A new investigative report by the tech-focused webiste WIRED has made some extremely disturbing findings.
Using data drawn from SentinelOne, an endpoint security software provider, the report claims that Police in India routinely use mass surveillance and hacking tools to spy on, and in some cases, plant false evidence against, human rights activists in the country.
“There’s a provable connection between the individuals who arrested these folks and the individuals who planted the evidence,” Juan Andres Guerrero-Saade, a security researcher at SentinelOne told WIRED.
“This is beyond ethically compromised. It is beyond callous. So we’re trying to put as much data forward as we can in the hopes of helping these victims.”
A particularly disturbing case involved the Pune Police, who, in 2018, allegedly hacked the computers of two human rights activists and planted false evidence on them.
Both of the activists in question, Rona Wilson and Varvara Rao, remain in jail and, along with 13 others, face terrorism charges. Along with Stan Swamy, they have come be known as the Koregaon 16.
In 2018, in what has come to be infamously known as the Bhima Koregaon case, violence broke out during an annual celebratory gathering on 1 January 2018 at Bhima Koregaon to mark the 200th anniversary of the Battle of Bhima Koregaon. The violence and stone pelting by crowd on the gathering resulted in death of a 28-year old youth and injury to five others.
Prior to the commemoration, about 250 groups of far-left Dalit organizations got together under the banner of “Elgar Parishad” and organised a conference at Shaniwar Wada in Pune, the erstwhile seat of the Peshwas. The speakers included two retired judges, B.G Kolte-Patil and P. B. Sawant, and Jignesh Mevani, a newly elected member of the Gujarat Legislative Assembly.
The equating of Hindutva with the Peshwas is said to have irked the Hindu groups.
Investigation by the police in the following months resulted in various arrests, such as that of Rona Wilson in June 2018 under Unlawful Activities (Prevention) Act.
In August 2018 five activists, including Varavara Rao, Arun Ferreira, Sudha Bharadwaj and Gautam Navlakha, were picked up in simultaneous raids across the country, the police alleged that the activists had ties to Maoists, apart from links to the Bhima Koregaon incident.
In October 2020, the National Investigation Agency released a 10,000 page chargesheet regarding the incident with fresh names, including Stan Swamy, a Jesuit priest, who the NIA accused of conspiring to bring together Dalit and Muslim forces to take on what he referred to as the “fascist government” at the Centre. The NIA also accused him of being connected to the banned left-wing terrorist organisation, CPI (Maoist).
A report by Arsenal Consulting, a digital forensics firm based out of Massachusetts, said the incriminating evidence against Rona Wilson was placed on his laptop by a yet-to-be-identified attacker using a malware while his laptop was compromised for over 22 months.
Now, SentinelOne’s researchers have allegedly revealed ties between the hackers and a government entity, according to Wired: namely, the Pune Police.
Free Press Journal is unable to verify this allegation.
WIRED said that it had reached out in multiple emails and phone calls to the Pune City Police and the Pune police official whose personal details were linked to the hacked accounts.
They said that they did not receive a reply.
WIRED quoted a Mumbai-based defense attorney representing several of the Bhima Koregaon 16, Mihir Desai, who said, ““We’ve known things have been planted, but the police could have always said, ‘we are not involved in all this.’ By showing the police did this, it would mean there was a conspiracy to arrest these people. It would show the police have acted in a vicious and deliberate manner knowing fully well this was false evidence.”
“This should invite a conversation about whether we can trust law enforcement with these sorts of malware operations at all,” says Guerrero-Saade of SentinelOne.
“What does it mean to have evidentiary integrity when you have a compromised device? What does it mean for somebody to hack a device for fact-finding in a law enforcement operation when they can also alter the contents of the device in question?”
A valid question.
The exposing of how brazenly New Delhi deployed Pegasus, a military-grade malware produced by the NSO Group, against human rights activists and other opponents of the government, as opposed to external enemies of the state, is certainly cause for concern.
Is Big Brother watching?
It is indisputable that the Government of India has been using many mass surveillance projects for many years.
NETRA (NEtworking TRaffic Analysis) is a software network developed by India’s Centre for Artificial Intelligence and Robotics (CAIR), a Defence Research and Development Organisation (DRDO) laboratory, and is used by the Intelligence Bureau, India’s domestic intelligence agency, and the Research and Analysis Wing (R&AW), the country’s external intelligence agency to intercept and analyse internet traffic using pre-defined filters.
The program was tested at smaller scales by various national security agencies, and is reported to be deployed nationwide as of 2022.
Lawful Intercept and Monitoring, abbreviated to LIM, is a clandestine mass electronic surveillance program deployed by the Centre for Development of Telematics (C-DOT), an Indian Government owned telecommunications technology development centre.
LIM systems are used by the Indian Government to intercept records of voice, SMSs, GPRS data, details of a subscriber’s application and recharge history and call detail record (CDR) and monitor Internet traffic, emails, web-browsing, Skype and any other Internet activity of Indian users.
The National Cyber Coordination Centre (NCCC) is an operational cybersecurity and e-surveillance agency in India. It is intended to screen communication metadata and co-ordinate the intelligence gathering activities of other agencies. Some have expressed concern that the body could encroach on Indian citizens’ privacy and civil-liberties, given the lack of explicit privacy laws in the country.
Telecom Enforcement Resource and Monitoring (TERM), formerly known as Vigilance Telecom Monitoring (VTM), is the vigilance and monitoring wing of the Indian Department of Telecommunications (DoT).
TERM is made up of 34 Cells in India’s 22 telecom circles and 10 large telecom districts, each headed by a Senior Administrative Grade (SAG) level officer, termed as Deputy Director General (DDG).
The main functions of TERM Cells are vigilance, monitoring and security of the network. Apart from this, TERM Cells also operate the Central Monitoring System (CMS), a clandestine mass electronic surveillance program, and carry out other functions.
The Central Monitoring System, abbreviated to CMS, is a centralized telephone interception provisioning system installed by the Centre for Development of Telematics (C-DOT), an Indian Government owned telecommunications technology development centre, and operated by Telecom Enforcement Resource and Monitoring (TERM) Cells.
The CMC system is going to be set up in each major state collocated with the TERM Cells. Telecom operators in India are required by law to give access to their networks to law enforcement agencies.
Meenakshi Ganguly, the South Asia director of Human Rights Watch, felt that the move toward extensive “surveillance capabilities enabled by digital communications” suggests that governments are now “casting the net wide, enabling intrusions into private lives”.
Ganguly also felt that increasing surveillance around the world was an attempt by governments to “grapple with the power of social media that can enable spontaneous street protests”.
(To receive our E-paper on whatsapp daily, please click here. To receive it on Telegram, please click here. We permit sharing of the paper’s PDF on WhatsApp and other social media platforms.)