THE IMPACT OF THE RECENT PEGASUS SPYWARE CONTROVERSY ON THE RIGHT TO PRIVACY IN INDIA

Published by Admin on

Spread the love
Post Views: 526

This article is written by Isha Bajpai of 2nd Year of University of Mumbai Law Academy, an intern under Legal Vidhiya

ABSTRACT

 This article is written on a topic relating to the Pegasus Spyware that has spread distrust and shock in the citizens of India as well as the world. This article majorly focusses on the impacts of the spyware in a way that it explains everything regarding it along with the demerits and impacts of it that it has on India. This article is written by collecting secondary data from different research databases and has been compiled in a language that is easy to understand along with various facts regarding Pegasus that many are unaware of. The article contains research regarding the issues revolving around the Pegasus spyware in India, the stand of the Government and the Supreme Court. The main results that were found out during the research is that the malware is a very powerful tool that is creating chaos in the world.

KEYWORDS

Pegasus, Spyware, Super Snooper, India Government bought Pegasus, Right to Privacy, DPDP Act, Digital Privacy Data Protection Act.

OBJECTIVES

The main objectives of this research article are:

  • To understand what the Pegasus spyware is
  • To know who has made this and who uses this spyware
  • To study the impacts of this spyware
  • The stand of the Supreme Court and the Indian Government

INTRODUCTION

The Pegasus can do more than what the user can do to the device! The Pegasus spyware was manufactured by an Israeli company called the NSO group. This company has made this spyware in 2011 and has sold it to several countries around the world. This spyware has targeted thousands of people across the world and is a very powerful as well as dangerous cyber weapon that is being used against many people. The spyware is a zero-click spyware which makes it very difficult for the users to protect their devices. There are some countries who have claimed the use of the spyware. However, India has still not openly disclosed whether the government has made use of the spyware or not. The right to privacy of the citizens of not only India but of the whole world is at stake due to this spyware. It is considered a super snooper as it compromises a device in unimaginable ways. The spyware is very difficult to detect. Furthermore, it cannot be detected like a regular virus but needs a proper forensic test to be performed in order to detect the virus. Also, it cannot be detected on Androids but only on iPhone.

WHAT IS THE PEGASUS SPYWARE

The Pegasus spyware can be called the super snooper. This is because the spyware infiltrates devices not when the user clicks on links sent or returns the missed calls to phone numbers that are used to attack the devices, but just by missed calls or texts that are delivered to your smartphone, it can infect devices without the user’s knowledge. This is why the spyware is famously called the zero-click spyware. Any device, including feature phones, iOS and Android, can be infected by this malware. It is also referred to as the “super snooper” because, once it has infiltrated and compromised a device, there is no turning it back. Changing SIM cards will not help the user if they do not want to be tracked. The users will have to discard their devices if they do not want to be traced.

Furthermore, once the device has been compromised, the spyware has access to everything on it. Everything from the device’s location to its settings, call logs, contact information, SMS, emails, browser history, social media accounts, and much more is accessible to the spyware. It basically transforms the gadget into a surveillance device that can see and hear everything. It is an impossible task to detect this malware in the gadgets. It is capable of monitoring texts messages of FB and WhatsApp as well.

WHO MADE THIS SPYWARE

This spyware was developed by an Israeli firm, NSO group (Niv, Shalev and Omri). This company is a cyber arms company. The first version of Pegasus was developed in 2011 by this company. This malware is used to get hold of terrorists and criminals in the world. It is claimed that it has helped in preventing various terrorist activities. The malware is a self-destructing one, which self-destructs when no evidence is found in the devices that have been targeted.

RESEARCH ON THE SPYWARE

According to analysts, there is only one way to get rid of the spyware. This is to discard the device. Claudio Guarnieri[1], of Amnesty International’s Security Lab in Berlin has contributed to the research of unfolding the facts regarding the Pegasus majorly. Claudio also states, “Pegasus can do more than what the device’s owner can do”. However, legal representatives of the spyware manufacturing company have said the research of Guarnieri is just a pile of baseless assumptions.

TARGETS OF THE SPYWARE

In India

In total 1400 people were targeted by Pegasus by 2019 as disclosed by WhatsApp. Out of the 1400 phone numbers, only 24 people in India were targeted by this spyware. In regard of this it has introduced the “zero-day” vulnerability which means that the companies of these phones have no idea about the virus nor do they know about treating it. Who has targeted them is unknown. The people involved in the Bhima Koregaon 2018 Pune violence case were targeted by this. Till date around 50,000 people have been targeted by Pegasus of which at least 300 are from India.

Outside India

Ashok jie was targeted by Saudi Arabia.

WHO USES PEGASUS

As Israel has said that they sell this spyware only to the governments of countries, it is assumed that the Indian Government has also brought Pegasus.

CASES FILED AGAINST PEGASUS

WhatsApp has filed case against NSO, the company which has made this Pegasus spyware, for cancellation of Pegasus.

GOVERNMENT OF INDIA

In all countries there are laws made that dictate what the country’s government can do and cannot do. The same is for the Indian government. Only the extent of what the government can do is decided by the Parliament in India. This extent differs from country to country. The Indian government has got a blanket clearance due to which they can perform bulk surveillance on Indian citizens.

As per software experts like Prabir Purkayastha[2], Pegasus spyware is not a legal surveillance. Pegasus, according to him, is like theft and not surveillance. He argues that it is like searching someone’s device and taking out whatever you want to without any legal permission or even knowledge of the person. It is the seizure not only of one’s privacy but also their property in the form of digital material. It is like hacking someone’s phone and it is yet not clear whether such type of hacking is legal or not, although he finds this to be illegal.

He also talks about the difference between a malware and a cyber weapon. He has considered this difference as in his opinion, Pegasus is not just a malware but a cyber weapon that is used to purposely attack a person’s phone and transform it forever, hence called a weapon. A malware could just be a regular virus that might enter a device due to many reasons moreover malware themselves do not affect the gadgets. The users are also at fault if a malware affects their gadgets. As malwares attack is possible if the users have called back on a number used for the same or clicked on a link for the same, etc. Here it is a both side deal.

It has been found out that around 50,000 phone numbers were attacked by this spyware worldwide. Of these 50,000 people at least 300 numbers were found to be Indian numbers. It is alleged that not only criminals but also journalists, activists and political oppositions received called or the virus has entered their device by some way.

LOOPHOLES/IMPACTS OF THIS SPYWARE

  1. Illegal use of the spyware

The issue with this spyware is that instead of surveillant the criminals it is used to keep surveillance on reporters. In countries like Saudi Arabia and UAE, the spyware has been used in this way to track reporters. 17 media houses including have reported this globally.

In India, several influential leaders have been targeted such as Rahul Gandhi, and Prashant Kishor. Rahul Gandhi Himself has referred to the Spyware as a weapon.[3] The journalists Siddharth Varadarajan and Anand Mangnale were also targeted by this spyware in October, 2023.

The former Prime Miniter of Pakistan, Imran Khan was also a target of this spyware.

2. Numbers

Of the 50,000 people only 57 numbers have been tested forensically.  The other loophole of this spyware is that it can only be tested on iOS phone and not Androids. There are two issues that can be covered under this by seeing the number of phones that have been tested

  • First, not many people use iPhone so firstly there would be lesser iPhone to test anyway
  • Second, among the iPhone in the list of people who have been targeted, not everyone would give their phones to someone for detected a virus that MIGHT be comprising their device.
  • Compromise of the devices

The virus cannot be detected like a regular virus can be detected. It can only be detected in labs through forensic methods. The androids do not have the type of system where it can keep logs of such type of data that can be useful to detect the Pegasus spyware.

3. Distrust in Government

Only 15% people know about this spyware in India[4]. This was found out in a survey conducted by Prashnam, an AI Technology start-up by Rajesh Jain. But the ones who are aware have lost their trust in the Modi Government. It is commonly said that he is being using the spyware on the citizens of India as there are many politicians, journalists and activists who have been targeted in India.

The Supreme Court of India, in October 2021 made a Pegasus Committee of 3 members and 1 supervisor appointed by the SC. Comprising of:

  1. Dr. Naveen Kumar Chaudhary, Dean of National Forensic Sciences University in Gandhinagar.
  2. Dr. Prabaharan P., Professor at Amrita Vishwa Vidyapeetham in Kerala.
  3. Dr. Ashwin Anil Gumaste, Institute Char Associate Professor at Indian Institute of Technology, Bombay.
  4. The committee will be supervised by retired Justice RV Raveendran.

The SC has not revealed the results or conclusions derived from the work of this committee but has stated that the Central Government has not been co-operating with the SC in order to help with the findings. Mexico has accepted that it has Pegasus India has not accepted this yet.

ASSUMPTIONS ON THIS SPYWARE

  1. There is a list of targets for Pegasus attack
  2. It is a credible list
  3. India has Pegasus
  4. Other nations cannot target India

It was said that if these numbers are in the list, then definitely the Indian government has targeted them as why would any other government be interested in the criminals, terrorists, or in general the people of India.

But a counter argument could be that as nowadays we live in a place of globalisation, so there are chances that the attacker of India numbers might be from outside India. Moreover, it is also said that Pegasus cannot target any Indian number from other than the government of India.

It is also said that if NGOs can have this list, then definitely any other big and powerful person can have the list.

Only 67 numbers were examined of which 23 were infected and 14 showed signs of attempted penetration. Attempted penetration means that when you get a link and click on it only then will be infected. In India 22 phones were analysed and only 10 phones were targeted of which only 7 were infected successfully.

