Citizens.

Riley v. California, No. 13–132, 573 U. S. (2014)- U.S. Supreme Court’s Case On Search Of Cell Phone Of An Arrested Person Without Warrant

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW AND CEO OF PTLBUnited State has been struggling hard to deal with issues of E-Surveillance and Eavesdropping for long.  The truth is that many of the E-Surveillance Programs of U.S. are “Simply Unconstitutional” and they cannot pass the test of Constitutionality. Telephone Tapping and Surveillance are on top priority of U.S. Law Enforcement and Intelligence Agencies. In fact, U.S. Government sought an order from FISA Court for extended storage of telephone metadata and call records.

After Edward Snowden’s revelations, even the White House has limited and difficult options to restructure National Security Agency’s phone surveillance program. Meanwhile, U.S. Courts have started strengthening Privacy Rights of U.S. citizens’ vis-à-vis their cell phones. For instance, the Massachusetts Supreme Judicial Court has ruled that phone users have Reasonable Expectation of Privacy. Similarly, the Texas Appeals Court has ruled that Law Enforcement Officials do need a Warrant to search an arrested person’s cell phone after they’ve been jailed.

Now U.S. Supreme Court has endorsed the approach of Texas Court. In Riley v. California, No. 13–132, 573 U. S. (2014) (PDF), the U.S. Supreme Court has held that the Police generally may not, without a warrant, search “Digital Information” on a cell phone seized from an individual who has been arrested. The Court further held that a warrantless search is reasonable only if it falls within a spe­cific exception to the Fourth Amendment’s warrant requirement. A search incident to arrest must be limited to the area within the arrestee’s immediate control, where it is justified by the interests in officer safety and in preventing evidence destruc­tion.

The U.S. Supreme Court declined to extend the categorical rule laid down by United States v. Robinson, 414 U. S. 218 decision to searches of data stored on cell phones. It observed that the Court generally determines whether to ex­empt a given type of search from the warrant requirement “by as­sessing, on the one hand, the degree to which it intrudes upon an in­dividual’s Privacy and, on the other, the degree to which it is needed for the promotion of Legitimate Governmental Interests”. That balance of interests supported the search incident to arrest exception in Robinson. But a search of digital information on a cell phone does not further the government interests identified in Chimel v. California, 395 U. S. 752 and implicates substantially greater individual Privacy interests than a brief physical search. Thus, the digital data stored on cell phones does not present either Chimel risk.

The Court further held that digital data stored on a cell phone cannot itself be used as a weapon to harm an arresting officer or to effectuate the arrestee’s es­cape. Officers may examine the phone’s physical aspects to ensure that it will not be used as a weapon, but the data on the phone can endanger no one. To the extent that a search of cell phone data might warn officers of an impending danger, e.g., that the arrestee’s confederates are headed to the scene, such a concern is better ad­dressed through consideration of case-specific exceptions to the war­rant requirement, such as exigent circumstances.

The United States and California raise concerns about the destruction of evidence, arguing that, even if the cell phone is physi­cally secure, information on the cell phone remains vulnerable to re­mote wiping and data encryption. The Court did not agree with those arguments and held that as an initial matter, those broad concerns are distinct from Chimel’s focus on a defendant who re­sponds to arrest by trying to conceal or destroy evidence within his reach. The briefing also gives little indication that either problem is prevalent or that the opportunity to perform a search incident to ar­rest would be an effective solution. And, at least as to remote wiping, law enforcement currently has some technologies of its own for combating the loss of evidence. Finally, law enforcement’s remaining concerns in a particular case might be addressed by responding in a targeted manner to urgent threats of remote wiping or by taking action to disable a phone’s locking mechanism in order to secure the scene.

The Court held that a conclusion that inspecting the contents of an arrestee’s pockets works no substantial additional intrusion on Privacy beyond the arrest itself may make sense as applied to physical items, but more substantial privacy interests are at stake when digital data is involved. Cell phones differ in both a quantitative and a qualitative sense from other objects that might be carried on an arrestee’s per­son. Notably, modern cell phones have an immense storage capacity. Before cell phones, a search of a person was limited by physical reali­ties and generally constituted only a narrow intrusion on Privacy.

