News that Pegasus, spyware developed by the Israeli cyberarms firm and was used by the Indian government to spy on journalists, chief justices, head of election commission, activists, and many others, has surprisingly invited only muted criticism at the blatant invasion of privacy. There are varied reasons for the lack of adequate outrage.
The reason being many of us share our personal and intimate moments on social media, well aware that it reaches a large audience, and hence the revelation that government is privy to our private lives is hardly scandalous, considering that a lot of personal data is already in the public domain. This argument does not take into account that not everyone is comfortable in sharing their personal lives, and even if they do share certain aspects, those choices cannot be derivative of the decision that every individual’s entire private life is up for scrutiny.
Another sentiment along similar lines is that people accorded sharing their data with private companies, and hence have lost the right to complain if their lives are mined by the government. This notion belies the concept of consent. Agreeing to Terms of Services with a private company (even if without reading the document in its entirety) is a contract with only that company, not an open invitation for perusal by anyone.
Another justification is that spying is hardly a novelty, considering that phone tapping already existed and the current technological advancement merely eased it. Today it’s a matter of following one’s digital footprints. This is akin to saying, that murders happened before, and guns have made it easier as it’s now merely a matter of pulling the trigger, but this argument does not mitigate the horrors of the crime or provide a justification for complacency.
That is precisely why with technological advancements, governments in the U.S., EU, South Korea, Japan, Chile, Australia, Thailand, South Africa, and others slowly have been introducing laws to safeguard the privacy of its citizens in the new era. Thus we have laws like GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), COPPA (Children’s Online Privacy Protection Act) to name a few that attempt to ensure that data that can help to trace a user like IP address, location or device id cannot be stored by tech companies unless the user explicitly consents.
Device manufacturers like Apple and others are continuously coming up with updates to safeguard user’s privacy. Mostly user data helps to predict the relevant ads that can be served, that tech giants claim is an innocuous activity. The crux of the issue is not the intent of the tech companies or the government, or the harm their actions can inflict, but a matter of the fundamental right to privacy of citizens. One’s choices, preferences, marital woes, finances, political leanings are personal information, and they have a right to decide to share or not, and with whom to share.
While governments around the world are rallying to protect their citizens’ privacy by creating compliance standards for software companies, in India, citizens are rallying in support of the government’s illegal actions by justifying its parity with private actors. Instead of demanding the Indian government, too, protect citizens’ privacy from software companies, many are justifying illegal surveillance by the government under the guise of parity with unregulated private companies.
As psychologist Thomas Szasz says “Two wrongs don’t make a right, but they make a good excuse.
Governments are supposed to regulate the illegal behavior of private players, but today legality of subversion of fundamental rights of citizens is determined by private players’ actions. If left unchecked, soon we could be rewriting our constitution in accordance with a private company’s charter.
Swati Garg is a software engineer based in Seattle, and a board member of Hindus for Human Rights. She spends most of her life staring at the computer screen.