Monthly Archives: June 2014

Riley v. California, No. 13–132, 573 U. S. (2014)- U.S. Supreme Court’s Case On Search Of Cell Phone Of An Arrested Person Without Warrant

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW AND CEO OF PTLBUnited State has been struggling hard to deal with issues of E-Surveillance and Eavesdropping for long.  The truth is that many of the E-Surveillance Programs of U.S. are “Simply Unconstitutional” and they cannot pass the test of Constitutionality. Telephone Tapping and Surveillance are on top priority of U.S. Law Enforcement and Intelligence Agencies. In fact, U.S. Government sought an order from FISA Court for extended storage of telephone metadata and call records.

After Edward Snowden’s revelations, even the White House has limited and difficult options to restructure National Security Agency’s phone surveillance program. Meanwhile, U.S. Courts have started strengthening Privacy Rights of U.S. citizens’ vis-à-vis their cell phones. For instance, the Massachusetts Supreme Judicial Court has ruled that phone users have Reasonable Expectation of Privacy. Similarly, the Texas Appeals Court has ruled that Law Enforcement Officials do need a Warrant to search an arrested person’s cell phone after they’ve been jailed.

Now U.S. Supreme Court has endorsed the approach of Texas Court. In Riley v. California, No. 13–132, 573 U. S. (2014) (PDF), the U.S. Supreme Court has held that the Police generally may not, without a warrant, search “Digital Information” on a cell phone seized from an individual who has been arrested. The Court further held that a warrantless search is reasonable only if it falls within a spe­cific exception to the Fourth Amendment’s warrant requirement. A search incident to arrest must be limited to the area within the arrestee’s immediate control, where it is justified by the interests in officer safety and in preventing evidence destruc­tion.

The U.S. Supreme Court declined to extend the categorical rule laid down by United States v. Robinson, 414 U. S. 218 decision to searches of data stored on cell phones. It observed that the Court generally determines whether to ex­empt a given type of search from the warrant requirement “by as­sessing, on the one hand, the degree to which it intrudes upon an in­dividual’s Privacy and, on the other, the degree to which it is needed for the promotion of Legitimate Governmental Interests”. That balance of interests supported the search incident to arrest exception in Robinson. But a search of digital information on a cell phone does not further the government interests identified in Chimel v. California, 395 U. S. 752 and implicates substantially greater individual Privacy interests than a brief physical search. Thus, the digital data stored on cell phones does not present either Chimel risk.

The Court further held that digital data stored on a cell phone cannot itself be used as a weapon to harm an arresting officer or to effectuate the arrestee’s es­cape. Officers may examine the phone’s physical aspects to ensure that it will not be used as a weapon, but the data on the phone can endanger no one. To the extent that a search of cell phone data might warn officers of an impending danger, e.g., that the arrestee’s confederates are headed to the scene, such a concern is better ad­dressed through consideration of case-specific exceptions to the war­rant requirement, such as exigent circumstances.

The United States and California raise concerns about the destruction of evidence, arguing that, even if the cell phone is physi­cally secure, information on the cell phone remains vulnerable to re­mote wiping and data encryption. The Court did not agree with those arguments and held that as an initial matter, those broad concerns are distinct from Chimel’s focus on a defendant who re­sponds to arrest by trying to conceal or destroy evidence within his reach. The briefing also gives little indication that either problem is prevalent or that the opportunity to perform a search incident to ar­rest would be an effective solution. And, at least as to remote wiping, law enforcement currently has some technologies of its own for combating the loss of evidence. Finally, law enforcement’s remaining concerns in a particular case might be addressed by responding in a targeted manner to urgent threats of remote wiping or by taking action to disable a phone’s locking mechanism in order to secure the scene.

The Court held that a conclusion that inspecting the contents of an arrestee’s pockets works no substantial additional intrusion on Privacy beyond the arrest itself may make sense as applied to physical items, but more substantial privacy interests are at stake when digital data is involved. Cell phones differ in both a quantitative and a qualitative sense from other objects that might be carried on an arrestee’s per­son. Notably, modern cell phones have an immense storage capacity. Before cell phones, a search of a person was limited by physical reali­ties and generally constituted only a narrow intrusion on Privacy.

