October 28, 2021

Is Pegasus a national security threat?

The Pegasus surveillance software today represents a new advanced layer of spyware intelligence. It is different from earlier instances of phone tapping as Pegasus software allows injection of the spyware in targeting mobile phones through non-click methodologies. Hence, it represents a sophisticated level of today’s mechanisms of how monitoring through spyware can be effectively enforced.

The Pegasus controversy has actually thrown up some very interesting cyber legal questions. This is a classical case of spyware that has led to monitoring and interception.

This software has been subscribed to by various governmental agencies across the world. This is so because a number of countries across the world do not have cyber security laws to deal with technological advancements in surveillance techniques. Most of the countries have in place the traditional cyberlaws which are more focused on promoting electronic format and the electronic commerce.

Only a handful of countries across the world have dedicated cyber security laws including China, Vietnam, Singapore to name a few.

Coming to the Indian context, one needs to quickly realize that India does not have any dedicated cyber security law. The Indian Cyberlaw being the Information Technology Act, 2000 is primarily a twenty one-years old legislation which got amended only once in the year 2008. Since there have been massive technological advancements in surveillance techniques over the last one decade, it is clear that the existing legal frameworks are not adequate to deal with advanced surveillance technologies and their newly evolved manifestations.

As of now, the only law applicable to such a mechanism is the Information Technology Act, 2000.  Section 69 of the Information Technology Act, 2000 deals with lawful interception. This law allows legal interception by the Central Government only in the interests of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence.

The said interception has to follow the lawful interception process including following the requirements of the Information Technology. (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009.

It is important to note that the legal frameworks on interception in our country were laid back in the year 2000 and do not have adequate resources to deal with current technological advancements in surveillance techniques. As of now, in India, spyware is illegal. This is so because spyware does such activities which constitute cybercrimes under Section 66 read with Section 43 of the Information Technology Act, 2000.

Spyware also does activities which qualify as cybercrime under Section 66B of the Information Technology Act, 2000 dealing with stolen computer resources.Further, spyware also attract various provisions of the Indian Penal Code, 1860.In this context, the way going forward clearly is that lot of work needs to be done to ensure that illegal surveillance does not become the norm of the day.As of now, individuals dissenting against the Government are pretty vulnerable to such surveillance. Further, surveillance is now becoming a legitimate tool in the hands of the Governments in today’s context. Hence, it is all the more necessary that the Indian Cyberlaw needs to be amended to make appropriate checks and balances on the misuse of surveillance technologies for interception purposes. Even the parameters for lawful interception under Section 69 of the Information Technology Act, 2000 are pretty broad.

Given the new technological advancements in surveillance techniques, it becomes even more necessary for inserting appropriate checks and balances under the current provisions of Section 69 of the Information Technology Act, 2000. The Information Technology Act, 2000 needs to be appropriately amended in this regard. Further, India also needs to have a dedicated cyber security law which can actually prevent the misuse of such technological advancements in surveillance techniques.

There is no denying the fact that interception and monitoring are important tools for the Government. However, the massive powers given to the Central Government for interception under Section 69 of the Information Technology Act, 2000 need to be read down. This is imperative to ensure that the Government of the day does not have the right to employ such surveillance techniques that do not serve any real purpose besides targeting opponents.

Further, the Government will have to wary while using such technologies like spyware based on interception and surveillance and monitoring as those technologies are distinctly illegal under the Indian Cyberlaw.

The said spyware technologies will continue to be illegal till such time, the Indian Cyberlaw is not amended and till such a new legislative framework does not come forward.

Given that today’s new surveillance techniques are extremely advanced and sophisticated, it is not even possible to explore all the scenarios of misuse of such surveillance techniques. Hence, it becomes all the more imperative that there needs to be appropriate checks and balances explicitly spelt out in law.

The Pegasus controversy is an event that has shaken all stakeholders who tend to take the internet and cyber security for granted.

This episode needs to be a wakeup call for all digital ecosystem stakeholders to come out from their deep slumber and to come up with more updated and appropriate strategies to deal with the constant challenges thrown up by the surveillance technologies and increasing cyber security breaches.

Time has come where not only an appropriate cyber legal frameworks needs to be amended and updated to limit the potential misuse of such surveillance technologies but also there exists a distinct need to strengthen the hands of the digital users in terms of effectively protecting their digital rights and liberties.

Hence, countries like India need to take more holistic perspectives on how to prevent cyber security breaches and also to prevent the unauthorised misuse of surveillance and interception.

Aishwarya Says:

I have always been against Glorifying Over Work and therefore, in the year 2021, I have decided to launch this campaign “Balancing Life”and talk about this wrong practice, that we have been following since last few years. I will be talking to and interviewing around 1 lakh people in the coming 2021 and publish their interview regarding their opinion on glamourising Over Work.

If you are interested in participating in the same, do let me know.

Do follow me on FacebookTwitter  Youtube and Instagram.

The copyright of this Article belongs exclusively to Ms. Aishwarya Sandeep. Reproduction of the same, without permission will amount to Copyright Infringement. Appropriate Legal Action under the Indian Laws will be taken.

If you would also like to contribute to my website, then do share your articles or poems at adv.aishwaryasandeep@gmail.com

We also have a Facebook Group Restarter Moms for Mothers or Women who would like to rejoin their careers post a career break or women who are enterpreneurs.

We are also running a series Inspirational Women from January 2021 to March 31,2021, featuring around 1000 stories about Indian Women, who changed the world. #choosetochallenge

Featured articles
Quiz for AIBE and Mumbai University students preparation
Non Disclosure Agreement
Music and IPR in BOLLYWOOD
Drafting for a Bollywood Movie
Documentations required for web series – notes
IPR QUIZ

Related articles

All articles
Cyber Bullying

This article has been written by Ms. Muskan Chugh, a student studying Ll.B. from Department of Laws, Panjab University, Chandigarh.…

Read article