May 28, 2024

By Nakshatra Gujrati & Pratham Mathe, the authors are law students.

pegasus spyware

INTRODUCTION

In our day-to-day life we tend to disagree with people on certain issues and then we try to persuade them with our point of view. When we present our argument, we need to back it up with logical evidence so that the other person is forced to believe our side. Similarly, in legal trials, the courts require ‘evidence’ to prove what is being asserted. Evidence means to prove the existence or non-existence of certain alleged facts.

Not every evidence is admissible by the courts, it is the Indian Evidence Act, 1872 that stipulates what kind of facts need to be proved? What kind of proof is to be given of those facts? Who is to give that proof? & How is that proof to be given?

This paper starts with tracing the evolution of evidence Act in three stages; the first stage is ancient stage wherein both Hindu & Muslim Administration[1] contributed in establishing foundations of evidence law in India. Then comes the British era, wherein consolidation of common law principles pertaining to evidence happened and uniformity was brought in the application of law. The third stage is modern era of 2000s, when Information Technology Act, 2000 was introduced and with that Indian Evidence Act was amended.

The Information Technology Act, 2000 was brought in with an intent to regulate e commerce in India and support its growth. At the same time, electronic evidence was rapidly being presented in Indian courts thus, during its enactment the Indian Evidence Act, 1872 was amended and sections 65A[2] and 65 B[3] were introduced as special law to deal with the electronic evidence. The 65B stipulates which electronic evidence is admissible and what conditions it must fulfil for that matter. The Indian evidence act defines document as any matter on which inscription is made and thus the definition of electronic document was substituted by it. But the present paper seeks to explain that the judicial interpretation of this section has created lacunae in the law which may lead to gross miscarriage of justice. After the introduction of section 65A & 65B in Indian Evidence Act, 1872 which pertains to admissibility of electronic evidence was added after enactment of Information Technology Act, 2000. Section 65B (4) states that a certificate must be adduced with the electronic evidence. This provision has depended on whims & discretion of judiciary, furthermore, the researchers have argued in this paper, that mere adducing the certificate guarantees no quality & veracity of the electronic evidence. Pegasus is a type of spyware developed by the Israeli cybersecurity firm, NSO Group. The Pegasus spyware is designed to infect and take control of a target’s mobile device, allowing the attacker to access and monitor the device’s communication, including calls, messages, emails, and social media activity. Pegasus can virtually snoop out anything from the device ranging from call recordings to the videos in phone gallery. Moreover, there must be a procedure established by any law to determine what to extract from the device and how to, which is completely absent as of now. The authors of this paper examine what more is required to ensure quality & accuracy of evidence.

Research Methodology

The method used in this paper is doctrinal method of research. The primary objective of the doctrinal method is to analyse and interpret legal sources in order to develop a comprehensive understanding of legal principles and their application to specific legal issues. This involves identifying relevant legal authorities, examining their content and context, and synthesizing them to create a coherent legal argument.

Objectives

  1. To examine applicability of section 65B of Indian Evidence Act, 1872 in the era of Pegasus Spyware & Remote Administration Tool (RAT).
  2. To highlight the lacunae created by section 65B of the Indian Evidence Act, 1872 and possibility of miscarriage of justice.

Statement of Problem

The Citizen Lab Report reveals that devices of Indian journalists, academicians & politicians have been infected by Pegasus spyware. Also, the observations made by US forensic firm in Rona Wilson’s case regarding possibility of remotely planted evidence in his laptop calls for serious attention to admissibility of electronic evidence under section 65B of Indian Evidence Act, 1872.

Research Questions

  1. Whether the section 65B of Indian Evidence Act, 1872 fails to incorporate evidences obtained from malware infected devices?
  2. Whether the requirement of certificate as mentioned under section 65B (4) of the Indian Evidence Act, 1872 serves any useful purpose?

EVOLUTION OF EVIDENCE ACT

The evolution of Indian Evidence Act can be divided into three parts, Part I – Ancient times A, Part -II – Enactment of Indian Evidence Act & Part III – Admissibility of electronic Evidence under Indian Evidence Act.

Ancient Times

In ancient times, a person who had grievance, be it of civil or criminal nature, the parties were called in and complainant was to write complaint[4] in presence of the defendant. The burden of proof remained upon the complainant in both civil and criminal matters[5]. This is contrary to the modern practice of prosecution upon whom burden of proof lies against the defendant. Hindu Law recognised two types of proofs[6] – divine and human, it was a time when reliance was placed on ordeals. Ordeal is referred to a test of guilt or innocence during which accused is subject to immense pain, survival of which is taken as proof of innocence.

The ancient system relied on circumstantial evidence to a great extent. After the Hindu period came to an end, it was the Muslim rulers who established their kingdom in India. Though, non-Muslims were not mandated to follow Islam or Islamic principles of marriage and inheritance[7] but it was the Islamic criminal law that was applicable to both Muslims and non-Muslims equally. It was the Muslim era when for the first time the institution of vakils was introduced. Vakils were the professionals who represented their clients in a legal dispute. With the new criminal law in force, i.e., Islamic criminal law, there were certain changes introduced in law of evidence. Unlike Hindu law, the Muslim evidence law didn’t define what relevancy is, it was just assumed that a party to dispute will usually only bring evidence relevant to prove his contention. The trial by ordeal was unknown to Muslim law.

Enactment of Indian Evidence Act 1872

The Indian Evidence Act was enacted in 1872 during the British colonial period in India. It was based on the English Evidence Act of 1851, which had been introduced in England to reform the common law rules of evidence and make them more systematic and accessible. The British administration in India[8] recognized the need for a similar law in India to replace the complex and often contradictory rules of evidence that had been inherited from the various indigenous legal systems. The Act was drafted by Sir James Fitz James Stephen[9], a British jurist and judge who had previously served as a legal adviser to the British colonial government in India. Stephen drew on his own experience as a barrister in England, as well as on the works of legal scholars and practitioners in India, to create a law that was both practical and sensitive to local customs and practices.

The third pre independence law commission report of 1861 contained draft evidence law. The third law commission aimed to have codified substantive laws for India based on laws of England. After the lex loci report[10], English law was declared as law of the land for India. The Indian Evidence Act was enacted to bring uniformity and coherence to the law of evidence across India. The act introduced several new concepts and rules, including the presumption of innocence, the burden of proof, the rule against hearsay, and the admissibility of evidence. The act also recognized certain types of evidence, such as documentary evidence and expert testimony. Over the years, the Indian courts have interpreted and applied the Indian Evidence Act, leading to the development of various principles and doctrines of evidence law in India.

Information Technology & Evidence Act

The Information Technology Act, 2000 was brought in with an intent to regulate e commerce in India and support its growth. At the same time, electronic evidence was rapidly being presented in Indian courts thus, during its enactment the Indian evidence act was amended and sections 65A and 65 B were introduced as special law to deal with the electronic evidence. The 65B stipulates which electronic evidence is admissible and what conditions it must fulfil for that matter. The Indian evidence act defines document as any matter on which inscription is made and thus the definition of electronic document was substituted by it. Recently, the apex court has ruled that WhatsApp chats are also admissible as evidence[11].

WHAT IS PEGASUS SPYWARE

Pegasus is a type of spyware developed by the Israeli cybersecurity firm, NSO Group[12]. The Pegasus spyware is designed to infect and take control of a target’s mobile device, allowing the attacker to access and monitor the device’s communication, including calls, messages, emails, and social media activity. It can also access the device’s microphone and camera, allowing the attacker to record conversations and take photos or videos without the target’s knowledge[13]. The Pegasus spyware is often installed on a target’s device through phishing messages or other forms of social engineering. Once installed, the spyware can be difficult to detect and remove, as it operates silently in the background and can even disguise its own presence. The use of Pegasus spyware has been highly controversial, as it has been linked to numerous instances of government surveillance and the targeting of activists, journalists, and political opponents. The NSO Group has stated that it only sells its spyware to law enforcement and intelligence agencies for use in combating terrorism and other serious crimes, but there have been concerns that it has been used for political purposes as well. In recent years, the use of Pegasus spyware has been the subject of several high-profile investigations, including the alleged targeting of human rights activists, journalists, and government officials in countries around the world.