But cell phones can store millions of pages of text, thousands of pic­tures, or hundreds of videos. This has several interrelated privacy consequences. First, a cell phone collects in one place many distinct types of information that reveal much more in combination than any isolated record. Second, the phone’s capacity allows even just one type of information to convey far more than previously possible. Third, data on the phone can date back for years. In addition, an el­ement of pervasiveness characterizes cell phones but not physical records. A decade ago officers might have occasionally stumbled across a highly personal item such as a diary, but today many of the more than 90% of American adults who own cell phones keep on their person a digital record of nearly every aspect of their lives.

The scope of the Privacy interests at stake is further com­plicated by the fact that the data viewed on many modern cell phones may in fact be stored on a remote server. Thus, a search may extend well beyond papers and effects in the physical proximity of an ar­restee, a concern that the United States recognizes but cannot defini­tively foreclose. Thus, the fallback options offered by the United States and California are flawed and contravene this Court’s (See Michigan v. Summers, 452 U. S. 692, 705, n. 19) general preference to provide clear guidance to law enforcement through categorical rules.

One possible rule is to import the Gant standard from the vehicle context and allow a warrantless search of an arrestee’s cell phone whenever it is reason­able to believe that the phone contains evidence of the crime of ar­rest. That proposal is not appropriate in this context, and would prove no practical limit at all when it comes to cell phone searches. Another possible rule is to restrict the scope of a cell phone search to information relevant to the crime, the arrestee’s identity, or officer safety. That proposal would again impose few meaningful con­straints on officers. Finally, California suggests an analogue rule, under which officers could search cell phone data if they could have obtained the same information from a pre-digital counterpart. That proposal would allow law enforcement to search a broad range of items contained on a phone even though people would be unlikely to carry such a variety of information in physical form, and would launch Courts on a difficult line-drawing expedition to determine which digital files are comparable to physical records.

U.S. Supreme Court also acknowledged that it is true that this decision will have some impact on the ability of Law Enforcement to combat crime. But the Court’s holding is not that the information on a cell phone is immune from search; it is that a warrant is generally required before a search. The warrant re­quirement is an important component of the Court’s Fourth Amend­ment jurisprudence, and warrants may be obtained with increasing efficiency. In addition, although the search incident to arrest excep­tion does not apply to cell phones, the continued availability of the ex­igent circumstances exception may give law enforcement a justifica­tion for a warrantless search in particular cases.

Are India And United States Collaborating On Illegal And Unconstitutional E-Surveillance And Eavesdropping?

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW AND CEO OF PTLBCivil Liberties Protection in Cyberspace is a complicated techno legal field that requires a techno legal orientation and framework. Neither technological nor legal method alone is sufficient to manage Civil Liberties issues in Cyberspace. Conflict of Laws in Cyberspace adds further complications and techno legal challenges for various stakeholders. As a result, the approach towards Civil Liberties and Conflict of Laws in Cyberspace is largely “Territorial and National” in nature.

This has given a wide range of “Options for E-Surveillance” and “Illegal Searches” that is otherwise not possible in a “Constitution bound Nation”. For instance, James Clapper has confirmed that NSA has been targeting foreign Citizens for Surveillance. Similarly, many believe that NSA has been doing E-Surveillance and Eavesdropping through Utah Data Center though it is denied by the NSA. Similarly, NSA has also been using Radio Waves and Malware to indulge in Unconstitutional and Illegal E-Surveillance around the World. If this is not enough, Anti Virus Updates are being used as a potential tool to install Malware, steal information and launch Cyber Warfare Attacks. These activities have serious Civil Liberties implications that are also “Teasing and Testing” the Constitutional Safeguards and Protections.

It is not at all possible to indulge in “Global E-Surveillance and Eavesdropping” till other Nations approve the same. For instance, FinFisher is a Global Electronic Spying, E-Surveillance and Eavesdropping Malware. The Command and Control Servers for FinFisher were found in 36 Countries including India. Similarly, Vodafone has confirmed existence of “Secret Wires” for Government E-Surveillance and Eavesdropping Worldwide, including in India. The Department of Telecommunication (DOT) has already ordered an Investigation in this regard but the same is just a tactics to ward off criticism of blatant and endemic E-Surveillance activities of India.

There are “Strong Reasons to Believe” that India and United States are “Collaborating” on Illegal and Unconstitutional E-Surveillance and Eavesdropping on a “Mutually Beneficial Basis”. This is happening with great disregard to the Constitutions of India and United States. There is an urgent need to “Investigate” about this “Unholy Nexus” between India and United States that is striking at the very root of Civil Liberties Protection in Cyberspace.

