Abstract
This study looks at the Pegasus Project, a global investigation that exposed governments’ extensive use of Pegasus spyware, and how it affects Indian citizens’ right to privacy. It looks at Pegasus’s technical prowess, the purported targeting of Indian nationals, the Indian legal system’s regulations pertaining to private rights, and the ongoing legal issues. The study goes on to examine the controversy’s possible effects on Indian democracy and free speech.
Key words: spyware, surveillance, right to privacy, India, Pegasus Project.
Introduction:
The disclosure of the Pegasus Project, a cooperative inquiry by a group of journalists, caused a worldwide commotion in 2021 (The Pegasus Project, 2021). The investigation revealed how many governments were using the Pegasus spyware, created by the Israeli corporation NSO Group, to target business executives, politicians, journalists, and human rights activists. Because Pegasus could get into iPhones and take out enormous volumes of data, people began to worry about government monitoring and possible invasions of privacy rights.
Concerns over India’s right to privacy have been raised by the controversy surrounding the Pegasus malware. To ease these concerns, the government must enact stringent legislation limiting electronic surveillance and protecting residents’ privacy. Furthermore, it needs to ensure transparency and accountability when using surveillance technologies and conduct thorough investigations into allegations of widespread monitoring and privacy violations.
The Pegasus debate in India is examined in this paper along with its implications for the basic right to privacy guaranteed by the Indian Constitution (Constitution of India, 1949). The Indian government’s purported use of Pegasus begs grave concerns about its commitment to preserving this privilege.
Research Methodology:
A doctrinal legal research approach is used in this research work. It examines pertinent legal documents, including the Indian Constitution, significant rulings from the Supreme Court of India, and global human rights agreements that deal with privacy. The paper also makes use of academic journals, news stories, and investigative studies to comprehend the intricacies of Pegasus and the ongoing legal disputes related to its application in India. Legal sources are cited using the 20th edition of the Bluebook format.
Review of Literature
Numerous academics have investigated how the Pegasus Project affects worldwide rights to privacy. In his 2015 book Permanent Record, Edward Snowden examines the extensive scope of government monitoring initiatives and how they stifle free speech. In The Ethics of Cyberwarfare (2019), Carlyle Odgers explores the moral issues related to the creation and application of spyware. In his article “The Right to Privacy in the Post-Puttaswamy Era: Challenges and the Way Forward” (2021) , Jagdeep Singh examines the right to privacy in the post-Puttaswamy age, emphasizing the difficulties in enforcing it with a focus on the Indian context.
Pegasus spyware has been used to target human rights activists, journalists, and politicians in India. Allegations of widespread monitoring and invasions of personal privacy have resulted from the controversy. Human rights organizations have denounced the use of Pegasus spyware, claiming that it is an egregious infringement on the freedom of speech and right to privacy.
The Pegasus Project and India:
A cooperative effort in investigative journalism, the Pegasus Project involved 17 media outlets. It looked into how governments were using Pegasus spyware on opposition politicians, businesses, activists, and journalists. The project discovered that people in a number of nations, including India, were the targets of the spyware.
The claims that Pegasus spyware was being used to target specific people were refuted by the Indian government. The administration claimed that the malware was not utilized for spying and that the reports were founded on unreliable information. The reports, the government further asserted, were an attempt to defame Indian democracy and its institutions.
The NSO Group allegedly provided Pegasus spyware to several governments, including India, according to The Pegasus Project (The Pegasus Project, 2021). Widespread worry was raised in India after a list of more than 300 Indian phone numbers—including those of journalists, legislators, human rights advocates, and corporate executives—that may have been used as a target by Pegasus emerged. The possible infringement of the right to privacy protected by Article 21 of the Indian Constitution (Constitution of India, 1949) has led to a number of court challenges, even though the Indian government has denied any wrongdoing.
