India’s newly enacted Telecommunications Act, 2023, has sparked controversy and fueled anxieties about its potential impact on fundamental rights and digital rights. While the Act aims to modernize the telecommunications sector and address emerging technological challenges, its broad and ambiguous provisions have raised serious concerns.
The Act introduces several new provisions, including:
- Appointment of Telecommunications Authority of India (TRAI) as regulator: TRAI is now the sole regulatory authority for all telecom services and infrastructure.
- Creation of National Security Council (NSC) for telecom security: The NSC will advise the government on telecom security matters and have oversight over telecom networks.
- Power to intercept and block communications: Law enforcement agencies can now intercept and block communications without prior judicial approval if they believe it threatens national security or public order.
- Data localization requirements: Telecom operators are required to store citizens’ data within India, raising concerns about data security and accessibility.
Under section 20 (2) of the Act, the government is granted the authority to intercept and detain messages or suspend services in cases of public emergency, with the aim of ensuring public safety, sovereignty, and integrity of India.
Section 22 (2) of the Act allows the government to collect, store, analyze, and disseminate ‘traffic data’ related to telecommunications networks, with ‘traffic data’ being defined as any data generated, transmitted, received, or stored in telecommunication networks, including data pertaining to the type, routing, duration, or time of telecommunication.
Many have raised concerns about the Act’s reliance on delegated legislation for important aspects of its functioning, arguing that this approach undermines personal freedoms and the need for Parliamentary debate on such matters.
It is important to note that the Act’s provisions for government actions related to telecommunications are to be provided for in the rules as and when they are framed, adding to the ongoing debate about the balance between national security and individual rights.
The Indian Telegraph Act allows for the monitoring of messages to safeguard India’s sovereignty, integrity, security, public order, and foreign relations.
The legality of this provision was tested in the PUCL v. Union of India case, where the Supreme Court evaluated it against Article 19 of the Constitution.
To regulate this power, guidelines were established by the Court and incorporated into the Indian Telegraph Rules of 1951 and the Telecom Services Suspension Rules of 2017.
These rules mirror the principles outlined in the PUCL case, granting the authority to intercept messages to specific government officials at both the Union and State levels.
While the interception of messages is not a new concept, the expansive definition of ‘telecommunications’ could have significant implications for privacy and security.
The Interception Issue
India’s interception system is similar to that of the United Kingdom but differs in certain key aspects.
In both India and the UK, the authority to intercept messages is derived from the Executive branch of the government.
The UK’s interception of communication is regulated by the Investigatory Powers Act, 2016 (IPA), and the Interception of Communications Code of Practice.
The IPA in the UK establishes the role of an Investigatory Powers Commissioner who submits an annual report to the Prime Minister, which is then presented to Parliament and made available to the public.
In Australia, National security warrants are issued by the Attorney-General, while law enforcement warrants are issued by Judges or members of criminal tribunals.
The UK faces challenges similar to those in India regarding the broad definitions found in legislation, such as the Indian Act and the IPA, which can lead to difficulties in regulating telecommunications effectively.
The distinction made by the EU between Electronic Communications Services (ECS) and Information Society Services (ISS) helps in addressing the issues related to regulating emerging technologies and services in the telecommunications sector.
Recent developments in the UK, such as the proposed Online Safety Bill, have caused tension between technology companies like WhatsApp and Apple, who prioritize user security through end-to-end encryption, and the government’s efforts to access communications for reasons like protecting children from harm.
The dilemma faced by technology companies operating in the UK highlights the importance of balancing compliance with national laws and regulations while also ensuring user privacy and security.
The ongoing debate surrounding interception of communications in the UK underscores the necessity for a balanced approach that considers factors like proportionality and the extent of interception required to achieve legitimate aims, especially in countries like India where interception is authorized by the executive branch.
Europe has faced numerous obstacles regarding data retention and interception laws.
The European Court of Human Rights ruled against the UK’s bulk interception regime under RIPA, 2000 in the case of Big Brother Watch v. United Kingdom.
The Court found that the UK’s interception regime lacked independent safeguards, violating the European Convention on Human Rights.
The issues were addressed and resolved in 2023.
The UK Court of Appeal later examined the IPA’s bulk data retention provisions and determined that while there were adequate safeguards in place, improvements were needed in certain areas such as protecting journalistic material and data from bulk personal datasets.
Ref: https://www.judiciary.uk/wp-content/uploads/2023/08/R-Liberty-v-Secretaries-of-State-Judgment-040823.pdf
In India, there is a lack of comprehensive provisions for privacy protection, and the true impact of privacy rights or violations will only become clear once the relevant regulations are established. [https://main.sci.gov.in/pdf/aorexam/leading_cases/35.pdf ]
Additionally, the government has utilized section 69-A of the Information Technology Act, 2000, which has been deemed constitutional by the Supreme Court, to restrict access to various applications, including the widely used TikTok, citing national security concerns.
This demonstrates the significant overlap between the Internet and the Telecommunications sector, and the government’s use of established measures to exercise its executive authority.
The expansive definition of telecommunications will become more defined as either the Parliament or the Executive branch move to further regulate service providers.
The ban on numerous applications in 2020 and the government’s directive to app-stores to remove access to them underscores the government’s ability to take action in the realm of digital technology and telecommunications.
Investigation and seizure
Section 42 of the 2023 Act grants authorized officers the power to conduct searches in buildings, vehicles, aircraft, or any location where there is reason to believe unauthorized telecommunication networks, telecommunication equipment, or radio equipment are being concealed, similar to section 7 of the Wireless Telegraphy Act, 1933.
