After outcry, Govt withdraws draft on Encryption policy

RSTV Bureau
PM-n-Ravi-Shankar-Prasad

FILE: Union Communications and IT minister Ravishankar Prasad with Prime Minister Narendra Modi. Photo – PTI

Narendra Modi government has withdrawn the draft proposal of its New Encryption policy aimed at regulating the data of interactive internet services like WhatsApp, SMS, Emails and other cyber space interactions. The move came after the draft of New Encryption policy attracted controversy with several quarters, including the opposition parties, criticising the government and accusing it of over-regulation. Clarifying its position, the Union government said that draft is not the policy of the government but just a proposal which was to be improved upon post the suggestions from the stakeholders, including general public.

“I have asked the DIETY (Department of Electronics and Information Technology) to withdraw the draft with immediate effect,” Union Communications and IT minister Ravishankar Prasad said.

Conceding that the draft was “poorly worded”, Ravishankar Prasad further added, “Draft encryption policy is not the final view of the government… We will review it and bring better Encryption policy. Our government fully supports the freedom of social media.”

Soon after the Union government’s decision to withdraw the proposed draft, the principal Opposition party came down strongly on the Centre and Prime Minister Modi in particular.

“The Modi government wanted to keep 24×7 eye on the citizens and implement a new licence regime… If all data of an individual will be monitored or stored, then who will trust you? Individuals want to keep info private,” Congress spokesperson Randeep Singh Surjewala said addressing the press at AICC headquarters in the capital.

Photo courtesy: WhatsApp

Photo courtesy: WhatsApp

“In the past 15 months, Modi government’s motive is to subjugate the rights of anybody who is opposed to it. BJP-run Maharashtra government brought a note on sedition laws… Similar kind of example was seen when mobile internet was blocked for 6.5 Cr people of Gujarat,” the Congress leader added.

Prior to being withdrawn, the draft proposal of a new national Encryption policy, issued by the Department of Electronics and Information Technology, had mandated the users to store the messages and cyber ‘conversation’ through WhatsApp, SMS, Email or any such service for 90 days. The draft had further proposed to make them available when asked by the government agencies, failing at which the user may face legal action.

“All information shall be stored by the concerned B/C entity for 90 days from the date of transaction and made available to Law Enforcement Agencies as and when demanded in line with the provisions of the laws of the country,” the draft proposal had read.

The policy draft had also aimed at everyone to hand over their encryption keys to the Government, which would have meant that mobile phone applications and other interactive platforms would need to either register a kind of encryption service they use with the government, or sign up to use government-approved encryption services.

“Encryption products may be exported but with prior intimation to the designated agency of Government of India. Users in India are allowed to use only the products registered in India. Government reserves the right to take appropriate action as per Law of the country for any violation of this Policy,” the withdrawn draft read.

Further, the proposed policy, as per the withdrawn draft, was applicable on everyone including government departments, academic institutions, and citizens and for all kind of communications, both official and personal.

However, the draft proposal was soon denounced by several cyber law experts.

“It will create a license raj. There is very much concern around privacy of citizen. The policy wants messages to be given on demand. If my private information is sought by government, it should be done through courts,” Arun Sukumar, Head, Cyber Initiative said.

“There is also a possibility that the ‘plain text’ data can be manipulated by hackers, or by a government official with encryption keys who can manipulate stored data. How will an individual be protected against such attacks? An individual’s right to privacy is a fundamental right under Article 21,” Medianama Founder and volunteer for ‘Save The Internet’ forum Nikhil Pahwa claimed.

(With inputs from the PTI)