"Being 'watched' is part of journalism now," said Sushant Singh, an Indian journalist whose phone was infected by Pegasus spyware in July 2021. Sushant was previously deputy editor of The Indian Express where he covered international affairs and national security. In July 2021, a list of potential targets for surveillance by Pegasus, a spyware made by the NSO group in Israel was released by Forbidden Stories and a consortium of journalists. In India, there were 300 targets, out of which 40 were journalists. Sushant's name was on that list.
Although it has been over a year, Sushant is still coming to terms with being under surveillance. "Some of my sources had hinted that I was being watched. However, when I was officially informed about it by the journalists, it hit me," he says. An independent analysis by Paris-based non-profit newsroom Forbidden Stories and Amnesty International’s Security Lab was able to confirm the Pegasus infection on his phone. He says, "Now, we are learning to live with it."
Over the last few years, several journalists and media platforms have experienced unprecedented surveillance, both overt and covert. The resultant privacy violation and continued monitoring of their communication is a serious press freedom issue.
In 2014, a report by Software Freedom Law Center revealed that the Indian government is known to outsource surveillance initiatives to private third parties, some of which go so far as to infect target devices using malicious software in order to gain access to information stored within.
After the Pegasus spyware allegations were made public, India's Supreme Court issued a notice to the Narendra Modi-led Bharatiya Janata Party government. However, India's solicitor general Tushar Mehta, representing the Modi government, said the government cannot be made to answer whether or not it uses spyware as this would alert terrorists and compromise "national security."
In the absence of a specific answer from the Union government regarding the usage of Pegasus spyware, the Supreme Court established an independent committee to probe the matter. Retired Justice Raveendran headed the committee, while the panel comprised Naveen Kumar Chaudhary, dean of the National Forensic Sciences University in Gandhinagar, Prabaharan P, professor at Amrita Vishwa Vidyapeetham in Kerala, and Ashwin Anil Gumaste, an institute chair associate professor at IIT Bombay.
In the analysis submitted to the court on August 25, 2022, the technical committee found malware in five phones. However, the committee was unable to identify the malware. The bench comprising former Chief Justice NV Ramana, Justice Hima Kohli, and Justice Surya Kant, also pointed out that the Union government “did not cooperate” with the expert committee.
Journalists in India are yet to come to terms with the long-term impact of surveillance. Sushant added, "Journalists are forced to alter their lives under surveillance. We do not speak as freely and we censor ourselves even before the story is out."
A woman journalist who was also listed as a potential Pegasus target expressed deep worry. While requesting anonymity, she says, "By collecting our private information which is not limited to us but also our families and friends, there is a potential danger of doxing [revealing personal details online without consent]. Not just that, smear campaigns can be run against us to malign our reputation using our private data." She added, "I know my photographs are still stored somewhere with them. I don't know when and how they will use it."
Journalist Saikat Datta, whose phone was also intercepted using Pegasus spyware, in a written submission before the technical committee established by India's Supreme Court to look into unlawful Pegasus surveillance wrote, "Surveillance is an enormous power given to the state. It can help a government manipulate the very citizens who have temporarily reposed this power in them. If it remains unchecked, it will only help governments perpetuate themselves and undermine the power of the citizens enormously."
Now head of Deepstrat, a New Delhi-based Strategic Consultancy and Think Tank, Saikat said, "Surveillance is largely a function of the State. It is a power given to the government by citizens to use wisely, proportionally, when necessary, and only through strictly legal means in exceptional circumstances."
Saikat said, "The term ‘national security’ is one of the most used terms for targeted surveillance, along with ‘public order’ and ‘investigation of a crime’. Besides, India lacks a national security strategy that could clarify the definition of national security and the government’s objective in ordering surveillance." He added, "As long as critical terminologies like national security remain too broad and overarching, it is difficult to make the State accountable and prove that the information is being kept secret for legitimate national security concerns."
The use of Pegasus spyware is not the only incident where journalists have been tapped and surveilled in India. In 2010, taped conversations between political lobbyist Niira Radia and several public figures, including various journalists, politicians, and business houses were leaked. These conversations were recorded by the Income Tax department as part of surveillance of Radia’s phone on a complaint to the finance minister on November 16, 2007, alleging that within nine years, she had built up a business empire worth Rs 300 crore. Eventually, 180 days of Radia’s conversations between August 2008 and May 2009 were recorded.
The leaked tapes dented the credibility of prominent Indian journalists such as Barkha Dutt and Vir Sanghvi. However, it was industrialist Ratan Tata who took the case to the Supreme Court reiterating his right to privacy. In September 2022, the Central Bureau of Investigation (CBI) said it did not find any criminality in nearly 5800 recorded tapes.
In People’s Union for Civil Liberties (PUCL) vs Union of India, the SC laid down guidelines for authorised phone tapping in 1996:
> Orders for telephone tapping may only be issued by the Home Secretary of the central government or a state government. In an emergency, this power may be delegated to an officer of the Home Department of the central or state government, and a copy of the order must be sent to the concerned Review Committee within one week.
> The authority making the order must consider whether the information which is considered necessary to acquire could reasonably be acquired by other means.
> Orders issued under the Indian Telegraph Act, 1885 shall be valid for two months from the date of issue.
> Review Committees shall be constituted consisting of Secretary-level officers at both the central and state levels. They may evaluate whether an interception order has been passed in compliance with the law, and if it has not, they may set it aside and direct the destruction of any copies of the intercepted communications.
> The authority issuing the interception order must maintain records of:
(i) the intercepted communications;
(ii) the extent to which material is disclosed;
(iii) the number of persons to whom the material is disclosed and their identity;
(iv) the extent to which the material is copied; and
(v) the number of copies made (each of which must be destroyed as soon as its retention is no longer necessary).
However, despite these guidelines, in many cases, including the surveillance of Niira Radia, there is no clarity on the grounds, and much less transparency over authorisation for the phone tapping. Apart from the Radia case, there are many examples of where PUCL guidelines were not followed.
In 2012, it was revealed that the BJP-led government of Himachal Pradesh had targeted 1300 telephone numbers for tapping and recording, but the state’s Home Secretary had granted permission for only about 2% of these.
In another high-profile case, Call Data Records (CDR) of telephone numbers belonging to senior BJP leader Arun Jaitley were obtained in an unauthorised manner by junior police personnel and private detectives who used a senior police official’s email ID without authorisation.
Even after a decade of the Radia tapes, phone tapping is common in India. In 2020, a tapped telephonic conversation between reporter Tanushree Pandey and her source was made public during the coverage of the rape and murder of a Dalit girl in Hathras from Uttar Pradesh. In that conversation, Pandey was asking her source to send her a self-recorded video statement as she could not visit him because the place was cordoned off by the police. After the conversation was leaked, the reporter was largely discredited. She was falsely accused of creating a fake story just because she was giving instructions to her source to record a video.
"Hathras was not the only time when my conversation was tapped. It also happened while covering the student clashes at Jawaharlal Nehru University in 2016. There is a constant fear that I am being surveilled without my consent just because of my work," said Tanushree.
She added, "I have been given instructions by my editors to be more cautious regarding my private communications, especially while covering elections and conflicts. So I use end-to-end encrypted platforms such as WhatsApp. However, while on the field, many people do not own smartphones, so we have no choice but to use the cellular network."
Such surveillance is not just common with reporters who are based in the national capital region of India, but in various states as well. Many state governments are known to intercept reporters working on critical stories.
In 2014, the Assam-based regional paper Times of Assam released a statement that the phone numbers of their chief editor Dhruba Jyoti Deka were being tapped since he was involved in Assam peace talks between the Indian government and the United Liberation Front of Asom (ULFA), an armed separatist organisation.
Often, journalists are also intimidated by threats of surveillance. In 2018, senior journalist Barkha Dutt in a tweet claimed, "Received chilling veiled threats and "messages" from powerful people in the Establishment today that my family and I are under surveillance - and that I will be smeared & maligned to stop me from starting any new projects. Was advised to get my house debugged. Is this my country?" (sic)
While there is routine surveillance of activists, lawyers, and politicians, many of whom were targets of Pegasus, an overwhelming number of journalists were also on the list.
Srinivas Kodali, an activist working towards digital privacy, said, "Information has always been a form of power in society. That is why people in power have always tried to control the flow of information. Journalists are producing and broadcasting information en masse, so to control the flow of information, the people in power try to control the journalists," he added.
"Surveillance is beyond censorship. It is a way to control journalists. Through active surveillance, journalists and their activities can be monitored. By this, the state has an opportunity to prevent a story even before it is published. This is important because, in a modern state, it is not easy to censor and control journalists, especially after a story is published. Surveillance is a covert mode where often the target is not aware of the surveillance," Srinivas said.
