Login

Register

Login

Register

Kapil Sibal Submits Before Supreme Court | #cybersecurity | #cyberattack | #cybersecurity | #infosecurity | #hacker



The Supreme Court on Monday resumed hearing on the batch of petitions in connection with the Pegasus controversy.

Senior Advocate Kapil Sibal, who appeared for Senior Journalist N Ram flagged 3 issues in the short affidavit filed by the Centre-

“One, the deponent has submitted, ‘I state and submit that due to the limited time at the disposal of the deponent, it is not possible to deal with all the facts stated and the contentions raised in the batch of petitions. I have a strong objection to that for the simple reason that they have to state on oath whether the government of India or any agency of the government of India has ever used the software. If they haven’t, then our arguments will have to be different. But once the Secretary to the government of India has to state so on oath. If they have, then our submissions will be different. But this fact must be stated by them. Denied or stated by them. Whether Pegasus was ever used by the government or any of its agencies. And this is what we have alleged in the petitions and they have not responded and they say ‘limited time’. They have enough time at their disposal. Your Lordships will give them more time. Allow them as much time as they want to state whether they have ever used Pegasus. This affidavit does not answer the issues raised by us”

“Two, the affidavit reads that ‘a bare perusal of the captioned petition and other connected petitions makes it clear that the same are based on conjectures and surmises’. Now, when they say they have not answered the petitions on fact, how can they say that they are all based on conjectures and surmises? They must say how the facts stated in the petition are wrong, that the government of India has nothing to do with Pegasus, that no agency of it has anything to do with it. It is only then we can demonstrate to the court how what the government says on affidavit, if it does say that, is wrong”, continued Mr. Sibal.

“Three, we don’t want a government that might have used Pegasus and its agencies might have used Pegasus to set up a committee of its own. If they say ‘yes, Pegasus was used’, we cannot have a committee. If they say Pegasus was not used, there is no need for the committee. So where is the question of the committee coming? I have these three basic objections to this affidavit and I want Your Lordships to give them enough time to file an affidavit on facts”, submitted the senior advocate.

Mr. Sibal advanced that the SG made a statement on behalf of the government that they have nothing to do with it. “In the Editors Guild petition, I read the response of the minister which was in reply to a question raised in 2019– let’s read the question-

‘Whether the government has taken note of the fact that spyware Pegasus has been reported to be used and to infect, spy and steal mobile data of many human rights activist, journalist, other eminent persons? If so, the details thereof. Whether the said breach of privacy, which has affected many people across the world, has affected people in India and the number of Indians citizens affected by the spyware. Whether the government has taken cognisance of the reports which have alleged use of Pegasus, and if so, the details thereof. Whether the government has asked WhatsApp to check for any pervasive spyware attack and the details thereof’. Now Please see the answer –’Yes, sir. The government has taken a note that spyware malware has affected some WhatsApp users’. So they have knowledge of it! And they have interacted with WhatsApp!. They say ‘Government had been informed by WhatsApp, this spyware was developed by an Israel based company NSO Group and that it had developed and used Pegasus spyware to attempt to reach mobile phones of a possible number of 1400 users globally that includes 121 users from India’! So how can my learned friend say that there is nothing. And this happened in 2019! The government has to explain what they have done till 2021! The government must explain what they have done with regards Whatsapp, steps they have taken, have the lodged an FIR or have they sought prosecution, have they got in touch with Israeli government, have they made complaints to the government? This is why they do not want to respond on facts!”

“This is a very serious situation. Many have said their phones were infiltrated in this fashion. I am not concerned with individuals A, B or C. I am more concerned with institutions. The two institutions which protect democracy are journalists and the court. These are the two pillars of democracy. And both have been infiltrated and in large numbers. The registrars of this court, a lady staffer in this court, her relatives. It is not about Pegasus but institutions, the independence of the only institution in the country which protects the rights of individuals! It cannot be allowed to be penetrated in any manner!”, he urged.

Further, Mr. Sibal indicated section 70B of the IT Act which provides for an Indian Computer Emergency Response Team to serve as the national agency for incident response- “There is an agency called the CERT-In which deals with this kind of infiltration. The section says that the central government may by notification in the Gazette appoint an agency of the government to be called the Indian Computer Emergency Response Team and this team will serve as the national agency performing the following functions in the area of cyber security– Emergency measures for handling cyber security incidents, Coordination of cyber incidents response activities, Such other functions relating to cyber security. So the field of cyber security is dealt with by CERT-In, an agency of the government”

He indicated that in May, 2019, in response to a formal notice by CERT-In, WhatsApp reported an incident to the CERT-In stating that they had identified and promptly fixed a vulnerability that could enable an attacker to insert and execute code on mobile devices and that the vulnerability can no longer be exploited to carry out attacks.Subsequently, the Ministry of Electronics and Information Technology said on September 5, WhatsApp wrote to CERT-In mentioning an update to the security incident reported in May 2019, that while the full extent of this attack may never be known, WhatsApp continued to review the available information.

“The devices of 121 users may have been reached, based on media reports! Subsequent to that, CERT-In issued a formal notice to WhatsApp seeking submission of relevant details and information. All that information must come on record, who was using it, what was that information! They say we don’t have time to respond to the fact!”, pressed Mr. Sibal.

Further, he indicated Rule 3 of the IT (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules 2009- “My submission ultimately would be that the home secretary to the government of India has to file an affidavit in this regard. Come to Rule 3- ‘No person shall carry out the interception or monitoring or decryption of any information generated, transmitted or received or stored in any computer resource except by an order issued by the competent authority’. The competent authority in the definition is the secretary in the Ministry of Home Affairs in the case of the central government. My problem is that this affidavit is not filed by the Home Secretary, it is by the Additional Secretary in the Ministry of Electronics and IT”

“If interception is allowed, these matters have to be dealt with by the Home Secretary! If there has been an interception legally, then the Home Secretary will have all the information. If the Home Secretary files an affidavit saying I do not know, it means that everything done was outside the law, of which the government of India knew way back in 2019! Other jurisdictions in the world are all taking steps- in US, there is a matter pending, France has begun an investigation at the national level and through court procedure and Israel itself has raided Pegasus and is also conducting an enquiry- but the government of India says everything is fine, there is no issue!”, continued Mr. Sibal.

“With the greatest respect to the government, this is totally unacceptable. The matter has ramifications which are far larger than any individual, and I don’t want to say anything more, Give them whatever time they want, but let them state on oath whether they used Pegasus or any agency used it or not and if they did not use it, what have they done. If they used it, then under what circumstances, and what contract, how much was paid, which agency?! All that needs to come on record”, he urged.

He finally concluded, requesting the Court to ask the Cabinet Secretary to file an affidavit.



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW