NEW DELHI: Allegations from Twitter’s former security chief that New Delhi forced the social media giant to put a government agent on its payroll have sparked fresh concerns among critics of Prime Minister Narendra Modi and his ruling Bharatiya Janata Party.
The issue was one of a host of accusations made by Peiter “Mudge” Zatko in a complaint to US government agencies, a redacted version of which was uploaded to The Washington Post’s website last week.
The Indian government has not commented publicly on the allegations and did not respond to an email from Nikkei Asia. Twitter in a statement called all the accusations “a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lack important context”.
The allegations regarding India, which include a claim that the government demanded its agent be granted access to sensitive data on users, come as digital rights activists increasingly shine the spotlight on the role of Big Tech in the country of nearly 1.4 billion people, fretting over possible erosions of civil liberties and free speech.
“We do not know enough about the nature of these allegations and to what extent they hold up, but if all of this is true then it is certainly a very concerning allegation to potentially have an agent of the government there,” said Prateek Waghre, policy director at the Internet Freedom Foundation, an Indian nongovernmental organization.
Nayeem Rather, a journalist who covers human rights, said: “On one hand, you have a platform like Twitter where you express your political opinions – but you are also afraid of who is reading it. Do they have access to my online networks? Do they profile me?”
A digital rights advocacy group, the Software Freedom Law Center (SFLC), has written a letter to the parliamentary panel on Information Technology, calling for a probe into the allegations and their impact on Indian users.
“The incredibly important role which the platform plays in realising the constitutionally protected freedom of expression in India, including dissent, is well established. Invariably, therefore, the impact of the allegations, if proven true, on Indian users will be significant,” it wrote. Over 20 million people use Twitter in the South Asian economic powerhouse.
The SFLC’s legal director added, “If these allegations are true (and) the government is gaining access to your private messages or your login details without following due procedure laid down in the law, then it is a matter of concern.”
Zatko was fired from Twitter in January for what the company said was poor performance. His broader allegations include that Twitter’s leadership misled its own board and government regulators about its security vulnerabilities, as well as not reliably deleting data of users who have cancelled their accounts.
In its statement, Twitter questioned the timing of Zatko’s disclosure, calling it “opportunistic” and saying it was intended “to capture attention and inflict harm on Twitter, its customers and its shareholders”.
“Security and privacy have long been companywide priorities at Twitter and will continue to be,” the company said.
The allegations come as Twitter is mired in a legal battle with Elon Musk, who is trying to back out of a deal to buy the company for US$44 billion. The billionaire entrepreneur has accused the company of lying about the number of bot and spam accounts on the platform. The company has also filed a petition in an Indian court challenging content-blocking orders.
Indian authorities have been tightening rules for technology giants operating there as the government ramps up oversight of one of the world’s largest digital markets.
New Delhi argues that many tech companies have pounced on gaps or loopholes in legal frameworks around the world to benefit their businesses, with Rajeev Chandrasekhar, junior minister for electronics and information technology, telling Nikkei Asia in July that the law must race to keep up with rapidly developing technology.
Authorities earlier this year also announced sweeping new requirements for virtual private networks (VPNs) and other online operators. The rules require VPNs, cloud providers and cryptocurrency companies to collect and store user data – including names, addresses, phone numbers, email addresses and IP information, along with usage patterns – for up to five years.
But experts do not expect India’s government to publicly address Zatko’s accusations anytime soon. “There isn’t much going to happen in India,” said Srinivas Kodali, a digital rights activist, based in the southern city of Hyderabad. “It will mostly play out in the US,” he continued, adding that authorities in Washington have been viewing the broader allegations from a national security perspective.