Top

Government gives in to pressure, withdraws draft encryption policy

Online outrage forced government to take u-turn

New Delhi: After a huge outrage on the new policy by the government on Monday about how every social media data needs to be preserved by the internet user, IT Minister Ravi Shankar Prasad has finally withdrawn the draft encryption policy. Prasad stated that the purpose of the encryption was not related to social media messaging platform that is used by the common man.

He further mentioned that the draft encryption policy is not a final view of the government. The policy is withdrawn for further review and the government will later specify in detail as to whom it will apply to.

Following a public uproar over threat to privacy, the government today withdrew the draft encryption policy which made it mandatory for storage of all messages, including social media, for 90 days. "I personally feel that some of the expression used in the draft are giving rise to uncalled-for misgivings. Therefore, I have written to DeitY to withdraw that draft, rework it properly and thereafter put in the public domain," Telecom Minister Ravi Shankar Prasad told reporters here. Generally, all modern messaging services like WhatsApp, Viber, Line, Google Chat, Yahoo Messenger and the like come with a high level of encryption and many a time, security agencies find it hard to intercept these messages.

"Yesterday, it was brought to our notice that draft has been put in the public domain seeking comments. I wish to make it very clear that it is just a draft and not the view of the government. I have noted concerns expressed... by the public," Prasad said. As per the original draft, the new encryption policy proposes that every message a user sends -- be it through WhatsApp, SMS, e-mail or any such service -- must be mandatorily stored in plain text format for 90 days and made available on demand to security agencies. Prasad said the government under the leadership of Prime Minister Narendra Modi has promoted social media activism.

"The right of articulation and freedom, we fully respect but at the same time, we need to acknowledge that cyber space transaction is rising enormously for individuals, businesses, the government and companies," Prasad said. The draft proposed legal action that could entail imprisonment for failure to store and produce on demand the encrypted message sent from any mobile device or computer. The draft, issued by the Department of Electronics and Information Technology, was applicable on everyone, including government departments, academic institutions, citizens and for all kinds of communications -- be it official or personal. Besides, all service providers located within and outside India that use encryption technology must register themselves with the government, as per the draft. Prasad, however, maintained that there's need for an encryption policy which would apply to those who are involved in encrypting a messaging product "for a variety of reasons".

The policy was proposed under section 84 A of the Information Technology Act, 2000 through an amendment in 2008. The sub-section 84 C, which was also introduced at around the same time, carries provisions of imprisonment for any violation of the Act.

On Monday, users of the internet in India, especially those who use their mobile for WhatsApp, Facebook, Emails and similar communication, were in for a shock after the Government proposed a new policy that dictates everyone to compulsorily save all messages for a minimum period of 90 days. What this meant was that each individual will now have to store all communication in clear text format for a 90-day period and hand over the same as and when the law enforcement agencies in the country require it. Failing to do so would be considered illegal and you could end up in prison.

However, after a public outrage grew on the new draft proposal which mandated storing messages that people send through WhatsApp, SMS, E-mail or any such service, early Tuesday, the government decided to exempt all social media websites and applications from the purview of the National Encryption Policy. A proposed addendum to the policy said, the mass-use encryption products, which are currently being used in web applications, social media sites and social media applications such as WhatsApp, Facebook, Twitter are being exempted from the purview of the draft National Encryption Policy. Encryption used in Internet banking, payment gateways, and those used for e-commerce and password-based transactions will also be exempted from the new policy.

According to the earlier proposed draft encryption policy by the Indian Government, businesses and common citizens in India would have to mandatorily store all their communication over the internet for a minimum period of 90 days. This would include all your messages on email, WhatsApp, SMS, Twitter, Google Hangouts, BBM and few others that use encryption for sending and receiving data. It will be the government which will notify the type of encryption keys and algorithms to be used by businesses and citizens, giving them backdoor access to all communications.

( Source : Deccan Chronicle / PTI )
Next Story