Mass e-surveillance project set for launch

The Centre’s highly advanced telecom and Internet surveillance project — the Central Monitoring System (CMS) — is in its final stage of deployment.

Yet, there has been no word on the legal and procedural framework under which the country’s security agencies can track phone calls, voice over Internet protocol (VoIP) and e-mails in real time.

In seven of the 11 states covered in the first phase, the Centre for Development of Telematics (C-DoT) — a government agency — has already installed the equipment for this massive snooping programme. Over 50 per cent of the overall testing is over. It has been completed in Delhi and is underway in Haryana.

Tests for “remote provisioning” and those related to protocol testing are underway. The Intercept Storage and Forwarding (ISF) servers of the Government are being tested for integration with the telcos and ISPs’ legal intercept (LI) system.

Additionally, the licence conditions of telecom operators, which currently place the obligation for surveillance on the operators, are being amended by the Government; Section 419(A) of the Indian Telegraph Rules related to interception, will also be amended soon.

It is expected that in early 2014, several of the States will go “live” on the CMS, making the existing surveillance and monitoring mechanism as well as the manual intervention of telcos and ISPs, redundant. The CMS will work with the operator’s existing LI systems to provide nationwide interception.

Even as the Government is rapidly transitioning interception of voice calls, SMS and emails to the CMS, there is still no framework in place to ensure against misuse or infringements of privacy.

Earlier this month, the Centre released the ‘Standard Operating Procedures of Lawful Intercept and Monitoring of Telecom Service Providers’ running to 45 pages.

However, the document makes no mention of the fact that interception and monitoring of phone calls, SMSs, Internet browsing, social media sessions and emails are transitioning from a system that requests information from telcos to one in which interception systems tease out information directly from telecom and data networks.

Under the new system, the telecom operator or ISP will have no role in the interception of nearly 850 million fixed lines and 200 million Internet users on a “real time” basis through secure Ethernet leased lines. The authorised agency will send the interception request to a designated government department and the interception made without the knowledge of telecom operators or ISPs.

On November 26, 2009, the Government informed Parliament that CMS would overcome “the existing system’s secrecy which can be easily compromised due to manual interventions at many stages”.

In early 2012, a private telecom operator told the Supreme Court that it had received instructions to tap 1.51 lakh phones between 2006 and 2010.

The new procedures for interception and monitoring put out in January 2014, requires operations to maintain “extreme secrecy” and “precaution in the matter of interception of messages as it effects privacy of citizens”. However, there is nothing in the document on what action can be taken if government officials are found guilty of misuse and violating the privacy of citizens.

The central agencies authorised to seek monitoring are the Intelligence Bureau, Narcotics Control Bureau, Directorate of Enforcement, CBDT, DRI, CBI, NIA, R&AW, Directorate of Signal Intelligence, and the Ministry of Defence for pre-specified areas. At the State level, they are the DGP and in Delhi, the Commissioner of Police.

COMMENT NOW