Mumbai Police has set up a Social Media lab, along with team of cyber experts, and with the help of ISPs, is conducting random checks on content that is being downloaded from certain sites, including torrents, and especially Internet users with large data downloads, reports DNA, quoting Himanshu Roy, Joint Commissioner (Crime), Mumbai Police. As per the report, on the basis of a complaint from a copyrights holder, the police warned and let off an IT professional who was using his office computer (and we assume, connection) to download torrents. The company emailed its employees to stay off torrent sites.

Copyright owners have, in the past, got websites blocked, hired people to conduct likely-to-be-illegal DDoS attacks, and got all-encompassing John Doe Orders to get anything they want blocked.

Our Take

While it quotes a “cyber security expert” who says that the Copyright Act, the IPC or section 66 of India’s IT Act can be used in this case, it doesn’t question why the person was let off with a warning. That seems rather arbitrary, because if a complaint has been filed, surely the decision on whether to let the person go or not should be left to the Judiciary, not the Police. Or does the Police usually go warning people and letting them go after copyright owners file a complaint? The report doesn’t mention the complainant, the user, the company involved, the content being downloaded or the torrent site.

Is this tapping of citizens’ Internet connections legal? If you look at the 1996 PUCL judgment on (phone) tapping, it clearly points out:

Telephone – Tapping is a serious invasion of an individual’s privacy. With the growth of highly sophisticated

communication technology, the right to sold telephone conversation, in the privacy of one’s home or office without interference, is increasingly susceptible to abuse. It is no doubt correct that every Government, howsoever democratic, exercises some degree of subrosa operation as a part of its intelligence outfit but at the same time citizen’s right to privacy has to be protected from being abused by she authorities of the day.

The judgment states:

1. An order for telephone-tapping in terms of Section 5(2) of the Act shall not be issued except by the Home Secretary, Government of India (Central Government) and Home Secretaries of the State Governments. In an urgent case the power may be delegated to an officer of the Home Department the Government of India and the State Governments not below the rank of Joint Secretary. Copy of the order shall be sent to the Review Committee concerned with one week of the passing of the order-.2. The order shall require the person to whom it is addressed to intercept in the course of their transmission by means a public telecommunication system, such communications as are described in the order. The order may also require the person to whom it is addressed to disclose the intercepted material to such persons and in such manner as are described in the order.

The Police and their CyberCrime cells proactively scanning Internet connections certainly amounts to invasion of privacy.

Readers should also be aware that India doesn’t have a privacy law, as was pointed out by the Standing Committee that criticised the Indian government’s Unique Identity project, saying that

“In the absence of data protection legislation, it would be difficult to deal with the issues like access and misuse of personal information, surveillance, profiling, linking and matching of data bases and securing confidentiality of information etc.”

Maybe it’s time someone filed a case to prevent government organizations from snooping on its citizens, ad-hoc. If you’re not worried yet, take a look at the Home Ministry’s snooping tender that we’d written about.

Update: An earlier version of this article incorrectly referenced a portion of the judgment