Copyright infringement not intended

Picture Courtesy:  THE HINDU

Context

Government has integrated the National Intelligence Grid (NATGRID) with the National Population Register (NPR), allowing security and intelligence agencies to access family-wise details for around 1.19 billion residents.  

What is National Intelligence Grid (NATGRID)?

It is a powerful, technology-driven intelligence gathering and sharing mechanism established, under the Ministry of Home Affairs, after the 26/11 Mumbai terrorist attacks in 2008 to address gaps in inter-agency information exchange.

It is not a new intelligence agency; it functions as a secure, integrated platform that provides authorized law enforcement and intelligence agencies with real-time access to a vast array of citizen data.

• It empowers intelligence agencies to "connect the dots" and generate actionable intelligence to counter terrorism and serious crimes.

How NATGRID Functions?

NATGRID utilizes a federated database architecture to connect the query with the databases of 21 government departments and private providers, allowing authorized users a complete suspect profile without centralized data storage.

This tool is restricted to 11 central security and law enforcement agencies, recently expanded usage now granted to state police forces for officers of SP rank and above.

Recent Developments: NATGRID-NPR-CCTNS Linkage

NATGRID has been enhanced by its integration with two databases:

• Crime and Criminal Tracking Network & Systems (CCTNS): An MoU signed with the National Crime Records Bureau (NCRB) gives NATGRID access to the CCTNS database, which connects over 14,000 police stations across India. This provides access to a national repository of First Information Reports (FIRs).
• National Population Register (NPR): NATGRID has been linked with the NPR, granting security agencies access to the demographic and family-wise details of nearly 119 crore residents.

The integration of identity and transactional data in NATGRID enhances counter-terrorism by enabling advanced analytical techniques like predictive profiling and continuous monitoring, but also raises surveillance and privacy concerns. 

Constitutional Concerns and the Right to Privacy

The Puttaswamy Judgment (2017)

The Supreme Court, in K.S. Puttaswamy v. Union of India (2017), affirmed the Right to Privacy as a fundamental right under Article 21. Any state action infringing on this right must satisfy a crucial three-fold test.

1. Legality: The action must be sanctioned by a law.
2. Legitimate State Aim: The action must pursue a legitimate state interest, such as national security.
3. Proportionality: The violation must be necessary for and proportionate to the object it seeks to achieve. There must be a rational nexus between the objects and the means adopted.

Critics argue that NATGRID, in its current form, may not fully satisfy the "legality" test.

• Established by a Cabinet Committee on Security decision, not an Act of Parliament, raising legal foundation and oversight concerns.

Governance and Oversight Gaps

NATGRID lacks robust, independent oversight, resulting in governance gaps due to executive-driven decision-making and operations.

• Lack of Parliamentary Oversight: There is no dedicated parliamentary committee to scrutinize NATGRID's functioning, budget, and impact on civil liberties.
• Absence of Independent Audits: While the government claims internal safeguards exist, there is no provision for regular, independent audits to check for misuse or function creep.
• Opacity: NATGRID is exempt from the Right to Information (RTI) Act, 2005, which limits public transparency and accountability.

Democracies like the UK often need judicial warrants for intelligence data access, guaranteeing judicial review. US post-9/11 intelligence reforms also established oversight to balance security and civil liberties.

Way Forward 

Enact a Dedicated Statute: A specific NATGRID Act should be passed by Parliament to provide it with a clear legal mandate, defining its scope, powers, purpose limitations, and data retention policies.

Establish Independent Oversight: An independent oversight body, with judicial representation, should be created to audit NATGRID's operations, investigate misuse, and ensure compliance with the law.

Embed Privacy-by-Design: Technological safeguards like role-based access, data minimization (accessing only necessary information), and robust, unalterable access logs must be embedded into its core architecture.

Create Grievance Redressal Mechanisms: Citizens must have a clear and accessible mechanism to seek redress in cases of data misuse or wrongful profiling.

Conclusion

The success of NATGRID depends on balancing its power to provide timely intelligence for national security with the need for responsible governance and accountability to protect citizens' constitutional rights.

Source: THE HINDU