In the 18th century, one of the social theorists, Jeremy Bentham, developed the concept of panopticon, which brought in an institutional design to establish control. While this shows that surveillance of any form is not a new phenomenon, recent technological developments have completely changed the surveillance architecture. It has paved the way for the development of surveillance tools that are more intrusive and damaging to our democratic safeguards.
In addition to targeted surveillance (which was debated as part of the Pegasus snoopgate controversy 1 , other forms of surveillance such as mass and lateral surveillance are performed in India, which equally curb the right to privacy and freedom of expression.
Surveillance as a craft has a long-standing history, with various social theorists contributing over time; thus, this article will explore recent developments in India regarding various forms of surveillance that call for robust reform.
In India, the State and non-State actors have been using various digital panoptican tools such as artificial intelligence, facial recognition, CCTV cameras, integrated database systems, social media analytics, etc., to monitor and surveil.
Recently, India bagged a couple of top ranks in the Forbes list of most surveilled cities globally, where Delhi stood at rank one. While Delhi CM alluded to Forbes recognition, this would have a chilling effect on privacy and freedom of expression without surveillance reform. In addition, CCTV cameras equipped with other AI-based technology such as facial recognition have been extensively used in India to tackle various social problems despite global criticism on facial recognition malfunctions, accuracy rate and innate discrimination of minorities and women. Besides, it has been reported that drones with cameras are used for monitoring purposes, but it is unclear how video footage will be used later.
On the other hand, the State has made various efforts to integrate databases and analytics tools to monitor people and their actions. For instance, the Central Government has equipped a technology called Advanced Application for Social Media Analytics (AASMA); this tool will aid both Central and State Governments to monitor social media. But in 2018 Supreme Court of India stopped a similar project of the Central Government titled social media communication hub (SMCH), stating it to be a step to the surveillance State and problematic in the absence of a data protection regime.
Similarly, as citizens use Aadhaar-based authentication systems for any service enrollment or transaction, the information on the authentication process, transaction details, etc., are recorded at a central database. While the Government states that profiling citizens enable better welfare delivery, it has been criticised for its potential to cause exclusion and surveillance, which is not accounted for. Though Unique Identification Authority of India (UIDAI) has been commissioned as the custodian of Aadhaar data, it is also the regulator of Aadhaar infrastructure, which does not create any meaningful and independent accountability in case of misuse. Besides, in the Aadhaar judgment (2018), while the Supreme Court provided constitutional validation to the Aadhaar scheme, it has also struck down various provisions on the grounds of proportionality, data security, and privacy. The judgment pushed for the development of a data protection regime and also struck down the provision on data sharing on national security grounds.
Targeted surveillance in the form of interception has a long-standing history predating any of the recent technological developments. Under legal grounds of the Telegraph Act, 1885 [Section 5(2)] and Information Technology Act (Section 69), the Government can intercept, monitor, and decrypt any information for protecting sovereignty, national security, friendly relations with international States, public order, etc.
There are various non-State lawful interception systems available in the Indian market which are installed into the networks of telecom services and internet services by the Government through the licence agreement. While most of the details on the operations of these systems are confidential, spy files project by WikiLeaks, which created a revelation, revealed that the capacity of these Indian lawful interception systems is way beyond what is available publicly in terms of surveillance.
However, there are also other not entirely lawful interception mechanisms in the market, like Pegasus. The Pegasus controversy is not a new thing, and it first broke in 2019 when WhatsApp reported that Pegasus targeted 1400 phone numbers of its users. While the Indian Government asserted to investigate this matter, the recent Expert Committee constituted by the Supreme Court on the Pegasus allegation will be probing the steps/actions taken by the Government after reports were published.
In addition, like PRISM in the USA, in India, we have a similar system called Central Monitoring System (CMS) and it was implemented in 2015. While the CMS system still relies on lawful interceptors for interception and monitoring, its operations highlight surveillance capacities as they cut the line of the process to automatically retrieve information from the network of telecom service providers or the internet without approaching them.
Besides, non-State actors like digital platforms perform targeted surveillance to promote business interest and to cater better service to the users without any legal grounds and guidelines for securing user privacy.
While a traditional surveillance set-up involves two actors at different power levels i.e. the State or non-State actor can watch citizens; lateral surveillance breaks this code by enabling peer-to-peer surveillance.
In response to the pandemic, the Government had resorted to various technological measures to tackle the spread of the virus and for administering the vaccination. One of the most sought out measures globally was the contact tracing app and quarantine monitoring apps. These apps can majorly cause lateral surveillance due to the high chances of data breaches. In addition, at the aggregate level, these apps encourage “watch over others” culture, where the people from a particular area might watch out for the neighbouring areas, leading towards exclusion and other unintended impacts.
Contact tracing apps are new in the game; apps that stimulate lateral surveillance have been there for some time now. Some of the prominent lateral surveillance apps are HawkEye, C-Plan, RajCop Citizen, etc. Also, to monitor the digital public sphere, the cyber volunteers programme seeks citizens to report unlawful activities on the internet and social media.
The Forbes list of most surveilled cities in the world shows that Indian cities have surpassed China in terms of the number of CCTV cameras installed. Being a democratic country, India surpassing/giving tough competition to an authoritarian country like China in terms of surveillance, questions the trajectory that India, as the largest democracy, wants to set for the future. Does India want to subdue its citizens or empower them?
While these monitoring mechanisms are instituted by State and non-State actors for different purposes, in the absence of surveillance reform and data protection, these new technological means subdue citizens by causing unaccountable surveillance, infringing citizens’ freedom of expression and privacy.
The Supreme Court of India delivered its judgment on K.S. Puttaswamy v. Union of India, declaring privacy as a fundamental right under Article 21 of the Indian Constitution. Therefore using this judgment as a substratum, comprehensive surveillance reform should be constituted, which gets India into the path of empowered citizenry where the right to privacy is secured from the interference of surveillance.
As the Expert Committee formed by the Supreme Court will recommend enactment/amendment to existing laws around surveillance to secure privacy, it is important to have a separate/new surveillance legislation that is clearer, purposive, proportionate, and comprehensive (covering all forms of surveillance). The surveillance legislation should bring both State and non-State actors under its purview and demand a robust accountability mechanism that involves both parliamentary and judiciary oversight.
† Senior Research Associate at The Dialogue.