India’s proposed amendments to income tax laws have sparked a nationwide debate on privacy, surveillance, and digital rights. With new provisions granting authorities the power to override access codes and potentially inspect encrypted apps like WhatsApp and Google Maps data, experts warn of a slippery slope where tax enforcement could infringe upon constitutional liberties.
New Powers for Tax Officers: Unlocking Doors—Physical and Digital
Finance Minister Nirmala Sitharaman has backed a controversial provision in the new Income Tax Bill, which will come into effect on April 1, 2026. The law grants authorized officers the right to “break open locks of any door, locker, safe, or digital device” to recover evidence of undisclosed income or assets. This includes overriding access codes to enter “computer systems or virtual digital space” if the suspect is believed to be concealing income.
Clause 247 marks a pivotal expansion of search-and-seizure powers—beyond physical locations—into digital realms like laptops, phones, cloud drives, and encrypted apps. This clause echoes powers under Section 132 of the existing I-T Act, 1961 but now widens the scope to include digital documents and data.
Critics argue that while the government aims to tackle black money, the provision risks granting sweeping intrusion powers without adequate checks and balances, especially when encryption is involved.
Also Read: Attention Startups! Showcase Your Smart Policing Solutions on India’s Biggest Stage
From WhatsApp to Google Maps: The Digital Dragnet
Authorities have already cited past instances where digital data led to the detection of unaccounted wealth—like ₹200 crore linked to crypto uncovered using WhatsApp messages, Google Maps history, and Instagram activity. But experts clarify that WhatsApp’s end-to-end encryption remains intact: the government cannot read message content without physical access to the device and encryption keys.
While the government can obtain metadata (e.g., user names, IP addresses, last seen info, contact lists) through lawful requests, actual messages remain inaccessible without device-level access. Cybersecurity experts also underline that digital forensic tools allow access to one-sided chats and metadata when devices are seized, but not full message histories.
Google, meanwhile, has responded to global concerns by updating its Location History feature. Going forward, location data will be stored locally on a user’s device instead of Google’s cloud—adding another layer of protection against overreach.
Privacy vs. Power: The Legal and Ethical Debate
Legal experts and digital rights advocates are divided. Section 17 of the Digital Personal Data Protection Act (DPDP)allows exceptions for national security and law enforcement, but the definition of “reasonable restrictions” remains vague. Without judicial oversight, there’s concern these powers could be misused.
Sitharaman defended the law by noting that similar clauses already exist under various enforcement laws. However, with citizens’ digital footprints now deeply embedded in messaging apps, navigation tools, and social platforms, the scope of “search” has fundamentally changed.
Tarun Wig, CEO of Innefu Labs, cautioned that while apps don’t share message content, metadata can still reveal behavioral patterns and is a goldmine for investigators.