5 Ways the Indian Government Plans to use Tech Surveillance in 2020
The Indian government has been cracking down on dissent for years, but December 2019 has seen anti-CAA, NRC, and NPR protestors being subjected to unprecedented levels of state-sponsored brutality. As India arrives at the dawn of a new decade in the age of information, the way we interact with technology is changing. Amidst the violence of the season, the central government has been using tech for surveillance in the alleged interest of ‘national security’. These measures are actively being used to curtail speech, dissent, and civil disobedience, violating the privacy and autonomy of Indian citizens. This article uses simple language to outline the many ways in which the central government plans on doing this, from drones to internet killswitches.
- Drones: These are remote-controlled robots that are suspended in the air for the purpose of capturing photos and videos of events on-ground, which can then be used to identify citizens and their whereabouts. This year, drones have been deployed in Delhi, UP, Chennai, Kashmir, and Northeast India for surveillance purposes.
What authorities say: Police officials say that images taken by drones play a vital role in police investigation, and that surveillance recordings will help in identifying those who cause situations to turn violent. On the surface, the primary intent is public safety, but Internet Freedom Foundation states, ‘Quite often they are deployed across peaceful protests to record the movements of people and pose a risk to their privacy. They also may fly close to crowds threatening injury and causing anxiety. ’
Legality: Is the usage of drones legal in India? According to the Internet Freedom Foundation, The Director General of Civil Aviation has exclusive powers to regulate drones in India, and has sanctioned the use of 6 types of small/micro drones in Lok Sabha.
The problem: The right to privacy is a constitutional right, falling under Article 21 (right to life and personal liberty). Mass surveillance using drones regularly and/or in non-critical situations is a blatant violation of this right, and strips citizens of privacy without their consent. It is important to understand that
(a) both the expectation of privacy as well as the illegality of its outright violation still exist in public spaces where drones operate — that is, we do not hand this right over to the state when we leave our homes, and
(b) given that India is a democratic republic, even the state cannot impinge on this right — making the possible disproportionate, unwarranted usage of drones unconstitutional.
An even bigger problem occurs when drones are used alongside facial recognition technology.
2. Facial Recognition Technology (FRT): This is a type of software that uses pictures or videos of your face to identify who you are. The software maps your facial features and stores the data like a live ‘screenshot’ of your face. Artificial intelligence is then used to compare this ‘screenshot’ to other photos or videos of you, to verify your identity.
Though FRT can be used for benign reasons such as unlocking your phone and replacing a manual password, it has already been put to use unethically — from China using it to identify Uighur Muslims to Israel using it to track Palestinians inside the West Bank.
India’s plan: India adopted FRT half a decade ago with the primary goal of finding missing children by matching their faces to pictures in India’s missing children police database. This worked — by July 2019, NGO Bachpan Bachao Andolan was able to match over 10,000 missing children. However, India is now planning to build the world’s largest FRT system — the National Automated Facial Recognition System (NAFRS). The idea is to give police from across the country access to a single, centralized, national database, which will match photos from CCTV cameras against criminal databases.
Protestor surveillance: FRT is being used for identification of anti-CAA/NRC/NPR protestors by the Delhi Police. The Indian Express reports, ‘Delhi Police has been filming major protest events in the city. This footage is now being fed to (N)AFRS which extracts “identifiable faces” of the protesters to its dataset. Once extracted, say sources, the lot is manually screened to identify and retain “habitual protesters” and “rowdy elements”.
(a) Many of India’s major cities and airports are already extensively covered, and India still does not have any legal/regulatory frameworks with respect to FRT. This is important because regulations exist to protect the rights of citizens. Without them, the state will have a disproportionate amount of power and authority in terms of mass surveillance, which is already ethically murky.
(b) Sivarama Krishnan (lead of cybersecurity at PWC India) told CNN Business he worries that India’s facial recognition system could become a tool of social policing, used to punish petty offenses, or to control the whereabouts of ethnic minorities. If it becomes linked to Aadhaar, which contains the personal details of 1.2 billion Indian citizens, India will be able to set up a total, permanent surveillance state. Microsoft’s President Brad Smith told the Economic Times, ‘The use of facial recognition technology by a government for mass surveillance can encroach on democratic freedoms’.
(c) Business Insider India lists out consequences of a large-scale FRT system like NAFRS pointed out by the Brennan Center for Justice in the US: (a) Numerous studies have found that FRT performs poorly when analyzing the faces of women, children, and people with darker skin tones, creating a race, gender, and age bias. This places communities already subject to over-policing at greater risk for misidentification. (b) FRT is recognized as extraordinarily intrusive, challenging reasonable expectations of privacy and lacking necessary oversight. (c) Law enforcement use of FRT may expose protestors to persistent surveillance and identification, making free speech difficult.
3. Personal Data Protection Bill 2019: The data bill was introduced in the Lok Sabha this month. This conversation is a long one, and the bill will be discussed in another article — but what is important to know in context of drones and FRT is that if passed, the Act will authorize the central government to gain access to your sensitive personal data (like political leanings, sexual orientation, caste, and biometric information including FRT data) without your consent under certain defined circumstances (for example, if you are suspected of being a threat to national security).
