India backtracks on draconian social media policy

22 Sep 2015 | Author: | No comments yet »

After controversy over new encryption policy, government withdraws draft proposal.

The government beat a hasty retreat a day after Internet users in India learned the Draft Encryption Policy was recommending keeping tabs on their activities, which caused a huge outcry.The purpose of the policy is to encourage use of encryption technologies and products among governmental agencies, businesses and citizens for more secure communications and financial transactions in the cyber space.

Marking a u-turn in the chain of events that is the National Encryption Policy circus, Communications and IT minister Ravi Shankar Prasad has directed the relevant officials to withdraw the draft. However, after government’s retreat, social media websites, ‘web applications, social media sites, and social media applications such as Whatsapp, Facebook, Twitter etc’ stand exempted. It wanted businesses, telcos and Internet companies to store all encrypted data for 90 days in plain text which should be presented before the law enforcement agencies whenever asked to. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption key generated by an algorithm, which it turn generates a ciphertext that can only be read if decrypted. He also clarified that the purpose of encryption was not to interfere with the common man’s experience with social media and messaging and further stated that no ordinary consumer would be affected by the encryption policy.

Draft Encryption Policy: Since every messaging service and email, including WhatsApp and Gmail, use some form of encryption, this draft would cover almost all instant messages and emails. 3. In principle, it is possible to decrypt the message without possessing the key, but for a well-designed encryption scheme, large computational resources and skill are required. The original draft policy mandating that all classes of users ranging from regular citizens to business to academics would be required to maintain unencrypted (plain text) versions of their data and communications was met with widespread outrage, as evidence on social channels.

Even with the release of what appeared to be a hastily assembled addendum excluding social media communications, banking and e-commerce transactions, the draft was still rife with outrageous suggestions regarding the treatment of a person’s data. For instance, when a WhatsApp message is sent, it’s automatically encrypted or turned into scrambled text, which is then unscrambled for the recipient. The Premable to the draft policy states that encryption technology was traditionally deployed most widely to protect the confidentiality of military and diplomatic communication. However, the revolution in Internet technology, proliferation of online apps for communication and subsequent increase in their usage, expanded the scope of encryption to e-commerce and e-governance civilian applications.

Each time the government talks about a new initiative meant to bring in some law and order pertaining to digital rights, it somehow manages to come up with implications that could affect us far worse. This further led to the need to protect privacy and increase the security of the Internet and associated information systems and develop policies that favour the spread of encryption worldwide. The whole net neutrality saga continued for months with assurance from the government on how it supports free and equal Internet, and eventually made ‘certain changes’. Another term that stirred a controversy is that in case of communication with any foreign entity, the primary responsibility of providing readable plaintext along with the corresponding encrypted information shall rest on the business or citizen located in India.

Additionally, service providers located within and outside India, using encryption technology for providing any type of services in India, must enter into an agreement with the government. In the past, we’ve seen the blame game around the laws, usually the ‘hurriedly’ changed laws passed (after the inability to monitor encrypted messages during the Mumbai terrorist attacks) in the winter session of 2008 without any debate or discussion by bears the brunt. Earlier this year, we saw the government crack down the Section 66A of the 2008 Information Technology Act describing it “unconstitutional” and “hit at the root of liberty and freedom of expression, the two cardinal pillars of democracy.” No wonder then that the new draft policy was seen as totalitarian in nature, as it seemed to view every individual in the country as a potential criminal.

Pahwa also raises some serious questions in Medianama about how the Indian government expects users to know about all the communication taking place from their devices, given that most of the communication today is via apps or social media platforms.

Here you can write a commentary on the recording "India backtracks on draconian social media policy".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site