Kunal Majumdar, India representative for the Committee to Protect Journalists, said, "Surveillance undermines press freedom because it compromises the very essence of journalism. As a profession, the job of a journalist is that of a watchdog. To do this job properly, a journalist requires not just complete independence, but also should be seen as independent to maintain their credibility. When State (or non-State) actors start surveilling a journalist, it compromises both these aspects of the profession. Surveillance is a direct attack on journalism and is a method of intimidating both the journalists and their sources without directly censoring them."
Kunal added, "Surveillance has spooked anyone with a public profile or interacts with the government in India. Journalists have informed me that their sources now want to communicate over secure, end-to-end encrypted platforms."
When journalists are monitored, everyone they contact is also under scrutiny. As Srinivas pointed out, "Surveillance is not merely an attack on journalists, but also on their sources. Discreet discussions with sources are an important journalistic practice. Often, confidential conversations are stepping stones in establishing trust before any crucial information is shared by the source. Most of these confidential conversations are off the record and never published. These discourses provide critical background context which is important for not just merely getting the story, but also for getting the story right. Surveillance is an attack on this practice."
Srinivas added, "Through the knowledge collected via surveillance, the State can reach out to journalists' sources and cut access. Surveillance can also enable the State to discredit a journalist by feeding wrong information. Personal information collected can also be used to strong-arm the journalist to abandon the story."
A Delhi court in January 2023 pointed out, "There is no statutory exemption in India to journalists from disclosing their sources to investigating agencies, more so where such disclosure is necessary for the purpose of aiding and assisting in the investigation of a criminal case." However, surveillance of journalists goes beyond asking a journalist to reveal his source for an investigation. It allows continuous snooping, monitoring, and manipulation of journalists and their sources. Surveillance obviates the need for getting court orders on disclosure of journalists’ sources.
According to the United Kingdom Parliament, House of Lords's chapter on surveillance and data collection, there are two kinds of surveillance—mass surveillance and targeted surveillance.
Mass surveillance is passive and undirected surveillance such as closed circuit television footage (CCTV) and other public databases, for instance, Aadhar, the 12-digit unique identity number based on biometric data. On the other hand, targeted surveillance is directed at persons of interest and can involve the use of specific powers by authorised public agencies, for instance, phone tapping and use of spyware such as Pegasus.
An RTI application filed by Saikat revealed that about 1,00,000 phones are tapped annually by the Union government. It means that nearly 7000- 9000 per month and 300-per-day interception requests are made by Union government agencies. In addition to this, the Google transparency report indicates that it had received about 25,158 data interception requests from the government in 2021.
> Centralized Monitoring System (CMS)
CMS is an enterprising surveillance system that monitors text messages, social-media engagement, and phone calls on landlines and cell phones, among other communications. The Indian Government set it up in 2009 to automate the process of government-approved lawful interception and monitoring of telecommunications. Telecom operators in India are required by law to give law enforcement agencies access to their networks. Under this surveillance model, nearly 1.5 billion wireless subscribers in India are covered.
Deepstrat, however, points out a critical issue in CMS—most of the calls and messages are now shifting towards end-to-end encryption (E2EE) and hence surveillance is only viable if targets do not use E2EE. For instance, if a reporter uses WhatsApp for calling his source, the government can see the reporter connecting to WhatsApp, that is, the meta-data, but they are unable to listen to her call as it is coded or encrypted.
Mishi Choudhary, a technology lawyer and founder of the Software Freedom Law Center, India (SFLC.in) said, "With E2EE becoming commonplace, the metadata and other context attached to the conversation naturally becomes more important. Geographical area, devices used, and the parties in communications can offer a lot of insights even in the absence of actual content of the conversations."
> Network Traffic Analysis System (NETRA)
NETRA was unveiled in 2013 to intercept and analyse internet traffic using predefined filters. It can analyse voice traffic passing through software such as Skype and Google Talk, and intercept messages with keywords such as 'attack', 'bomb', 'blast', or 'kill' in real-time from the enormous number of tweets, status updates, emails, instant messaging transcripts, internet calls, blogs, forums, and even images generated on the internet.