Indian Government Allegedly Procures Pegasus

The OCCRP[14] gained access to import data which shows Indian Intelligence Bureau (IB) procured hardware that is used to operate Pegasus from NSO in 2017 as a part of major defence deal between India and Israel. The import data shows that on April 18, 2017, IB received the hardware from the NSO group. The report observes that –

“The consignment included Dell computer servers, Cisco network equipment, and ‘uninterruptible power supply’ batteries, which provide power in case of outages, according to a bill of lading obtained through a global trade data platform that draws on national customs documents.”[15]

The report also states that, though it cannot be conclusively said that the hardware was used for Pegasus, but the brochure for Pegasus lays down certain equipment and the equipment so imported, matches the description. Two senior officials on condition of anonymity[16] confirmed that Indian govt procured Pegasus in 2017.

When officials from OCCRP approached IB and questioned for the allegations levied against them, they didn’t respond. Moreover govt. unequivocally dismissed all the allegations of procurement of Pegasus. They consider it as a political maneuver, the central govt also didn’t file a detailed affidavit in the apex court regarding this issue.

M L Sharma vs Union of India (October 2021)

In ML Sharma vs Union of India[17], the Hon’ble Supreme Court ordered for constitution of a committee to probe into the matter of Pegasus snooping and remarked that government cannot escape by merely pleading national security. The court also observed during passing the order that respondent union was given multiple opportunities to file a detailed affidavit surrounding petitioner’s concerns and it didn’t do so. The court then directed a formation of committee headed by retired justice R.V Raveendran.

WHAT IS ELECTRONIC EVIDENCE UNDER THE ACT

Electronic evidence refers to any evidence that is in the form of electronic data or information, including emails, text messages, social media posts, digital photographs, videos, and computer files. The Indian Evidence Act recognizes electronic evidence as admissible in court under certain conditions. Section 65B of the Act specifies the requirements for admissibility of electronic evidence. According to this section, electronic evidence must be accompanied by a certificate that confirms that the electronic record was produced by a computer or electronic device, and that the computer or device was in proper working order when the record was produced. The certificate must also identify the person who produced the electronic record and confirm that it has not been tampered with or altered in any way. In addition to the requirements set out in Section 65B, electronic evidence must also meet the other requirements for admissibility under the Indian Evidence Act. For example, it must be relevant to the case, and it must not be excluded by any other provision of the Act. The court will also consider factors such as the authenticity and reliability of the electronic evidence when determining its admissibility. Overall, the Indian Evidence Act recognizes the importance of electronic evidence in modern legal proceedings and provides a framework for its admissibility and use in court.

The Pegasus Problem

The subsections of section 65 (B) seek to ensure that the “output produced by the computer is generated in lawful way and ordinary course of business”[18]. The section 65B (4) stipulates that the electronic evidence must accompany with a certificate that describes the source of evidence. The problem is, the court presumes that the source mentioned in the certificate is true and thus the veracity and accuracy of evidence is not to be questioned.

SECTION 65B CONUNDRUM

It is not feasible to present the electronic device which stores the concerned document (evidence) in a court of law. As the device contains personal data other than the document whose procurement is necessary for trial, submission of the device raises various privacy concerns. Thus, Section 65B (1) deals with this issue.

