The right to privacy Bill aims to uphold the right of all Indians against any misuse of their personal information, interception of personal communication, unlawful surveillance and unwanted commercial communication.
The department of personal and training, mandated with framing the law, has come out with a draft legislation that lays out its own provisions on lawful interception, some of these similar to existing laws.
Mint has reviewed a copy of the draft Bill and minutes of various meetings on the issue. According to one such document, Attorney General G.E. Vahanvati is of the view that “provisions about the authorization of interception of communications (Web/IT-based) should be so drafted that it may have overriding effect over similar provisions in Telegraph Act, IT Act or any other Act”.
“There was no satellite communication or Internet then. Even the IT Act of 2000 permits interception which is of Internet-based communication. We need one legislation which is for the current scenario as the ambit of these provisions is so small,” said the official, requesting anonymity because of the sensitivity of the matter.
Another official with a security establishment, who is also involved in the talks, said provisions in the Bill should not disturb the existing regime of lawful interception that’s critical to intelligence gathering. “The draft privacy Bill is positive in that direction. But it should be stated in categorical terms,” the official said, on condition of anonymity.
Under present laws, central agencies require the Union home secretary’s permission to intercept phone calls and emails. In states, the permission is granted by the state home secretaries. On an average, central agencies intercept 6,500 phone numbers daily.
Former Union home secretary G.K. Pillai says a comprehensive regime on lawful interception will not create operational hindrances in the functioning of law enforcement agencies. “Otherwise also the existing laws like Telegraph Act need some modification,” he said.
The first official said the overlaps in the draft Bill are only on lawful interceptions as India does not have laws governing surveillance and commercial communication. The Telecom Regulatory Authority of India recently came out with guidelines on spam text messages, but these are not law.
The privacy Act was originally mooted to ensure that data collected by the government under the Unique Identification project, or Aadhaar, is not misused. Aadhaar, as part of providing unique digital identities to all Indian residents, collects various personal information, including biometric data and iris scans.
But recent incidents such as the tapping of phone conversations involving lobbyist Niira Radia prompted the government to relook the privacy law. “It exposed the weakness in the country’s privacy regime and it was felt that a law just on data protection won’t be enough,” said the first official. “It has to be comprehensive enough to address at least the basic privacy requirements.”
surabhi.a@livemint.com
Sahil Makkar and Appu Esthose Suresh contributed to this story.