India's three main surveillance projects NATGRID, CMS and NETRA have been directed to stop collecting data citing breach of privacy

India's three main surveillance projects NATGRID, CMS and NETRA have been directed to stop collecting data citing breach of privacy
Representative imageUnsplash

  • India’s three main surveillance projects — NATGRID, CMS, and NETRA — have been directed to stop collecting data by the Delhi High Court.
  • The order comes as public interest litigation (PLI) filed by lawyer Prashant Bhushan on behalf of the CPLI cited that there is ‘insufficient oversight’ allowing the mass surveillance of Indian citizens and breaking their right to privacy.
  • NATGRID has access to 12 categories of data, CMS can listen in on your phone conversations, and NETRA can track everything you do online.
The Delhi High Court has issued a notice today asking India’s central government to stop collecting data through their three main surveillance systems — National Intelligence Grid (NATGRID), Central Monitoring System (CMS) and Network Traffic Analysis (NETRA).

The notice is in response to public interest litigation (PLI) filed by lawyer and activist Prashant Bhushan on behalf of the NGO called the Center for Public Interest Litigation (CPIL).

In the appeal, Bhushan argues that the three systems create a net of 360-degree surveillance on Indian citizens. They allow central and state law enforcement agencies to intercept and monitor all telecommunications in bulk which is an infringement of individuals’ fundamental right to privacy.
Complimentary Tech Event
Transform talent with learning that works
Capability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More

The plea further contends that there is an ‘insufficient oversight mechanism’ to authorise and review the interception and monitoring orders issued by the state agencies under the existing legal framework.


What are NATGRID, NETRA and CMS?
NATGRID, NETRA and CMS are surveillance systems. This means they collect data in order to keep an eye out for anything that could threaten national security.

NATGRID allows investigation and law enforcement agencies to access real-time information from data stored within agencies like the Income Tax Department, banks, insurance companies, the Indian Railways, and other offices. There are a total of 21 categories of data that NATGRID has access to.

Where the NATGRID has access to real-time data, CMS is centralised telephone interception provisioning system. And, it’s exactly what it sounds like. It can bypass the middleman — the telecom companies — to directly monitor text messages, social media posts and phone calls.

NETRA is the third leg of India’s security infrastructure. While the CMS is tapping into your phone’s network, NETRA is watching everything you do online — not just on social media.

It can monitor any text-based messages containing direct messages on Facebook, within your personal emails or online blogs. Using filters and keywords, it can identify words even in encrypted messages.

How does NATGRID undermine the right to privacy?
NATGRID was established through governmental notifications rather than through legislation passed in the Parliament. Even though it helps the project come to fruition faster, it also undermines the system of checks and balances essential to a democracy, according to PRS India.

Considering that NATGRID can access information of private individuals, it also has a bearing on their fundamental rights — like the right to privacy, as cited by Bhushan.

Unlike India, countries like the US and the European Union (EU) have comprehensive privacy laws. They include the conditions under which access to databases would be allowed and limitations on how such data can be used. UIDAI, like NATGRID, was formed using governmental notifications. It was established as an executive authority, and still functions without a statutory mandate.

What roles to CMS and NETRA play?
The underlying logic for developing CMS and NETRA was to monitor terrorist activities mainly after the terrorist bomb attack in Mumbai on November 26, 2008.

With both of them, the problem again boils down to a lack of transparency in the absence of data protection laws. The general public has no way of knowing if and when a person’s data has been intercepted or how data is being used.

CMS and NETRA allow for mass surveillance with the potential to target large groups of people without a valid reason.

To solve for the lack of transparency, the PLI filed by Bhushan seeks the creation of a permanent independent oversight body — either judicial or parliamentary — for issuing and reviewing lawful interception and monitoring warrants under the enabling provisions of the Indian Telegraph Act, 1885 and the Information Technology Act, 2000.

Fortnite's biggest ever event saw 15 million players, 3 million viewers and took Twitch down

Pfizer claims its newly approved COVID-19 vaccine can survive without sub-zero temperatures for five days

Google Maps has a new 'community feed', which looks a lot like Yelp or TripAdvisor on steroids