A special three-judge bench led by Chief Justice of India NV Ramana on Thursday said the Pegasus technical committee had reported that out of 29 phones examined, five were found infected with “some malware,” but that did not mean it was Pegasus spyware.

“Twenty-nine phones were given to the committee. There is evidence found of some malware in five out of the 29 phones, but it does not mean the malware of Pegasus,” Chief Justice Ramana remarked orally.

‘Not cooperative’

The Bench also conveyed the committee’s observation that the Government of India was “not cooperative”.

“I am sorry to say, but there is a line in the report saying the Government of India was not cooperative. Whatever stand you had taken here, you took with them,” the CJI remarked.

Solicitor General Tushar Mehta, for the Centre, clarified, saying “I do not know personally what happened. But if they had asked us whether we were using a particular malware, we would have said “we are not using”. If they had asked what you are using, we may not have said it,” the law officer said.

The petitioners and individuals who had given their phones to the committee asked the court to give them a redacted report after taking into consideration issues of national security.

“Give us a redacted report. If there is malware, please give us a report. We gave our phones to the committee. We are the people who are concerned,” senior advocate Kapil Sibal urged.

The CJI said it had just opened and read the final report of the Pegasus technical committee in the courtroom. The Bench needed time to study the report in detail. The court said it would take into consideration the request to release a redacted copies of the technical committee report.

However, the court said it would publish on its website the separate report of the overseeing judge, Justice RV Raveendran, on ways to enhance or improve cyber security. 

The final report was in three parts: digital images of phones examined for spyware infection; the report of the technical committee; and the report of Justice Raveendran, the Bench said.

Justice Raveendran has recommended that the country’s cyber security needs enhancement while protecting the right to privacy against unauthorised surveillance. The retired apex court judge has said private firms resorting to illegal surveillance ought to be prosecuted.

He has suggested the formation of a special investigation agency for investigating cyber attacks and strengthening the cyber security network of the country.

Justice Raveendran has recommended that the government should create a mechanism for citizens to complain about surveillance and the alleged implantation of malware on their personal devices.

The Bench had last assembled on May 20 to peruse an interim report filed by the committee, in which it said that it had developed its own protocol and software to test the devices for malware.

The interim report had sought an extension of time till June 20, 2022, to complete the entire exercise and file a comprehensive report before the Supreme Court.

Two-pronged inquiry

The inquiry by the committee is two-pronged. One is regarding the technical issues relating to the digital forensic aspects of the reported use of Pegasus malware to target mobiles of Indian citizens. The second is regarding recommendations regarding the enhancement of existing laws and procedures related to surveillance and securing rights, including privacy, cyber security, etc.

On October 27 last year, the court constituted the technical committee while observing in its 46-page order that there was a “broad consensus that unauthorised surveillance/accessing of stored data from the phones and other devices of citizens for reasons other than the nation’s security would be illegal, objectionable, and a matter of concern”.

The court had, in October, listed several concerns that led it to form the committee and direct an independent enquiry. Several petitions, including one by senior journalists N Ram and Shashi Kumar, have sought a fair probe into the snooping allegations.

comment COMMENT NOW