Tag: #Cybersecurity

Introduction

Spyware has always been a murky subject in terms of spying between governments. Spyware has been viewed as a critical component since it is thought critically to monitor and identify individuals who may be involved in illegal or terrorist activities. On the other hand, it is hugely controversial because, while ostensibly targeting criminal activity, such organizations or businesses may attack civil citizens or protestors in any region. This is an important point to remember since such meddling might result in a cyberwar or cyberattack, which could affect the political system of a country like Estonia. The Pegasus case has served as a forewarning of forthcoming cybersecurity concerns and the legislation that is required to address them.

Facts

• NSO group technologies is an Israeli firm that specializes in the investigation. This firm developed the spyware known as ‘Pegasus.’ It is a commercial company that monitors terrorists, drug traffickers, and other criminals, supporting government intelligence and law enforcement in overcoming encryption and technical hurdles.
• WhatsApp, which is owned by Facebook Inc., filed a lawsuit against NSO Group Technologies in California court on October 29th, 2019.
• According to WhatsApp, the malware ‘Pegasus’ deployed by the corporation compromised the phone systems of 1,400 users from all over the world. Users included civil society members, journalists, and Human Rights defenders from nearly twenty nations, according to the report.
• Because NSO Group was unable to respond or attend in court, the court issued a notice of default.
• It was claimed that the corporation used computer infrastructure and remote monitoring to insert spyware into customers’ devices via WhatsApp, causing a dangerous code to establish a connection between the users and the company without the consumers’ knowledge.
• NSO groups claimed that they were not properly served with notice of the action in a timely manner, in violation of international law.
• According to WhatsApp, multiple attempts were made to serve the notification on the firm.
• On March 6, 2020, NSO filed an application with a California court to have the previous decision overturned because the notice was not served on time, which is a violation of The Hague Convention due to WhatsApp’s incomplete service.
• NSO filed a separate case against WhatsApp in Israel on November 26th, stating that Facebook had disabled their private accounts. Facebook responded by stating that they had done so for security concerns.

Argument and Decision

NSO stated that the petitioner had breached international law by failing to provide legal notice of the action filed in a California court of law. They further claimed that they were just targeting the customer’s database provided to them and that they had no intention of targeting WhatsApp users. Furthermore, they asserted that the company’s customers are foreign sovereigns and that as a private agent for such users and of a foreign state, they are entitled to immunity under US law. It was also maintained that because they were acting as a supplier and were following the orders of their customers or the government, they could not be held accountable. WhatsApp contended that the NSO’s action was purposeful and intended to spy on those involved in social causes or other civil society members. It requested a permanent order from the court to prevent NSO from interfering with WhatsApp and Facebook’s computer systems. It claimed that NSO had broken the California Comprehensive Computer Data Access and Fraud Act and had trespassed on WhatsApp’s premises without permission. The District Court of California ruled in favor of WhatsApp in July 2020, and the litigation will move forward.

What is Pegasus

NSO, an Israeli cyber arms outfit, developed spyware to track a user’s mobile device. A link is provided to the user or targeted person in this spyware, and as soon as the targeted person opens the link, malware is injected into the device, allowing surveillance of the target. A new version of the same is said to be more powerful and destructive, and it doesn’t even need the user’s help. This spyware was produced by the organization to keep an eye on terrorists and
other criminals. To carry out such actions, the NSO collaborates with other governments and law enforcement agencies.

Effects

The charges stated by WhatsApp in its court application are extremely serious. According to WhatsApp, once this malware has been downloaded to a user’s smartphone, it can access emails, SMSs, passwords, location, network information, browser history, and device settings. The Citizen Lab claims that in addition to contact lists and emails, it has access to the device’s camera and microphone, allowing it to record all calls and messages. Pegasus has also allegedly used WhatsApp’s video and voice call functions, allowing the spyware to infiltrate the smartphone without the user’s knowledge.

Indian Laws governing Spyware Attacks

In India, the Pegasus case served as a wake-up call. Many Indian activists and civil society members were allegedly spied on by this spyware, according to WhatsApp. This calls into doubt India’s data protection and privacy laws. The ‘Right to Privacy’ was recognized as a fundamental right in the case of Justice Puttaswamy v. Union of India, and like any other fundamental right, it is subject to some limitations. There are four tests that can be utilized in privacy cases, according to Justice Chelameshwar:
Under Article 14, arbitrary state action may be subject to a reasonableness inquiry. The verdict makes it apparent that privacy, as a basic right, is a private aspect of citizens’ lives that must be preserved as a right under Article 21, which guarantees the right to life and personal liberty. Even when certain limits are imposed for the sake of public order or national security, people’s fundamental rights should not be violated. The Pegasus case demonstrated how spyware can compromise a user’s privacy and personal information. As a result, it is critical to analyze and implement a solid data privacy policy.

Conclusion

Spyware incidents like Pegasus represent the beginning of a new era of digital warfare. Such situations are likely to become more common as technology advances. It is critical that there are strict rules in place in the event of foreign unauthorised access to devices and spyware control limitations. The Pegasus case also emphasized the necessity for spyware regulation, as the goal of targeting users who are criminals or suspicion of criminal activity might extend to spying on persons like activists and protestors, threatening democracy and individual privacy in the long run.

