wordpress blog stats
Connect with us

Hi, what are you looking for?

Indian Government Plans Digital Central Monitoring System – CIS India

CIS Logo

by Maria Xynou

Starting from this month, all telecommunications and Internet communications in India will be analysed by the government and its agencies. This means that everything we say or text over the phone, write, post or browse over the Internet will be centrally monitored by Indian authorities. This totalitarian type of surveillance will be incorporated in none other than the Central Monitoring System (CMS).

The Central Monitoring System (CMS)

The Central Monitoring System (CMS) may be another step in the wrong direction, especially with the lack of privacy laws to protect Indian citizens against potential abuse. Yet, all telecommunications and internet communications are to be monitored by Indian authorities through the CMS, despite the fact that it remains unclear how our data will be used.

The CMS was prepared by the Telecom Enforcement, Resource and Monitoring (TREM) and the Centre for Development of Telematics (C-DoT) and is being manned by the Intelligence Bureau. The CMS project is likely to start operating this month. The Information Technology Amendment Act 2008 enables e-surveillance. The government plans to create a platform that will include all the service providers in Delhi, Haryana and Karnataka creating central and regional databases to help central and state level law enforcement agencies in interception and monitoring. Without any manual intervention from telecom service providers, CMS will equip government agencies with Direct Electronic Provisioning, filter and provide Call Data Records (CDR) analysis and data mining to identify the personal information and provide alerts of the target numbers.

The estimated cost of CMS is Rs. 4 billion. It will be connected with the Telephone Call Interception System (TCIS) which will help monitor voice calls, SMS and MMS, fax communications on landlines, CDMA, video calls, GSM and 3G networks. Agencies which will have access to the CMS include the Research and Analysis Wing (R&AW), the Central Bureau of Investigation (CBI), the National Investigation Agency (NIA), the Central Board of Direct Taxes (CBDT), the Narcotics Control Bureau, and the Enforcement Directorate (ED). Last October, the NIA approached the Department of Telecom requesting for connection with the CMS to help it intercept phone calls and monitor social networking sites without the cooperation of telcos. NIA is currently monitoring eight out of 10,000 telephone lines and if connected with the CMS, NIA will also get access to e-mails and other social media platforms. Essentially, CMS will be converging all the interception lines at one location for Indian law enforcement agencies to access them. CMS will be capable of intercepting our calls and analyzing our data on social networking sites, and also tracking encrypted signals. Thus our attempts to protect our data from ubiquitous surveillance would be futile.

Advertisement. Scroll to continue reading.

In light of the CMS installation, the Mumbai police set up a ´social media lab´ last month to monitor Facebook, Twitter and other social networking sites. Staffed with 20 police officers, this lab would keep an eye on issues being publicly discussed and track matters relating to public security. According to police spokesman Satyanarayan Choudhary, the lab will be used to identify trends among the youth to plan law and order accordingly. However, fears have arisen that the lab may be used to stifle political debate and freedom of expression. The arrest of two Indian women last November over a Facebook post during Bal Thackeray’s death was proof that the monitoring of our communications can potentially oppress our freedom and human rights. Now that all our online activities will be under the microscope, will the CMS security trade-off be worth it?

Surveillance in the name of Security

In a digitised world, threats to security have been digitised. Terrorism is considered to be a product of globalisation and the internet appears to be a tool used by terrorists. Hence governments all around the world are convinced that surveillance is probably one of the most effective methods in detecting and prosecuting terrorists. So all movement, action, interests, ideas and everything that could define an individual are closely being monitored. If everything about our existence is closely monitored and analysed, it seems likely that we will be instantly detected and prosecuted if engaged in illegal activity. But according to security expert Bruce Schneier, searching for a terrorist through data mining is like looking for a needle in a haystack. Generally, the bigger the amount of data, the bigger the probability of an error in matching profiles. Hence, when our data is being analysed through data mining, the probability of us being charged for a crime we did not commit is real. Nonetheless, CMS is going to start operating soon in an attempt to enable law enforcement agencies to tackle crime and terrorism.

A few days ago, I had a very interesting chat with an employee at SAS Institute (India) Pvt. Ltd. in Bangalore, a wholly owned subsidiary of SAS Institute Inc. SAS produces software solutions and services to combat fraud in financial services, identify cross-sell opportunities in retail. All the business issues it addresses are based on three capabilities: information management, analytics and business intelligence. Interestingly, SAS also produces social network analysis which ‘helps institutions detect and prevent fraud by going beyond individual and account views to analyze all related activities and relationships at a network dimension’. Thus, a social network analysis solution uncovers previously unknown network connections and relationships, even to a terrorist organisation enabling more efficient investigations.

