The Cyber and Information Security division of the Ministry of Home Affairs, on 20th December, 2018, vide notification no. S.O. 6227(E) [Copy of notification] notified that in exercise of the powers conferred under Section 69 (1) of the Information Technology Act, 2000 read with rule 4 of the Information Technology ( Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009, the following Security and Intelligence Agencies, namely:—
(i) Intelligence Bureau;
(ii) Narcotics Control Bureau;
(iii) Enforcement Directorate;
(iv) Central Board of Direct Taxes;
(v) Directorate of Revenue Intelligence;
(vi) Central Bureau of Investigation;
(vii) National Investigation Agency;
(viii) Cabinet Secretariat (RA W);
(ix) Directorate of Signal Intelligence (For service areas of Jammu & Kashmir, North-East and Assam only);
(x) Commissioner of Police, Delhi.
have been authorized by the Competent Authority for interception, monitoring and decryption of any information generated, transmitted, received or stored in any computer, computer system, computer network, data, computer data base or software.
In which cases can the interception, monitoring or decryption be done?
If the Controller is satisfied that it is necessary or expedient so to do in the interest of the
- sovereignty or integrity of India,
- the security of the State,
- friendly relations with foreign Stales or
- public order or
- for preventing incitement to the commission of any cognizable offence,
Then after recording reasons in writing, the controller by an order may direct any agency of the Government to intercept any information transmitted through any computer resource. [Section 69(1)]
Some rules regarding the lawful interception or monitoring or decryption of information through computer resource.
Each case of interception, monitoring, decryption is to be approved by the competent authority i.e. Union Home secretary. These powers are also available to the competent authority in the State governments as per IT (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules 2009.
As per rule 22 of the IT (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules 2009, all such cases of interception or monitoring or decryption are to be placed before the review committee headed by Cabinet Secretary, which shall meet at least once in two months to review such cases. In case of State governments, such cases are reviewed by a committee headed by the Chief Secretary concerned.