What is Pegasus : Has India turned into a Surveillant State?

There is a Bollywood song “Dheere Dheere Bol, Koi Sun Na Le” (talk softly or somebody might hear us).This song fits well on our leaders and media persons. There are a lot of things that they do not want someone else to listen. But, what if that actually happens?

On 18 Jul 2021, a news shook the entire world. Total 17 newspapers and web portals shared a news that an Israeli surveillance company’s database has mobile numbers of thousands of people of all around the world. The name of this company is NSO group and the spyware used was Pegasus.

This information was first collected by a non-profit Media company of France, Forbidden Story and Human Rights organisation Amnesty International. They then shared this information with 17 reputed news Agencies Like ‘The Guardian’, ‘Washington post’ and ‘The Wire’ from India.

The name for the investigation of this data was given ‘Pegasus Project‘. A total of 37 devices were identified in which samples of Pegasus were traced. Out of these 10 were indians. Majority of these 37 are Businessmen, NGO heads, Media persons, Politicians and Heads of constitutional bodies. At that time the big names reported were of Rahul Gandhi, Prashant Kishor among others. In following days when ‘The wire’ revealed further names, which included names of persons from constitutional bodies, defence and other agencies, a question that started hitting everybody’s mind was whether India has turned into a surveillant state?

Many opposition leaders started blaming government over this issue and called it an anti Nationalist activity and compromise with national security.

 

What is Pegasus?

Until 2 years back nobody knew anything about Pegasus. Only people with knowledge of Greek mythology can know that there was a horse which had Wings. This flying horse though has shook the entire Earth. In modern world Pegasus is basically a spyware which is used to hack devices.

A spyware is basically a dangerous software virus that secretly get into your computer or smartphone. It is a software with malicious behaviour that aims to gather information about a person or an organisation and send to another entity in a way that harms user. This spyware can then be used to access camera, record videos and what not.

As we know, a spyware can be installed in a device either by fitting hardware or by installing an application or by clicking a link. These different methodologies of installing Spywares have different names. But, Pegasus is many steps ahead. It can be installed in a phone without these methodologies.

How is it technically possible to install a spyware without human intervention?

To understand this, we have to go back in the year of 2013. A then computer intelligence consultant of National Security Agency(NSA) Edward Joseph Snowden in USA, leaked classified information. He disclosed numerous Global surveillance programs.

Telegram CEO, Pavel Durov has recently alleged that according to ‘Snowden revelation’ from 2013, both Google and Apple are part of the Global Surveillance program that means that these companies in addition to other things have to implement backdoor into their mobile operating system. These backdoors usually disguised as security bugs, allows US agencies to access information on any device in the world.

Now the problem with such back doors is that these bugs or back doors cannot be exclusive to just one party. It can be uncovered by other Agencies as well.

Keeping aside the ‘Snowden revelation’, other theory is zero-day vulnerabilities.
Zero-day vulnerabilities are flaws in a software code that have not been brought to the notice of its developers, thereby leaving it vulnerable to exploitation by hackers. So NSO might have used above methodologies to install Pegasus in the mobiles.

Once infected, all the user’s data is immediately compromised. Pegasus can record any conversation by microphone or camera, live GPS location is traced, personal data like passwords, contacts are recorded. The latest variant of Pegasus can access data from Cloud based accounts. It can even bypass two factor authentication making the compromised smart phone a digital spy.

Legality of methodology used to find out Pegasus infection!

Amnesty International has publicly revealed the methodology of this project. In addition to this it was independently reviewed by ‘The Citizen Lab’ based in Canada. This lab in its report found that methodology used to find out the Pegasus infection was absolutely correct.

Why did NSO make Pegasus?

NSO company’s name is short form of names of its three founders-

N- Niv Carmi S- Shalev Hulio O- Omri Lavie

NSO group claims that Pegasus was created so that government Agencies and law information Agencies can use it to fight against criminal activities and terrorism.

On their webpage it is written that Pegasus had been successfully used to rescue kidnapped children, assist emergency Search and Rescue (SAR), prevent terrorism and to catch drug dealers.

Mexican government once claimed that they used Pegasus to catch Mexican drug Lord El Chapo. So it appears that Pegasus is a great idea to make this world crime free. It is similar to that White Horse which has came from heaven to purge the world of crime and terrorism.

But All that glitters is not gold. A Mexican journalist who exposed several corruption scams in Mexico was murdered a few years ago. It has now been revealed that his number is also in the list.
Washington Post journalist Jamal was murdered allegedly by Saudi Arabian government. A few days before the murder, Pegasus was installed in mobile of Jamal’s wife.