But cell phones can store millions of pages of text, thousands of pic­tures, or hundreds of videos. This has several interrelated privacy consequences. First, a cell phone collects in one place many distinct types of information that reveal much more in combination than any isolated record. Second, the phone’s capacity allows even just one type of information to convey far more than previously possible. Third, data on the phone can date back for years. In addition, an el­ement of pervasiveness characterizes cell phones but not physical records. A decade ago officers might have occasionally stumbled across a highly personal item such as a diary, but today many of the more than 90% of American adults who own cell phones keep on their person a digital record of nearly every aspect of their lives.

The scope of the Privacy interests at stake is further com­plicated by the fact that the data viewed on many modern cell phones may in fact be stored on a remote server. Thus, a search may extend well beyond papers and effects in the physical proximity of an ar­restee, a concern that the United States recognizes but cannot defini­tively foreclose. Thus, the fallback options offered by the United States and California are flawed and contravene this Court’s (See Michigan v. Summers, 452 U. S. 692, 705, n. 19) general preference to provide clear guidance to law enforcement through categorical rules.

One possible rule is to import the Gant standard from the vehicle context and allow a warrantless search of an arrestee’s cell phone whenever it is reason­able to believe that the phone contains evidence of the crime of ar­rest. That proposal is not appropriate in this context, and would prove no practical limit at all when it comes to cell phone searches. Another possible rule is to restrict the scope of a cell phone search to information relevant to the crime, the arrestee’s identity, or officer safety. That proposal would again impose few meaningful con­straints on officers. Finally, California suggests an analogue rule, under which officers could search cell phone data if they could have obtained the same information from a pre-digital counterpart. That proposal would allow law enforcement to search a broad range of items contained on a phone even though people would be unlikely to carry such a variety of information in physical form, and would launch Courts on a difficult line-drawing expedition to determine which digital files are comparable to physical records.

U.S. Supreme Court also acknowledged that it is true that this decision will have some impact on the ability of Law Enforcement to combat crime. But the Court’s holding is not that the information on a cell phone is immune from search; it is that a warrant is generally required before a search. The warrant re­quirement is an important component of the Court’s Fourth Amend­ment jurisprudence, and warrants may be obtained with increasing efficiency. In addition, although the search incident to arrest excep­tion does not apply to cell phones, the continued availability of the ex­igent circumstances exception may give law enforcement a justifica­tion for a warrantless search in particular cases.

Are India And United States Collaborating On Illegal And Unconstitutional E-Surveillance And Eavesdropping?

PRAVEEN DALAL MANAGING PARTNER OF PERRY4LAW AND CEO OF PTLBCivil Liberties Protection in Cyberspace is a complicated techno legal field that requires a techno legal orientation and framework. Neither technological nor legal method alone is sufficient to manage Civil Liberties issues in Cyberspace. Conflict of Laws in Cyberspace adds further complications and techno legal challenges for various stakeholders. As a result, the approach towards Civil Liberties and Conflict of Laws in Cyberspace is largely “Territorial and National” in nature.

This has given a wide range of “Options for E-Surveillance” and “Illegal Searches” that is otherwise not possible in a “Constitution bound Nation”. For instance, James Clapper has confirmed that NSA has been targeting foreign Citizens for Surveillance. Similarly, many believe that NSA has been doing E-Surveillance and Eavesdropping through Utah Data Center though it is denied by the NSA. Similarly, NSA has also been using Radio Waves and Malware to indulge in Unconstitutional and Illegal E-Surveillance around the World. If this is not enough, Anti Virus Updates are being used as a potential tool to install Malware, steal information and launch Cyber Warfare Attacks. These activities have serious Civil Liberties implications that are also “Teasing and Testing” the Constitutional Safeguards and Protections.

It is not at all possible to indulge in “Global E-Surveillance and Eavesdropping” till other Nations approve the same. For instance, FinFisher is a Global Electronic Spying, E-Surveillance and Eavesdropping Malware. The Command and Control Servers for FinFisher were found in 36 Countries including India. Similarly, Vodafone has confirmed existence of “Secret Wires” for Government E-Surveillance and Eavesdropping Worldwide, including in India. The Department of Telecommunication (DOT) has already ordered an Investigation in this regard but the same is just a tactics to ward off criticism of blatant and endemic E-Surveillance activities of India.

There are “Strong Reasons to Believe” that India and United States are “Collaborating” on Illegal and Unconstitutional E-Surveillance and Eavesdropping on a “Mutually Beneficial Basis”. This is happening with great disregard to the Constitutions of India and United States. There is an urgent need to “Investigate” about this “Unholy Nexus” between India and United States that is striking at the very root of Civil Liberties Protection in Cyberspace.

Intelligence agencies of India are working in a condition that required immediate Parliamentary Oversight and Intelligence Reforms in India.  The Intelligence Infrastructure of India needed Transparency and Strengthening in these circumstances. However, Congress Government was not interested in bringing such reforms and it kept on violating the Civil Liberties of Indians in a blatant manner.

Till now there is no “Public Report” of the investigation made by DOT against the Vodafone’s allegations. In fact, the Narendra Modi Government has still not cleared its stand regarding “Illegal and Unconstitutional Projects” like Central Monitoring System (CMS) Project of India and Internet Spy System Network and Traffic Analysis System (NETRA) of India. In these circumstances, it is safe to presume that the Modi Government would continue with the Illegal and Unconstitutional E-Surveillance activities of the Congress led Government.

The proposed National Telecom Policy of India 2014 is also “Silent” on Protection of Civil Liberties in Cyberspace and Illegal E-Surveillance and Eavesdropping. In fact, it is “Neither Balance nor Constitutional” as on date. The Narendra Modi Government must ensure Privacy to Indians on a priority basis. This must be done by formulating and enacting a dedicated Privacy Law of India as soon as possible. The Parliamentary Committee has already slammed Indian Government for Poor Privacy Laws in India.

There are many problems that Modi Government would face while ensuring Privacy to Indians. We have no E-Surveillance Policy (PDF) and Encryption Policy (PDF) in India. We have no dedicated Data Protection and Privacy Laws in India (PDF). We have Draconian and Colonial Laws like Cyber Law and Telegraph Law that deserve immediate repeal. We have Bad Cyber Security Conditions (PDF) and a missing Telecom Security Policy of India. This would raise serious Cyber Security Challenges before the Modi Government in near future and would adversely impact the Privacy Rights of Indians in the Cyberspace.

Whatever the case may be, we need to ensure Civil Liberty Protection in Cyberspace for Indian Citizens “At All Costs and By All Means”. The digital life of Indian Citizens is not at all safe and is open to various forms of E-Surveillance and Eavesdropping. In the absence of support form Indian Government, Self Defence is the only viable option left before Indian Citizens to safeguard their digital lives. The initiatives titled PRISM Break and Reset the Net are worth exploring in this regard as a “Starting Point”.

SEBI Plans To Form Office Of International Affairs (OIA) For Surveillance And Information Sharing

SEBI Plans To Form Office Of International Affairs (OIA) For Surveillance And Information SharingThe Securities and Exchange Board of India (SEBI) has been trying to increase its regulatory powers for long. Initially, SEBI was able to acquire the power to monitor investor’s call records and conduct searches at companies suspected of wrongdoing. Now SEBI is contemplating forming of an office of international affairs (OIA) for surveillance and information sharing purposes.

Information and communication technology (ICT) is increasingly being used for business and other purposes. This results in spreading of relevant information in different parts of the world. In the absence of international cooperation, regulators and law enforcement agencies cannot investigate frauds and crimes effectively. Naturally, SEBI has to coordinate with its international counterparts for effective investigation of security related matters.