The Role of Supreme Court:
An investigation into the claims of improper spying through Pegasus was requested by the Supreme Court of India. The government was instructed to turn over the phones of people who were allegedly being spied on by the government for forensic analysis, and the court also established a technical committee to look into the subject.
Of the 29 phones that were turned in for analysis, the technical committee discovered malware in five of them, albeit it was not able to identify the software as Pegasus. The government’s lack of cooperation with the investigation was also criticized by the committee.
The Effect on Journalists:
“The Pegasus Project disclosed that the spyware was intended for use against multiple Indian journalists. Among the journalists were Anand Mangnale, the South Asia editor of the Organized Crime and Corruption Reporting Project (OCCRP), and Siddharth Varadarajan, the founding editor of The Wire.”
The Risk to Journalists
The Pegasus Project brought attention to the danger that unauthorized surveillance poses to Indian journalists. The investigation discovered that spyware, which may be used to access a person’s emails, chats, pictures, and other private information, is increasingly being used against Indian journalists.
Transparency Is Essential
The Pegasus Project emphasizes how important it is for government monitoring methods to be accountable and transparent. The project emphasizes how crucial it is to make sure that any surveillance is carried out legally and with respect for people’s rights.
Case Studies and Case Laws:
1] Citizens Lab vs. NSO Group Technologies
The University of Toronto research group Citizen Lab is embroiled in a legal dispute with NSO Group Technologies, an Israeli spyware company best known for Pegasus. The issue stems from a lawsuit filed in 2019 by WhatsApp and Meta (previously Facebook), which claimed that NSO had infected about 1,400 devices worldwide with Pegasus and other viruses.
Important Points:
Legal action Context: The case, which was submitted to a US federal court, charges NSO with using a WhatsApp security flaw to target human rights advocates and journalists. The case has continued for more than four years in spite of attempts to dismiss it.
“NSO’s Data Requests: NSO has made several requests for Citizen Lab to provide its unprocessed research data pertaining to the Pegasus probe. Citizen Lab possesses strongly disagreed, claiming that releasing the information could increase the danger of harassment for those who have already been targeted by NSO and impede further investigation.”
Judge’s ruling: NSO’s most recent request to view Citizen Lab’s materials was denied by the judge because it was deemed to be too general. The judge ruled that any such requests would have to include proof that certain people that Citizen Lab had designated as “civil society” targets were involved in criminal or terrorist activity.
The Reputation of NSO and Legal Difficulties: NSO has had numerous legal difficulties, such as those that are still pending and were started by Salvadoran journalists, Apple, and Hanan Elatr Khashoggi, the widow of murdered journalist Jamal Khashoggi. The US government has placed the corporation on a blacklist, and it has since started a vigorous effort to repair its reputation.
Research Methods Used by Citizen Lab: IP address scans and fingerprinting are used in Citizen Lab’s investigations to track down NSO spyware. Although NSO Group tries to avoid discovery, the organization has developed techniques to fingerprint and enumerate NSO Group servers.
Mobile Forensic Difficulties: Analyzing logs and searching for unusual activity is a common research task for Citizen Lab. To prevent impeding its development, the company should exercise caution when revealing its forensic approach, as device manufacturers and malware vendors may modify their products accordingly.
The operations of NSO Group and its criticisms: NSO Group has faced criticism for its role in aiding government surveillance and for using undercover private investigators to hunt down dissidents. The organization, which employs over 700 people worldwide—mostly former Israeli military intelligence officers—has come under fire for allegedly selling malware to countries with a track record of violating human rights.
2] The Editors Guild of India vs. Union of India
The Union of India and the Editors Guild of India have fought each other in court on a number of occasions, mainly over matters concerning press freedom and digital media regulation. The salient features of the latest cases are as follows:
Important Points:
Problems with IT Regulations: The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2023, which give power to a “fact check unit of the Central Government” to classify and remove online content deemed false or misleading, have been challenged by the Editors Guild of India on constitutional grounds. The Guild contends that these regulations infringe upon the right to freedom of speech and expression and have negative effects on press freedom.
