IT Act Well-Equipped To Deal With Hacking, Spyware: IT Minister Ravi Shankar PrasadUnion Electronics and IT Minister Ravi Shankar Prasad (Sanjeev Verma/Hindustan Times via GettyImages) 

The government on Wednesday (20 November) told the Lok Sabha that it is committed to protecting the fundamental rights of citizens, including the right to privacy, and that there are adequate provisions in the Information Technology (IT) Act to deal with hacking and spyware.

The government is also working on the Personal Data Protection Bill to safeguard privacy of citizens, and it is proposed to table it in Parliament, Minister of Information Technology Ravi Shankar Prasad said in a written reply in the Lok Sabha.

The government has taken note of the fact that a spyware/malware affected some WhatsApp users. According to WhatsApp, this spyware was developed by an Israel-based company NSO Group and that it had developed and used Pegasus spyware to attempt to reach mobile phones of a possible number of 1,400 users globally. The users include 121 people from India, Prasad said.

The government said some media reports attempting to malign the government of India for the reported breach are "completely misleading". The government is committed to protecting the fundamental rights of citizens, including the right to privacy, it said.

The government operates strictly as per provisions of law and protocols. There are adequate provisions in the Information Technology (IT) Act, 2000 to deal with hacking and spyware.

The ministry informed the House that the Indian Computer Emergency Response Team (CERT-In) published a vulnerability note on 17 May advising countermeasures to users regarding a vulnerability in WhatsApp.

Subsequently, on 20 May WhatsApp reported an incident to the CERT-In stating that WhatsApp had identified and promptly fixed a vulnerability that could enable an attacker to insert and execute code on mobile devices and that the vulnerability can no longer be exploited to carry out attacks.

On 5 September, 2019 WhatsApp wrote to CERT-In mentioning an update to the security incident reported in May 2019, that while the full extent of this attack may never be known, WhatsApp continued to review the available information.

It also mentioned that WhatsApp believes it is likely that devices of approximately one 121 users in India might have been attempted to be reached.

Based on media reports on 31 October about spyware Pegasus, CERT-In issued a formal notice to WhatsApp seeking submission of relevant details and information, IT ministry said in details.

(This story has been published from a wire agency feed without modifications to the text. Only the headline has been changed.)

An Appeal...

Dear Reader,

As you are no doubt aware, Swarajya is a media product that is directly dependent on support from its readers in the form of subscriptions. We do not have the muscle and backing of a large media conglomerate nor are we playing for the large advertisement sweep-stake.

Our business model is you and your subscription. And in challenging times like these, we need your support now more than ever.

We deliver over 10 - 15 high quality articles with expert insights and views. From 7AM in the morning to 10PM late night we operate to ensure you, the reader, get to see what is just right.

Becoming a Patron or a subscriber for as little as Rs 1200/year is the best way you can support our efforts.

Become A Patron
Become A Subscriber