Subscribe to South Asia Citizens Wire | feeds from sacw.net | @sacw

Maria Xynou on surveillance in India

8 December 2014

print version of this article print version

From: The Guardian on the Logan Symposium: secrecy, surveillance and censorship, London, 5-7 December 2014:

http://www.theguardian.com/technology/live/2014/dec/05/the-logan-symposium-surveillance-censorship

Next to speak is Maria Xynou, a privacy and surveillance researcher at the Tactical Technology Collective in Berlin. She’s talking about surveillance in India.

“The majority of the population lives in rural areas and in really bad conditions. Often I feel that marginalised people on the margins of society are the guinea pigs for surveillance. It often affects them first,” she says.

Indian mobile operators are required to install lawful intercept and monitoring (LIM) systems to use on request from law enforcement authorities, but Xynou notes that the Indian government has its own system too, monitoring traffic through ISPs. The Network Traffic Analysis (NETRA) system only came to light in 2013.

“Essentially what it does: it intercepts and monitors almost all internet communications [looking for] suspicious words and suspicious phrases,” she says. And for anyone considering encryption as a way around this: “If authorities in India ask you to disclose your private encryption keys, you have to.”

Xynou has studied 50 companies who sell a range of technologies used for surveillance in India. She talks about some, including Kommlabs, which “looks out for cognitive and emotional stress in voice calls, then flags them”.

She also talks about the National Intelligence Grid (NATGRID) which links up various national databases of personal information in India, from vehicle registrations and mobile phone logs to bank account details, train reservations and passport data.

Linking these databases for a billion people risks errors, says Xynou. “The probability of errors is extremely high. And the main problem is there is no regulation behind this: no system of checks and balances to see if breaches can occur,” she said, before drawing attention to the UID biometric data collection scheme that recently launched in India.

“There’s a huge debate in India whether this violates privacy or not,” she says. For example, some contractors involved in providing devices and infrastructure for the scheme have ties to US intelligence agencies, which may be “problematic” for privacy to say the least.

“In India right now, there is currently no privacy legislation. They are building all these surveillance systems, yet there is no law which can protect citizens,” says Xynou. There is a draft privacy bill under discussion in 2014, though. “Of course, it’s not perfect... but still I think it’s definitely a very good first step.”

“But the main problem in India is a lot of these programs are carried out in secret. There’s no transparency whatsoever,” she finishes.”In order for us to be able to increase transparency in what’s going on in the biggest democracy in terms of population in the world, we definitely need people to leak more documents.”