The controversy on the Pegasus spyware hacking in the devices of the various high-

class journalists’, judges’, and politicians is of a very grave nature and needs proper
and timely investigation. In a digital age where technology is taking over the world
the word ‘Privacy’ comes into play. Right to privacy is a Fundamental right
guaranteed by the Indian Constitution and taking away the right should have serious
consequences. According to the laws of the India, hacking is illegal and if the
government is doing so then the Judiciary needs to interfere which is currently
happening and proper detailed investigation is being carried on.

On the contrary, the government is denying any such claims of hacking. The software
of installing and using Pegasus is a costly affair and the laws relating to surveillance
in the country needs proper authentication by top officials of the centre as well as the
state which means that if such a thing is happening then officials at top level must be
aware and only with their consent is this spying possible and if the Apex court through
its findings come to a conclusion that hacking and spying was being done then the
government has to pay a very hefty penalty for that.

The Israeli NSO group that made the spyware made it for easement of the
governments to catch cyber criminals and stop the cases of terrorism and it has to be
limited to that use only. With the advancing digital era the use of software like
Pegasus will be much more common in the coming times and certain strict rules and
regulations regarding the same, not only does rule and regulation help in bettering a
situation but the proper adherence to the rules laid down would be very essential
otherwise there will be a lot of exploitation over the world by powerful and rich
people that has to be checked upon. The unchecked use of such spywares could lead to
the threat to democracy where people will not have free will, which is the very
essence of democracy.

The indian government has not been averse to the idea of mass surveillance and
has shown patterns of invading the privacy of its citizens repeatedly. The
evidence to support this claim can be found if one analyses India’s 3 main
surveillance projects– NATGRID, NETRA and CMS.  These are surveillance
systems that collect data in order to keep an eye out for anything that could
threaten national security. 

NATGRID enables investigation and law enforcement authorities to gain

real-time access to data held by organisations such as the Income Tax
Department, banks, insurance firms, the Indian Railways, and other
institutions. NATGRID has access to a total of 21 different types of data.
[business insider, 2020]
CMS is a centralised telephone interception provisioning system where the
NATGRID has access to real-time data. And that's exactly what it says on
the tin. It can monitor text messages, social media posts, and phone calls
without going through the middleman – telecom firms.

The third pillar of India's security infrastructure is NETRA. NETRA is

tracking everything you do online, not just on social media, while the CMS
taps into your phone's network. It can track any text-based messages,
including Facebook direct messages, personal emails, and internet blogs. It
can recognise words in encrypted messages using filters and keywords.

NATGRID undermines the right to privacy. 

NATGRID came into being as a result of government
notifications rather than legislation passed by Parliament.
According to Policy Research Studies India, while this expedites
the project's completion, it also undermines the system of checks
and balances that is vital to democracy.
Because NATGRID has access to private people' information, it
has an impact on their fundamental rights, such as the right to
privacy.

What roles do CMS and NETRA play?

After the terrorist bombing in Mumbai on November 26, 2008, the basic
logic for establishing CMS and NETRA was to monitor terrorist activity.
The issue with both of them boils down to a lack of openness in the absence
of data protection legislation. The general public has no way of knowing
whether or not their data has been intercepted, or how that data is being
used. CMS and NETRA allow for mass surveillance with the potential to
target large groups of people without a valid reason.