The problem: This is a grave issue because in a political climate where CAA/NRC protestor and activist Sadaf Jafar has been arrested on 18 charges including attempted murder and criminal intimidation, RTI activist Gogoi has been arrested for sedition, and thousands of citizens have been detained for exercising their right to free speech, it is unclear what the government defines as a threat to national security. This also raises a question of the government is truly concerned about national security or instead in its own vested interests and political power. The police itself has no strict or formal parameters for defining a ‘suspect’ — so in a sense, we are all vulnerable and at risk.
The fact that drones and FRT help the government collect our data, and the data bill then gives the government access to it, is worrying. Data privacy is important because if your personal data is known, most everything about you, by extension, is known, and you are uniquely identifiable. Having control over your data, then — like finances and biometrics — can give someone control over your life.
As slightlineinnovation.com puts it, the purpose of personal data protection isn’t just to protect a person’s data, but to protect the fundamental rights and freedoms of the person related to that data.
4. Internet Intermediaries: ‘Intermediaries’ are platforms like Twitter and Instagram, and even IP providers, that enable online interaction between users and allow for sharing of information, as long as they have above 5 million users. Social media apps and other platforms that rely on users to create their content fall under this definition.
India’s plan: In October 2019, it was declared that existing rules to regulate intermediaries will be revised (that is, made more stringent) by January 15 2020, according to The Ministry of Electronics and Information Technology. MEITY says the internet has “emerged as a potent tool to cause unimaginable disruption to the democratic polity”, and that regulations will help in addressing the “ever growing threats to individual rights and nation’s integrity, sovereignty and security.”
The Personal Data Protection Bill 2019 also talks about Social Media Intermediaries. A summary on PRS states that all SMIs which have users above the notified threshold, and whose actions can impact electoral democracy or public order, have ‘certain obligations’, like providing voluntary user verification mechanism for users in India.
The problem: What does all of this mean? In short, that the government will soon have more power to regulate content on social media, in the interest of ‘national security’. A question here arises, for the reader to critically consider: How many times in the last year has social media been used to threaten democratic unity? On the other hand, how many times has it been used to question and discuss breaches of democracy by the government itself? Answering these questions may help us better understand the intention behind such unprecedented, stringent regulations.
5. Internet and Cell Tower Killswitches: A killswitch is a mechanism that a single authority like India’s government uses to centrally control and restrict internet access and cell tower connection for a given area.
Where India stands: India is the internet shutdown capital of the world, because we have the highest number of internet shutdowns in the world. In 2018, out of 196 worldwide shutdowns, 134 were India’s. In the span of November and December 2019, Internet shutdowns have occurred in Kashmir, West Bengal, Uttar Pradesh, Delhi, Meghalaya, Assam, Tripura, Arunachal Pradesh, Rajasthan, Madhya Pradesh, and several other places. As we enter the new year, Kashmir is on its 150th day — this is the single longest shutdown in the world.
It’s not always a total shutdown — according to a CNET article, bandwidth for specific apps like Facebook and Whatsapp can be slowed down, making the apps difficult to use, hence restricting communication.
The problem: In 2016, the UN unequivocally condemned internet shutdowns by governments as a violation of human rights. This is not surprising — though initially introduced by the US as a safety mechanism against cyberwarfare, today, internet shutdowns are used as a tool of repression, and are largely considered a feature of authoritarian governments.
According to a CNET article, not only does a lack of access to Internet make peer-to-peer info sharing difficult, it makes it near impossible for journalists to fact-check and file verifiable stories. Communication becomes difficult not only within the area, but also between people living in and out of the area. For example, an internet shutdown makes it near impossible for Kashmiri citizens to report humans rights violations to news outlets, friends, and family in India.
A study from Stanford’s Global Digital Policy Incubator gives us two facts: (a) Internet shutdowns are used primary for the purpose of control — because governments use it as a tool to extend their control over the territory to the greatest extent possible, and (b) shutting off internet access does not reduce violent protests. Instead, it sometimes perpetuates them.
In conclusion: Technology is about to redefine our relationship with the state in a big way. In light of this, it is imperative for all of us to:
(a) Be informed of our fundamental human rights, nuances of new introductions like the Personal Data Protection Bill, changes in frameworks surrounding internet freedom and surveillance, and methods of ensuring better data privacy for all.
(b) Disseminate this information in an easy to understand, accessible manner for all.
(b) Protect and exercise our rights to free speech and privacy, and champion policy recommendations by organizations that fight for our digital well-being and safety.
(c) Demand legal/regulatory frameworks that protect the interests of citizens, to stop disproportionate power and authority from entering into the hands of the government.
Author’s note: Thank you for reading this piece! It is a simple guide written by a student, for students and all who seek to understand the basics of tech surveillance in the country. Please share this, quote it, talk about what it entails, and translate it into your regional language if you can. You can find me at @pavemented on Instagram. #InformationIsEmpowerment.