(This story was first published on 3 November 2019 and has been republished from The Quint's archives amid speculations of a report on Pegasus spying on politicians, ministers, journalists and judges, among others.)
In an expansive discussion on the WhatsApp Spyware Row – which has seen, what could be, over a hundred Indian citizens hacked, using an Israeli malware tool called Pegasus – cyber law and police expert Raman Chima explained why this move could not be anything but illegal under the existing Indian law.
“This could never have been actually legally used. In India, hacking a device is a criminal offence under Section 43 of the Information Technology Act. What NSO and Pegasus does is definitely an example of illegal hacking. That provision has no exception for government.”Raman Chima, Policy Director, Access Now
Chima, policy director at Access Now, clarified that this would apply even if Pegasus was used for seemingly legitimate surveillance purposes, because it involves unauthorisedly accessing everything on a person’s phone.
“Currently in Indian law, to hack a device whether for legal authorised surveillance or illegal unauthorised surveillance, no matter what it is, is illegal.”
He was speaking to The Quint in a live YouTube telecast on 1 November, following the recent revelations that the spyware, developed by Israeli technology firm NSO Group, had been used to snoop on hundreds of people around the world, including human rights activists, journalists and lawyers and even an elected representative, in India.
In addition to this, watch out for his insights into why Pegasus is more serious than other forms of spyware that are also used to hack and surveil people, the dubious record of the NSO Group, and why the buck stops with the Indian government when it comes to the use of the Spyware to breach people’s privacy in India – even if private actors were involved.
And why this whole fiasco once again demonstrates the need for a proper data protection law.