Why government is on target?

What are the allegations by opposition parties?

Headline of Pegasus owner company NSO group’s website reads that government agencies can use their spyware to fight against terrorism and thousands of lives can be saved. It clearly implies that only government bodies can be client and it is almost impossible for a private organisation to take the services of NSO group.

If we think about India’s potential criminals; government might use this spyware against, names come like Hafiz Saeed, Dawood Ibrahim, Vijay Mallya, Nirav Modi etc. But list doesn’t include these names.

List includes opposition leaders, whistleblowers or journalist who wrote or covered some stories against present government. Also this happened in the time frame of mid 2018 to meet 2019, the time when general elections were about to happen in the country.

Congress party leader Rahul Gandhi and two of his close advisors are in the list.

Election strategist Prashant Kishor’s name is also in the list who in 2018 decided not to work for BJP in 2019 elections.

Another shocking name is a former election commissioner Ashok Lavasa, who during 2019 election campaigning shown the courage to point out that Narendra Modi and Amit Shah violated the model code of conduct.

Freelance journalist Rohini Singh who wrote about increase in Jay Shah’s company’s profits by 16000 times within 1 year is also in the list.

Journalist Swati Chaturvedi, who wrote a book on BJP IT cell is also in the list.

The list goes on and there are so many other journalists or heads of constitutional bodies who in one or other way questioned the wrong deeds of present government. So government in an obvious manner is under the radar.

Secondly, to install the spyware in 10 devices, cost was  around ₹ 5 crores in 2017. ‘The Hindu’ journalist Vijaita Singh broke an interesting piece of news in 2017. She wrote that Security Council Secretariat had a ten fold increase in budget within one year. Earlier it was rupees 33 crores which increased to rupees 333 crores. Now Vijaita Singh’s name is also there in the list. Senior lawyer Prashant Bhushan alleged that this increased ₹ 300 crores were used to pay Pegasus software. This budget increased to rupees 800 crores in coming year.

Also India is highest ranked on democracy index among 11 countries in which NSO clients were identified by Forbidden stories and partner. List of countries along with their democracy index ranking is Saudi Arabia (156), Bahrain (150), Azerbaijan 146, UAE (145), Togo (141), Rwanda (130), Kazakhstan (128), Morocco (96), Mexico (72), Hungary (55) and India (53). Spying is common in dictatorship not in democracy.

The other reason of government being on target is their response. Government has not reacted significantly. Government is one and again trying to prove it as an ‘international plot’ to malign present government. But, where French president Macron has changed his phone and many countries have started investigation, government’s reason of international plot is just not enough.

Morality and Legality of Surveillance?

Governments can legally and morally tap phones with good reasons. Indian Telegraph act 1885, section 5(2) permits government to tap phone for 60 days and in some cases up to 180 days. Nobody’s privacy is above national security. The only requirement is to have valid enough reason and prior permission from Cabinet Secretary and Chief Secretary of the state (in case of state governments is to be taken).

On 19 Nov 2019, IT Minister told that section 69 of the IT Act 2000 empowers the central government or state government to intercept, monitor or decrypt information generated, transmitted, received or stored in any computer resource in the interest of the sovereignty or integrity of India, the security of the state, friendly relations with foreign States or public order.

Government has authorised 10 Agencies which can tap phones namely,

Intelligence Bureau

Central Bureau of Investigation

Enforcement Directorate

Narcotics Control Bureau

Central Board of Direct taxes

Directorate of Revenue Intelligence

National Investigation Agency

The Research and Analysis Wing

Directorate of Signal Intelligence

Delhi Police Commissioner

Ministry of Home Affairs also stated that any interception or monitoring or description of any information from any computer resource can be done only by authorised agencies as per due process of law and subject to approved safeguards and standard operating procedures.

What should be government’s stand?

Press Club of India, PCI said that for the first time in India, all the pillars of democracy has been attacked, Judiciary, Parliamentarian, Media, Executive and Ministers. Dainik Bhaskar ran detailed report on Pegasus project on first page on 20 July 2021 and few days later an IT raid was conducted in their office. This can’t be just coincidence. These actions Govt should avoid.

IT minister in a response told that if name is in the list doesn’t mean spying is done and that is technically correct also. Amnesty also accepted that not all mobile numbers found were hacked but some were potential targets and some were already hacked.

You May Like:-

Space Tourism: Next Big Thing in Space Race!

7 Foods you should never eat after age of 30