Section 65B (1) enables the accused to present a secondary document bypassing the common law evidentiary principle that when best evidence (original document) is available, no secondary (copy) evidence may be produced provided it satisfies the conditions listed in Section 65B (2): 

“(i)the computer must have produced the output in a period when it was regularly used to store/process information for activities regularly carried out by a person in lawful control over it. (ii) during that period of time, said information must have been regularly fed into the system in the ordinary course of said activities. (iii) the computer should have been operating properly, if it was not working, then it must have been such as to not affect the electronic record or the accuracy of the information contained in it. (iv) the information in the electronic record must be a copy of, or derived from, the information that was fed into the computer in the ordinary course of the activities.”[19]

The sub-section 65B (4) speaks of a certificate which contains evidence of the information under clauses (a), (b), or (c) of sub-section (4). Whether this certificate is mandatory has long been contended. The problem with the certificate is it only seeks to certify the source, say for example I am producing tax receipt records of Microsoft India, I need to give a certificate that I have obtained the said records from Microsoft India office’s computer and I had lawful authority over it. The court will not question me further, what if I prepared the said records from my own computer device. This is the lacunae with certificates, the authors of this paper suggest something more than certificate for admission of electronic evidence must be required.

The Certificate Requirement & Judicial Stance

In 2003, the courts have mandated the parties submitting electronic evidence to couple it with certificate. In the parliament attack case[20] the appellant contended that certain call records submitted by the prosecution are inadmissible as the prosecution has not submitted the Certificate under Section 65 (4). The court ruled that the certificate under section 65B (4) was merely an “alternative mode of proof”[21] . The court held that oral evidence is equally sufficient. In State (NCT of Delhi) v. Navjot Sandhu (‘Afsan Guru’)[22], the court again accepted the oral testimony to be sufficient. The court held that even if Section 65B (4) is not satisfied, the evidence may be admitted under Section 63 and 65 of the Evidence Act.[23] These decisions relaxed the standards for electronic evidence.

At the same time many courts, many courts continued to demand the certificate under Section 65B(4) and ignored these judgements. Thus, making the position that the admissibility of electronic evidence will rely upon judicial discretion.

The Mandatory Certificate: Anvar vs Basheer

In the case of Anvar P.V. v. P.K. Basheer[24], P.K Basheer, the respondent in an election, was elected to the Kerala Legislative Assembly in 2011. The petitioner challenged his election under Section 100(1)(b), Representation of People’s Act, 1951 on the grounds that the propaganda in the form of songs, speeches, and announcements had been defamatory. He argued that this amounted to corrupt practices and the respondent’s election and prayed for setting aside the election. The Respondent in return challenged the admissibility of the evidence of the CDs containing the propaganda on the grounds that requirements under Section 65B have not been met as the Certificate under 65B (4) was missing. The Kerala H.C dismissed the petition. The petitioner approached the Supreme Court which highlighted Section 59 which prohibits the use of oral evidence to prove contents of any document and Section 65A which states that electronic evidence is to be submitted only by following the requirements of Section 65B. It comes to three significant conclusions: first, all the conditions under sub-section (2) are mandatory. This understanding appears to be in consonance with the language used in sub-sections (1) and (2) of §65B, as noted earlier in this paper; second, the submission of certificate under Section 65B (4) is mandatory. The Supreme Court held that since no certificate was produced at the time when computer output was generated, the evidence was inadmissible. The petition got dismissed. Thus, if at the time of admission of electronic evidence, the party omits to get a certificate, the evidence becomes inadmissible. If a party wishes to use any alternative method to satisfy the conditions under Section 65B (2), it would not be possible. However, various High Courts still do away with the requirement of adducing certificate and hence the position of law is somewhat uncertain here.

The Problem With Certification

Firstly, the contention lies in the position that “whether failure to produce certificate under section 65B (4) by prosecution is fatal to its case?”, according to Anwar case, it is. It is pertinent to mention here that the certificate only seeks to describe the manner in which it is produced by a computer and satisfying conditions above. It has to be signed by an officer who is in charge of the operation or management of related activities. The said information must be best of the knowledge of person stating it. How can we say that the given information is best of knowledge? Why court presumes that once certificate is granted, the electronic evidence is undoubtedly admissible.

