In late September 2015, the Indian government published an ill-conceived and poorly drafted national encryption policy which would have had severely detrimental impacts on privacy, freedom of speech, national security, foreign investment, and the regular business of the telecommunications and Internet industry in India. After public uproar and international ridicule, the policy was withdrawn on the eve of Prime Minister Modi’s visit to Silicon Valley to invite investment in his Digital India project. This post simply breaks down encryption and examines the motives and implications of the policy. Click the title to read more.
[Excerpt] Because of its disjointed development, the constitutional basis of the right to privacy in India remains muddy. Indian courts have yet to craft a privacy rights jurisprudence that responds to surveillance, morals-based denials of personal choices, and forcible collections of bodily information. There are wide gaps in the right to privacy through which the collection of biometric information for the Aadhar project could easily slip through, perhaps even be made compulsory.
[Summary] Because privacy enjoys an abundance of meanings, it is claimed in diverse situations every day by everyone against other people, society, and the state. Traditionally traced to classical liberalism’s public/private divide, there are now several theoretical conceptions of privacy that collaborate and sometimes contend. Indian privacy law is evolving in response to four types of privacy claims: against the press, against state surveillance, for decisional autonomy, and in relation to personal information. The Indian Supreme Court has selectively borrowed competing foreign privacy norms, primarily American, to create an unconvincing pastiche of privacy law in India. These developments are undermined by a lack of theoretical clarity and the continuing tension between individual freedoms and communitarian values.
Abstract: At the end of his latest movie, Superman flings down a surveillance drone. “You can’t control me,” he tells his military minder. This exchange goes to the crux of surveillance: control. Surveillance is the means by which nation-states exercise control over people. The USA and other western democracies have installed a comprehensive apparatus of surveillance, but these are accompanied by strong privacy laws and sophisticated criminal procedure. India seeks to replicate this without privacy laws, a reliable criminal justice system, or even technical know-how. For ordinary Indians whose privacy is besieged from abroad and within, the law offers no solace.
Abstract: The Central Monitoring System (CMS) is a project to automate wiretaps in India, which are currently conducted by private carriers. It is being undertaken without first resolving the potential invalidity of its parent statute. India’s wiretaps regime is set out in section 5(2) of the Telegraph Act and rule 419A of the Telegraph Rules. In 1996, in the first constitutional challenge to wiretaps, the Supreme Court found the wiretap provisions too invasive and prescribed fresh procedure. In 1968, the Law Commission noted that the wiretap provisions may be unconstitutional. While surveillance is a legitimate national function, it must be conducted within the law and with sufficient protection for privacy. Projects like the CMS usher a techno-utopian dream of PRISM-style mass surveillance without the actual ability to safely conduct it.