Araging debate over privacy rights has ended inconclusively in the US, but the issue is highly relevant to India going digital in a big way with its 125 crore population. Apparently irreconcilable questions were raised in the Apple vs FBI legal fight. Can individual privacy rights be absolute? Should any limits be set on government surveillance and law enforcement? FBI investigators in the US wanted access the smart-phone of a terrorist who had gunned down several persons at San Berrdino last December. Syed Rizwan Farook’s iPhone 5C was password protected. The Apple security system has a code which wipes the iPhone hard drive clean when someone enters an incorrect password ten times in a row. The FBI got a court order to compel Apple to write a new code which would override this security feature. Citing customer privacy, Apple fought this order. However, the dispute ended recently in an anti-climax when the FBI said it no longer needed Apple’s help, since a third party had provided it a software tool to break into Farook’s smart-phone. So the central question of government surveillance vis-à-vis citizen’s privacy remains unresolved, ready to blow up whenever the next similar case comes along.
With hackers becoming smarter and in the aftermath of former US tiol Security Agency contractor Edward Snowden’s revelations about the true extent of government data collection and monitoring, leading information technology (IT) and communication companies like Apple have been making data encryption and other safeguards stronger to protect their customers’ data. Unless they do so, distrustful customers will move away to other companies making more secure devices. With each software update and hardware upgrade giving more security features, a showdown with government agencies becomes inevitable. If law enforcers can enter and search the house of a suspect (with a warrant, of course), they can demand access to the suspect’s various devices to know what he or she has been up to. Sometimes, it may work the other way too when a victim’s smart-phone may give clues to investigators about the attacker’s identity. CC camera footages in public and private places help give a face to miscreants. Even in many other areas, government surveillance has become ubiquitous, if not acceptable. Taxmen get to know about a citizen’s fincial dealings in his bank accounts. Even private IT-based companies track user data extensively to push advertisements and reach out to customers in various ways.
Once IT-ebled household devices and machines begin exchanging information through the Internet of Things, the extremely data-rich environment will throw up new questions about encrypting and safeguarding that data. As Apple did this time, other companies will argue that when a foolproof security system is sought to be designed, it is a logical fallacy to ask for a loophole to give free access to the creator. It is like a householder expecting no one will know that he hides the key to his apartment under the doormat or the flower-pot outside! Besides, the designers of security protocols may themselves turn rogue, so the protocol must be impregble to everyone. This was broadly the argument the Electronic Frontier Foundation put forth to US president Barack Obama during the course of the Apple vs FBI debate. In India, the Central government’s initiative to link up citizens’ Aadhar card numbers, bank accounts and subsidy payments with their mobile phone numbers is the largest of its kind in the world. But our laws need to be tightened up to address the unfolding reality of a data-rich, networked country. Key clauses dealing with threat to the country’s ‘security’, preventing commission of an ‘offence’, maintaining ‘cyber security’ and related legal provisions are yet to be rigorously defined, leaving the door open for mischief by overzealous public agencies. With many procedures yet to be laid down properly, government surveillance in India is not a matter for citizens to take lightly.