India tried to make deleting instant messages and e-mails illegal

22 Sep 2015 | Author: | No comments yet »

13 things to know about WhatsApp encryption.

New Delhi: The Centre on Tuesday withdrew a controversial draft National Encryption Policy following a public outrage over government’s plans to snoop on every message sent through WhatsApp, SMS, e-mail or any such service.A new proposed addendum to the encryption policy clarifies ‘encryption products’ exempted from the policy include sites such as WhatsApp, Facebook, Twitter, payment gateways, e-commerce and password based transactions and more. Addressing a press conference in the national capital, Union I&B Minister Ravi Shankar Prasad said, “An expert committee, after elaborate study, had recommended the need for an encryption policy on social media.”” However, I want to make it clear that Draft Encryption Policy released yesterday is only a draft, and not the view of the Government, the Minister added. However, the government later on exempted Web and messaging services used by masses like WhatsApp, Facebook and Twitter from the proposed new encryption policy after an outcry.

The draft was formulated by an expert group set up by the Department of Electronics and Information Technology (DeitY) under Section 84A of the Information Technology Act, 2000. The rather stringent clauses in the draft raised questions over how popular communication channels such as instant messaging, banking, social media as well as e-commerce would be handled.

According to the draft, the government wants to ‘provide confidentiality of information in cyber space for individuals, protection of sensitive or proprietary information for individuals & businesses, ensuring continuing reliability and integrity of nationally critical information systems and networks, which is great, but some parts of the documents simply say otherwise. Encryption products used in Internet banking and payment gateways, and those used for e-commerce and password-based transactions will also be exempted.

Banks and e-commerce sites use this to protect one’s financial data, while government sites and other messaging platforms use it to protect one’s private data. The draft policy introduced under Section 84 A of the IT Act, 2000, says all the electronic information and communication will be introduced under the policy. The new policy states, “Only the government defines the algorithms and key sizes for encryption in India, and it reserves the right to take action for any violation of this policy.” Businesses will have to keep all encrypted data and make it available to law enforcement agencies as and when demanded. Another contentious point of the draft said users “shall reproduce the same Plain text and encrypted text pairs using the software/hardware used to produce the encrypted text from the given plain text.

We are talking about one’s private date here. “Service providers located within and outside India, using encryption technology for providing any type of services in India must enter into an a pact with the government for providing such services in India,” reads the draft. According to Pavan Duggal, an advocate who specializes in cyberlaw, the ISP license conditions formulated in 1999 mandated 40-bit encryption standard as de facto. As per the amendment, the government may only prescribe the modes or methods of encryption “for secure use of the electronic medium and for promotion of e-governance and e-commerce.” To prevent an intruder from getting access to your private messages through servers, messaging services like WhatsApp and Google Hangouts use end-to-end encryption.

This means that your messages are converted into a different format before being transmitted and the capability to convert them back to text or the ‘key’ is only available with the other user on his/her device. WhatsApp, Google Hangouts, Skype, Apple iMessage, Telegram, Viber, Line and BlackBerry Messenger use encryption to convert your chats to some undecipherable code that can be only decrypted by the recipient.

According to cyberlawyer Pavan Duggal, the policy document has been drafted with a PC-era approach totally neglecting the implications on mobile phones. This policy could make the encryption of personal data meaningless since the users – despite having an encrypted copy – would also need to keep a backup in non-encrypted format in another storage product.

Here you can write a commentary on the recording "India tried to make deleting instant messages and e-mails illegal".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site