In October 2021, a technical committee was constituted to examine if phones of individuals were hacked and in 2022
The Supreme Court on Tuesday said that it will not compromise the security of the nation by disclosing the contents of the report submitted to the court by the technical committee in the Pegasus snooping case, although it added that individuals whose phones were kept under surveillance deserve to know if their phones were hacked as their right to privacy enjoys Constitutional protection.
Hearing a clutch of petitions filed by individuals and organisation seeking an independent probe into the alleged hacking of phones and the involvement of the Centre in employing malware to snoop on private citizens, a bench headed by justice Surya Kant said, “Any report touching on the security of the country, we are not going to disclose even a single word. But if there are private citizens, we can examine that part.”
The matter has been kept for further consideration on July 30.
In October 2021, a technical committee was constituted to examine if phones of individuals were hacked and in 2022, the committee headed by former Supreme Court judge, justice (retd) RV Raveendran submitted its report in sealed cover.
Senior advocate Kapil Sibal appearing for one of the petitioners, journalist Paranjoy Guha Thakurta, claimed that while ordering the formation of the technical committee , the bench was not aware of whether the phones were hacked.
Other petitioners represented by senior advocates Shyam Divan and Dinesh Dwivedi sought that the report be made public alleging that the state had used spyware against its own citizens. Divan said that portions of the technical committee’s report, read out by the court in August 2022 confirmed that malware was detected in some of the devices submitted by the petitioners/individuals examined by the technical committee.
Solicitor general Tushar Mehta appearing for the Centre said that the committee’s findings should not be made public as it would reveal details that could impact the security of the country. He said, “What is wrong in using spyware against terrorists. They cannot have a right to privacy.”
The bench, also comprising justice N Kotiswar Singh, remarked, “We cannot sacrifice the security of the nation. But individual citizens have a right to privacy which is protected under the Constitution.”
Striking a balance, the bench noted that the individuals who are before the court have a genuine concern whether their phones were hacked.
In the face of Centre’s opposition to part even with the redacted portion, the court proposed that details pertaining to individuals could be shared “like an objective Q&A”, by responding “yes or no” to questions from petitioners on whether their phones were hacked.
Mehta told the court that the petitions have been filed by individuals who have nothing to do with the case and are simply seeking a “roving” enquiry.
Dwivedi, also appearing for the petitioners informed the court that the chairman of the technical committee had also submitted a separate report listing its recommendations and that this could be shared. The bench admitted that it has not opened the sealed cover yet to find out its contents.
The court agreed to examine these issues on the next date of hearing and permitted petitioners to give names of individuals who wanted confirmation of their apprehensions that their phones were hacked.
The other members of the court-appointed committee included Naveen Kumar Chaudhary, professor cyber security and digital forensics, and dean, National Forensic Sciences University, Gandhinagar, Gujarat; Prabaharan P, professor at the school of engineering, Amrita Vishwa Vidyapeetham, Kerala; and Ashwin Anil Gumaste, associate professor of computer science and engineering at the Indian Institute of Technology Bombay.
The court had directed former Indian Police Service officer Alok Joshi and Sundeep Oberoi, chairman of the subcommittee in the International Organization of Standardization, International Electro-Technical Commission and Joint Technical Committee, to assist the committee on matters involving technical and investigational aspects.
As the petitions highlighted breach of their right to privacy and alleged that the highly sophisticated spyware Pegasus was a military software sold only to governments and government agencies, the court picked the committee to enquire whether the Pegasus software was used on phones or other devices of citizens “to access stored data, eavesdrop on conversations, intercept information” and the details of the persons affected by such a spyware attack.
Reports first surfaced in 2019 that WhatsApp accounts of Indian citizens, including journalists, judges and politicians were hacked using Pegasus spyware. As the petitioners alleged that the state was behind it, the court had asked the committee to examine “if any governmental agency” or “domestic entity/person” had used the spyware and under what law, rule, guideline, protocol, or lawful procedure was such a deployment made.