> National Grid or ‘NATGRID’
This database is a collection of information from government databases including tax and bank account details, bank card transactions, visa and immigration records, and itineraries of rail and air travel. It also has access to the Crime and Criminal Tracking Network and Systems, a database that links crime information, including First Information Reports, across 14,000 police stations in India.
> Lawful Intercept and Monitoring Project
Lawful Intercept and Monitoring systems (LIM) refer to legally approved systems installed and managed by internet service providers to monitor and track communications. These Systems provide for intercepting any communication lines that use Indian servers, whether telecommunication or internet based. They also allow for keyword searches of all data that flows through Indian servers. However, DeepStrat pointed out that the rapid adoption of E2EE across sectors has gravely damaged the effectiveness of LIMs as they have made it harder for such monitoring services to snoop in when needed.
One of the primary laws around surveillance, the Indian Telegraph Act of 1885, is a colonial legacy. The Telegraph law gave powers to the Indian government to intercept calls in certain situations—in the interests of the sovereignty and integrity of India, the security of the state, friendly relations with foreign states or public order, or for preventing incitement to the commission of an offence. The first four of these conditions are part of the eight restrictions imposed on free speech in India. However, the law stated that this lawful interception cannot take place against journalists except under specific circumstances.
The Act as per Section 5(2) stated, "On the occurrence of any public emergency, or in the interest of the public safety, the Central Government or a State Government or any officer specially authorised in this behalf by the Central Government or a State Government may, if satisfied that it is necessary or expedient so to do in the interests of the sovereignty and integrity of India, the security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of an offence, for reasons to be recorded in writing, by order, direct that any message or class of messages to or from any person or class of persons, or relating to any particular subject, brought for transmission by or transmitted or received by any telegraph, shall not be transmitted, or shall be intercepted or detained, or shall be disclosed to the Government making the order or an officer thereof mentioned in the order: Provided that press messages intended to be published in India of correspondents accredited to the Central Government or a State Government shall not be intercepted or detained, unless their transmission has been prohibited under this subsection."
Apart from the Telegraph act, the Information Technology Act 2000 also gave power to the government to intercept all electronically transmitted data. It went beyond the Telegraph act and allowed interception, monitoring and decryption of digital information “for the investigation of an offence,” going way beyond the reasonable restrictions imposed on free speech.
Section 69 of the IT Act gave the power to issue directions for interception or monitoring or decryption of any information through any computer resource. It stated, "Where the Central Government or a State Government or any of its officers specially authorised by the Central Government or the State Government, as the case may be, in this behalf may, if satisfied that it is necessary or expedient so to do, in the interest of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence, it may be subject to the provisions of sub-section (2), for reasons to be recorded in writing, by order, direct any agency of the appropriate Government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information generated, transmitted, received or stored in any computer resource."
Moreover, this Act also allowed the complete blocking of electronic communication. Section 69 A provided the power to issue directions for blocking public access to any information through any computer resource. "The Central Government or any of its officers specially authorised by it in this behalf is satisfied that it is necessary or expedient so to do, in the interest of sovereignty and integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above, it may subject to the provisions of sub-section (2), for reasons to be recorded in writing, by order, direct any agency of the Government or intermediary to block for access by the public or cause to be blocked for access by the public any information generated, transmitted, received, stored or hosted in any computer resource," it stated.
In the states, police have the power to tap phones. At the Centre, 10 agencies are authorised to do so—Intelligence Bureau (IB), CBI, Enforcement Directorate (ED), Narcotics Control Bureau, Central Board of Direct Taxes, Directorate of Revenue Intelligence, National Investigation Agency, Research and Analysis wing (RAW), Directorate of Signal Intelligence, and the Delhi Police Commissioner.
Saikat pointed out that some of these intelligence agencies have been created through gazette notifications instead of the consent of the Parliament. In fact, the IB, the RAW, National Technical Research Organisation (NTRO), and Central Board of Direct Taxes (CBDT) are not law enforcement agencies and lack properly delegated powers from the Indian Parliament.
As electronically transferred messages that are E2EE cannot be intercepted, the Information Technology (Intermediary Guidelines) Rules, 2011 mandated that the originator of information must be traced on the platforms when ordered by an authorised government agency. That is only possible if E2EE is broken. This rule was further strengthened by the Draft Information Technology (Intermediary Guidelines) Rules in 2018 which mandated proactive monitoring of illegal content and traceability of the originator of the content.