CASE ANALYSIS: RONA WILSON & CITIZEN LAB REPORT

The Amnesty International and Citizen lab together uncovered a spyware operation against 9 Human right defenders[25], out of these 9 activists at least 3 of them were targeted by Pegasus also[26]. The organizations collectively advised the Indian authorities to conduct an independent investigation to figure out any nexus between government agencies and spyware providers. To date there was no response by the Indian authorities in this regard. Rona Wilson is a human rights activist who was also in the target’s list of Pegasus and accused in the Bhima Koregaon Case[27]. The Citizen Lab and Amnesty together[28] described how Netwire[29], a commercially available spying tool was used to plant evidence in the activist’s device. The Massachusetts based forensic firm Arsenal[30] found that evidence was planted via decoy pdf mailed to him, which is corroborated by Citizen Lab’s research. These spywares utilize zero-day vulnerabilities of the operating system[31]. The zero-day vulnerabilities are such vulnerabilities which are unknown to the vendor and manufacturer, these are not human flaws rather these are software’s own flaws that are detected by spywares and then exploited to enter target’s device[32]. The report shows some phishing mails were sent to activists like Rona Wilson, Isha Khandelwal and others which were executable files with a decoy pdf[33]. The evidences so planted were used in conviction by the courts. 

Pegasus can surreptitiously enter into target’s device and can steal files from it. As per the reports, Pegasus can also copy files from the attacker to target’s device without his information. This can lead to planting of false evidences in target’s phone. The Citizen lab and Amnesty International released combined research describing a spying tool Netwire was used to plant evidences in the devices of Bhima Koregaon case accused. The Massachusetts based forensic firm Arsenal found that evidence was planted in Rona Wilson’s device which was corroborated by the report by the citizen lab. The Article 20(3) protects the accused from self-incrimination which includes furnishing documents as held by the hon’ble apex court. As the courts have allowed inspection of mobile devices, the possibility of planting false evidences in those devices will lead to self-incrimination. It is also submitted that Pegasus violates fundamental tenets of criminal law, the first principle states that an accused has a right to know the evidence presented against him, the second principle states that an accused has the right to rebut evidence presented against him, but it is necessary to have first principle in place to rebut the evidence. If the evidence is planted during trial and it comes up suddenly, the accused’s both the rights are useless and an innocent will have to suffer which violates the principle ‘Let hundred guilty go free, but one innocent must not be punished’. The Indian courts have held that even illegally obtained evidences are admissible and if this principle is followed, the consequences will be detrimental.

RM MALKANI & ADMISSIBILITY OF ILLEGAL EVIDENCE

In the case of R.M Malkani[34], it was held that even illegally obtained evidence is admissible with some cautions. In the case of Navjot Sandhu[35], it was held that “There is a warrant for proposition that even if evidence is obtained illegally, it is admissible”[36]. In the case of Umesh Kumar[37], it was held that “there is no bar in admission of a document as evidence procured by illegal means”[38]. It is clear from the forensic evidence[39] that there is possibility of the evidence being planted into target’s device remotely by the attacker. If the evidence is obtained at a later stage which is termed as illegal but still admissible, it will have deleterious effect on criminal justice system. It is hard to determine whether the evidence was true or fabricated because of advanced technology, thus there must be a thorough analysis of evidence admitted from the devices which weren’t found earlier by the police.

It has been established that Pegasus can virtually snoop out anything from the device ranging from call recordings to the videos in phone gallery. Moreover, there must be a procedure established by any law to determine what to extract from the device and how to, which is completely absent as of now. The Telegraph Act[40] and Information Technology Act[41] of 2000 are the only laws in India that allows surveillance over telephone and electronic devices. From section 5(2) of the Telegraph Act[42], it is very clear that, firstly, there must be an occurrence of either any public emergency or there must be a danger to public safety. Furthermore, the section says that there must be authorization by the central government or a state government. In the impugned case, there was no reason to believe that there existed any public emergency while breaching into devices of journalists, lawyers, politicians and academicians. There must be a boundary set by the judiciary to admit illegal evidence, especially when it comes to electronic evidence.

THE LACUNAE IN LAW

The first implication derived from section 65B is doing away the common law evidentiary principle to produce the evidence in its original form, and in absence of that, secondary evidence can be adduced. It is understandable that when this section was incorporated, computer technology was not that sophisticated and it was nearly impossible to produce the same. But now the devices have become smart and sleek, the courts must now prefer to call in the devices and put them under scanner, rather than admitting certified copies of WhatsApp texts[43].

