India's oldest bank hit by cyberheist Watch Now

On Thursday, the Indian government gave ten agencies the legal authority "to intercept, monitor or decrypt information generated, transmitted, received or stored in any computer."

The order, approved on December 20 by the Indian Ministry of Home Affairs, is an expansion of India's IT Act of 2000 and effectively gives the Indian government the legal power to snoop on all its citizens' Internet traffic, and the authority to request access to any encrypted information.

Individuals and entities who don't comply with requests to intercept, monitor, or access citizens' data face up to seven years in prison or a fine.

The ten agencies authorized to intercept or request access to user data under the new order are:

the Intelligence Bureau

the Narcotics Control Bureau

the Enforcement Directorate

the Central Board of Direct Taxes

the Directorate of Revenue Intelligence

the Central Bureau of Investigation

the National Investigation Agency

the Cabinet Secretariat (R&AW)

the Commissioner of Delhi Police, and

the Directorate of Signal Intelligence (for service areas of Jammu & Kashmir, North-East, and Assam only)

The order sparked outrage in India, among citizens, privacy watchdogs, and opposing political parties, who called it a stepping stone towards an Indian surveillance state.

The same rhetoric heard in all countries where similar surveillance laws exist, or governments tried passing a surveillance law, were also heard from the Delhi government today.

Government officials argued that the order expanding India's IT Act was needed for national security, to maintain public order, and to deal with foreign government interventions.

#SnoopingSarkar | IT Minister @RSPrasad defends the MHA's #Snooping order. Says monitoring of data has been going on for long enough now, the difference is that now interception will be done in a structured manner based on the defined ground of security.#SecurityVsSnooping pic.twitter.com/O1MF3qO6bL — ET NOW (@ETNOWlive) December 21, 2018

To calm some of the rumors swirling online, the Ministry of Home Affairs also issued a clarification today, explaining that any interception, monitoring, or data decryption will be "done as per due process of law" with approval from the Union Home Secretary. The ministry also said that adequate safeguards against abuse exist under both the IT and Telegraph Acts.

"Every individual case will continue to require prior approval of Home ministry or state government," the government said. "MHA has not delegated its powers to any law enforcement or security agency."

The order is expected to be challenged in court as unconstitutional.

More cybersecurity coverage: