A secret document provided by National Security Agency whistleblower Edward Snowden reveals that only 1 billion of the 13.5 billion intercepts that the US snooped on in India are terror related, the rest a breach of privacy. Vicky Nanjappa reports
The United States has picked up data from India -- a massive 13.5 billion pieces of information in just 30 days. This shocking revelation by National Security Agency whistleblower Edward Snowden makes it clear that India was among the top snooping targets by the American agency.
A top-secret document provided by Snowden to The Hindu newspaper shows that the United States has managed to pick up data from India -- 6.3 billion pieces of information from Internet networks and 6.2 billion pieces of information from the telephone networking system through its PRISM and Boundless Informant Programme.
PRISM is a programme that intercepts and collects actual content from the networks, while the Boundless Informant is a data-mining system keeping track of how many calls and emails are collected by the NSA.
Defending itself, the US said that the snooping programmes were part of a fight against global terror. Indians, however, feel that such sort of snooping is done only on enemy nations. Officers both in the Intelligence Bureau and the Research and Analysis Wing said, “The US knows very well that we are not exporters of terrorism. Going by the data that has been collected just 1 billion is related to terror, whereas the rest was unnecessary.”
Sources say that this effectively would mean that the rest of the information collected by the NSA had nothing to do with terrorism; it was simply a way of monitor every move that India made.
The US may have a right to snoop into the systems of terrorists or potential terrorists. Such information can be collected through the PRISM programme, but the information regarding persons in India becoming potential global terrorists is always shared with foreign countries.
Intelligence Bureau officials point out that the US through its intelligence has put some persons in India on the radar and snooped on them. "‘There are around 1 billion such intercepts (not all actionable) that have been picked up. This number would include information that has been obtained both through emails, chats and telephonic conversations. Moreover, issues of global terrorism emerge more out of Pakistan and Afghanistan. The majority of the terrorism problems that India is facing are related to homegrown terror,” they said.
For starters, the question that is being raised is what does snooping into the Indian embassy have to do with terrorism. The US must understand that India is a victim and not an exporter of terrorism. Moreover, there has been no breakdown in intelligence sharing or diplomatic ties between India and the US and hence such a programme was unwarranted, IB officials said.
How do we prevent snooping?
The US has gained information on India by tapping into the servers of providers such as Google, Facebook and Microsoft. While the metadata was looked into through the PRISM programme, the Boundless Informant, a tool made to snoop into foreign nations shows that India ranked fifth on the spying list.
The biggest problem for India is the lack of an authority, which can look into the breaches of data. Experts on cyber security tell rediff.com that the first thing that needs is to put into place is a privacy legislation. The privacy legislation if introduced could regulate the sharing, collection and disclosure of personal data within the country. While the privacy legislation can act as a safeguard, the fact remains that the NSA can still snoop into data.
Former R&AW chief C D Sahay said, “The response to the US must be tough. We cannot continue to sweep this matter under the carpet and ought to demand answers from the US. India needs to know the kind of data that has been collected and who is being using it.”
“Is this data being shared with anyone and how long does the US propose to retain such data,” Sahay asked.
Experts say that the government should insist service providers to notify the user that an authority has requested data. Individual protection is also a key in such issues. Users can use encryption in the form of GPG, a privacy guard, and OTR (off-the record messaging) for their mails and chats respectively. The usage of an XMPP (Extensible Messaging and Presence Protocol) client and server can also help prevent snooping.
The data that has been collected by the US on India is mammoth in proportion. Not only has it snooped into the embassy in Washington, but has also collected information on domestic politics, nuclear and space programmes.
Indian agencies say that this information is unnecessary and has nothing to do with terrorism. There is a need to prevent such happenings in the future. Records show that even official documents collected from major Indian establishments including the embassy are being inserted into the computers and the data is being analysed.
The home ministry has acknowledged this intrusion of privacy and says that it is shocked. The officials in agencies, however, point out that spying is something that is very common and every country does snoop.
However, this sort of intrusion is not acceptable especially when there has never been any problem between Indian and American agencies where information sharing is concerned. This looks like an attempt to intrude into every possible wing of India and keep a tab on every policy decision, an official with the Intelligence Bureau informed.
Sahay pointed out that it was time to give a measured reaction. “We ought to tell the US that there are acceptable limits of collection of information. However, the kind of snooping that has been projected only shows that all levels of decent limits have been crossed. Calling each other strategic partners of the future does not really matter when such operations are on. It is time that the US comes clean and discusses our concerns.”
Image: A protestor attends a demonstration against secret monitoring programmes PRISM
Photograph: Pawel Kopczynski/Reuters