References–
1. The Pegasus case and the laws concerning spyware in India – iPleaders

This article is written by Vidushi Joshi student at UPES, Dehradun.

This article is written by Shrey Hasija, a first-year law student at Vivekananda Institute of Professional Studies, GGSIPU, and Swagata Sharma, a second-year law student at National Education Foundation Law College. This article is an overview of  New IT Rules 2021 and why it is controversial.

INTRODUCTION

New Information Technology Rules also known as New IT Rules 2021, introduced by the Ministry of Electronics and Information is secondary legislation that subdues India’s Intermediary Guidelines Rules 2011. On February 25th, 2021, the Government has notified about the IT rules giving social media platforms 3 months to comply.  According to the new rules, all the Social Media handles require to remove unlawful content uploaded in the said social media platform within the time frame provided by a court order or a notice by a government agency. Also, it is now clearly stated that Social Media platforms need to follow the Constitution and Laws of India. They have also introduced Grievance Redressal for the user and appoint a Resident Grievance Officer[i], Chief complying officer, and nodal contact person in their companies.

Reason Behind the Introduction of New Rules

Recent times have witnessed an increase in usages of the digital platform, here the most concerning part about the increase of criminals and anti-national elements through misuse of social media like scams, frauds, cheating, harassment, etc. Another most highlighted issue is related to the OTT platform. Like we always know everything has both positive and negative[ii] sides it is also almost the same in the case of them, many matured content or defamatory content are now witnessed on live streaming which has marked a very negative impact on society. So Ministry of Electronics and Information has to take this step to maintain the positive impact of social media or OTT platforms and decrease the adverse effect.

Benefits of New Regulation

•   It will lessen the responsibility by reducing from being necessary to be best to achieve the goal.
•   It will reduce the scope of unlawful content.
•  It will help in solving the problems faced by the public such as scams, defamation, harassment, etc.
• It will help the Government to monitor International criminals, offenders (who were living among us) and capture them by encrypting their details.[iii]

Highlights of New Regulation

• If any person receives a court order from a government agency for their content, they must remove the content from the said social media within the time frame of 36 hours.
• A grievance officer will be appointed to resolve the complaints within 15 days.
• Companies will have to barred or remove any sexual act.
• As soon as the Originator of any unlawful content will be identified he/she will be considered to be anti-national.
• Social media companies have to set up a grievance redressal mechanism for users/victims.
• Earlier, if anyone wants to take down any content of social media. He/she has to lodge an F.I.R to Cyber Security Cell and only after then, the content will be taken down. But now, if any individual wants to take any content down that defame or slander him in any way. Can directly address to grievance redressal mechanism of that particular social media and his request will be solved.
• The social media intermediaries have to do due diligence and if the due diligence is not followed then Safe Harbor Provisions will not apply to them. The safe harbor provisions have been defined under Section 79 of the IT act and protect social media intermediaries by giving them immunity from legal prosecution for any content posted on the platforms [iv]

Why WhatsApp has Sued the Government of India?

Facebook-owned WhatsApp has filed a case in Delhi High Court against the government of India, seeking to block the new Information Technology rules that came into effect on 25 May 2021. According to them, the new rule requires certain social media intermediaries like WhatsApp to trace the origin of the particular message. Also, WhatsApp claimed that requiring the message to ‘trace’ is at par with keeping a fingerprint on every single message sent through their messenger. Which would violate end-to-end encryption[v] offered by them. In which they encrypt every message and call in such a way that even WhatsApp cannot track any messages or the originator of it. WhatsApp in its case also highlighted that ending the encryption mechanism will be unconstitutional and against the people’s fundamental right (Right to Privacy) under case Justice K S Puttaswamy vs Union of India[vi]. 

What Government has to say About These Allegations

On 29^th May, the minister of electronics and information and technology[vii] has clarified the stance of traceability of messages on various social media platforms that have emerged as a lightning rod in the ongoing tussle over the new IT rules. He has given various statements:

• Social media intermediaries such as WhatsApp will be required to disclose the origin of the particular message only in severe cases to help the government of India to prevent and investigate the various event that will be a threat to national security.
• India is ensuring the right to privacy to every citizen but at the same time, it is also the responsibility of the government to maintain law and order and to ensure national security.
• The entire debate on whether the WhatsApp encryption would be maintained or not. he said the right to privacy is ensured via encryption mechanism or by other technology but the right to privacy should be maintained. He also said social media intermediaries to find a technical solution to make both ways happen.