SEBI has constituted a full-fledged “International Affairs” team and is also working on a “comprehensive study” to understand the surveillance mechanism of regulators in developed markets like the US, UK, Australia and Hong Kong. The study would include analysis of foreign regulators’ “surveillance infrastructure and techniques to decipher patterns in the trading, formation of associations between entities and gathering of market intelligence including linkage of price volume pattern to market information”. Further, the best practices followed in developed markets relating to surveillance of algorithmic and high-frequency trading, which uses latest technology to execute trades in milli-seconds, would also be looked into.

The office of international affairs (OIA) at SEBI would act as a central facilitation cell for overseas entities having regulatory issues and concerns relating to Indian securities market. In appropriate cases, OIA will seek to flag and coordinate such issues with relevant departments within SEBI. Similarly, securities market participants from India may request OIA for regulatory assistance. The OIA is also tasked with keeping SEBI abreast of global developments, so that necessary steps can be taken by it while introducing and implementing regulatory measures.

While this is a good step in the right direction yet SEBI has to take care of many techno legal issues in this regard. For instance, SEBI has to comply with privacy laws, data protection requirements (PDF), cyber law due diligence (PDF), cyber security requirements,  etc. These regulatory requirements are not clear and this may create trouble for SEBI in the long run. There is an urgent need that Narendra Modi government must ensure privacy to Indians. The e-surveillance policy (PDF) must also be formulated as soon as possible.

Narendra Modi Government Must Ensure Privacy To Indians

Narendra Modi Government Must Ensure Privacy To IndiansPrivacy rights in India have always being ignored by the Congress led government. This was done deliberately and with a sinister purpose to facilitate endemic e-surveillance in India. The Congress led government force e-surveillance projects like central monitoring system (CMS), network and traffic analysis system (NETRA), Aadhaar, national intelligence grid (Natgrid), etc without any procedural safeguards and parliamentary oversight.

Intelligence agencies of India were working in a condition that required immediate parliamentary oversight and intelligence reforms in India.  The intelligence infrastructure of India needed transparency and strengthening in these circumstances. However, Congress government was not interested in bringing such reforms and it kept on violating the civil liberties of Indians in a blatant manner.

The Congress led government was also not interested in formulating suitable privacy laws for India. On the other hand, it was more interested in removing any sort of privacy protection. The Congress government kept on deferring enactment of a dedicated privacy law for India despite suggestions form many committees and experts. The natural question is can Narendra Modi government ensure privacy to Indians?

There are many problems that Modi government would face while ensuring privacy to Indians. We have no e-surveillance policy (PDF) and encryption policy (PDF) in India. We have no dedicated data protection and privacy laws in India (PDF). We have draconian and colonial laws like cyber law and telegraph law that deserve immediate repeal. We have bad cyber security conditions (PDF) and a missing telecom security policy of India. This would raise serious cyber security challenges before the Modi government in near future and would adversely impact the privacy rights of Indians in the cyberspace.

Recently telecom company Vodafone revealed that governments across the world, including India, have been using secret wires to indulge in e-surveillance upon its citizens. The Department of Telecommunication (DoT) is already investigating this issue but till a public report is issued by it very soon, the entire exercise would be time gaining exercise only.

It is high time for Modi government to take some serious steps in the direction of protecting the privacy rights of Indian citizens. Whatever the case may be, we need to ensure civil liberty protection in cyberspace for Indian citizens “At All Costs and By All Means”. The digital life of Indian citizens is not at all safe and is open to various forms of e-surveillance, eavesdropping and phone tapping. Even the very own national identity cards projects of Modi government has serious privacy and constitutional issues as per experts.

In the absence of support form Indian government, self defence is the only viable option left before Indian citizens to safeguard their digital lives. The initiatives titled PRISM Break and Reset the Net are worth exploring in this regard as a “starting point”.

National Population Register (NPR) Would Recognise Citizens Alone For Issuance Of National Identity Cards In India

National Population Register (NPR) Would Recognise Citizens Alone For Issuance Of National Identity Cards In IndiaThe demise of aadhaar number was very obvious as it was a pure illegal and unconstitutional project. The Narendra Modi led government was left with limited options regarding the Aadhaar project and its scrapping was the top choice for it. Now hints have been given by the central government that Aadhaar project may be scrapped ultimately.

