The draft National Encryption Policy prepared by an expert group formed by the DeitY, under Section 84A of the Information Technology Act, 2000 Rules, has suggested that users must be able to handover communication done using an encrypted medium (which includes almost every type of electronic communication). It is the responsibility of the user to store the data for 90 days from the date of transaction, and it must be made available to law enforcement agencies when demanded.
The text reads as follows:
“All citizens (C), including personnel of Government / Business (G/B) performing non-official / personal functions, are required to store the plaintexts of the corresponding encrypted information for 90 days from the date of transaction and provide the verifiable Plain Text to Law and Enforcement Agencies as and when required as per the provision of the laws of the country”
In essence, it means that you cannot delete any electronic mail or message, and be able to retrieve it, when asked by the relevant authorities. This could be messages exchanged using WhatsApp or any medium which uses encryption.
The draft policy also suggests that service providers located within and outside India, using encryption technology for providing any type of services in India must enter into an agreement with the Government for providing such services in India. The draft policy also advocates usage of encryption technology for storage and communication within the group of users in the Government and between government and citizens.
The consequences of this act, if not thought through clearly, can be disastrous.
As a Twitter user, Pranesh Prakash (Twitter handle @Pranesh_Prakash tweeted, “All OSes will be illegal in India (IV.6 + V.3 of draft encryption policy) unless Microsoft, Apple, Red Hat, etc, sign agreement w/ govt”
The good part is that this is still in draft mode. The government has invited comments from the public, before it makes a final decision.
The entire report can be accessed here
You can send your comments by 16/10/2015 to Shri A. S. A. Krishnan, Scientist ‘G’, Department of Electronics and Information Technology, Electronics Niketan, 6, CGO Complex, Lodhi Road, New Delhi: 110003, Email: firstname.lastname@example.org
After furore over national encryption policy, Government exempts WhatsApp and social media messages from purview