Balancing Privacy and Surveillance in Digital Criminal Procedure in India

INTRODUCTION 

As India is a developing country so in the contemporary global landscape India’s status asadeveloping economy necessitates a proactive integration of emerging technologies andmodern method . To maintain its competitive edge in the global arena , the nation must transcend traditional framework and adopt innovative strageties that align with international standards because of which India is shifting from using traditional registration of FIRtoe-fir filing and registering of online complaints of a citizen though it has some advantages anddisadvantages . In this legal article we are going to analysis that does digital mechanismslike e-FIR compromise privacy in the name of efficiency? 

Applications for Digital Complaint Systems: Objectives & Benefit Many Projects Developan Online FIR Registration, Tracking and complaint Management SystemUsing Web-Basedor App-Based Technology to Improve Efficiency and Decrease Time Spent At the PoliceStation. Benefits Include: Faster FIR Registrations and Status Updates with Many Instancesof FIR Registration Times Being Shortened by More Than 50%. Improved Access to RemoteAreas and Persons with Disabilities or Those Injured In Accident. Immutable (Blockchain/IPFS) Tamper-Proof Complaint Records Limiting the Manipulation or Denial OfComplains The purpose of the revisions is to change the terminology fromoutdated words tothe current terms that exist because of the time when the Indian Penal Code was enactedin1860. Some substitutions are based on how people feel now; for example, the word “idiot”. Sometimes changing to modern terms causes an emphasis on how things look versus what they say. The previous Indian Penal Code Section 124A was for the crime of sedition, andthenew law Section 152 is closely related. The Reference to electronic communications acknowledges that people who “excite… or provoke” separist sentiments may use current means to do so. Seriously, because we have seen electronic communications referred toinconjunction with the recommendations in the new Telecommunications Act of 2023, thereare questions about accountability for online activities and the privacy of users. Accordingtothe new Telecommunications Act, internet communication service providers must be ableto”intercept, retain, disclose or withhold from public use any message”, which will meanthat some will have to violate the end-to-be-encrypted measures that currently exist to provideforthe privacy of the user. This raises concerns about the level of data protection and privacyusers currently have and demonstrates that things will operate completely differently for communication service providers now that these changes have been made.

∙ Reforms under 

→ Bharatiya Nagarik Suraksha Sanhita (BNSS) 

The New Evidence Code allows for digital or electronic evidence to have the same legal effect, validity, and enforceable characteristics as physical evidence. Because electronic communication is defined as a document, all electronic communications contain data that hasbeen saved, recorded, and stored in a memory device used for communication purposes. Thisimplies that electronic communications could form the basis for primary evidence.So eventhough electronic records are generally deemed admissible under the, many procedural roadblocks remain. Section 63(a) imposes limitations on the validity of electronic records generated from computer output in order to preserve the credibility of evidence derivedfromelectronic records. This means that while not required for every electronic record, there aresufficiently strict standards to be met in order for electronic records to be considered admissible. In terms of certification, section 63(4) grants certification of electronicallyfileddocuments only. Alternatively, establishes that all electronic records must be certifiedtobeadmissible pursuant to Section 65B of the Indian Evidence Act. Benefits of NewCriminal law reforms 

– Faster reporting 

– Transparency 

– Accessibility 

The BNSS includes some key provisions. Police officers are required to collect forensic evidence from locations where a crime has occurred, where the crime is punishable byatermof imprisonment of 7 years or longer from the execution of a search warrant (see Section176(3)); when a female officer collects the testimony of a female victim of a sexual offence, the testimony must be collected in their home or another location chosen by the female victimwhere the female victim can be assured that a parent/guardian/social worker is present withher (see Section 176(1)); forensic evidence may be collected using audio-visual means intheform of mobile devices; and (see Section 180(3)). 

The BNSS adds (among other things) advantages in several key areas, including – Strengthening cyber-crime investigations 

– Digital forensic data can be used to enhance (i.e. provide) evidence when prosecutingcyber-crimes. 

– Enhancing Investigative efficiency 

– Digital forensics allows law enforcement agencies to rapidly analyse evidence and facilitate/streamline investigations (i.e., saves time and resources) 

. – Increasing admissibility of digital forensic evidence 

– There are regulations in place that outline the requirements for maintaining a proper ‘Chainof Custody’ for digital forensic evidence; therefore, by following those regulations, the

chances that digital forensic evidence will be admissible as evidence in a court of lawareincreased 

DIGILATIAZATION IN CRIMINAL PROCEDURE 

Digital Criminal Procedure in India: Surveillance, Privacy and Online FIR’s The digitizationof the criminal procedure in India, particularly in relation to filing information or registeringa complaint online, is intended to enhance policing efficiency, transparency, and accessibility. The concurrent growth of AI-based surveillance systems and weak oversight also creates significant threats to privacy and due process. Research supports the potential benefits of e- policing systems but emphasizes the necessity for robust protections. 

DIGITAL RECORDS AND DATA BASE  

Digital Systems for Complaints/Complaints Management There are multiple projects that offer web/app-based systems designed to provide online FIR registration, tracking, andmanagement of complaints and reduce delays due to physical visits by citizens to their local police stations. Some of the benefits of these projects are: 

1. Faster FIR Registration and Confirmation of Status- Often have reduced FIRregistrationand confirmation of status time (e.g., by 70%). 
2. Accessibility to Rural Residents, Accident Victims, and People with Limited Mobility- Generally if located in an accessible area people can register complaints via these systems. Examples are people with limited mobility (e.g., disability), accident victims and peopleliving in rural areas. 
3. Tamper proof/Immutable Record of Transaction- If block chain/IPFS is being usedfor record-keeping, the record cannot be altered or denied. 

SURVILENCE THROUGH DIGITAL TOOLS 

AI-based technologies — predictive policing, facial recognition, and analytics at large scales— are becoming integrated into criminal investigations in India and result in pervasivelymonitored and profiled data. For example:

1. Surveillance use is controlled by executives, opaque, has little oversight fromthe court, and has broad powers of interception 
2. Algorithms are biased toward disempowered or marginalized people 
3. AI regulation in policing/e-evidence is weak and underdeveloped IMPACTS ON POLICING & CRIMINAL JUSTICE SYSTEM

Shoulders Greater Responsibility for Protecting Privacy of Individuals Data that the government grants to police authorities creates a higher obligation upon the authorities toprotect data and the data itself from unauthorized access and/or unlawful disclosure of their contents. Therefore, the police have a much larger responsibility for the secure storage of datain their possession than they did prior to October 2023. When the police hold electronic devices and/or records, they have the duty to maintain the integrity and security of thoserecords, and the State has a duty to administer and direct how police maintain records andelectronic devices by establishing an independent oversight body or agency. There are alsomany areas where the government has provided exemptions to federal law enforcement officers under the Federal Digital Personal Data Protection Act and whether those exemptionswill apply to obligations of law enforcement to have to manage personal digital data (e.g., due to officer misconduct) found in the possession of law enforcement or whether anyprivacy concerns exist with respect to the personal digital data in law enforcement’s possession unless otherwise mandated under federal law 

Privacy Concerns in E-FIR & Online Complaints ∙ Users don’t know how data is used 

∙ No clear privacy policies 

∙ How long is FIR data stored? 

∙ Sensitive complaints (rape, cybercrime) exposed 

∙ Tracking individuals beyond investigation 

∙ People hesitate to file complaints online 

The protection of citizen privacy rights in the face of the vast expansion of surveillance technology. Based on the above list of significant privacy risks and the proposals for protecting privacy in the face of these risks presented by scholars and practitioners, it is clear that there is a need for significant reform of both the privacy protections afforded to citizensin India and the police use of digital policing tools or technologies. The growth and adoptionrate of digital policing tools and technologies will likely continue to increase significantlyinIndia in the next several years. As a result, it is essential to actively develop legal frameworksthat protect the privacy of citizens in India while providing law enforcement the abilitytoeffectively investigate and solve crimes in an efficient and effective manner. This is critical because if the current and proposed digital policing tools and technology continue to be reliedupon without any effective external controls or accountability measures, there is the potential for widespread abuse of these tools and technologies by police agencies and personnel

throughout India. Because of the increasingly widespread reliance on digital policing technology and the increasing rates of digital policing in almost every aspect of police investigations and crime-solving, it is critical that the protection of the privacy rights of Indian citizens, particularly marginalized and identified vulnerable groups (e.g., racial, ethnic, religious), be paramount in the adoption and use of these technologies 

Legal Framework 

Empirical and legal academic literature offer many approaches to harmonizing digital efficiency with the protection of rights from being invaded. As an illustration, some authorsemploy post-Puttaswamy doctrine arguments to support the use of more rigorous thresholdtests for necessity, proportionality and the need for judicial oversight regarding the use of illegally obtained evidence when it comes to surveillance. 

Clear warrant standard-setting, time-limited preservation orders, cryptographically signedaudit logs, and proportionality in orders as applies to bulk powers can be implementedas safeguards to protecting people’s rights in cyber investigations without compromisinglawenforcement’s ability to conduct investigations quickly and efficiently. safeguards to protecting people’s rights in cyber investigations without compromising lawenforcement’sability to conduct investigations quickly and efficiently. 