Procedures in the Bombay High Court: The Guild filed a writ petition there, and the court responded by notifying the parties and extending the stay on the IT Rules until July 10, 2023. The Government was ordered by the court to submit its response by June 20, 2023.
Supreme Court Cases: WRIT PETITION (CIVIL) 552/2021, the Guild’s pending case before the Supreme Court, was last heard on November 22, 2023. Furthermore, WP(Crl.) No. 000498 of 2021 is scheduled for a hearing and is now pending.
Press Freedom Concerns: The Guild has voiced concerns about the possibility of regulatory organizations limiting press freedom as well as the imprisonment of journalists. It has asked the government to make sure that there are no obstacles in the way of news publishing in India and that the major focus of regulatory organizations is still on registration rather than regulation.
Recent Developments: With the announcement of new regulations on March 21, 2024, the position on the IT regulations changed. The Guild is still in favor of press freedom and the defense of the rights of journalists.
3] Prashant Bhushan (Contempt Case)
The Supreme Court of India heard a high-profile contempt of court case involving well-known Indian lawyer and activist Prashant Bhushan in 2020. The salient features are:
The two tweets that Bhushan sent on June 27 and June 29, 2020, criticizing the Indian judiciary and Chief Justice, were noticed by the Supreme Court on a suo moto basis. The tweets were deemed to be criminal contempt by the court.
On August 31, 2020, the Supreme Court fined Bhushan Re 1 and threatened to imprison him for three months and bar him from practicing law for three years if he didn’t pay the fine by September 15, 2020. Bhushan acknowledged that he did not accept the penalty and paid it.
On August 30, 2022, the Supreme Court dismissed a separate contempt case from 2009 in which Bhushan had accused some former Chief Justices of India of being corrupt. The court reasoned that Bhushan’s explanation of his intentions and the circumstances made the case unnecessary to pursue.
The contempt case brought to light topics like the freedom to openly criticize the judiciary, the necessity of proof for someone voicing a sincere belief about judicial corruption, and the vagueness of the laws pertaining to contempt of court.
The use of contempt of court rules against Bhushan was met with criticism from a wide range of constitutional scholars and members of civil society, who said that it had a chilling effect on the right to freedom of speech and expression guaranteed by the constitution.
The case spurred discussion on how to strike a balance in India between the judiciary’s ability to punish dissent and the fundamental right to free speech.
The Pegasus spyware is examined from a variety of angles in this research study, including legal, ethical, and political. It looks at the ongoing legal disputes between the Indian government and civil society organizations as well as the government’s response to the accusations. The controversy’s possible effects for India’s standing abroad and its relations with other nations are also covered in this essay. Furthermore, the procedure consists of:
Legal Evaluation: This paper looks at the laws that control surveillance in India, such as the Information Technology Act of 2000 and the Indian Telegraph Act of 1885. It examines the privacy and surveillance-related legal provisions and how they relate to the Pegasus spyware dispute.
Ethical Analysis: The consequences of the Pegasus spyware crisis on journalistic freedom, individual privacy, and freedom of speech are all covered in this paper’s discussion of the ethical ramifications. It looks at the privacy, autonomy, and non-maleficence ethical concepts and how they relate to the dispute.
Political Analysis: The Pegasus spyware controversy’s political background is examined in this study, along with the government’s and political parties’ respective roles in it. It looks at how the dispute may affect India’s democracy and legal system politically.
Comparative Analysis: This study makes a comparison between the Pegasus spyware incident in India and related scandals in other nations, like the US and the UK. It looks at the ethical and legal frameworks that these nations have in place for monitoring and how they relate to the scandal surrounding Pegasus spyware.
Suggestions:
The government of India should Pass stringent laws to control electronic monitoring and safeguard individuals’ privacy in order to address the Pegasus spyware problem and defend individual privacy in the country.