However, in order to achieve this task, the central government needs to strengthen its own pet project i.e. National Population Register (NPR). Working in this direction, the home ministry of India has asked the Registrar General of India (RGI) to identify the “citizens” and “non-citizens” while preparing the NPR. The NPR authorities will undertake a door-to-door verification exercise across the country in this regard.

The citizens’ register, to be called the National Register of Indian Citizens, will serve as the database for national identity cards carrying a unique national identity number for each citizen of the country, besides other identification fields. A list of 19 documents – including birth certificate, death certificate, land records, school records – have been identified for proof of citizenship. Regarding non-citizen residents of the country, there is a proposal to issue them resident identity cards, which will be of a colour different from the national identity cards held by citizens.

The Aadhaar project was suffering from a major setback in the sense that it issued numbers/cards to even non citizens and illegal migrants in India. This was resulting in granting of benefits of public welfare schemes to even those who were not entitled to the same.

Sources in the government indicated that UIDAI, which administers the Aadhar scheme, may soon see its role diminished due to de-duplication, even as NPR focuses on biometrics collection. The government will also take a call on whether the existing Aadhar database is to be handed over to the NPR authorities, which may then carry out address verification in line with its security norms.

However, the NPR exercise has its own “Demerits and Constitutional Issues” and they must be resolved first. Simply merging of Aadhaar and NPR biometric data is not a sensible option according to Praveen Dalal. More detailed and constitutional analysis of NPR and national identity cards would be provided by Praveen Dalal very soon.

Himachal Pradesh Vigilance Bureau (VB) Would Recommend Action Against Officers Guilty Of Illegal Phone Tapping

Himachal Pradesh Vigilance Bureau (VB) Would Recommend Action Against Officers Guilty Of Illegal Phone TappingIllegal and unlawful telephone tapping in India has become a major nuisance. In the absence of a lawful interception law in India, telephone tapping is happening in an unregulated manner in India. There is a dire need to formulate dedicated privacy law and telephone tapping law of India as soon as possible in these circumstances. Law enforcement agencies are conducting e-surveillance and phone tapping without any parliamentary regulations and oversight.

Even intelligence agencies of India need parliamentary oversight so that there is a balance between the law enforcement and national security requirements on the one hand and civil liberties of Indians on the other. Similarly, the intelligence infrastructure of India needs transparency and strengthening.

It has now been reported that the Himachal Pradesh vigilance bureau (VB) would recommend action against some officials who have been suspected of departmental misdemeanor in the phone tapping case. The VB has already sought prosecution sanction against former DGP I D Bhandari in the phone tapping case.

Bhandari has already clarified that there was no telephone tapping or bugging under him during the BJP regime. However, a senior VB official, requesting anonymity, said that investigation found Bhandari responsible for illegal tapping of phones as records were not destroyed in the given time and copies of records were found stored in an almirah.

Sources said that vigilance officials in the draft chargesheet prepared in the case have also given clean chit to then inspector general (IG) of CID by describing him as a mere rubber stamp, who only signed letters but never stepped inside the technical cell where phones were being tapped. Sources, however, added that the IG could face departmental inquiry for not dispensing his duty properly.

Other junior-level officers who had tapped phones were not found involved in the crime on the ground that they only obeyed orders of then ADGP (CID) I D Bhandari. Officials said that as per the relevant Act, phone tapping could be ordered only by an IG-level officer or those above him.

Sources said that in some cases permission to tap phones was sought without furnishing complete details and on vague addresses. Officials claimed that investigation concluded that phones were tapped at the behest of then ADGP (CID) I D Bhandari. Sources said that as the home department had no direct role to play in it, neither the home secretary nor the then home minister were included in the chargesheet as nothing criminal was found on their part.

This is another incidence where phone tapping has been conducted in an illegal manner due to lax and illegal laws of India. Time has come to change these draconian and archaic laws as soon as possible.