The responsibility of AI monitoring includes demands for transparency criteria, reliabilitythresholds, and rules to allow the use of AI-produced evidence in criminal trials. FIRPlatforms based on blockchain technology ensure confidentiality, integrity, and protectionfrom illicit access to data. Moreover, they also establish a direct connection between securedstorage of complaints and the trust citizens have in the system and expectations regardingprivacy. Legal/Constitutional Rights to Privacy – This right under the Indian ConstitutioninArticle 21 also includes a right to privacy for digital data, and Courts have recognizedthat intheir decisions (e.g. the right to privacy in relation to limits to the ability of lawenforcement agencies to conduct electronic surveillance, access electronic data and the principle of proportionality in relation to any intrusion into privacy). However, at present, India does not have a fully comprehensive and consistently enforced data protection regime, and current privacy law protections are scattered and incomplete, existing only under the InformationTechnology Act, the Constitution, and new and evolving legislation for the Digital Age. 

Case Laws 

Include: 

Justice K.S. Puttaswamy v. Union of India AIR 2018 , SUPREMECOURT 

The K.S. Puttaswamy ruling serves as the constitutional basis for discussions about howto reconcile privacy with the surveillance aspects of digital criminal procedure suchasonline FIRs and e-filing of FIRs. Scholars have noted that Puttaswamy is relevant inthispresent digital environment in which the State as well as private persons have the abilityto collect vast amounts of data through Aadhaar, CCTVs, facial recognition, andother mechanisms. Puttaswamy can be used to object to mass or secret surveillance, datalocalisation and AI-based monitoring and to call for strong safeguards and oversight Talking about applying this analytical framework to the various e-filing/online FIR

systems: For online FIR portals, blockchain FIRs, and digital complaint forms, the collection and storage of personal data (name, phone numbers, details of the incident, IPlogs, etc.) raises informational privacy concerns as recognised by the Puttaswamydecision. The Puttaswamy case also raises the legal-necessity-proportionality standardsfor the use of these online filing systems to record and track information about citizensand to profile complainants i.e., [where] FIRs are linked to broader surveillance databases. The Puttaswamy ruling supports the inclusion of the following protections into the architecture of e-filing systems: Data minimisation and purpose limitationClearpolicies and guidelines for data retention and sharing Independent/judicial oversight for any use of FIR data for surveillance 

How Puttaswamy is Relevant to this Topic Aspects of the Topic Puttaswamy’s Relevance Citations Privacy in Online FIR/e-Filing Recognition of Informational Privacy as a Fundamental Right and survillence . 

Balancing Privacy vs SurveillanceEmpirical research and legal writing provide methods to harmonize rights protection anddigital efficiency by proposing: Constitutional privacy and proportionality — the aforementioned testing on the necessity or proportionate nature of an act to allowfor judicial oversight and the potential for a court to exclude illegally obtained evidence derived fromelectronic surveillance (the Puttuswamy doctrine) states that these are very important factors. Warrant standards must be clearly defined; preservation orders must be limited in duration; legally signed logs must be created using cryptographic methods; and percentage-basedbulkpower must be granted to authorities, maintaining the rights of the public without delayingpolice investigations into cyber crime . 

Accountability issues arise from the use of AI for surveillance; there is a growing needfor established norms of transparency, established reliability standards as required by the law, and rules for the admissibility of evidence obtained through AI Surveillance There needs tobe standardized, secure, overall government-regulated portals to capture data such as throughthe e-FIR system and maintaining the data by police to ensure its integrity as requiredbysection 124 of the Criminal Procedure (Identification) Act of 2022. 

Without these protections regarding the safeguards to assure the integrity of electronic datain connectivity with the data, the police create significant concerns for the safety and securityof citizens, in light of the sensitive data contained in the Criminal Procedure (Identification) 

Act of 2022. An infrastructure must be put in place that will properly manage, store andprotect data against security breaches; thus, the establishment of effective digital infrastructure is necessary to avoid potential data security breaches.18. 

Police Authority Has Expanded Substantially The new codes of criminal procedure significantly expanding the authority of law enforcement officers, specifically in regards tothe registration of First-Information Reports for non-cognizable offense after preliminaryinquiry, seizing of property, and making warrantless arrests. While there have always beenbroad discretionary powers granted to police officers, these powers have nowbeen expanded

Comparative Perspective 

∙ UK/US: judicial oversight in surveillance 

The United States has been one of the first and has the broadest body of cybercrimelegislation; Enacted a number of specific laws and amendments related to Cybercrime; is usually recognised as having the most laws regulating cybercrime globally. TheUnited Kingdom has put together a National Cyber Security Strategy and has classified types of Cybercrime, namely Cyber-dependent and cyber-enabled; has developed specialized policing units for Cybercrime. India’s IT Act and updatedcriminal laws are in place but due to the speed at which case loads are increasing, asaresult of cross-border scams and resource shortfalls that are a barrier for lawenforcement and the courts; enforcement resources are inadequate to keep pace withcrime. 

