Snooping illegally on phones of lawyers and activists (and maybe others) is of use only to government.
IT minister Ravi Shankar Prasad told the media that the government had asked WhatsApp (which is owned by Facebook) to give an explanation. Of course, WhatsApp/Facebook should be called out. But what about the Israeli surveillance company called NSO Group that sold its Pegasus spyware to, as yet, unknown clients so that they could hack into the phones of at least 17 Indian lawyers, activists and journalists using a flaw in WhatsApp’s digital infrastructure? The Modi government has very friendly relations with the Israelis. Should they not ask Prime Minister Netanyahu or the Israeli intelligence apparatus to press NSO to reveal the clients? Remember that the Israeli government has reportedly classified Pegasus as a ‘weapon’ because of its very powerful features and its potentially dangerous use.
After all, the big question here is this: cui bono, that is, who benefits? Who would want the phone records/activity of Shalini Gera of the Jagdalpur Legal Aid Group and Bhima Koregaon case accused Sudha Bharadwaj’s lawyer; Advocate Nihalsingh Rathod, who heads the Human Rights Law Network in Nagpur, and is a lawyer of accused Surendra Gadling in the same case; Bela Bhatia, Adivasi rights activist from Chhattisgarh; Anand Teltumbde, academic and writer on Dalit issues, also an accused in the same case; Ankit Grewal, who represented Sudha Bharadwaj; and several other activists and journalists?
Only the Indian government or its agencies, or even state governments would have any advantage in getting their hands on their phone data. The 10 persons involved in the Bhima Koregaon case have been accused of such serious charges like planning to assassinate PM Modi, overthrow the government, and so on. Till date, despite over a year of investigations, nothing much has emerged, which makes for a strong motivation to scrounge around for some clue in the activists’ phones.
That this is not just a pie in the sky is confirmed by reports of how Pegasus has been put to use elsewhere in the world by governments. There are reports of it having been used in Mexico to spy upon journalists, in Rwanda to spy upon a human rights’ activists and there is even a link to the infamous murder of Saudi journalist Jamal Kashoggi.
Different Agencies Interested in Spying
In December 2018, the government notified that 10 central security agencies and authorities would be allowed to carry out surveillance of all electronic communications, internet-based activity and computers, empowered under the Information Technology Act, 2000. The matter was challenged in the Supreme Court where in March 2019, the government said that it had a detailed Standard Operating Procedure (SOP) for such surveillance. But the bottom line was that bureaucrats would review applications for surveillance—and we all know how bureaucrats function. The petitioners in the Supreme Court had pointed out that in 2017, enforcement authorities ordered Facebook, Google and Twitter for data of more than 200,000 accounts under various laws. Earlier, the Srikrishna Committee had said that review authorities meet once in two months and have the task of reviewing more than 15,000-18,000 surveillance orders. So, there is a whole lot of agencies in this game and they are given the green signal more often than not.
In fact, it is not just the central government and its agencies that would be interested in spying on the current bunch of activists. As the emails leaked from the ‘Hacking Team’ (now archived at Wikileaks) have shown, state police departments too are actively seeking tools to snoop on their targets. The case documented is of the Andhra Pradesh police scouting around for surveillance tools in 2015. As recently as March this year, there were reports that the intelligence department of Andhra Pradesh state government had acquired an Israeli device or tool for breaking WhatsApp encryption. This was just before the Lok Sabha elections in May this year.
So, the answer to the question ‘who benefits?’ by acquiring Pegasus yields a whole phalanx of deadly curious agencies, both central and state-level. Who knows, there may even be some private agencies that have been roped in to provide the services! After all, many unthinkable services are these days outsourced to shadowy NGOs, like the one which handled the recent MEPs visit to Kashmir.
Smoke and Mirrors
Ministry officials have been quoted in media reports as complaining that senior WhatsApp officials never mentioned this leak in meetings with them in May this year. WhatsApp has quickly countered, saying they had mentioned it. Other reports suggest that officials complained still more that WhatsApp just gave them ‘technical jargon’ (sic) implying thereby that the IT Ministry couldn’t understand it.
Ridiculous as all this sounds, there is a method in this madness. Prasad may or may not be in the loop on the whole thing. But all this speculation about WhatsApp and Prasad’s indignation has created a fog within days of the scandal spilling out. It has become a game of smoke and mirrors. The government, through Prasad, is seemingly outraged and full of righteous indignation, just as it was in March 2018, when it was revealed that a UK-based data analytics company Cambridge Analytica (CA) had stolen data of 87 million Facebook users. Prasad had similarly fulminated against Facebook and threatened legal action.
One and a half years later, nothing has happened as far as India is concerned although in the UK, Cambridge Analytica closed down and Facebook has paid 500,000 pounds to the UK’s Information Commissioner’s Office (ICO), to settle the latter’s investigation into the scandal. India’s Central Bureau of Investigation is still playing 20-questions with Facebook and the now defunct CA.
As this cut and thrust between India and WhatsApp continues, nobody is paying attention to whoever used Pegasus to snoop on diverse Indian citizens. Maybe that’s what the government wants.