Sumary of Justice Srikrishna: Data protection law would have held govt to account:
- The government would have been as answerable as any private entity for the alleged breach of privacy of individuals by Israeli company NSO Group’s Pegasus spyware, had there been a data privacy law in place in India, former Supreme Court judge Justice B N Srikrishna told The Indian Express.
- The data protection law would also have allowed those who have had their phones targeted, by the surveillance malware, to seek legal redressal, he said.
- The only way the government can access the data is by bringing a Parliamentary legislation, which empowers them to access data under certain circumstances,” Justice Srikrishna, who headed the government’s committee that drafted the original Personal Data Protection Bill, said.
- Earlier this week, a global collaboration of 17 media outlets, including The Wire from India, started publishing reports that said some 50,000 telephone numbers could have been targeted for surveillance by government clients of NSO Group.
- The leaked global database was accessed by French non-profit Forbidden Stories and global human rights organisation Amnesty International, and shared with their media partners.
- The Indian list of 300 “verified” numbers includes those used by “ministers, opposition leaders, journalists, the legal community, businessmen, government officials, scientists, rights activists and others”, The Wire said.
- Justice Srikrishna said while a concrete data protection law would have allowed people whose names have surfaced in the Pegasus Project reports to take the government to court for breach of privacy, they could do so “even now”.
- Anybody can move the Supreme Court under Article 32 and say my fundamental rights have been breached now as privacy is a fundamental right under Article 21. At least the issue will be public then,” he said.