Indian authorities should immediately investigate the government’s alleged use of Pegasus spyware to target activists and apparent opponents, said Access Now, International Commission of Jurists, Electronic Privacy Information Center, Electronic Frontier Foundation, PEN America, Center for Democracy and Technology, Civicus, and Human Rights Watch in a joint statement on Thursday, 26 August.
In July, the Indian news website The Wire, as part of the international collaborative Pegasus project, reported that there were at least 300 Indian phone numbers, including those of human rights defenders, journalists, lawyers, government officials, and Opposition leaders, in the leaked global list of 50,000 numbers.
The eight groups have demanded that the authorities should also put in place broad reforms to establish proper judicial and parliamentary oversight of government surveillance measures that fully comply with international standards on privacy and other civil liberties.
Use of Pegasus Threatens Personal Security & Lives: Groups
Hacking is illegal under Indian law, and the Indian government has not said whether it used Pegasus to hack into devices.
"The disproportionate, illegal, or arbitrary use of spyware, like Pegasus, for surveillance violates the right to privacy, undermines freedom of expression and association, and threatens personal security and lives," the groups said.
The government has argued in several petitions filed in the Supreme Court regarding the Pegasus spyware that the cases had national security implications that could not be publicly disclosed. Instead, the details would be revealed to a government-appointed committee of experts.
The groups note that under international law, India has an obligation to ensure that victims of rights violations have an effective remedy.
Data Protection Framework Need of the Hour: Groups
The Indian government’s claims that it has sufficient safeguards to prevent unauthorised surveillance have no basis, the groups said.
In India, the legal regime for surveillance is governed by the 1885 Telegraph Act, along with the 2000 Information Technology Act. Under these laws, which have been challenged in Indian courts, the executive branch has unchecked and extremely broad powers of surveillance that are devoid of any meaningful safeguards, with no judicial authorisation or independent oversight.
"Even though the Supreme Court has twice stated, in 1997 and in 2017, that an order of surveillance can be passed only when strictly necessary and if there is no other alternative, the lack of independent scrutiny and effective reporting mechanisms result in lack of accountability," the groups asserted.
Four years after the Supreme Court’s pronouncement on the right to privacy, the Pegasus revelations should serve as a wake-up call for the urgent need to meaningfully recognise and protect the right to privacy in India, the groups added.