The Ministry of Home Affairs on Thursday issued an order, authorising 10 central agencies to monitor, intercept and decrypt information stored, transmitted and generated on any computer.
The 10 central agencies are the Intelligence Bureau, Narcotics Control Bureau, Enforcement Directorate, Central Board of Direct Taxes, Directorate of Revenue Intelligence, Central Bureau of Investigation, National Investigation Agency, Cabinet Secretariat (R&AW), Directorate of Signal Intelligence (For service areas of Jammu & Kashmir, North-East and Assam only) and Commissioner of Police, Delhi.
According to the order, the person-in-charge of the computer resource is bound to extend all facilities and technical assistance to the agencies and if fail to do so, will invite seven-year imprisonment and fine.
The order, signed by Union Home Secretary of Rajiv Gauba, gave the authorisation to under 69 (1) of the Information Technology Act, 2000.
Government officials familiar with the matter explained the Act and said it was brought to "define the procedure and safeguards for such interception. It also says that ‘no person shall carry out the interception or decryption of any information except by an order issued by the competent authority’".
The Act says the government can direct any agency after it is satisfied that it is necessary to protect the "sovereignty or integrity of India".
However, the order has not been taken on a positive note. After the order was issued, CPI(M) general secretary Sitaram Yechury hit out at the government and asked "why is every Indian being treated like a criminal?"
Raman Chima, an IT and law expert, told The Quint,
"It is especially troubling that instead of improving Indian surveillance standards and requiring judicial oversight over interception, the Ministry of Home Affairs has chosen to drastically loosen control over surveillance without any public consultation or discussion."
The officials said that it will prevent unauthorised use of these powers and a better compliance of existing provisions of law and rules.
"There are many cases of posting of unlawful material on social media platforms to incite violence, crimes and even threats to senior functionaries, including Chief justice of India," the officials said.
Ministry of Home Affairs, in a statement, said, "Rule 4 of the IT (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules 2009 provides that ‘the competent authority may authorise an agency of the Government to intercept, monitor or decrypt information generated, transmitted, received or stored in any computer resource for the purpose specified in sub-section (1) of Section 69 of the Act’."
It said, "The Statutory order (S.O.) dated 20.12.2018 has been issued in accordance with rules framed in year 2009 and in vogue since then. No new powers have been conferred to any of the security or law enforcement agencies by the S.O. dated 20.12.2018."
Notification has been issued to notify the ISPs, TSPs, Intermediaries etc, to codify the existing orders. It further said, "Each case of interception, monitoring, decryption is to be approved by the competent authority i.e. Union Home secretary. These powers are also available to the competent authority in the State governments as per IT (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules 2009."
As per rule 22 of the IT (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules 2009, all such cases of interception or monitoring or decryption are to be placed before the review committee headed by Cabinet Secretary, which shall meet at least once in two months to review such cases. In case of State governments, such cases are reviewed by a committee headed by the Chief Secretary concerned.
Home ministry further said, the order will help to ensure that any interception, monitoring or decryption of any information through any computer resource is done as per due process of law.
The notification will ensure that provisions of law relating to lawful interception or monitoring of computer resource are followed and if any interception, monitoring or decryption is required for purposes specified in Section 69 of the IT Act, the same is done as per due process of law and approval of competent authority i.e. Union Home Secretary, it said.