Deleting WhatsApp, Google Hangouts messages could become illegal in India
NEW DELHI: You may soon need to keep a copy of all messages sent through encrypted messaging services such as WhatsApp (Android version supports encryption), Google Hangouts or Apple’s iMessage, for 90 days, if the proposed National Encryption Policy is implemented in its current form. Online businesses too would need to keep your sensitive information including passwords in plain text for the same period of time, thus exposing your information to potential hacking attacks.
The government has published a draft of the policy document online to seek feedback from citizens and organisations. It details methods of encryption of data and communication used by the government, businesses and citizens.
Here are some implications for citizens and companies if the policy is implemented in its current form ...
According to the draft, citizens may use encryption technology for storage and communication. However, encryption algorithms and key sizes will be prescribed by the government through Notification from time to time. This means that the government will determine the encryption standards for all and entities like Google and WhatsApp will have to follow the encryption standards prescribed by the Indian government.
What’s bizarre is that the draft lists specific guidelines for all citizens who use encryption services including instructions that individuals should store in plain text versions of communication for 90 days. So this may imply that you’ll have to store your WhatsApp messages for 90 days or face action in case asked to reproduce.
What’s appalling is that the government expects all citizens to be aware of encrypted communication and the way to store messages in plain text securely. A large number of users may in fact not even know that WhatsApp and iMessage use encryption.
As per the draft, "all citizens including personnel of Government / Business (G/B) performing non-official / personal functions, are required to store the plaintexts of the corresponding encrypted information for 90 days from the date of transaction and provide the verifiable Plain Text to Law and Enforcement Agencies as and when required as per the provision of the laws of the country."
The draft also proposes similar guidelines for B2B or enterprise users where data exchange is even more critical and for B2C communication. "On demand, the user shall be able to reproduce the same Plain text and encrypted text pairs using the software / hardware used to produce the encrypted text from the given plain text. Such plain text information shall be stored by the user/organisation/agency for 90 days from the date of transaction and made available to Law Enforcement Agencies as and when demanded in line with the provisions of the laws of the country," it adds. This implies that e-commerce websites will have to keep a plain-text copy of user details leaving their information vulnerable to hackers.
The policy also mentions that Service Providers located within and outside India, using encryption technology for providing any type of services in India must enter into an agreement with the government for providing such services in India. The government will designate an appropriate agency for entering into such an agreement with the service provider located within and outside India. This means WhatsApp, Apple and Google will have to sign agreements with the Indian government to provide services in the country as they use encryption technology. This will make the process more bureaucratic and create roadblocks for app providers. In its current form the policy could have a detrimental effect on the privacy of citizens and expose sensitive data to potential abuse.
"All vendors of encryption products shall register their products with the designated agency of the government. While seeking registration, the vendors shall submit working copies of the encryption software / hardware to the Government along with professional quality documentation, test suites and execution platform environments. The vendors shall work with the designated Government Agencies in security evaluation of their encryption products," the draft adds.
However, mass use products like SSL/TLS that are used for financial transactions are exempted from registration. Users in India are allowed to use only the products registered in India though. So using a service not registered with the government will be illegal. "Government reserves the right to take appropriate action as per Law of the country for any violation of this Policy," the draft categorically states.
The document has been drafted by an expert group set up under the Department of Electronics and Information Technology (DeitY) which comes under the union ministry of communications and information technology. All citizens can send their comments on the draft policy to akrishnan@deity.gov.in by October 16 and give suggestions.
Comments on this Article | |
Jossey Saldanha, Mumbai | Tue, September-22-2015, 3:32 |
I was among the first to protest on Facebook and this ban has been lifted. U-Turn Sarkar ...lol Agree[4]
|
Please note that under 66A of the IT Act, sending offensive or menacing messages through electronic communication service and sending false messages to cheat, mislead or deceive people or to cause annoyance to them is punishable. It is obligatory on kemmannu.com to provide the IP address and other details of senders of such comments, to the authority concerned upon request. Hence, sending offensive comments using kemmannu.com will be purely at your own risk, and in no way will Kemmannu.com be held responsible.
Similarly, Kemmannu.com reserves the right to edit / block / delete the messages without notice any content received from readers.
Final Journey of Judith Lewis (91 years) | LIVE From Kallianpur
Rozaricho Gaanch April, 2024 - Ester issue
Final Journey Of Theresa D’Souza (79 years) | LIVE From Kemmannu | Udupi |
Invest Smart and Earn Big!
Creating a World of Peaceful Stay!
For the Future Perfect Life that you Deserve! Contact : Rohan Corporation, Mangalore.
Final Journey Of Joe Victor Lewis (46 years) | LIVE From Kemmannu | Organ Donor | Udupi |
Milagres Cathedral, Kallianpur, Udupi - Parish Bulletin - Feb 2024 Issue
Way Of Cross on Good Friday 2024 | Live From | St. Theresa’s Church, Kemmannu, Udupi | LIVE
Good Friday 2024 | St. Theresa’s Church, Kemmannu | LIVE | Udupi
2 BHK Flat for sale on the 6th floor of Eden Heritage, Santhekatte, Kallianpur, Udupi
Maundy Thursday 2024 | LIVE From St. Theresa’s Church, Kemmannu | Udupi |
Kemmennu for sale 1 BHK 628 sqft, Air Conditioned flat
Symphony98 Releases Soul-Stirring Rendition of Lenten Hymn "Khursa Thain"
Palm Sunday 2024 at St. Theresa’s Church, Kemmannu | LIVE
Final Journey of Patrick Oliveira (83 years) || LIVE From Kemmannu
Carmel School Science Exhibition Day || Kmmannu Channel
Final Journey of Prakash Crasta | LIVE From Kemmannu || Kemmannu Channel
ಪ್ರಗತಿ ಮಹಿಳಾ ಮಹಾ ಸಂಘ | ಸ್ತ್ರೀಯಾಂಚ್ಯಾ ದಿಸಾಚೊ ಸಂಭ್ರಮ್ 2024 || ಸಾಸ್ತಾನ್ ಘಟಕ್
Valentine’s Day Special❤️||Multi-lingual Covers || Symphony98 From Kemmannu
Rozaricho Gaanch December 2023 issue, Mount Rosary Church Santhekatte Kallianpur, Udupi
An Ernest Appeal From Milagres Cathedral, Kallianpur, Diocese of Udupi
Diocese of Udupi - Uzvd Decennial Special Issue
Final Journey Of Canute Pinto (52 years) | LIVE From Mount Rosary Church | Kallianpura | Udupi
Earth Angels Anniversary | Comedy Show 2024 | Live From St. Theresa’s Church | Kemmannu | Udupi
Kemmannu Cricket Match 2024 | LIVE from Kemmannu
Naturya - Taste of Namma Udupi - Order NOW
New Management takes over Bannur Mutton, Santhekatte, Kallianpur. Visit us and feel the difference.
Focus Studio, Near Hotel Kidiyoor, Udupi
Earth Angels - Kemmannu Since 2023
Kemmannu Channel - Ktv Live Stream - To Book - Contact Here
Click here for Kemmannu Knn Facebook Link