In 2019, WhatsApp revealed that there happened a breach in devices of Indian journalists and activists via WhatsApp call because of a vulnerability[44]. As established earlier in this project, the RAT or remote access tool & the Pegasus can interfere into the device and plant evidences. It becomes crucial in such cases to call in these devices in the court and give the accused a chance to inspect and express its reservation. Secondly, as recently upheld by the supreme court in the case of Arjun Pandit Rao case[45], that the certificate under section 65B(4) is mandatory. As established earlier in this paper, mere requirement of certificate is not sufficient, with the rapid increase in use of electronic devices and development of sophisticated malwares, the legislature and court must together figure out a way to curb this menace.

FINDINGS

As the researchers had started with the objectives mentioned in the beginning of this paper, following are the findings after examining statutes, recent cases & their interpretation: –

  1. The section 65B is somewhat obsolete in present times. The exception it created to produce secondary evidence in case of electronic evidence even if original is available, is a loophole that is being misused as observed in the case of Rona Wilson.
  2.  The Pegasus cannot be regulated by present statutory guidelines and the only use is misuse of the tool, the lacunae created by the act as established in this paper must be addressed and judiciary must correct its position.

CONCLUSION

The researchers described what Pegasus is & what are its capabilities if it clandestinely breaches someone’s device. Pegasus is a kind of remote access tool that can be used by the attacker as a protocol to transfer falsely created incriminating evidence and plant it in the victim’s device without his knowledge and any trace. The present provisions of law are inadequate to deal with such tool, however the lacunae created by RM Malkhani case, i.e blanket admission of illegal evidence must be plugged by the judiciary itself by limiting ‘what is the process to obtain that evidence’ & the courts must start questioning the source of electronic evidence obtained under section 65B of the Indian Evidence Act, 1872.

RECOMMENDATION: What Needs To Be Done?

The mere demand to produce certificate is not sufficient, the courts must look beyond certificate. Though, it might be argued that it is not the task of judiciary, but the court’s reliance on presumption that whatever source has been mentioned in the certificate is sacrosanct is something that is impractical. Following are some points that authors suggest:

  1. There must be proper time stamp of examining mobile devices and computer devices when they are examined to obtained electronic evidence & the principle established to admit illegal evidence over the time must be revisited. The courts must set some boundaries when it comes to admissibility of electronic evidence obtained illegally.
  2. If evidence is produced at a later stage during trial, the accused must be allowed time and resources to establish the possibility of the evidence being planted, but care must be taken off to balance interest of justice also.
  3. The OCCRP & Amnesty together devised a toolkit to check for Pegasus breach, the courts must task the police force to use the same in case there are concerns of device manipulations.
  4. It is the time that courts must uniformly ask for certificates under section 65B for producing electronic evidence, but mere adducing the certificate should not extinguish prosecutions liability to further satisfy the court with veracity of source and information contained therein.
  5. When feasible, the courts must try to appreciate original electronic evidence instead of asking a secondary copy of the evidence as provided under 65B, the section added was much appreciable, but given the advancement in technology, original electronic evidence is not a far-fetched dream.

[1] V.D Kulshrestha, Outlines of Indian Legal & Constitutional History ( 6th edn, Eastern Book Company 2020).

[2] Indian Evidence Act, 1872, §.65A

[3] Id, §. 65B.

[4] V.D Kulshrestha, Outlines of Indian Legal & Constitutional History ( 6th edn, Eastern Book Company 2020).

[5] Vepa P Sarathi, ‘HISTORICAL BACKGROUND OF THE INDIAN EVIDENCE ACT, 1872’ (1972) JILI 1, 3.

[6] Id.

[7] Id, note 5.

[8] M.P Jain, Outlines of Indian Legal & Constitutional History (15th edn, Lexis Nexis 2021).

[9] Sir Fitz James Stephen, A Digest of Law of Evidence (2nd edn, Macmillian & Co. Ltd 1936).

[10] M.P Jain, Outlines of Indian Legal & Constitutional History (15th edn, Lexis Nexis 2021).

[11] Arjun Panditrao Khotkar v Kailash Kushanrao Gorantyal (2020) 7 SCC 1.

[12] The Wire Staff, Import Data Shows IB Bought Hardware From Israel Matching Kit Used for Pegasus, OCCRP Says, The Wire (Feb 11, 2023, 8:00 AM), Import Data Shows IB Bought Hardware From Israel Matching Kit Used for Pegasus, OCCRP Says (thewire.in).

[13] Editor, Massive data leak reveals Israeli NSO Group’s spyware used to target activists, journalists, and political leaders globally, Amnesty International ( Feb. 11, 2023, 9:02 AM) Massive data leak reveals Israeli NSO Group’s spyware used to target activists, journalists, and political leaders globally – Amnesty International.

[14] The Wire Staff, Pegasus Project: 174 Individuals Revealed By The Wire On Snoop List So Far, The Wire (Feb. 11, 2023, 8:16 AM), https://thewire.in/rights/project-pegasus-list-of-names-uncovered-spyware-surveillance.

[15] Id.

[16] Id, note 12.

[17] Manohar Lal Sharma v Union of India 2021 SCC OnLine SC 985.

[18] Id, note 2, §. 65B (4).

[19] Id.

[20] State v Mohd. Afzal (2003) 107 DLT 385.

[21] Id.

[22] State (NCT of Delhi) v. Navjot Sandhu, (2005) 11 SCC 600.

[23] Id.

[24] (2014) 10 SCC 473.

[25] Editor, India: Human Rights Defenders Targeted by a Coordinated Spyware Operation, Amnesty International (Feb. 15, 2023, 8:00 AM), India: Human Rights Defenders Targeted by a Coordinated Spyware Operation – Amnesty International.

[26] Id.

[27] Anupama Katakam, Bhima Koregaon case: planted evidence?, Frontline (Feb. 17, 2023, 5:30 PM), Bhima Koregaon case: planted evidence? – Frontline (thehindu.com).

[28] See, Annexure A/5, Citizen Lab & Amnesty International Combined Research on Pegasus, 61-63.

[29] Id.

[30] Editor, Planted evidence: Rona Wilson files plea in Bombay HC seeking dismissal of case against him, The New Indian Express (Feb. 17, 2023, 7:30 PM), Planted evidence: Rona Wilson files plea in Bombay HC seeking dismissal of case against him- The New Indian Express.

[31] Kyle Chivers, Zero-day vulnerability: What it is, and how it works, Norton (Feb. 17, 2022, 9:50 PM), Zero-day vulnerability: What it is, and how it works (norton.com).

[32] Aditya Saroha, Pegasus Issue: What are zero-click attacks and how do they infect smartphones?, The Hindu (Feb. 18, 2022, 9:15 AM), Pegasus Issue | What are zero-click attacks and how do they infect smartphones? – The Hindu.

[33] See, Annexure A/4, OCCRP: About Pegasus Project, 56-57.

[34] R.M. Malkani v. State of Maharashtra, (1973) 1 SCC 471.

[35] State (NCT of Delhi) v. Navjot Sandhu, (2005) 11 SCC 600.

[36] Id, at para 154.

[37] Umesh Kumar v. State of A.P., (2013) 10 SCC 591.

[38] Id, at para 34.

[39] Supra, note 10.

[40] Id.

[41] Information Technology Act, 2000, No. 21, Acts of Parliament, 2000 (India).

[42] Supra, note 29.

[43] Editor, Pegasus breach: India denies WhatsApp hack amid outrage, Bbc News (Feb 18, 2023, 4:30 PM), Pegasus breach: India denies WhatsApp hack amid outrage – BBC News.

[44] Editor, Pegasus breach: India denies WhatsApp hack amid outrage, Bbc News (Feb 18, 2023, 4:30 PM), Pegasus breach: India denies WhatsApp hack amid outrage – BBC News.

[45] Arjun Panditrao Khotkar v. Kailash Kushanrao Gorantyal (2020) 7 SCC 1.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: