By Ananthakrishnan G
The Supreme Court-appointed committee, which probed allegations of unauthorised use of Israeli NSO Group’s Pegasus software for surveillance, found no conclusive evidence on use of the spyware in the phones examined by it, but noted that the Central government “has not cooperated” with the panel, Chief Justice NV Ramana said on Thursday.
“They observed that the Government of India has not cooperated. Whatever stand you have taken here (in the court earlier), you have taken the same stand it appears, before the committee also”, the CJI, heading a three-judge Bench that perused the report by the committee told Solicitor General Tushar Mehta.Mehta replied, “I am now aware. I will not be able to respond.” The CJI said, “We are also not aware. Let’s examine the report.”Mehta urged the court to “kindly go through the report”, saying the Government may have answered leading questions put to it on the issue. “That’s right. That’s why we do not want to make any comment without looking into the report,” the CJI said.
The Bench, headed by CJI, also said that the committee examined 29 phones but did not find any conclusive evidence of Pegasus being used in any of them. “…inconclusive evidence…In five phones they found some malware, but it doesn’t mean it is a malware of Pegasus. That’s what the finding appears,” the bench, also comprising Justices Surya Kant and Hima Kohli, said after perusing the report.“Based on the above, it is concluded that 5 of the 29 phones may have had some infection due to a malware or due to poor cyber hygiene and data available is limited and hence inconclusive to determine…”, the CJI said, citing the report.
The three-member technical committee comprised Dr Naveen Kumar Chaudhary, Dean of National Forensic Sciences University in Gandhinagar; Dr Prabaharan P, Professor at Amrita Vishwa Vidyapeetham in Kerala; and Dr Ashwin Anil Gumaste, Institute Chair Associate Professor at IIT-Bombay. The panel was supervised by former Supreme Court judge Justice R V Raveendran.During the hearing of petitions seeking a probe into the issue, the Centre had “unequivocally” denied the allegations that it was involved in unauthorised use of the software. It had taken the stand that the matter involved issues of national security due to which it did not wish to put the details in an affidavit and make it a matter of public debate. It said it would divulge the details to a committee of experts who would examine the issue and urged the court to allow it to set up such a panel.
The court, however, turned down the request, stating that allowing the government to do so “would violate the settled judicial principle against bias, i.e., that ‘justice must not only be done, but also be seen to be done’. The court then appointed its own committee on October 27, 2021, directed that Justice (retired) Raveendran would be assisted by two other experts — former IPS officer Alok Joshi and cyber security expert Dr Sundeep Oberoi.
On Thursday, the bench, which opened the report in open court, pointed out that it was in three parts. The first part, it said, answered the court’s queries, including “whether…Pegasus…was used on phones or other devices of the citizens of India to access stored data, eavesdrop on conversations, intercept information and/ or for any other purposes not explicitly stated herein?” The second part contained the committee’s recommendations as sought for by the court to improve cyber security. And the third part contained the report of the supervising judge.
The CJI said the committee had stated that the report contained information about malware which can be exploited by criminals to get a lead over law enforcement agencies. It could also create new and more sophisticated malware, “information/research material related to malware, attribution that might pose threat to the national security apparatus” and “material extracted from private mobile instruments which may contain private confidential information”, the CJI said.“So they have said it is not to be published, nor for public distribution…,” said CJI Ramana, adding it appears there is a request from the persons who have given their phones, not to make the information public. “It is better to look into it and what portions we can release,” he said.Senior Advocate Kapil Sibal, appearing for one of the petitioners, said, “We understand there is some security, confidentiality, we don’t want Your Lordships to give us those. But your Lordships can give us a redacted report which takes away those parts and the balance can be given to us. Many of us have given our phones and if they found malware, we are entitled to know…”The CJI reiterated: “Let’s see what portions we can (release)”. He said, “You know that we are not experts in this. We have appointed these members after getting a lot of feedback and all that. To what extent they succeeded, what inputs they have given…how to go ahead, we will look into it.”
The court said there is nothing secretive about the report of Justice Raveendran, which will be uploaded on its official webpage.A counsel appearing on the side of the petitioners urged that national security should not be such an overriding factor while the court examines the report. The CJI pointed out that even in the order that set up the committee, the court had said that while it’s “a settled position of law that in matters pertaining to national security, the scope of judicial review is limited…this does not mean that the State gets a free pass every time the spectre of ‘national security’ is raised”.