New Internet Protocol Laws in India Lead to Data Privacy Concerns for Companies

Source: Mid Day The Indian government wants to snoop on every Indian citizen who uses the Internet, even if he or she has never been even a suspect in …

Source: Mid Day

The Indian government wants to snoop on every Indian citizen who uses the Internet, even if he or she has never been even a suspect in any illegal activity — and that includes you.

Internet service providers have been asked to put in place solutions to track any specific Internet Protocol (IP) address and identify it as soon as any user logs on to the Internet, according to Rajesh Chharia, president of the Internet Service Providers’ Association of India (ISPAI).

Everyone is at risk


The difference this time is that the government would like to snoop on every Indian citizen who uses the Internet, even though he or she may never have been even a suspect in any illegal activity whatsoever. The Department of Telecom (DoT) has conveyed this to the ISPAI, at the behest of the Union Home Ministry and the Intelligence Bureau (IB), according to other knowledgeable sources.

Mobile tracking


The IB has also asked the telecom and IT departments to work with mobile phone companies and the National Informatics Centre (NIC) to put in place a system that can uniquely identify any person using the Internet across the country. The idea is to develop a technology platform where users will have to compulsorily submit some form of an online identification or password to access the Internet every time they go online, irrespective of the service provider.

“They want us to track voice over Internet protocol (VoIP) calls, all e-commerce transactions like bank transactions as well as air and railway ticket sales,” said Chharia.

Your data won’t be safe


If implemented, this would mean that citizen’s personal data would be in the hands of private and commercial bodies like Internet Service Providers. Legally, this would be very tricky, because private companies could misuse such data for commercial gain, sources said.

“If they want to keep tabs on everybody, then it should also become a very transparent and accessible process. But I certainly don’t want the government to play some sort of Big Brother,” said Supreme Court Advocate Prashant Bhushan.

Sign up for our Nearshore Americas newsletter:

Possible violation


However, sources have hinted that the government’s latest move may be in violation of Article 19 (1A) of the Constitution of India, which gives the freedom of speech and expression as Article 21 — the right to life, which also protects privacy, as well as Section 69 of the Information Technology Act. “Once this is monitored, it is like saying that every bedroom of your house must have a CCTV attached, which the thanedar can see. It is grossly unconstitutional, and perverse,” said Vivek Sood, advocate, Supreme Court of India and author on several books on cyber law.

“The government does not have powers to do any blanket interception and monitor the entire population. Any interception of electronic communication in India, if done outside the parameters of Section 69 of IT Act, will infringe  upon the fundamental right of privacy, part of Fundamental Right of Life under Article 21 of the Constitution of India. But under Section 79 2C, all intermediaries (which includes Internet Service Providers) in India are mandated to comply with such directions as may be issued by the government from time to time. It is this power that the government appears to be using to issue directions to ISPs,” New Delhi-based cyber law expert Pawan Duggal told Sunday MiD DAY.

Tags