As Pegasus spyware developed by the Israeli NSO Group is back in the spotlight, just about anybody who leads a dual life is claiming he is being snooped upon by the government of India while, first, no media commentary cares to question what secrets the usual suspects need to hide, the possibility of revelation of which is giving them sleepless nights. Second, the security of an electronic device gets compromised always after the owner or user of the machine is lured by a temptation — making mind-boggling money, trying to inconvenience a rival, damaging a competitor in business, watching a sex clip or peeping into any other forbidden realm. What temptation did the high-profile mourners give in to, enabling Pegasus to penetrate their systems? Whereas confidentiality is a must even in legitimate exercises of non-governmental entities such as a political party’s planning or a corporate empire’s strategising, downright ridiculous allegations have been floated even by seasoned politicians. Yashwant Sinha, for example, has mused that EVMs can be manipulated using Pegasus too — without caring to learn that the spyware would not work without the internet and Indian electronic voting machines are standalone units that are not internet-linked.
The most vociferous protesters after politicians are activists. But at the moment, unlike in the period 2011-12, no assortment of NGOs threatens to overthrow the government. In these relaxed times, the administration does not have a pressing need to pry on the behind-the-scenes activities of the rabble-rousers. Yet, it is certainly possible that the government is monitoring closely the backroom deals of closet communists with foreign connections. The past seven years have given enough reason to the current regime to do so, what with international agencies and media propping up a few poster boys at a time and their Indian counterparts taking the cue and dancing to their tunes. In 2014, an upstart AAP had made it too obvious by fielding an entire list of beneficiaries of Ford Foundation as the party’s Lok Sabha election candidates. Meanwhile, the agenda of Amnesty International, Greenpeace and their ilk got exposed as they were found paying people to rant against Prime Minister Narendra Modi-led government. It will be naïve of this government not to unleash an army of sleuths on these dubious agencies.
However, what’s curious, now that the name “Pegasus” is occupying news headlines, every influence peddler is accusing the government of going after him using nothing but the private Israeli spyware as though no other means of electronic espionage were possible. This flies in the face of reports of data breaches by social media companies and message applications nearly every month, hardly any case of which could be linked to Pegasus. If somebody, who is no IT whizkid, believes her equipment has been bugged, how is she sure it was Pegasus that did it? Ask the woman who had accused former CJI Ranjan Gogoi of sexual harassment! The accusers also forget, or pretend to be unaware of, attacks by Chinese, Pakistani and other hackers. Now, it would be sillier if film actors were to start crying foul for alleged breaches of privacy, as one would never know if their grievance is genuine or they deliberately let loose photos and videos from their devices to create sensation before the release of their upcoming films on the advice of their public relations managers.
That a democracy must put in place safeguards is good rhetoric but bad science. Those demanding a new law or amendment of existing laws that deal with cybercrime forget that any legislation will be no match for a wickedly brilliant software engineer. Besides, individuals employing malware will easily go scot-free even when the law is able to catch a big organisation. WhatsApp’s legal victory against the NSO Group in October 2019 is a case in point; there were quite a few other instances when the popular messaging service went kaput and the company could at best cut a sorry face after the harm was done. The government of India knows very well prohibitions do not work in this domain, as has been evident in the case of the ban on pornographic sites. Clones mushroomed all over the webspace once the law was enforced on the most popular sites. Those who employ spyware wouldn’t care less if the law says their action is criminal.