Conclusion

The IT Rules 2021, have the potential to fundamentally change how the internet is used by billions of users across India. Many of the changes are the same as the draft named as Chinese model of online surveillance and censorship but there is also some noticeable improvement that has been taken without public deliberation. In some aspects, it becomes a worse and unconstitutional proposed extension of executive power to regulate online news media and video streaming platforms. The need for regulation is maybe constitutional and advances fundamental rights but this approach has the potential of chilling the voices and hurting the privacy of Indian people.[viii]

---

[i] https://www.drishtiias.com/daily-updates/daily-news-analysis/new-it-rules-2021

[ii] https://blog.ipleaders.in/impact-it-rules-2021-live-streaming-content-social-media/amp/

[iii] https://community.nasscom.in/communities/policy-advocacy/policy-brief-the-information-technology-intermediary-guidelines-and-digital-media-ethics-code-rules-2021.html

[iv]https://www.meity.gov.in/writereaddata/files/Intermediary_Guidelines_and_Digital_Media_Ethics_Code_Rules-2021.pdf

[v] https://indianexpress.com/article/technology/tech-news-technology/whatsapp-moves-delhi-high-court-over-traceability-clause-social-media-rules-7330558/

[vi] (2017) 10 SCC 1

[vii] https://www.thehindu.com/news/national/union-minister-ravi-shankar-prasad-interview-with-the-hindu/article34743824.ece

[viii] https://thewire.in/tech/explainer-how-the-new-it-rules-take-away-our-digital-rights

Latest Posts

• Job opportunity at EXO Edge, Sahibzada Ajit Singh Nagar, Punjab, India: Apply Now!!
• Internship opportunity at Vishwas Advisors, Kalyan, Maharashtra, India: Apply Now!!
• Internship opportunity at Kulfi Collective, Mumbai, Maharashtra, India: Apply Now!
• Job opportunity at The Neotia University, Diamond Harbour, West Bengal, India: Apply Now !!
• Job opportunity at Morgan Stanley, Mumbai, Maharashtra, India: Apply Now!!
• Job opportunity at VISA INTELLIGENCE CONSULTANCY LLP, New Delhi, Delhi, India: Apply Now!!  
• Job opportunity at Amazon Web Services (AWS), Gurugram, Haryana, India: Apply Now!!
• Job opportunity at Stelcore Management Services Private Limited, Mumbai, Maharashtra, India: Apply Now!!
• Job opportunity at Zscaler, Sahibzada Ajit Singh Nagar, Punjab, India: Apply Now!!
• Job opportunity at Irish Expert, Delhi, India: Apply Now!!
• Job opportunity at UnitedLex · Gurgaon, Haryana, India: Apply Now!
• Internship opportunity at Vineforce · Nabha, Punjab, India: Apply Now!!

---

• ACEDY (1)
• CLAT-Peeps! (10)
  • Current Affairs (2)
• competitions (132)
• Conferences and Seminars (201)
  • Webinar (1)
• Course and Workshops (107)
• Debates (46)
• DEGY (1)
• Eassy Competitions (69)
• Fellowships & Scholarships (56)
• Guest Blogs (6)
• important (29)
• Internships and Jobs (2,317)
• interviews (8)
• LEGY (1)
• moot court (180)
• Opportuintes (2,731)
  • Job Opportunity (1,191)
• opportunity (2,559)
  • Call for papers (475)
  • Quizes,fests and others (298)
  • Work Opportunity (836)
• Our Blog (1,049)
  • Administrative Law (17)
  • ADR (13)
  • Arms Act (2)
  • Case Analysis (205)
  • Company law (36)
  • Constitutional Law (143)
  • Consumer Protection Act (17)
  • Contract Law (62)
  • CPC (10)
  • Criminal Law (140)
  • Cyber Law (13)
  • Environmental Laws (30)
  • Evidence Act (20)
  • Family Law (12)
  • General (205)
  • International Humanitarian Law (8)
  • International law (23)
  • IPR (10)
  • Jurisprudence (13)
  • labor laws (7)
  • Maritime Laws (1)
  • Partnership Act (2)
  • personal law (33)
  • Taxation (10)
  • Tort (64)
  • Transfer of Property (2)
• Our Services (11)
  • career advice (2)
  • others (6)
• Top Stories (524)
• Uncategorized (720)

Archives

• November 2023 (26)
• October 2023 (1)
• September 2023 (5)
• August 2023 (2)
• July 2023 (25)
• June 2023 (23)
• May 2023 (40)
• April 2023 (136)
• March 2023 (124)
• February 2023 (138)
• January 2023 (61)
• December 2022 (39)
• November 2022 (103)
• October 2022 (178)
• September 2022 (342)
• August 2022 (240)
• July 2022 (273)
• June 2022 (196)
• May 2022 (27)
• April 2022 (99)
• March 2022 (190)
• February 2022 (196)
• January 2022 (193)
• December 2021 (152)
• November 2021 (203)
• October 2021 (189)
• September 2021 (177)
• August 2021 (192)
• July 2021 (393)
• June 2021 (293)
• May 2021 (179)
• April 2021 (61)
• March 2021 (46)
• February 2021 (56)
• January 2021 (63)
• December 2020 (86)
• November 2020 (94)
• October 2020 (146)
• September 2020 (220)
• August 2020 (173)
• July 2020 (165)
• June 2020 (119)
• May 2020 (136)
• April 2020 (7)
• February 2020 (37)
• January 2020 (3)
• November 2019 (1)