Breaking: New insight into the Secret Operating Procedures of State Governments for Surveillance

To understand how states have been conducting surveillance, we filed RTIs with various state governments on what standard operating procedures are at play.

25 September, 2019
3 min read

Highlights

  • Background: IFF filed RTIs with various state governments seeking information about whether they had issued any Standard Operating Procedure for telephone tapping and electronic surveillance. Previously, the MHA had disclosed the Standard Operating Procedure followed by the Central Government in IFF's constitutional challenge against Section 69 of the IT Act and Rules made there under.
  • Lack of transparency:  With the notable exception of Bihar, none of the other states have disclosed copies of their Standard Operating Procedure. Similarly, only Andaman & Nicobar and Puducherry have provided information about total number of interception requests.

A few months ago we informed you about a Standard (we called it Secret) Operating Procedure disclosed in the Counter-Affidavit filed by the Ministry of Home Affairs (MHA) in IFF's constitutional challenge against Section 69 of the IT Act and Rules made there under (Read more). This SOP saw the light of day for the first time when it was made available by the MHA before the Supreme Court. The lack of accountability, penalties or any kind of safeguard in place as indicated by the Central Government's SOP made us wonder if other state governments were following suit or were up to something on their own.

Responses received from state governments

For this, IFF has been hard at work physically (unfortunately, the internet goes only so far) filing RTIs with almost every state in the country to understand the procedural safeguards under which state level surveillance may occur. Our queries were:

  • If a Standard Operating Procedure or similar document has been issued or adopted by the State Government for handling interception requests under the Indian Telegraph Act or the Information Technology Act or its Rules. If there was a Standard Operating Procedure, a copy of it was requested.
  • The number of orders/requests made under Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 from 2009 till date.

We received responses from various states and union territories that we filed RTIs with. While we were very excited about what we might find, nothing too controversial has surfaced yet. Here are our findings in brief:

  • States that follow the MHA SOP:
    Andhra Pradesh, Andaman and Nicobar, Daman and Diu, Himachal Pradesh, Puducherry
  • States that have not issued an SOP:
    Assam, Delhi, Kerala, Meghalaya, Mizoram, Nagaland, Tripura
  • States that have claimed confidentiality:
    Chandigarh, Chattisgarh, Gujarat, Madhya Pradesh, Tamil Nadu, Telangana
  • States that have provided copy of their own SOP:
    Bihar
  • States that have provided number of orders/requests:
    Andaman and Nicobar: Since 2013, 10 interception requests were made.
    Assam, Daman and Diu: No information with the IT Department.
    Bihar: Records are destroyed under Rule 419A.
    Delhi, Nagaland and Uttar Pradesh: Claimed confidentiality.
    Himachal Pradesh: Records are periodically destroyed and not made public for security reasoms.
    Kerala and Meghalaya: No interception orders have been passed.
    Puducherry: 5 requests have been made for interception of telephone calls.

Analysis of Bihar's Standard Operating Procedure

As you can see, the responses are pretty standard apart from the state of Bihar, which we were most curious about. The SOP appeared to be an exact copy of the MHA SOP. However, a closer look at their SOP showed only minute yet interesting differences, most of which were largely related to designating a more suitable authorised security and law enforcement agency within the State.

Unlike the MHA SOP, the Bihar SOP provides for an Internal Evaluation Committee to be constituted which has to prepare a bi-monthly report on requisitions made for interceptions and monitoring. What stood out in Bihar's SOP is the requirement for 'total target numbers proposed' and 'outcome of the interception' both of which are not part of the MHA SOP. It is impressive to see that Bihar has created and disclosed its own SOP. Unfortunately, certain aspects of our queries were not answered due to the destruction of records under Rule 419A of the Indian Telegraph Rules.

While this is extent of information we have as of now, as always, with further responses from the remaining states, we'll be sure to provide updates.

Important Documents

  1. RTI responses from various states (link)
  2. Copy of Bihar's Standard Operating Procedure (link)

Just as curious as us about state 'secrets'? Become an IFF member today!

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

1
What we do in the shadows: IFF seeks transparency in how Indian ‘smart governments’ are using AI

Noting a glaring lack of transparency and publicly available information on how union and state governments are deploying AI in the public sector, we write to the National Institute of Smart Government urging proactive disclosures and publication of government-led AI projects.

5 min read

2
Big Relief! Supreme Court Stays Notification Constituting Fact-Check Unit!

In a small win for press freedom, Supreme Court has stayed the notification of Union Government operationalising the Fact-Check Unit under Information Technology Rules, 2021, till the constitutionality of the same is finally decided by Bombay HC.

5 min read

3
A DM from the PM (and the storm it stirred)

Last week, millions of WhatsApp users received a message from the Ministry of Electronics & IT, undersigned by the Prime Minister, asking for feedback on schemes introduced by the incumbent government. We unravel what this means for your privacy and the electoral process.

7 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!