The Indian Government has authorized ten security agencies the legal authority to intercept, monitor or decrypt information generated, transmitted, received or stored in any computer.
The order was approved by the Indian Ministry of Home Affairs on December 20 and is considered to be an expansion of India’s IT Act of 2000. This successfully gives the Indian government the authority to search on its citizens’ Internet traffic, and the legal rights to request access to any encrypted information.
Any individual or organizations that does not obey the rules or requests to intercept, monitor, or access citizens’ data are subjected to face up to seven years or imprisonment or a fine.
The ten agencies which have been authorized to intercept or request access to user data are as follows
- The Intelligence Bureau
- The Narcotics Control Bureau
- The Enforcement Directorate
- The Central Board of Direct Taxes
- The Directorate of Revenue Intelligence
- The Central Bureau of Investigation
- The National Investigation Agency
- The Cabinet Secretariat (R&AW)
- The Commissioner of Delhi Police, and
- The Directorate of Signal Intelligence (for service areas of Jammu & Kashmir, North-East, and Assam only)
This notification does not give any new powers to the agencies as they already have these powers and this statutory order issued has been framed in accordance of 2009. The new order makes sure that the interception, monitoring or decryption of any information is done according to the law.
This order however is not welcomed by the people and has ignited outrage among citizens, privacy watchdogs, and opposing political parties, who claimed that this order is going to be a stepping stone towards an Indian surveillance state.
However, the government officials stated that the order expanding India’s IT Act was needed for national security, to maintain public order, and to deal with foreign government interventions.
The Ministry of Home Affairs made a clarification regarding the issue explaining that any interception, monitoring, or data decryption will be “done as per due process of law” with approval from the Union Home Secretary. They also claimed that sufficient safeguards against abuse exist under both the IT and Telegraph Acts.
The government assured that every individual case will require prior approval of Home ministry or state government. The MHA has not delegated its powers to any law enforcement or security agency. The order is expected to be challenged in court as unconstitutional.