∙ INDIA 

The technical features implemented in digital and blockchain FIR systems will have a built-in, secure way to protect private data of individuals who file a complaint using the FIRsystem. However, India’s overall privacy and e-Governance system are still lacking in terms of legal protections, weak policies and low user awareness. Thus, even though the research shows that online FIRs can support privacy, they do not adequately or uniformly support individuals’ privacy rights due to issues related to implementation, regulation and oversight. Thus it shows India is a developing country but is not as good as US AND UK in sate of e- filingofcomplaint and cyber matters. Studies indicate that India’s National Cyber Crime ReportingPortal, an integrated nationwide system that connects the police, banks and other intermediaries, faces challenges; it has low awareness and usability rates, poor closure andefficiency levels, especially regarding financial fraud. The United States and United Kingdom are often cited as ideal models by other nations for creating cybercrime reportingportals and frameworks, having established more developed benchmarks and criteria that countries like India are seeking to adopt. The United Kingdom’s experience with their ActionFraud cybercrime reporting portal illustrates there are many parts of the Action Fraudportal that work very well but there are also parts of the Action Fraud system that do not workwell from the victim’s perspective, primarily due to low reporting rates and lack of feedbackprovided by the system. Therefore, “better” does not mean “problem-free”. 

Challenges 

Weaknesses and Risk Factors Related to a System Studies indicate weak privacy policies, lack of notifications, and potential serious data protection issues in most major government e-privacy applications. In addition to the above-mentioned studies, other analyses of the level of digital privacy protection provided by countries have produced similar conclusions about incomplete or inconsistent enforcement of these protections in India resulting in the riskof misuse of data, surveillance, and cybercrimes. Low levels of knowledge by the public andthecomplexity of consent processes result in limited understanding of how their data are collected and used by the citizens of India.

CONCLUSION 

The reforms reorganizing India’s criminal law system through the Bhartiya Nyay Sanhita (BNS), Bhartiya Nagarik Suraksha Sanhita (BNSS), and Bhartiya Sakshya Adhiniyam (BSA) support the increasing role of technology on the criminal side, as well as technology’s increasing use in the investigative process. The new legislation takes into account the high complexity of the evolvingcyber-crime landscape by updating existing provisions and creating tools that are more aligned withinternational standards. 

The suggestion I would like to state forward are as follows 

∙ Digital literacy campaigns 

∙ Strong data protection framework 

∙ Police training programs 

∙ AI-based fraud detection 

∙ Uniform implementation across states 

∙ Clear privacy policy in e-FIR portals 

∙ Limit data collection (data minimization) 

∙ Independent oversight authority 

∙ Judicial approval for data access 

∙ Strong encryption & cybersecurity 

∙ Awareness for citizens 

E-FIR represents a transformative step towards accessible justice, but its success depends onaddressing technological, legal, and social challenges. “Efficiency in justice cannot comeat the cost of constitutional freedoms . India’s digital criminal procedure research indicates vastly improved accessibility, speediness and transparency as the result of online FIR’s andcomplaints systems, when also linked to secure, tamper-evident storage systems. At the sametime, the broadening of AI enabled surveillance systems, under limited control frameworksalso poses a serious risk threat to constitutional protection (privacy), equity and due process. The key to achieving a sustainable balance will be embedding and regulating the followingelements directly into the design of e-filed FIRs, online complaints, and AI used in the criminal justice system: 

– Constitutional Privacy principles 

– Strong Data Protection mechanisms 

– Judicial Control of Surveillance 

– Strictly Evidentiary Standards 

CITATIONS

Apar Gupta, Data Protection and Privacy in India (Oxford Univ. Press 2020). Justice K.S. Puttaswamy (Retd.) v. Union of India, (2017) 10 SCC 1 (India). 

The Indian Telegraph Act, No. 13 of 1885, INDIA; The Information Technology Act, No. 21 of 2000, INDIA. 

The Digital Personal Data Protection Act, No. 22 of 2023, INDIA. 

People’s Union for Civil Liberties v. Union of India, (1997) 1 SCC 301 (India). K.S. Puttaswamy (Aadhaar) v. Union of India, (2019) 1 SCC 1 (India).