These systems are used to surveil citizens “to accomplish a range of policy objectives—some lawful, others that violate human rights, and many of which fall into a murky middle ground,” he said, without detailing their use in specific countries.
Governments in autocratic and semi-autocratic countries are more prone to abuse AI surveillance
than governments in liberal democracies, the report noted. Some autocratic governments like those in China, Russia, Saudi Arabia are exploiting AI technology for mass surveillance, while others with dismal human rights records are using it to reinforce repression.
On the technology front, the capabilities are strong. Modern systems can create 360-degree profiles of citizens by stitching together data from street cameras, card transactions and social media profiles. These systems can snoop on private interactions on the smartphone and monitor real-time location of the target.
According to the report, the biggest supplier of AI surveillance solutions is China with Huawei being the biggest exporter. (See chart)
India is still far from being a victim of mass state-sponsored snooping but concerns loom over some new-age technology systems being implemented.
To be sure, not all the technologies are used for illegitimate purposes —cameras on streets prevent traffic violations, while facial recognition entry-management systems are common-place at offices for their sheer ease. A lot of advanced tech is being deployed as part of the government’s Smart City project for sewer management to reducing traffic congestion.
The concern, however, is whether the data collected is used for purposes intended, and — given absence of strong regulatory over-sight — who is going to pull up the violators if it is not.
So, when the Telangana government in 2018 deployed Samagra Vedika, a highly-sophisticated citizens directory, there was backlash from public and privacy
activists calling it akin to snooping.
Now in use, the software allows the state to verify and check citizen’s data from 25 different government departments, forming a mega cross-sectional profile of a citizen.
It certainly puts immense powers in the hands of the authorities, but bigger worries are misuse by rogue actors within the system, like profiling voters and whether the data is adequately safeguarded.
Take the recent WhatsApp-Pegasus expose for instance, where it was revealed that 121 WhatsApp users in India, including activists and journalists, were targeted using the Israeli snooping malware. It is not clear who initiated these attacks, however, the government did not definitively deny never having used Pegasus in a parliamentary discussion last week.
level, efforts to form a unified repository of citizen data have been foiled on two occasions.
In April 2018, the information and broadcasting ministry had invited proposals to develop a system to monitor social media posts of citizens, including ‘emails’ and ‘historical communications’, to gauge public opinions about government policies, and create a ‘360-degree view of people.’
Two months later, after reviewing a barrage of petitions, the Supreme Court (SC) advised the government to shelve the plan. “If the government starts tapping WhatsApp messages, we will be moving towards becoming a surveillance state,” Justice Chandrachud had said at the time.
Further, in September 2018, the apex court ruled that Aadhaar was not mandatory for banking and other corporate services, thus reducing the risk of the unique identification number potentially becoming a one-stop snooping tool.
As per law, state surveillance is permitted under Indian Information Technology Act 2000, or IT Act, which says that ‘competent agencies’ can intercept data on any ‘computer system’ with the approval of the home department.
In December 2018, the government widened the scope by giving 10 agencies the power to snoop (within the ambit of IT law).
These include Intelligence Bureau (IB), Narcotics Control Bureau, Enforcement Directorate (ED), Central Board of Direct Taxes (CBDT), Directorate of Revenue Intelligence;, Central Bureau of Investigation (CBI), National
Investigation Agency Cabinet Secretariat (RAW), Directorate of Signal Intelligence (for service areas of Jammu & Kashmir, North-East and Assam only), and Delhi Police.
While the rules lay down cases where data interception is permitted along with formal procedures for the same, wide-ranging powers go against the fundamental right to privacy, some argue. In August 2017, the SC declared the right to privacy
as a fundamental right of a citizen, and incorporated it under Article 21 and Part III of the constitution. Even as right to privacy has been declared a fundamental right, India does not have a personal data protection law yet.