According to the SAS employee I spoke to, the company provides similar analysis to Indian law enforcement agencies and aims to support the CMS project in an attempt to tackle crime and terrorism arguing that their social network analysis solution only analyzes open source data thus respecting online individual privacy. Cyber security experts have argued in favour of the Mumbai social media lab stating that the idea that the privacy of our messages and online activity would be intercepted is a misconception.

It was also argued that there is no harm in creating monitoring centres, especially since other countries, such as the U.S., are conducting similar surveillance, thus justifying it in the name of security.

Advertisement. Scroll to continue reading.

CMS targeting individuals: myth or reality?

Does CMS really target us individually as the cyber security experts in India claim? Lets look at the following hypothesis:

The CMS can surveille and target individuals, if Indian law enforcement agencies have access to individuals content and non-content data and are simultaneously equipped with the necessary technology to analyse their data.

The two independent variables of the hypothesis are: (1) Indian law enforcement agencies have access to individuals´ content and non-content data, (2) Indian law enforcement agencies are equipped with the necessary technology to analyse individuals´ content and non-content data. The dependent variable of the hypothesis is that the CMS can target individuals, which can only be proven once the two independent variables have been confirmed.

However, the surveillance industry in India is a vivid reality. ClearTrail is an Indian surveillance technology company which provides communication monitoring solutions to law enforcement agencies around the world including, mass monitoring of IP and voice networks, targeted IP monitoring, tactical Wi-Fi monitoring and off-the-air interception, among others. Indian law enforcement agencies are equipped with technologies and solutions capable of targeting us individually and of monitoring our private online activity.

Shoghi Communications Ltd. is just another example of an Indian surveillance technology company. WikiLeaks has published a brochure with one of Shoghi´s solutions: the Semi Active GSM Monitoring System which can intercept communications from any GSM service providers in the world and has a 100% target call monitor rate without any help from the service provider. Indian law enforcement agencies are probably being equipped with such systems which would enable CMS to monitor telecommunications more effectively.

In general, many companies, globally, produce surveillance products and solutions for supply to law enforcement agencies around the world. However, if such technology is used solely to analyse open source data, how do law enforcement agencies expect to detect criminals and terrorists? In other words, how can they access our ´private´ online communications to define whether we are a terrorist or not?

Advertisement. Scroll to continue reading.

Law enforcement requests reports published by companies, such as Google and Microsoft, confirm the fact that law enforcement agencies have access to both our content and non-content data, much of which was disclosed to Indian law enforcement agencies. The various surveillance technology companies ensure that Indian law enforcement agencies are equipped to analyse our data and match patterns.

Thus, the arguments brought forth by cyber security experts in India appear to be weak. So how does CMS also affect our human rights?

No privacy legislation currently exists in India. The telephone tapping laws in India are weak and violate constitutional protections. The Information Technology Amendment Act 2008 has enabled e-surveillance to reach its zenith, but yet surveillance projects, such as CMS, lack adequate legal backing.  All individuals can potentially be targeted and monitored, regardless of whether they have been involved in illegal activities. The following questions in regards to the CMS remain vague: Who can authorise the interception of telecommunications and Internet communications and access to intercepted data? Can data monitored by the CMS be shared between third parties and if so, under what conditions? Is data monitored by CMS retained and if so, for how long and under what conditions? Do individuals have the right to be informed about their communications being monitored and about data retained about them?

In order to ensure that our right to privacy and other human rights are not breached, parliamentary oversight of intelligence agencies in India is a minimal prerequisite. E-surveillance regulations should be enacted, covering both policy and legal issues pertaining to the CMS ensuring that human rights are not infringed.

A version of this post was published on Centre for Internet & Society, India website

The Centre for Internet and Society is a non-profit research organization that works on policy issues relating to freedom of expression, privacy, accessibility for persons with disabilities, access to knowledge and IPR reform, and openness (including open government, FOSS, open standards, etc.), and engages in academic research on digital natives and digital humanities.

Advertisement. Scroll to continue reading.

Free Reads

News

The Bill allows the Attorney General or any district/ city attorney to seek injunctive or other equitable relief against a large online platform

News

The tech giant made it clear it doesn't share data from organizations using Azure OpenAI and Copilot to third-parties or use it to train...

Google

Among the selected organizations are Quill.org and the World Bank, both known for their work in AI-powered tools.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

NPCI CEO Dilip Asbe recently said that what is not written in regulations is a no-go for fintech entities. But following this advice could...

News

Notably, Indus Appstore will allow app developers to use third-party billing systems for in-app billing without having to pay any commission to Indus, a...

News

The existing commission-based model, which companies like Uber and Ola have used for a long time and still stick to, has received criticism from...

News

Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...

News

Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...

You May Also Like

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