A group of 17 activists, whose WhatsApp in mobile devices was targeted by Pegasus spyware developed by Israeli firm NSO, has asked the Parliamentary Standing Committee on Information Technology for a detailed probe into the cyber-attack. It has asked the panel to summon government departments to answer questions related to the unauthorised and illegal surveillance.
The standing committee, chaired by Congress Member of Parliament Shashi Tharoor, is scheduled to be briefed on Wednesday by the representatives of the Ministry of Electronics & Information Technology, Ministry of Home Affairs and the Department of Atomic Energy on ‘Citizens’ data security and privacy’.
In a letter dated November 9, the activists said some of them were willing to provide oral testimony to the committee. They listed eight questions that may be asked by the committee of government departments towards “gaining greater factual accuracy around this grave injury to ourpersonal privacy and digital security”.
The activists have asked the committee to find out which agencies and entities are carrying out this targeted and unauthorised surveillance of Indian citizens, if sections of the state or central government, are involved, and if public money has been expended. The signatories of the letter include Anand Teltumbde, Bela Bhatia, Shalini Gera, Vivek Sundara, Alok Shukla and Degree Prasad Chouhan.
The Indian Express had on October 31 reported that in a lawsuit filed in a US federal court in San Francisco, Whatsapp had revealed that journalists and human rights activists in India were targets of surveillance by operators using Pegasus for a two-week period until May 2019. Whatsapp later claimed it had told the government in September that 121 people were compromised by the Pegasus spyware due to a vulnerability in its service.
Meanwhile, sources in Whatsapp said the company was in correspondence with the IT ministry to find ways for “proactive engagement” in the future. “We regret we have not met the government’s expectations for proactive engagement on these issues and will strive to do better. We look forward to working with the government to address their appropriate concerns and provide the best possible protection to all those who rely on Whatsapp to communicate,” a spokesperson of the company said. A senior official in the IT ministry, however, denied “meetings” with Whatsapp, but did not respond to a question if the ministry was interacting with the company in other ways.
When contacted, tribal and Dalit rights activist Degree Prasad Chauhan, who was targeted by Pegasus said, “This must be taken seriously by the state and the central government. The Chhattisgarh government, where I stay, announced a three-member committee but nothing has moved after that. The Centre’s actions have not been confidence-inducing at all and seem suspicious. There is talk in any case that it is the government that is snooping and the only way to get rid of that is a fair and independent inquiry. This is not the first time we have said this. There was an open letter on November 8 as well but there has been no response so far.”
Nineteen of the affected people, who had organised themselves as ‘Pegasus Targeted Persons’, had on November 8 written an open letter to the government on November 8 asking it to reveal all information on the surveillance. Human rights activist and lawyer Bela Bhatia said, “Before this, neither the Central nor the state government reached out to us either individually or collectively.”
Lawyer Shalini Gera, also targeted by Pegasus, who is coordinating efforts to seek information from the government said, “This has been an outrage for many of us to know that our rights have been violated, so we do require some answers and we haven’t got them from the open letter to the government.”
Another activist Alok Shukla said, “How did this big a situation happen? (IT Minister) Ravi Shankar Prasad has said that the government doesn’t have the information. So then which agency has been operating this software?”
A separate letter to the committee regarding Pegasus on November 14 from RSS idealogue K. N. Govindacharya and his lawyer Virag Gupta said they had written to former Committee chairperson Anurag Thakur detailing privacy and data security aspects, but “no action was taken.”
“The whole country has been shaken up due to WhatsApp-NSO hacking that has resulted in snooping of several Indians as well as compromised national security. A comprehensive action is necessary to build institutional mechanisms and enforcement of rule of law wherein Standing Committee may play a lead role,” the letter said.
— With inputs from Dipankar Ghose in Raipur