In 2020, Father Stan Swamy, then an 81 year old Jesuit priest who advocated for tribal rights, was arrested by the National Investigation Agency for allegedly supporting violence at the 2018 Bhima Koregaon bicentenary celebrations. He was arrested along with other activists, academics and writers. In at least two cases, lawyers representing defendants claimed that police had tampered with the contents of the seized devices.
Digital forensics firm Arsenal Consulting said in a report that key evidence incriminating activist Rona Wilson was fabricated and inserted into his computer after his laptop’s seizure. The Washington Post said in a report that three experts had reviewed the analysis and backed its findings.
On July 5, Swamy died, days after being shifted from custody to a hospital. On Tuesday, the Post reported that Arsenal had found similar signs of tampering on Swamy’s systems too. A hacker reportedly infiltrated Swamy’s computer and planted evidence over a period of five years.
Evidence planting and leaks
Without safeguards, there are significant risks when an individual’s devices are seized by the state, especially when agencies are working with documents and files on the seized device itself, as opposed to making a copy of the entire system that can also be provided to defendants. When seen in the context of the poor conviction record of agencies in such cases, the suspicion of trying to instigate a ‘trial by media’ through such leaks cannot be denied, with the injury to reputation doing enough damage even if finally acquitted in courts.
On top of evidence tampering, there are significant privacy risks too. For instance, WhatsApp chats between Partho Das Gupta, a former head of the Broadcasting Audience Research Council, and newscaster Arnab Goswami, were apparently leaked to the press by Mumbai Police, indicating severe process failures that allowed data from seized evidence to be made public.
Last week, Amazon approached the Supreme Court, seeking protection of data that the Enforcement Directorate would have access to from seized devices in the agency’s possession. “Electronic material is mutable and easily cloned with great ease at the hands of the person in possession of the device and this data can be misused and leaked in the public sphere,” a lawyer for the e-commerce giant reportedly said in a court filing.
In October, the Foundation for Media Professionals also approached the Supreme Court to regulate the seizure of electronic devices. Earlier this month, the court ordered the government to respond by early February 2023.
From activists to corporations to journalists, every stakeholder has an interest in making sure that device seizures are handled properly by authorities, while police and investigating agencies have outsized power as soon as they have access to devices.
News website The Wire, which claims to have been defrauded into posting — and then defending — a false report on Instagram parent Meta, has had several devices seized by Delhi Police in an investigation into a defamation complaint by BJP IT cell head Amit Malviya. Even though The Wire asked the police to provide the firm with a hash (a digital fingerprint that changes even when small changes are made to a system) of their seized devices, the police has apparently not done so.
Given the Delhi Police’s own past record, it’s not completely unlikely that internal communications from The Wire may show up with nefarious framing, regardless of whether they actually show criminal activity. (Think Twitter Files, but messier.)
And all this is why civil society and Amazon — two interests who are often at odds — find themselves making the same demand before the Supreme Court: protect our seized devices from those who seize them.