Context

• The 2008 Mumbai attacks, or 26/11, marked a pivotal transformation in India’s security governance.
• The televised siege and subsequent political debate centred on intelligence failure, particularly the inability to consolidate fragmented information about the movements and identity of the attackers.
• This event created an urgent climate for reform and opened political space for technological expansion within the national security apparatus.
• The most ambitious of these expansions was the National Intelligence Grid (NATGRID), envisioned as a centralized data infrastructure capable of supporting counter-terrorism operations.
• Over time, however, NATGRID has evolved into a broader surveillance architecture with legal, constitutional, and societal implications.

Origin, Expansion and Transformation of NATGRID

• Origins: A Technological Fix for Security Gaps
  • In the aftermath of the attacks, policymakers advanced a compelling counterfactual: had data trail fragments been aggregated and analysed in time, the attack might have been prevented.
  • NATGRID emerged as the institutional embodiment of this belief. Designed to allow multiple security agencies to query a wide range of governmental databases, it promised technological interoperability across organizational silos.
  • The project was approved through executive action rather than parliamentary legislation, raising concerns about the absence of statutory safeguards, privacy protections, and democratic oversight.
  • Although initially plagued by delays that fuelled scepticism, NATGRID would gradually mature into a functional system rather than a symbolic response.
• Expansion and Transformation
  • Recent developments indicate that NATGRID has undergone both operational scaling and conceptual broadening.
  • Data request volumes number in the tens of thousands each month, flowing not only from central intelligence units but also from state-level police agencies.
  • What began as a counter-terror resource has migrated into routine policing functions, expanding the scope of permissible queries and investigators with access.
  • More significant still is its integration with the National Population Register (NPR), a comprehensive demographic database containing detailed information on households and lineages.
  • The NPR’s political resonance, given its proximity to citizenship debates, intensifies concerns about population-wide profiling.
  • Through this integration, NATGRID appears to transition from monitoring specific security threats to mapping entire populations and their relational linkages.
  • Alongside integration, NATGRID now employs advanced analytical tools.
  • Platforms capable of entity resolution link fragmented digital identities across databases, while facial recognition systems trawl identity and telecommunications records.
  • In combination with machine learning models capable of predictive inference, NATGRID shifts from reactive investigation toward anticipatory surveillance.

New Risks: Bias and Scale in Algorithmic Policing

• Two contemporary risks distinguish this surveillance paradigm from earlier forms. The first lies in algorithmic bias.
• Data-driven policing systems do not operate on neutral ground; they inherit distortions embedded in the data they ingest.
• In settings where suspicion already falls unevenly along caste, religious, or geographic lines, analytics risk amplifying inequities under a veneer of objectivity.
• The consequences are unevenly distributed: administrative inconvenience for some, existential vulnerability for others.
• The second is the tyranny of scale. While officials emphasize query logging and sensitivity classifications as safeguards, procedural tracking does little to prevent normalisation when tens of thousands of queries are executed monthly.
• Without independent oversight, internal logging becomes administrative ritual, not accountability.

Misdiagnosing the Security Problem

• Reliance on expansive surveillance technology obscures a more fundamental lesson.
• The failures exposed during 26/11 stemmed less from insufficient data than from institutional fragility: inadequate training, poor coordination, and lack of professional autonomy.
• Security also suffers from political interference and informational opacity, conditions that technological aggregation alone cannot remedy.
• As NATGRID extends into ordinary policing, the original justification of preventing catastrophic terror recedes, while the risks to civil liberties intensify.

The Erosion of Oversight

• Despite the Supreme Court’s recognition of a constitutional right to privacy in 2017, national surveillance programs remain largely unexamined by legislative or judicial mechanisms.
• Public discourse has narrowed, with cultural narratives and political rhetoric rendering criticism of security institutions suspect or unpatriotic.
• In such an environment, even evaluating subsequent attacks or investigating institutional failures becomes politically fraught.

Conclusion

• The shock of 26/11 reshaped India’s security imagination, but the remedy pursued has been technologically expansive and democratically thin.
• NATGRID illustrates a shift from targeted counter-terrorism toward population-wide surveillance, enabled by modern analytics and legitimized through fear.
• Strengthening national security ultimately requires robust institutions, transparent intelligence practices, and independent oversight.
• Without these foundations, surveillance risks normalization, fostering an architecture of suspicion at the expense of democratic accountability.