The Computer Emergency Response Team of India (CERT-In) has concluded an internal investigation which revealed that employees of the nodal cyber agency had issued instructions to legal website Indian Kanoon to remove a specific court order from their platform, it said in a tweet on Sunday.
On December 12, Indian Kanoon, received an email at 11pm from CERT-In’s incident response department stating that there was a “cybersecurity incident affecting” the organisation and therefore they required the contact details of the websites’ Chief Information Security Officer or Information Technology head. At around 11:30 pm, Indian Kanoon received a call from a person, identifying themselves as a CERT employee, to remove a particular court judgement, it said in a tweet.
In its tweet, CERT-In said that “some employees, contesting a case in personnel matter, made a call to Indian Kanoon in their personal capacity asking them to remove the judgment as it puts their names & addresses in public domain. This is not an official communication from Govt.”
CERT-IN did not respond to queries sent on Monday. MediaNama was able to track down the employee but they declined to comment.
Abuse of power
MediaNama has reviewed the judgement in question which came in a Central Administrative Tribunal case filed by government employees against the Ministry of Electronics and Information Technology (MEITY), over alleged discrepancies in the recruitment of personnel for statutory bodies under MEITY, including CERT-In and the Standardisation, Testing and Quality Certification Directorate.
Sushant Sinha, founder of Indian Kanoon, told MediaNama that CERT-In has not contacted him directly and that the only communication they have seen are the tweets. “Only one person [involved in the case] contacted me and asked me to remove the names and addresses of all their colleagues. The employee had contacted me for a second time stating that CERT-IN had ordered an inquiry. They requested us to tweet in their favour stating that the issue had been resolved. This is a misuse of government resources,” he said.
While CERT-In says that it has investigated the incident, it has not stated whether there was any administrative action taken against its employees. Under the garb of a cyber security incident, CERT-In employees have clearly abused their position by using official communication channels to take care of personal legal matters.
Right to privacy and court judgements
While the Supreme Court, in the Puttaswamy judgement of 2017, held that citizens have a fundamental right to privacy, an earlier Supreme Court judgement said that publication of court records will not constitute any violation of the right to privacy.
The rule aforesaid is subject to the exception, that any publication concerning the aforesaid aspects becomes unobjectionable if such publication is based upon public records including court records. This is for the reason that once a matter becomes a matter of public record, the right to privacy no longer subsists and it becomes a legitimate subject for comment by press and media among others. We are, however, of the opinion that in the interests of decency [Article 19(2) an exception must be carved out to this rule, viz., a female who is the victim of a sexual assault, kidnap, abduction or a like offence should not further be subjected to the indignity of her name and the incident being publicised in press/media — R Rajagopal vs State of Tamil Nadu 1994
According to Indian Kanoon’s policies, the publication of court judgments does not constitute an infringement of the Copyright Act since court cases are matters of public records. Further, the website or others cannot take-down modify the court judgements or attempt to censor portions of the judgement without a court’s order. Only in cases of sexual harassment, sexual assault or rape, will the website remove the name, address and any other identity of the victim from the concerned court judgments, it says.
Aroon Deep contributed to reporting on this development.