No privacy law in India – So, they follow NSA example with CMS (Centralized Monitoring System)

India’s new surveillance network will make the NSA green with envy

No privacy law in India – So, they follow NSA example with CMS (Centralized Monitoring System)

Image courtesy of [kangshutters] / FreeDigitalPhotos.net

India doesn’t seem to worry that the surveillance scandal recently rocking the US might perturb its own citizens. The country is going ahead with an ambitious program that will let it monitor any one of its 900 million telecom subscribers and 120 million internet users.

The Centralised Monitoring System (CMS) will be operational in 10 of the country’s 22 telecom “circles” (i.e., regions) by the end of the year, according to the Press Trust of India. The far-reaching surveillance program rivals the worst in the world, and makes the US National Security Agency (NSA) look like a model of restraint.

The NSA, as revealed in media reports earlier this month, has been monitoring phone-call metadata (such as phone numbers and call durations) on a widespread basis for years, but has to get the approval of a (albeit secret) court to spy on the calls themselves or the content of emails. The CMS, by contrast, will give nine Indian government agencies—including the tax department—the power to access, in real-time, phone conversations, video conferences, text messages, emails, and even internet search data and social media activity, and will work without any independent oversight, Reuters reports; the agencies can start monitoring targets without the approval of the courts or the parliament. The top bureaucrat in charge of the federal interior ministry and selected state-level officials will reportedly be authorized to approve surveillance requests.

Moreover, with the CMS, security agencies won’t need to request users’ information from telcos. They’ll be able to get it directly, using existing interception systems that are built into telecom and data-service networks. According to the Hindu newspaper, the system will have dedicated servers and extensive data-mining capabilities that can be used for surveillance.

Naturally, many fear that the system will be abused. India does not have a formal privacy law, and the CMS will operate under the archaic Indian Telegraph Act, formulated by the British in 1885. The Center for Internet and Society argues that parliamentary oversight is a minimum prerequisite for the program:

E-surveillance regulations should be enacted, which would cover both policy and legal issues pertaining to the CMS project and which would ensure that human rights are not infringed. The overall function of the CMS project and its use of data collected should be thoroughly examined on a legal and policy level prior to its operation, as its current vagueness and excessive control over communications can create a potential for unprecedented abuse.

India already has a shaky track record of protecting its citizens’ freedoms online.

Read More