- Assure accountability and openness when using monitoring technologies.
- Undertake comprehensive inquiries about claims of widespread monitoring and infringements on personal privacy.
- Teach law enforcement organizations how to use surveillance technologies in an ethical manner.
- Provide a system for citizens to report privacy infringements.
- Enact strict data protection legislation to protect private data.
- Enact strict data protection legislation to protect private data.
- Make sure the level of surveillance is appropriate for the threat being addressed and targeted.
- Give people whose privacy has been compromised redressal options.
- Monitor the usage of surveillance tools by conducting audits on a regular basis.
- Create a separate oversight organization to keep an eye on and control surveillance operations.
Conclusion:
There are serious questions regarding India’s right to privacy now that the Pegasus spyware story has surfaced. There have been claims of widespread surveillance and invasions of privacy as a result of the Indian government’s indiscriminate employment of Pegasus spyware. The government needs to pass strict laws governing electronic surveillance and safeguarding citizens’ privacy in order to allay these worries. In addition, it must guarantee accountability and openness in the application of surveillance technologies and carry out exhaustive inquiries into claims of widespread monitoring and invasions of privacy.
Without the subject’s knowledge or consent, Pegasus malware is an advanced monitoring tool that may be used to track and monitor people. It is intended to sneak into mobile devices and collect private data, such as phone conversations, text messages, and location information. Only governments and law enforcement organizations purchase spyware, and the use of this technology is frequently rationalized as a tool of combating organized crime and terrorism.
However, claims of widespread surveillance and invasions of personal privacy have been made in response to the Indian government’s indiscriminate employment of Pegasus spyware. Human rights advocates and opposition politicians in India are fiercely debating the government’s policies in the wake of the dispute about the right to privacy.
The government needs to act in a few different ways to address these issues. It must first pass strict laws to control electronic surveillance and safeguard the privacy of its residents. This legislation ought to guarantee responsibility and openness in the application of monitoring instruments and offer channels of recourse to those whose privacy has been infringed.
Second, the government needs to make sure that the level of surveillance is appropriate for the threat it is trying to counter. This implies that the target of surveillance should only be particular people or organizations that really endanger public safety or national security.
Third, claims of widespread monitoring and privacy infractions need to be thoroughly investigated by the government. Investigating the use of Pegasus spyware and other monitoring programs is part of this, as is making sure that anyone found in violation is held accountable.
Fourth, law enforcement organizations need to be trained by the government on how to utilize surveillance techniques ethically. This involves making certain that law enforcement organizations are aware of the significance of protecting people’s privacy as well as the necessity of using surveillance technologies in a targeted and appropriate manner.
Fifth, in order to keep an eye on and control surveillance operations, the government needs to set up a separate monitoring agency. To make sure that surveillance tools are being used legally, this organization should be able to carry out routine audits and inquiries into their usage.
Sixth, the government needs to make sure that courts have the power to examine and authorize requests for surveillance and that surveillance is subject to judicial scrutiny. This will make it easier to guarantee that monitoring is conducted in a way that respects people’s privacy and complies with the law.
Seventh, in the case that someone’s privacy has been compromised due to the employment of Pegasus spyware or other monitoring techniques, the government is required to compensate that person. This entails offering monetary compensation as well as additional remedy.
Lastly, action needs to be taken by the government to stop Pegasus malware and other monitoring programs from being used in the future. This involves preventing the use of surveillance tools to target particular people or groups due to their political opinions, religious convictions, or other protected traits.
The scandal surrounding the Pegasus malware has brought serious worries over India’s right to privacy. The government needs to pass strict laws governing electronic surveillance and safeguarding citizens’ privacy in order to allay these worries. In addition, it must guarantee accountability and openness in the application of surveillance technologies and carry out exhaustive inquiries into claims of widespread monitoring and invasions of privacy.
Aishwarya Mudgadkar
MP Law College, Chh Sambhajinagar.