Indian government is illegally spying on you in the name of improving call quality


India’s telecom market isn’t in the best shape. Its infrastructure is in ruins because of a looming debt crisis, 4G internet speeds are slower than 3G standards and authorities have received countless complaints from users about poor network coverage, repeated call drops, and cross-connections.

To address these issues, local units of the DoT (Department of Telecommunications) sought call data records of all mobile subscribers across several pockets of the country for specific days over the past few months. The government says it’s trying to address consumer complaints about call drops, cross-connection, and poor quality.

However, a report by The Indian Express states that the government is asking telcos to hand-over CDR (Call Data Records) of all users belonging to a few circles. These regions include Delhi, Andhra Pradesh, Haryana, Himachal Pradesh, Jammu & Kashmir, Kerala, Odisha, Madhya Pradesh, and Punjab. Telecom operators have red-flagged the possibility of “surveillance”, disguised as a move to improve services.

A telco executive stated that the government is asking for everyone’s records, not someone in particular, without probable cause. It’s in violation of standard operating procedure, but the telcos have no choice, but to comply.

“It has been happening for several months now but during January and February, we started seeing these mass requests,” a senior executive of a telecom company on condition of anonymity was quoted in the report.

In line with the above claim, COAI (Cellular Operators Association of India), an industry body representing India’s top telecom operators, complained to Anshu Prakash, Secretary, Department of Telecommunications, but so far there has been radio silence.

Why is the government’s justification so hard to believe?

  • Firstly, monitoring call drops, looking after customer complaints, and penalizing telcos for poor performance is TRAI’s (Telecom Regulatory Authority of India) jurisdiction. The regulator already has a specialized redressal mechanism in place called Consumer Complaints Monitoring Systems. It regularly monitors telco performance and even imposes financial disincentives in case of shortcoming. On the other hand, the Central Ministries rely on CPGRAMS (Centralized Public Grievance Redress and Monitoring System) for redressals across all industries. Why did DoT suddenly overstep and start doing TRAI’s job?
  • If quality improvement is what the government wants us to presume, why did it go after a region like Jammu & Kashmir? The state has been on lockdown for more than half-a-year, Internet services remain suspended, and authorities even detained citizens for using a VPN (Virtual Private Network). When there’s officially no access to wireless telecom, what data is the government expecting to get, analyse, and improve upon?
  • Incidentally, the CDR requests started coming in from January, just a couple of weeks after the anti-CAA protests intensified. The epicentre of these protests had been Delhi. A city that has just recently witnessed a riot, the government has been under tremendous pressure for not doing enough to prevent the incident. In fact, the ruling party, BJP’s own Kapil Mishra is alleged to have played a key role in inciting violence. Delhi Police is directly under the Home Ministry and failed miserably in containing the riots. Lastly, it took three days for the Rapid Action Force to perform flag marches in the affected areas. Does the government want to identify those who speak against the establishment or is it trying to mask its shortcomings?
  • The government has a long history of tagging anyone who doesn’t agree with them as “anti-nationals”. How do you identify “opposition” in the twenty-first century? You tap calls, messages, and other electronic forms of communication. China is infamous for constantly snooping on its citizens and moderating the flow of information to establish a narrative.
  • A few months ago, it was discovered that a spyware had infiltrated WhatsApp via a vulnerability and enabled the attacker to spy on more than 1,400 users, including politicians, journalists, and activists. With CDR collection, it’s one step easier to keep a tab on everyone.
  • If you take a close look at the affected circles, Andhra Pradesh, Kerala, Madhya Pradesh, and Punjab are all served by governments of opposing parties. If the government wanted to genuinely improve mobile connectivity, it could’ve chosen a neutral and challenging circle like Mumbai. 

Read Also: WhatsApp was hacked, but is it safe to use now?

And, it should’ve done so after consultation from the TRAI. A framework should’ve been designed and made public that only raw or anonymous data of the users will be analysed without revealing any personal identity or connection. That’s how advertising companies like Google and Facebook collect cookies to better serve targeted ads.

India is a democracy. A system where a public organisation cannot purchase a single pen without releasing a tender and performing competitive bidding. That’s also called bureaucracy. And we have lakhs of aspirants trying to be a part of this system via UPSC (Union Public Service Commission). How can the top government officials or politicians bypass fundamentals of India’s executive branch and request personal data of any user at a whim?

A Similar incident from the past that rings another “red alert”

  • In 2013, the then-Chief Minister of Gujarat, Narendra Modi came under fire over allegations of snooping on citizens for personal gains. Investigative news website Cobrapost posted a series of phone conversations, which they insisted were between Modi’s aide and then Gujarat Home Minister Amit Shah and police officer GL Singhal. 
  • Shah is reportedly heard directing Singhal to put a young woman and a senior IAS officer under surveillance. These tapes revealed officials of private mobile service companies were involved with the Gujarat police in aiding interception of the woman’s mobiles and also illegally taping conversation without permission from the Gujarat home secretary.
  • Obviously, the above incident had no repercussions since the victim’s father demanded no further probe. There are numerous other examples of criminal-police nexus leveraging their power to snoop on people because of personal vendetta or even make it a commercial business.

What does the law say about tapping a phone call or message?

  • There are no laws that allow for mass surveillance in India. The two laws covering interception are the Indian Telegraph Act and the Information Technology Act of 2000. The latter being extremely vague and outdated for a world that’s moving forward at lightning speed.
  • After the above incident of 2013, the government amended the rules and the new amendment today is called Rule 419A of the Indian Telegraph Rules, 1951. This amendment was first proposed in 2007 but finally saw the daylight in 2014. It states that:
  • This is just a tiny gist of the complete amendment. Further, in the absence of a Joint Secretary, action can be initiated by an enforcement official “not below the rank of Inspector General of Police at the state level.” 
  • The Indian Telegraph Act also mentions that interception is permitted “On the occurrence of any public emergency, or in the interest of the public safety.” It’s apparent that call drops or poor mobile connectivity don’t qualify as a public emergency. So why was data of “all” users within a circle requested?
  • Even though a high-level review committee is set up to “review” the snooping order, it’s practically of no use since the government and executive officials will be going over it. It’s like asking my colleague to approve my leave application.
  • In 2008, the Information Technology Act copied much of the interception provision of the Telegraph Act but removed the preconditions of public emergency or public safety, and expanded the power of the government to order interception for “investigation of any offence.”
  • The laws are weak, vague, and outdated. Telegraph no longer exists in India, but its laws do. Ironically, a private detective who gained access to the cell phone records of Arun Jaitley, a BJP leader, was charged under the weak provisions of fraud, rather than an invasion of privacy.

Digital privacy is a myth in India. The Data Protection Bill was first conceptualised in 2017. It took more than two years for it to finally reach the Lok Sabha. It still hasn’t been implemented. Even the new law has one thing in common with the previous ones — it’s vague and serves the government, not the people.

Read Also: Why the Data Protection Bill will make India an Orwellian state

It’s an open fact that India’s legislature has a huge influence over the executive. We’re taught in basic civics that the two branches are supposed to work for the people, independently. Unfortunately, the two work for each other. What’s the solution? You bring in the third branch of democracy, the judiciary.

India needs a FISA-like law

  • FISA stands for Foreign Intelligence Surveillance Act, a legislation enacted in the United States of America. It requires the government to obtain permission from a judge on the Foreign Intelligence Surveillance Court (FISC) to surveil communications on domestic soil for national security reasons.
  • The FISC judges are appointed by the Chief Justice of the Supreme Court. It approves wiretaps, data collection, and government requests regarding monitoring suspected terrorists and spies.
  • If a law enforcement authority (in US’ case FBI) wants to spy on domestic soil, it’ll have to produce probable cause and prove the target is a danger to national integrity. The court will decide whether the enforcement agency has enough substance to proceed with a wiretap.
  • A similar setup in India can eliminate the abuse of power. While FISA only deals with high-level cases involving terrorism, India can follow the same pattern and expand the scope of jurisdiction to criminals. A safeguard can ensure the executive branch doesn’t overstep and abuse its abilities.
  • This will be very similar to India’s newly found bankruptcy court NCLT (National Companies Law Tribunal). The court has been quite helpful in dealing with resolution processes of bankrupt companies and the country has massively benefited due to the liquidation intervention.

India’s soon to be enacted Data Protection Bill is a disappointment. Even today, our lawmakers are adamant on sticking to draconian values that don’t necessarily solve the problem. Again and again, cases have to be plead and taken to the High Court or the Supreme Court for a precedent. What’s the use of making a new law if you’re constantly going to depend on precedents to pave the path forward?

As far as the Government of India is concerned, it’s clear they have no intention of going down the aristocratic path. Snooping on hundreds of millions of people, simply because they’re insecure about their seats. The same spying, when used correctly, could’ve helped us prevent massive attacks like 26/11. But alas, where’s the personal gain in that?

Read Also: Vodafone-Idea AGR Crisis: India’s crony capitalism now visible in full view