Intelligence agencies of India are working in a condition that required immediate Parliamentary Oversight and Intelligence Reforms in India.  The Intelligence Infrastructure of India needed Transparency and Strengthening in these circumstances. However, Congress Government was not interested in bringing such reforms and it kept on violating the Civil Liberties of Indians in a blatant manner.

Till now there is no “Public Report” of the investigation made by DOT against the Vodafone’s allegations. In fact, the Narendra Modi Government has still not cleared its stand regarding “Illegal and Unconstitutional Projects” like Central Monitoring System (CMS) Project of India and Internet Spy System Network and Traffic Analysis System (NETRA) of India. In these circumstances, it is safe to presume that the Modi Government would continue with the Illegal and Unconstitutional E-Surveillance activities of the Congress led Government.

The proposed National Telecom Policy of India 2014 is also “Silent” on Protection of Civil Liberties in Cyberspace and Illegal E-Surveillance and Eavesdropping. In fact, it is “Neither Balance nor Constitutional” as on date. The Narendra Modi Government must ensure Privacy to Indians on a priority basis. This must be done by formulating and enacting a dedicated Privacy Law of India as soon as possible. The Parliamentary Committee has already slammed Indian Government for Poor Privacy Laws in India.

There are many problems that Modi Government would face while ensuring Privacy to Indians. We have no E-Surveillance Policy (PDF) and Encryption Policy (PDF) in India. We have no dedicated Data Protection and Privacy Laws in India (PDF). We have Draconian and Colonial Laws like Cyber Law and Telegraph Law that deserve immediate repeal. We have Bad Cyber Security Conditions (PDF) and a missing Telecom Security Policy of India. This would raise serious Cyber Security Challenges before the Modi Government in near future and would adversely impact the Privacy Rights of Indians in the Cyberspace.

Whatever the case may be, we need to ensure Civil Liberty Protection in Cyberspace for Indian Citizens “At All Costs and By All Means”. The digital life of Indian Citizens is not at all safe and is open to various forms of E-Surveillance and Eavesdropping. In the absence of support form Indian Government, Self Defence is the only viable option left before Indian Citizens to safeguard their digital lives. The initiatives titled PRISM Break and Reset the Net are worth exploring in this regard as a “Starting Point”.

SEBI Plans To Form Office Of International Affairs (OIA) For Surveillance And Information Sharing

SEBI Plans To Form Office Of International Affairs (OIA) For Surveillance And Information SharingThe Securities and Exchange Board of India (SEBI) has been trying to increase its regulatory powers for long. Initially, SEBI was able to acquire the power to monitor investor’s call records and conduct searches at companies suspected of wrongdoing. Now SEBI is contemplating forming of an office of international affairs (OIA) for surveillance and information sharing purposes.

Information and communication technology (ICT) is increasingly being used for business and other purposes. This results in spreading of relevant information in different parts of the world. In the absence of international cooperation, regulators and law enforcement agencies cannot investigate frauds and crimes effectively. Naturally, SEBI has to coordinate with its international counterparts for effective investigation of security related matters.

SEBI has constituted a full-fledged “International Affairs” team and is also working on a “comprehensive study” to understand the surveillance mechanism of regulators in developed markets like the US, UK, Australia and Hong Kong. The study would include analysis of foreign regulators’ “surveillance infrastructure and techniques to decipher patterns in the trading, formation of associations between entities and gathering of market intelligence including linkage of price volume pattern to market information”. Further, the best practices followed in developed markets relating to surveillance of algorithmic and high-frequency trading, which uses latest technology to execute trades in milli-seconds, would also be looked into.

The office of international affairs (OIA) at SEBI would act as a central facilitation cell for overseas entities having regulatory issues and concerns relating to Indian securities market. In appropriate cases, OIA will seek to flag and coordinate such issues with relevant departments within SEBI. Similarly, securities market participants from India may request OIA for regulatory assistance. The OIA is also tasked with keeping SEBI abreast of global developments, so that necessary steps can be taken by it while introducing and implementing regulatory measures.

While this is a good step in the right direction yet SEBI has to take care of many techno legal issues in this regard. For instance, SEBI has to comply with privacy laws, data protection requirements (PDF), cyber law due diligence (PDF), cyber security requirements,  etc. These regulatory requirements are not clear and this may create trouble for SEBI in the long run. There is an urgent need that Narendra Modi government must ensure privacy to Indians. The e-surveillance policy (PDF) must also be formulated as soon as possible.

