Advertisment

Is India tapping undersea internet cables? Telcos and DoT won’t say

Mauritius has been embroiled in a controversy, as news reports seem to indicate that its PM was under pressure to install “sniffing” devices at undersea cable

author-image
Aroon Deep
New Update
internet

The Indian Ocean nation of Mauritius has been embroiled in a political controversy, as news reports seem to indicate that its prime minister was under pressure to install “sniffing” devices at undersea cable landing stations in the island nation, which connect the country to the global internet. 

Sherry Singh, the Chief Executive Officer of Mauritius Telecom, resigned in protest. Opposition parties accused the Mauritian government of succumbing to pressure from India to install this surveillance equipment.

The prime minister initially denied this development, but later appeared to indicate in a statement that a “survey” was necessary and that an Indian team would be in charge of carrying this out. The cable landing station is in Baie-du-Jacotet, part of the SAFE cable network which also connects into Kochi in Kerala; telcos around the world, including Tata Communications of India, are part of the SAFE consortium. 

This raises an important question: if India is potentially involved abroad in installing surveillance equipment on crucial junctions of the internet — undersea landing cable stations, where the bulk of any country’s internet traffic flows through — is the government doing so in India too? 

That is a concerning question, and it is one that almost no one involved is replying to. Entrackr reached out to a range of telcos who run the cable landing stations that connect India’s internet to the world — Tata Communications, Sify, Reliance Jio, Vodafone Idea, Airtel, and BSNL. All these telcos run the facilities where these undersea cables connect to domestic networks. None of them responded to our queries, even after we gave them more time to respond.

The Department of Telecommunications, the licensor for telecom companies in India, also did not respond to our queries. 

Pranesh Prakash, Affiliated Fellow at the Information Society Project at Yale Law School, pointed out to Entrackr in an interview that Indian subsea cable operators have a history of complying with state level surveillance requests. 

Frontline reported in 2013 that VSNL (now Tata Communications) and Reliance Communications had, over the early 2000s, entered into “network security agreements” to provide data to the government. And no, this was not the  Indian government; these agreements were reportedly signed with the US government. 

In spite of this revelation coming in the backdrop of Edward Snowden’s PRISM revelations, which exposed widespread surveillance by the US government, the involvement of Indian companies in this surveillance dragnet went largely unnoticed.

These companies — and the others that are operating undersea cables in India — are now silent on whether the Indian government is also forcing them to install surveillance equipment on subsea cables. 

Prakash said that while mass surveillance is illegal as the fundamental right to privacy has been upheld by the Supreme Court in its Puttaswamy v. Union of India case, the Unified License that telecom companies sign with the Department of Telecommunications provides  the government enough access to engage in widespread surveillance if required. 

“The Unified License and its predecessors include a requirement for these companies to provide details on the room, specifications, and the conditions under which network equipment [like cable landing stations] to be mentioned in the contract and the license. They're required to install splitters to allow a government nominee to essentially look at any traffic they want without the involvement of the telecom company,” Prakash said.

Outlook magazine reported as early as 2010 that a team of government engineers was peering through data from undersea internet cables in Mumbai. Large swaths of the internet were unencrypted at that time, and surveillance likely captured a larger percentage of data from these “fishing expeditions” than may be possible today.

The Indian government has shown an undeniable zeal for mass surveillance, and the prospect of the government peering through a sensitive choke point of data like undersea cable landing stations could be one new example. Pegasus, the cyberweapon developed by the Israeli firm NSO Group that allows clients to look through targeted individuals’ phones without consent, notably access whatsapp records even, and was purchased by the Indian government in secret, and only revealed when a whistleblower exposed the global scale of the spyware’s use. 

To this day, the Indian government pointedly refuses to address head-on whether it has used this spyware, and whom it has deployed it on.

Prakash argued that mass surveillance of undersea cables, while permitted in the license, was unlawful and unconstitutional. “A license is not a law laid down by parliament. It is merely issued by the Department of Telecommunications. A license cannot empower the government to engage in widespread surveillance, or indeed, any surveillance in the absence of a law laid down by Parliament,” Prakash said. 

“Under Section 5(2) of the Indian Telegraph Act, read with Rule 419A of the Telegraph Rules, the law only provides for interception in cases of a public emergency or for concerns of public emergency and safety. 

“That clearly does not cover having a bulk or mass surveillance measure such as having a complete copy of traffic that's passing through landing stations. It certainly doesn't allow the kind of provisions which are there in the license,” Prakash said, adding that if these provisions were challenged in court, they would be struck down as unconstitutional.

While the point on the letter of any contract being superseded by the law of the land holds, and has regularly been cited in the courts too, the idea of the courts declaring such snooping unconstitutional seems ambitious, considering that similar surveillance litigation is dragging slowly through the courts.

Be it existing electronics snooping laws or even coercive power laws like the Unlawful Activities Prevention Act, courts have preferred to go soft whenever the government has cited issues of national security to justify such measures. Courts have  preferred instead to take the easy way out by way of asking for stricter monitoring and approvals by higher authorities and officers, in a way shifting the onus of responsibility back on the very government which set out to bend the law in the first place.

Internet TELCO MAURITIUS
Advertisment
Fetch New URL