The Indian government has controversially empowered 10 agencies to intercept, decrypt and monitor data on any kind of computing device.
According to an executive order issued by the Union home ministry late on Thursday, the agencies have been authorised “for the purpose of interception, monitoring and decryption of any information generated, transmitted, received or stored in any computer resource under the said Act (section 69 of the IT Act, 2000).”
The 10 empowered agencies include the Intelligence Bureau, Narcotics Control Bureau, Enforcement Directorate, Central Board of Direct Taxes, Directorate of Revenue Intelligence, Central Bureau of Investigation, National Investigation Agency, Cabinet Secretariat (RAW), Directorate of Signal Intelligence (For service areas of Jammu & Kashmir, North-East and Assam only) and the office of the Commissioner of Police, Delhi.
As per the order, the person or organisation who is handling the computer resource is expected to cooperate fully, including providing technical expertise for the investigation, or face imprisonment up to seven years.
The order triggered an uproar among Opposition parties who accused the government of turning India into a surveillance state.
Union IT and law minister Ravi Shankar Prasad later said that the move was not aimed at mass surveillance but rather for the purpose of maintaining India's sovereign interests.
"The powers have been given to these agencies and has been made public because they will be held accountable," Prasad told CNN-News18.
He further clarified that all 10 agencies need to have prior permission from competent authorities such as the home secretary to proceed with an investigation.
"Think about agencies such as ISI and ISIS trying to infiltrate the country and trying to do harm. Should we let them operate freely?" he added.
Srinivas Katta, partner at law firm IndusLaw, said that at first glance, it seemed to be a case of overreaction.
"This is not mass surveillance at all. The powers that have been vested with the agencies can be used only in the context of Section 69 which deals with national security and sovereignty of the country,” Katta said. He added, however, that the Centre should have also issued proper guidelines to use these powers to prevent misuse.
When asked about how the announcement affects corporates, tech firms and service providers especially at a time when issues such as data privacy and data localisation are being debated, Katta said that the development is certain to widen the trust deficit with the government with the ease of business quotient coming down.