This type of investigation can only be done on apple phones as android does not keep log of this type of information. Also, if the device is changed then cannot track any previous attack on the previous device of the person.

OTHER FACTS

In the case Justice K. S. Puttaswamy v Union of India[5] judgment given by the Supreme Court, in 2017.

The article 19 of the Indian Constitution does not explicitly state Right to Press, but it is inclusive in the Article 19(1)(a) of the Constitution.

It has been mentioned in various newspapers and articles that the Prime Minister of India has bought the Pegasus spyware from Israel.

The Data Protection Bill, 2017 has been in discussion for 6 years before becoming an Act. Digital Personal Data Protection Act, 2023. Foreign companies, cyber criminals are a threat for the Indian citizens unless we don’t have a good Digital Protection Law in India.

CONCLUSION

This spyware is a very dangerous one for the citizens of the world. The protection laws in India must be made stronger and only then can such spywares not attack. The researches done on the spyware is very limited. Hence, making a decision of the same is not the solution here. This situation is a very extreme one and must be handled with case by the Central Government as they must be responsible for the safety and security of the citizens. When the government has not yet confirmed whether they have bought the spyware or not then instead of blaming of the government for concealing facts we must move towards finding out if there is any external source behind this. If there is any such thing then there could be threat to India in the recent time. Furthermore, Android manufacturers must make a note of the type of spyware that this is a find out a solution of its detection in Androids as well.

REFERENCES

  1. Justice K. S. Puttaswamy v Union of India, AIR 2018 SC (SUPP) 1841
  2. Digital Personal Data Protection Act, 2023
  3. Indian Constitution
  4. https://www.business-standard.com/article/opinion/pegasus-impact-loss-to-indian-republic-and-government-is-much-greater-121072600100_1.html
  5. https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones
  6. https://theprint.in/opinion/only-15-indians-know-about-pegasus-but-once-aware-their-distrust-of-modi-govt-grows/708698/
  7. https://www.amnesty.org/en/latest/news/2023/12/india-damning-new-forensic-investigation-reveals-repeated-use-of-pegasus-spyware-to-target-high-profile-journalists/
  8. https://www.thehindu.com/news/national/indian-intelligence-service-bought-pegasus-from-israel-coordinated-with-mossad-nyt-reporter/article38364766.ece
  9. https://timesofindia.indiatimes.com/india/opposition-target-modi-govt-after-nyt-report-claims-india-purchased-pegasus-spyware-in-deal-with-israel/articleshow/89198359.cms
  10. https://www.iasparliament.com/current-affairs/pegasus-case

[1] https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones

[2] Prabir Purkayastha is an engineer and a science activist in the power, telecom and software sectors. NewsClick is an Indian news website founded by Prabir Purkayastha in 2009, who also serves as the Editor-in-Chief.

[3] https://www.business-standard.com/article/opinion/pegasus-impact-loss-to-indian-republic-and-government-is-much-greater-121072600100_1.html

[4] Prashnam conducted an all-India survey to precisely measure this. A total of 3,500 respondents were sampled in a stratified, randomised manner across 12 states.

[5] Justice K. S. Puttaswamy v Union of India, AIR 2018 SC (SUPP) 1841

Disclaimer: The materials provided herein are intended solely for informational purposes. Accessing or using the site or the materials does not establish an attorney-client relationship. The information presented on this site is not to be construed as legal or professional advice, and it should not be relied upon for such purposes or used as a substitute for advice from a licensed attorney in your state. Additionally, the viewpoint presented by the author is of a personal nature.

PDF 📄
Categories: Article
Tags:

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

MANEKA GANDHI V. UNION OF INDIA, 1978
Article

MENAKA GANDHI V. UNION OF INDIA, 1978

Spread the love CITATION AIR 1978 SC 597 DATE 25 January 1978 COURT NAME Hon’ble Supreme Court of India PETITIONER Menaka Gandhi RESPONDENT Union of India JUDGES Chief Justice M. Hameedullah Beg, Justice Y.V. Chandrachud, Read more…

REFORMING THE PRISON SYSTEM IN INDIA
Article

REFORMING THE PRISON SYSTEM IN INDIA

Spread the loveThis article is written by of Khushi Kumari, Indore Institute of Law, an intern under Legal Vidhiya ABSTRACT This study offers a thorough examination of India’s prison system from antiquity to the years Read more…

EXPLAIN THE PRINCIPLE OF RULE OF LAW
Article

EXPLAIN THE PRINCIPLE OF RULE OF LAW

Spread the loveThis article is written by Arshi Biswakarma of  South Calcutta Law College , an intern under Legal Vidhiya INTRODUCTION The rule of law is a fundamental principle that underpins democratic governance, ensuring that all Read more…

7- Week Certificate Course on IPR Law by Legal Vidhiya [Register by 13 June 2025]