The Secretary, Ministry of Home Affairs, by means of an Order 6227(E) dated 20.12.2018 issued under s. 69(1) of The Information Technology (Amendment) Act, 2008 ("IT Act") read with Rule 4 of the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 ("IT Safeguard Rules") has authorised ten (10) Central Government agencies 1 to undertake interception, monitoring and decryption of any information generated, transmitted, received or stored in any computer resource under the IT Act.
Section 69 IT Act, authorises the Central Government and the State Government to direct any agency of the appropriate Government to intercept, monitor or decrypt any information generated, transmitted, received or stored in any computer resource. This may be done if the Central or State Government, as the case may be, is satisfied that it is necessary to do so in the interest of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order. This may also be done in the interest of public order or for preventing incitement to the commission of any cognizable offence relating to the same, or for investigation of such offences. For s.69 IT Act to become effective, it was necessary for the Central Government to have notified rules prescribing the "procedure and safeguards" governing the exercise of power under s.69 IT Act.
Accordingly, the Central Government had notified, on 27.10.2009, the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009 ("IT Safeguard Rules"). Under the IT Safeguard Rules, "competent authority" for the Central Government has been defined as the Secretary in the Ministry of Home Affairs.
Rule 4 of the IT Safeguard Rules permits the competent authority to authorise any agency of the Government to intercept, monitor or decrypt information generated, transmitted, received or stored in any computer resource (as defined under the IT Act).
No person can carry out the interception or monitoring or decryption of any information generated, transmitted, received or stored in any computer resource except by an order issued by the competent authority as per Rule 3 of the IT Safeguard Rules.
On 20.12.2018, the Secretary, Ministry of Home Affairs issued an order (S.O. 6227(E)) under Section 69(1), IT Act read with Rule 4, IT Safeguard Rules and authorised ten security and intelligence agencies for purposes of interception, monitoring, decryption of any information generated, transmitted, received or stored in any computer resource.
It should be noted that, the penalty prescribed under Section 69(4) of IT Act, any person (or subscriber or intermediary as defined under the IT Act) who refuses to assist the said security and intelligence agencies shall be punished with a period of imprisonment which may extend up to 7 years and shall also be liable to fine.
This Order 6227(E) dated 20.12.2018 ,therefore, brings into effect a regime in India under which, the identified ten (10) Central Government agencies, have been vested with the authority undertake complete and continuous surveillance of electronic messages transmitted or stored in any manner.
Piyush is a Partner and Prithviraj is an Associate at Clarus Law Associates.
Footnote
1 (i) Intelligence Bureau, (ii) Narcotics Control Bureau, (iii) Enforcement Directorate, (iv) Central Board of Direct Taxes, (v) Directorate of Revenue Intelligence, (vi) Central Bureau of Investigation, (vii) National Investigation Agency, (viii) Cabinet Secretariat (RAW), (ix) Directorate of Signal Intelligence (for service areas of Jammu& Kashmir, North East, and Assam only) and (ix) Commissioner of Police, Delhi.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