Narendra Modi Government Must Ensure Privacy To Indians

Narendra Modi Government Must Ensure Privacy To IndiansPrivacy rights in India have always being ignored by the Congress led government. This was done deliberately and with a sinister purpose to facilitate endemic e-surveillance in India. The Congress led government force e-surveillance projects like central monitoring system (CMS), network and traffic analysis system (NETRA), Aadhaar, national intelligence grid (Natgrid), etc without any procedural safeguards and parliamentary oversight.

Intelligence agencies of India were working in a condition that required immediate parliamentary oversight and intelligence reforms in India.  The intelligence infrastructure of India needed transparency and strengthening in these circumstances. However, Congress government was not interested in bringing such reforms and it kept on violating the civil liberties of Indians in a blatant manner.

The Congress led government was also not interested in formulating suitable privacy laws for India. On the other hand, it was more interested in removing any sort of privacy protection. The Congress government kept on deferring enactment of a dedicated privacy law for India despite suggestions form many committees and experts. The natural question is can Narendra Modi government ensure privacy to Indians?

There are many problems that Modi government would face while ensuring privacy to Indians. We have no e-surveillance policy (PDF) and encryption policy (PDF) in India. We have no dedicated data protection and privacy laws in India (PDF). We have draconian and colonial laws like cyber law and telegraph law that deserve immediate repeal. We have bad cyber security conditions (PDF) and a missing telecom security policy of India. This would raise serious cyber security challenges before the Modi government in near future and would adversely impact the privacy rights of Indians in the cyberspace.

Recently telecom company Vodafone revealed that governments across the world, including India, have been using secret wires to indulge in e-surveillance upon its citizens. The Department of Telecommunication (DoT) is already investigating this issue but till a public report is issued by it very soon, the entire exercise would be time gaining exercise only.

It is high time for Modi government to take some serious steps in the direction of protecting the privacy rights of Indian citizens. Whatever the case may be, we need to ensure civil liberty protection in cyberspace for Indian citizens “At All Costs and By All Means”. The digital life of Indian citizens is not at all safe and is open to various forms of e-surveillance, eavesdropping and phone tapping. Even the very own national identity cards projects of Modi government has serious privacy and constitutional issues as per experts.

In the absence of support form Indian government, self defence is the only viable option left before Indian citizens to safeguard their digital lives. The initiatives titled PRISM Break and Reset the Net are worth exploring in this regard as a “starting point”.

National Population Register (NPR) Would Recognise Citizens Alone For Issuance Of National Identity Cards In India

National Population Register (NPR) Would Recognise Citizens Alone For Issuance Of National Identity Cards In IndiaThe demise of aadhaar number was very obvious as it was a pure illegal and unconstitutional project. The Narendra Modi led government was left with limited options regarding the Aadhaar project and its scrapping was the top choice for it. Now hints have been given by the central government that Aadhaar project may be scrapped ultimately.

However, in order to achieve this task, the central government needs to strengthen its own pet project i.e. National Population Register (NPR). Working in this direction, the home ministry of India has asked the Registrar General of India (RGI) to identify the “citizens” and “non-citizens” while preparing the NPR. The NPR authorities will undertake a door-to-door verification exercise across the country in this regard.

The citizens’ register, to be called the National Register of Indian Citizens, will serve as the database for national identity cards carrying a unique national identity number for each citizen of the country, besides other identification fields. A list of 19 documents – including birth certificate, death certificate, land records, school records – have been identified for proof of citizenship. Regarding non-citizen residents of the country, there is a proposal to issue them resident identity cards, which will be of a colour different from the national identity cards held by citizens.

The Aadhaar project was suffering from a major setback in the sense that it issued numbers/cards to even non citizens and illegal migrants in India. This was resulting in granting of benefits of public welfare schemes to even those who were not entitled to the same.

Sources in the government indicated that UIDAI, which administers the Aadhar scheme, may soon see its role diminished due to de-duplication, even as NPR focuses on biometrics collection. The government will also take a call on whether the existing Aadhar database is to be handed over to the NPR authorities, which may then carry out address verification in line with its security norms.

However, the NPR exercise has its own “Demerits and Constitutional Issues” and they must be resolved first. Simply merging of Aadhaar and NPR biometric data is not a sensible option according to Praveen Dalal. More detailed and constitutional analysis of NPR and national identity cards would be provided by Praveen Dalal very soon.