According to section 165 of the Code of Criminal Procedure, 1973, officers in charge of a police station or an investigation have the authority to carry out searches within their jurisdiction if they have reasonable grounds to believe that evidence related to the investigation may be found at the location. This is permitted if the officer believes that obtaining the object of the search would be unduly delayed by obtaining a search warrant.
section 165 https://www.indiacode.nic.in/show-data?actid=AC_CEN_5_23_000010_197402_1517807320555&orderno=188
The power granted under section 42 of the 2023 Act and section 165 of the Code of Criminal Procedure, 1973, allows for the search and seizure of items related to unauthorized telecommunication networks, telecommunication equipment, radio equipment, and evidence related to criminal investigations without the need for a search warrant.
These provisions are in place to ensure that authorized officers have the necessary powers to conduct searches and seizures in a timely manner, without being hindered by the requirement of obtaining a search warrant, when there are reasonable grounds to believe that evidence or items related to unauthorized activities or criminal investigations may be found.
The ability to conduct searches and seizures without a warrant under specific circumstances is intended to facilitate the effective enforcement of laws and regulations related to telecommunication networks, equipment, and criminal investigations, while also safeguarding the rights of individuals and ensuring that due process is followed.
In the case of State of MP v. Paltan Mallah, the Supreme Court said that even if a search is done illegally, the evidence found can still be used in court. The Court will decide if there was a violation of a law or Constitutional right, and if the accused is not unfairly affected, the evidence can be used. Indian Courts usually prefer to use evidence instead of throwing it out for technical reasons. Section 42 of the Act gives a lot of power, which could be misused, but this is not new.
Biometric Information
Section 3 (7) of the 2023 Act says that telecom companies have to use biometric identification for their users. According to section 4 of the Telegraph Act, they can also use Aadhaar, Passport, or other valid documents. The Supreme Court said that linking Aadhaar to SIM cards was not allowed.
[https://www.scobserver.in/wp-content/uploads/2021/10/Aadhaar_35071_2012_FullJudgement.pdf]Because of this, service providers have to accept other documents for the KYC process. The Telegraph Act lets the subscriber choose how they want to verify their identity. Now, the Department of Telecommunications is using e-KYC instead of paper for new SIM cards.
[https://dot.gov.in/sites/default/files/letter%20dated%2005122023.pdf?download=1]In Puttaswamy, the Supreme Court said that making people link their SIM cards with Aadhaar wasn’t fair. The Court talked about how biometric information is sensitive and can be used for making money. They said that Aadhaar wasn’t the best way to check someone’s identity, so they said it was against the Constitution.
The Puttaswamy Court established a three-part test for legislation to comply with Article 21-(i) legality, (ii) a valid state objective, and (iii) proportionality to ensure a logical connection between goals and methods. Given the ongoing data breaches and cyber attacks on Indian government bodies, meeting this test could be challenging.
In 2023, news came out that the Aadhaar and Passport information of 815 million Indians had been hacked and was being sold. The government is facing a difficult situation – if biometric data is necessary for overseeing the telecommunications industry, they can’t really show that the data is safe. If they try to play down these breaches, it affects the third part of the Puttaswamy test.
The Unsettling Provisions:
Vague Definitions and Overbroad Powers: The Act grants sweeping powers to the government, including the ability to block content and intercept communications without specific grounds or judicial oversight. The definition of ‘unlawful content’ is subjective and open to interpretation, potentially leading to censorship of legitimate speech.
Increased Surveillance: The Act facilitates intrusive surveillance by allowing for the collection and retention of user data without adequate safeguards. This raises concerns about the government’s ability to track and monitor citizens’ online activities, potentially chilling free expression.
Curtailment of Internet Access: The Act empowers the government to restrict or block internet access in specific areas or under certain conditions. This could be used to stifle dissent or restrict access to information during politically sensitive periods.
Lack of Transparency and Accountability: The Act lacks provisions for independent oversight and transparency, raising concerns about the potential for abuse of power. The absence of clear mechanisms for redress and appeal further contributes to the uncertainty surrounding its implementation.
The Growing Concerns:
Suppression of Dissent: Many fear that the Act will be used to silence dissenting voices and suppress critical commentary. The broad powers granted to the government could be weaponized to target individuals or groups who express views that are deemed ‘unlawful’ or ‘undesirable.’
Erosion of Privacy: The Act’s provisions on data collection and surveillance threaten the privacy rights of individuals. The lack of safeguards against misuse or leakages raises concerns about the potential for the government to access and exploit sensitive personal information.
Chilling Effect on Innovation: The Act’s ambiguity and broad powers could create a chilling effect on innovation and creativity in the digital space. The fear of censorship and surveillance may deter individuals and businesses from exploring new ideas and expression.
The Need for Urgent Action:
The Indian Telecommunications Act, 2023, raises serious concerns about the future of freedom of speech and digital rights in India. It is imperative for the government to address the ambiguities and overreach of the act.
Clarity and Transparency: The government should clearly define ‘unlawful content,’ establish safeguards against arbitrary censorship, and ensure transparency in the decision-making process.
Independent Oversight: A robust independent oversight mechanism should be established to monitor the implementation of the Act and safeguard against abuse of power.
Stronger Privacy Protections: The Act needs to incorporate robust privacy protections for user data, including restrictions on data collection, retention, and sharing.
The Indian Telecommunications Act, 2023, stands as a stark reminder of the need for a balance between national security and freedom of expression. If left unchecked, the Act’s provisions could have devastating consequences for the future of free speech and digital rights in India. It is time for the government to take concrete steps to address these concerns and ensure that the Act serves the public interest without jeopardizing fundamental rights.
Source: Linkedin, Youtube
Also Read: