We write to the Criminal Law Reform Committee which could make it even easier for TV anchors to read your texts #SaveOurPrivacy

Our submission reiterates demands to disband the Committee and we have also provided substantive inputs on various issues at the intersection of criminal law and digital rights.

29 September, 2020
6 min read


Last week, we wrote to the Committee for Reforms in Criminal Law established by the Ministry of Home Affairs to recommend changes to India's entire criminal justice system. Our submission reiterates demands by lawyers, former judges, academics and civil society groups to disband the Committee whose composition and consultation process has excluded the vast majority of Indian society. While the primary demand is reconstitution of the Committee and postponement of the consultation process till the COVID-19 pandemic subsides, we have also highlighted various issues relating to substantive, procedural and evidentiary criminal law which have an impact on the digital rights of ordinary internet users.


The Committee for Reforms in Criminal Law has been established by the Ministry of Home Affairs to recommend changes to India's criminal justice system within six months while most of the country is still struggling to cope with the COVID-19 pandemic. The composition of the Committee lacks regional diversity and representation of women, dalits, adivasis, religious minorities and LGBTQIA+ persons. Further, the mode of consultation is also highly exclusionary since the Committee’s questionnaires and notifications are only published in English and the public can participate in the consultation only through the Committee’s website.

For these reasons, we fully support the call to #DisbandTheCommittee and urge you to visit this informative website which explains the problems with the Committee and helps you take action by sending emails to the Ministry of Home Affairs and your Member of Parliament. The Committee's consultation is scheduled to end soon and we only have 10 more days to raise our voice against this process. For this reason, despite having serious reservations about the Committee, we have also provided substantive inputs on issues which lie at the intersection of digital rights and criminal law such as prosecution of internet users for social media posts and law enforcement access to mobile phones and laptops.

Impact of Criminal Law on Digital Rights

We have highlighted various issues relating to substantive, procedural and evidentiary criminal law which have an impact on the digital rights which are listed below. You can check out the PDF copy of the actual submission linked at the bottom of this post if you would like to read about any of these issues in greater detail.

  • Substantive criminal law (Indian Penal Code): Sedition, hate speech, criminal defamation, obscenity and fake news.
  • Procedural criminal law (Code of Criminal Procedure): Law enforcement access to personal electronic devices, use of Section 144 to impose internet shutdowns and app bans, and procedural aspects of criminal defamation.
  • Evidentiary Criminal Law (Indian Evidence Act): Electronic evidence and illegally obtained evidence.

In our previous update, we had explained how vague and overbroad speech based offences under the IPC and IT Act can lead to arbitrary prosecution of internet users. In this post, we will focus on our submissions regarding law enforcement access to personal electronic devices and use of Section 144 to impose internet shutdowns and app bans, which are two core issues that IFF has been working on for a long time.

Law Enforcement Access to Personal Electronic Devices

At the outset, we must note that unlike many other modern democracies, the Indian criminal justice system provides minimal mandatory judicial oversight in the search and seizure process, which heightens the risk of coercion and privacy violations. A combined reading of Sections 51, 102 and 165 of the CrPC indicates that police officers can search and seize personal electronic devices without prior judicial authorization. In case of warrantless searches under Section 165, CrPC, the police officer must record reasons in writing but even if this requirement is flouted, the evidence collected through the illegal search is not considered inadmissible before a court of law. Therefore, to protect the privacy of digital device users, we must first address these overarching problems in the Indian criminal justice system which permit warrantless searches and seizures and deem illegally obtained evidence as admissible.

In jurisdictions like the US where prior judicial authorization is generally required for search and seizure, courts have enforced this requirement in the context of personal electronic devices and even offered heightened protection in such cases. For instance, in Riley v. California, the US Supreme Court rejected the government’s claim that a warrantless search of the accused’s cell phone conducted incidental to his arrest was valid. In arriving at its conclusion, the Court  relied on the heightened privacy interest associated with cell phones which store a large amount of multiple types of data going back several years. As the Court incisively noted, "a decade ago officers might have occasionally stumbled across a highly personal item such as a diary, but today many of the more than 90% of American adults who own cell phones keep on their person a digital record of nearly every aspect of their lives.”

There are two key issues which must be addressed to create a legal framework for search and seizure of personal electronic devices which balances law enforcement interests against civil liberties of citizens.

First, the CrPC must provide robust judicial oversight in the search and seizure process and it should clearly and narrowly define the circumstances in which law enforcement officials can conduct warrantless searches and seizures. Most jurisdictions recognize exigent circumstances which permit warrantless search and seizure but the wide phrasing of Sections 51, 91, 102 and 165, CrPC and weak enforcement of even the meagre safeguards available make such practices the norm rather than the exception.

Second, in the event that the police are unable to search an accused’s phone without a password, compelled disclosure of the password should not be permitted as it would violate the guarantee against self-incrimination. Further, alphanumeric and biometric passwords should be treated alike since they are functional equivalents. It is important to note that such a prohibition against compelled disclosure of passwords would not necessarily frustrate the police’s investigation since it is possible to procure a suspect’s call records, messages, emails etc. from internet companies and telecom service providers. Ideally, judicial authorization should be required if the data is being sourced from internet companies or telecom service providers to ensure that only data relevant for the purposes of the investigation is being sought.

Use of Section 144 to impose internet shutdowns and app bans

Prior to 2017, internet shutdowns were routinely imposed under Section 144, CrPC by district authorities. However, as the Supreme Court has noted in Anuradha Bhasin v. Union of India, the legal position changed in 2017 with the notification of the Telecom Suspension Rules 2017 which require the Home Secretary of the Central or State Government to authorize an internet shutdown and mandate review by a review committee. Since 2017, despite the existence of a special legal framework for internet shutdowns, district officials have continued imposing internet shutdowns under Section 144, CrPC. For instance, as we had highlighted in a previous update, internet shutdowns were imposed in Madhya Pradesh, Uttar Pradesh and West Bengal in 2020 by District Magistrates who are not empowered to exercise powers under the Telecom Suspension Rules 2017.

Section 144, CrPC has also been used by police authorities in Gujarat to ban PUBG and led to the arrest of several youngsters for merely playing a video game. The arrest of youngsters for playing PUBG was challenged before the Gujarat High Court by IFF for being an unconstitutional violation of personal liberty. It should be noted that similar to internet shutdowns, blocking of websites and mobile apps also has a separate legal framework present under Section 69A of the IT Act and IT Blocking Rules 2009. However, despite the existence of specific provisions for internet shutdowns and website blocking, district officials and police authorities have continued to rely on the general power available under Section 144, CrPC which lacks procedural safeguards and enables the arrest and prosecution of anyone who breaches the order.

To address this continued misuse of Section 144, CrPC which undermines the rights of internet users, it is necessary to clearly state in either the text of the provision or the accompanying form that Section 144 cannot be used to subvert the procedure prescribed under special legislations, and more specifically, it cannot be used to impose internet shutdowns or to block websites and mobile apps. In addition to this, it must be clarified that Section 144 cannot be used to impose positive obligations on individuals, such as the Noida Police Commissioner’s order mandating all residents to download the Aarogya Setu app which we had legally challenged.

Important Documents

  1. IFF’s submission to the Committee for Reforms in Criminal Law (link)
  2. Explainer on law enforcement access to personal electronic devices (link)

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

Your personal data, their political campaign? Beneficiary politics and the lack of law

As the 2024 elections inch closer, we look into how political parties can access personal data of welfare scheme beneficiaries and other potential voters through indirect and often illicit means, to create voter profiles for targeted campaigning, and what the law has to say about it.

6 min read

Press Release: Civil society organisations express urgent concerns over the integrity of the 2024 general elections to the Lok Sabha

11 civil society organisations wrote to the ECI, highlighting the role of technology in affecting electoral outcomes. The letter includes an urgent appeal to the ECI to uphold the integrity of the upcoming elections and hold political actors and digital platforms accountable to the voters. 

2 min read

IFF Explains: How a vulnerability in a government cloud service could have exposed the sensitive personal data of 2,50,000 Indian citizens

In January 2022, we informed CERT-In about a vulnerability in S3WaaS, a platform developed for hosting government websites, which could expose sensitive personal data of 2,50,000 Indians. The security researcher who identified the vulnerability confirmed its resolution in March 2024.

5 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!