Saikat added, "Any provision to acts of hacking of computer systems, mobile devices, online accounts, telecommunication/digital networks, unauthorised access, technology backdoors, decryption of private records will inevitably lead to mass surveillance. This is a very real danger to citizens and their constitutional rights. No degree of safeguards can protect them if such capabilities are allowed to the State."
In the research paper Why India’s Surveillance law must be redesigned for the digital age, Chaitanya Ramachandran, a lawyer specialising in Internet law argued, “A major defect of the government’s mass surveillance projects, including the CMS, is that they exist despite there being no specific statute enabling them. This is a troublesome issue for a very fundamental reason—existing Indian law assumes that surveillance will be targeted. In PUCL vs Union of India, the Court defined ‘interception’ under section 5(2) of the Indian Telegraph Act, 1885, as being the interception of communications sent to or from a specific address, and relating to a specific person, both of which must be specified in the interception order. This concept is echoed by Rule 419-A as well as the IT Act regime. However, the type of surveillance to be carried out using the CMS turns this concept on its head—virtually all communications on the telephone and IP networks in India can be monitored in a blanket fashion (for example, by the use of keywords). As existing law does not contemplate this type of mass surveillance, it is currently being carried out in a legal vacuum with no safeguards for citizens’ privacy rights. This is clear governmental overreach.”
In 2017, the Supreme Court ruled that the right to privacy is a fundamental right under Articles 14, 19, and 21 of the Constitution of India. In addition to that, the Puttaswamy judgement on the right to privacy proposed a four-fold principle to determine the validity of restrictions on privacy, which calls for the existence of a legitimate aim, suitability or rational nexus, necessity, and proportionality:
> Legality pertains to the existence of a law, passed by the Parliament. It means that privacy can be only undermined if there is a law which permits it.
> The legitimate aim pertains to the reasoning of the intelligence and law enforcement agencies for conducting surveillance with proper justification.
> Proportionality must show that the request for surveillance is necessary to achieve the legitimate aim. In addition, the request must prove the rational nexus between the objects and the means adopted to achieve them in terms of
(a) the amount of data required to be tapped or retrieved
(b) tools used for surveillance.
> Procedural guarantees: State abuse and misuse must be minimal by having concrete procedural safeguards followed by the state agencies.
As Saikat explained, "State surveillance is justifiable only if the purpose for which it is set up satisfies the proportionality principles established by the court as well as falls within the reasonable restrictions around the right to privacy. Otherwise, any form of state surveillance will not qualify as proportional and will interfere with the right to privacy."
While legal sanction for surveillance is already part of existing laws, there are new threats to privacy in the form of two new legislations—the draft Indian Telecommunication Bill, 2022, released by the Department of Telecommunication under the Ministry of Communication, and the draft Digital Personal Data Protection Bill, 2022 released by the Ministry of Electronics and Information Technology.
While the draft Indian Telecommunications Bill, 2022, seeks to replace the Indian Telegraph Act of 1885, the Indian Wireless Telegraphy Act of 1933, and the Telegraph Wires (Unlawful Possession) Act of 1950, yet this Bill retains colonial provisions regarding surveillance and interception verbatim in the new draft. Both these bills were recently floated for public consultation. The last date for feedback on the draft Indian Telecommunication Bill, 2022, was November 20, 2022, whereas for 'Digital Personal Data Protection Bill, 2022, it was January 2, 2023.
According to PRS Legislative Research, a think-tank based in New Delhi, "The draft Indian Telecommunication Bill, 2022 has not incorporated procedural safeguards mandated by the Supreme Court to safeguard the right to privacy in case of interception of communication." PRS also highlighted that "the bill may enable mass surveillance. Such measures may violate the fundamental right to privacy."
Regarding the Digital Personal Data Protection Bill, 2022, PRS argued, "Exemptions to data processing by the State on grounds such as national security may lead to data collection, processing, and retention beyond what is necessary. This may violate the fundamental right to privacy." The think tank also argued, "The Bill requires all data fiduciaries to obtain verifiable consent from the legal guardian before processing the personal data of a child. To comply with this provision, every data fiduciary will have to verify the age of everyone signing up for its services. This may have adverse implications for anonymity in the digital space."
Both these bills ignore the right to privacy principles laid down by the Supreme Court. Saikat added, "It is up to the Parliament to make laws around these principles. These laws are excessively vague and broad, therefore open to misinterpretation and misuse and fail to fulfil the standards of legality, necessity, and proportionality set by the court."
Chaitanya argued, “Illegal surveillance in India tends to come into the public eye only when senior political figures are targeted. The government’s mass surveillance projects are capable of targeting anyone who uses telephone or electronic communications in India. Unlike high-profile political figures, the unauthorised surveillance of ordinary citizens is less likely to make headlines, and regular citizens will not have the same ability to protest unauthorised surveillance, whether by publicising it or taking legal action.”
A digital security trainer with Reporters Sans Frontiers (RSF), Germany, who prefers to go by the name Frank, said, "It is hard to say which companies come up with new surveillance tools at what time and there is no central database on this." Frank suggested checking the websites of human rights organisations to stay updated on the various online attacks on journalists' privacy.
Frank suggested the following steps to protect journalists' electronic communication. He said, "depending on the legal situation of encryption in India and on the status of surveillance of more secure communication tools journalists must:
> “Journalists must secure all their online accounts including communication tools with strong and unique passwords and enable two-factor authentication for all accounts with an authentication app or authentication USB key.
> “Journalists must use messengers and email services, which are by default E2EE, like Signal, WhatsApp, or ProtonMail. Unfortunately, the metadata of WhatsApp communication is shared with the Meta-verse, i.e. Facebook, but the content of your communication is secure as long as your account and device and the device of the person you are communicating with are secure. To be on the safe side, use disappearing or self-destroying messages to delete messages from both devices.
> “Journalists' phones and laptops must be secured with strong and unique passwords. If possible, enforce anti-surveillance protection as Apple's Lockdown Mode on Macbooks and iPhones.
> “Journalists must stay alert against any kind of phishing and also signs of SIM-card-swapping or SIM-card-cloning, like unusual requests in the messenger apps to verify your account or the like.
> “If a journalist becomes aware of surveillance, they should contact one of the Human Rights or Journalists' rights organizations, which can help to verify such an attack.”
Frank added that if a journalist suspects their phone or certain accounts to be surveilled, the following steps can help mitigate:
> Reduce the content of the journalist's communication on the affected device or account to non-sensitive content, but keep it alive, as one might not want to show the adversary that they are aware of the surveillance.
> One must get a secure alternative device (phone, computer) with an alternative SIM card, which is not registered in their name.
> It is important to get emotional support for dealing with the uncertainty and the possible intrusion into one's private workspace.
Frank also suggested that in case journalists want to take legal action against such surveillance, "it is important to preserve all possible evidence. Journalists must not delete or reset their affected device or phone until they are sure that it is safe to do so and that they are not going to need it for any legal procedures. It might be helpful to hand over their device for investigation by journalists or human rights organisations outside of their country, so that they cannot be forced by their national judiciary to hand over their device by their forensic units, as this might expose contacts and other communication information that is on journalists' phone and might impact their sources or colleagues."
With the infiltration of technology into our everyday lives amid the rise of digital devices and the internet, the ease of surveillance in India has increased. It includes the assemblage of telephone metadata as well as non-encrypted communication, personal and financial transactions, email communication, data on mobile phones, as well as access to cloud storage. Apart from infrastructure for mass surveillance, State and non-State actors also employ spyware such as Pegasus on citizens' and journalists' devices for unrestricted access into their private lives. In addition, the media’s responsibility to scrutinise actions of the powerful and ensure accountability is seriously undermined by surveillance.
This trend is very dangerous because the surveillance web creates multiple issues–-from breaching intellectual privacy to distorting the power dynamic between the citizen and the State, thus gravely impacting press freedom. Currently, the State has the capacity to conduct targeted as well mass surveillance without any checks and balances. While the Supreme Court of India has defined the right to privacy as a fundamental right, the legislations in India fail to uphold it in principle.
The contours of surveillance must thus be redefined legally in India, with a focus on human rights. Additionally, the media’s responsibility to scrutinise actions of the powerful and ensure accountability, seriously undermined by surveillance, must be upheld.
Digital security guides and resources
> Practical tools to navigate digital security and privacy from a gender perspective / XYZ@Tactical Technology Collective
Dealing with doxing and online harrassment
Srishti Jaswal is an award-winning journalist based in India, a certified digital security trainer from Reporters Without Borders, Berlin and is currently writing a book on social media trolling for Pan Macmillan.
This research and reporting has been supported by the International Press Institute’s project on fighting attacks on journalists in South Asia.