What is the State filtering? What is it blocking on the internet? What is it monitoring? What procedure is the Government putting in place to ensure transparency and accountability?
There is no transparency in India as to what the Government is blocking, censoring, filtering or monitoring. The lack of accountability on the part of the Government of India as well as the telecom and Internet Service Providers is a matter of concern which needs immediate attention. With the rise in block orders, surveillance orders and interception requests, it has become imperative to call for greater transparency as to such activities of the Government, which might be, more than often, inconsistent with the Constitution of India.
It is well within the right of the government to block, filter, monitor, and intercept communication or content, whenever there is a justifiable ground or reason to undertake such an act. But the Constitutional boundaries are sometimes blurred due to the failure on the part of the executive machinery to follow the procedures established by law for tapping phones or blocking websites.
The important question here is not whether such activities ought to be carried out by the Government or not but whether it should adopt a certain level of transparency while conducting such operations. The intrusive activities carried out by the State can be considered a violation of the fundamental right to privacy and free speech: that is a substantive question of law and can only be explored through a separate piece. However, it is also essential to explore the role of transparency in such a mechanism, as it is a prerequisite to privacy. Privacy in turn has an impact on freedom of speech as anonymity or the assurance that individuals will not be tracked down and persecuted for their expressions is an integral part of free speech.
Surveillance has rapidly increased in India in the last five years. Last year, replies to right to information (RTI) requests indicated that, on an average, 9000 interception orders are issued by the Government every month. Increasingly, law enforcement agencies are targeting users for downloading or uploading copyright protected material.
The Internet Service Providers (ISP) and the Telecom Service Providers (TSP) have a major role to play in the process of identifying the users involved in such activities. The ISP or TSP, in the past, has not only provided access to personal information to the law enforcement agencies but also to private companies which are hired by these law enforcing agencies. For example, the Kerala Police with the help of a private company ‘Jadoo Infotech’, was able to track down 1010 Internet users who had allegedly uploaded or downloaded the film ‘Bachelor Party’.
User data requests, communication data requests from the law enforcement agencies have become a daily affair for the service providers. In 2011, while hearing a case of illegal tapping, the Supreme Court asked the Counsel for Reliance Infocomm, “were such orders being issued regularly?” The Counsel replied, “On some days, there were as many as 100 requests”.
These requests or orders are generally under the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 (in short, “Interception Rules”) under Section 69 of the Information Technology Act, 2000 or Section 91 of the Criminal Procedure Code or Section 5(2) of the Indian Telegraph Rules, which give unbridled power to the police officers to request for information from the Internet intermediaries. There are certain checks and balances on these powers but those have faded away due to the clandestine manner in which these orders and directions are executed.
Under the Interception Rules, the intermediary or ISP is mandated to keep such requests/orders confidential, which implies that the law enforcement agencies have a free getaway card even if such requests are beyond the procedure established by law.
It may be argued that making such information public may hamper the ongoing investigations for which information is sought and may also pose a threat to national security. However, a possible solution is to release aggregated data instead of raw datasets. It may release data sets which indicate the interception orders or requests that were sent out under each law which allows surveillance, along with the reason for conducting such surveillance. For example, the government could release the data set for the number of interception orders issued for the purpose of protecting national security.
This function can be also undertaken by the ISPs because while Interception Rules and such law only prohibit the ISPs from revealing the original request, there is no law which restrains them from revealing aggregated data sets. A good example of this ‘best practice’ would be the Google Transparency Report which releases country-wise data on the basis of the types of requests they have received from the Government and the grounds for such requests. A similar practice can be adopted by the TSPs and ISPs in India.
Central Monitoring System
India is gradually turning into a Surveillance State, where interception and monitoring of communication is becoming the norm and not the exception. In PUCL v. Union of India (1996) the Supreme Court heavily criticized the Government for conducting indiscriminate surveillance and also noted there was a lack of ‘procedures and safeguards’ which would ensure the right to privacy of an individual. The court also issued guidelines for conducting surveillance.
The Government of India has been putting in place a Central Monitoring System (CMS). It has been in the works since August, 2011. The CMS would assist law enforcement agencies to conduct law interception and monitoring. The issue which is worrisome is that a machine would be running algorithms to filter and intercept communications which would completely bypass the procedures and safeguards which are in place by doing away with human discretion. Having a big brother like the CMS, is indeed heavily intrusive on an individual’s privacy but it may be justified to be lawful, in the name of national security.
Given that CMS is in the works and might have already been deployed, the pillars of transparency and accountability have to be further fortified and citizens should have the right to know what content is being blocked, filtered, intercepted or monitored.
Blocking and filtering of content online has grown over the past few years. There is no clear picture as to how many websites have been blocked in India. The leaked block orders and replies to a few RTI requests is all we can rely upon, which in fact does not really give a clear picture as to the number of websites which are blocked even as of today.
Some websites which had been blocked during public emergencies, such as the North East exodus from Bangalore still remain blocked, whereas other websites have been freed from the order. In the past, websites have been blocked without any notice being given to the user. When the user reaches a webpage which does not open and is inactive, s/he gets the perception that the website or the URL must be down, totally oblivious to the fact that it might have been blocked by a Government Agency.
Lack of notification and the lack of reasons do not only hamper due process of law but also violates the fundamental right to freedom of speech. It also violates the fundamental right to a remedy, as the aggrieved user who cannot access the webpage cannot approach the Court because there is no information: Who has blocked the content? Why has the content been blocked? Whom should the user approach for a remedy?
Again, the principle which has to be underlined here is ‘transparency’. With transparency, it would be possible to hold the State accountable for blocking of websites and filtering of content and the issue can be contested in Court.
A move towards accountability and transparency with respect to State action in the context of surveillance and censorship is therefore critical and would go a long way in maintaining the sanctity of our Constitution and the democracy.