LifeStyle

Govt Withdraws Draft Encryption Policy After Backlash: All You Need To Know

NEWS WORLD INDIA | 0
128
| September 22 , 2015 , 07:56 IST
WhatsApp-FI Government has decided to withdraw the new draft National Encryption Policy after it sparked a huge backlash on social media as well as from various political opponents. Information and technology minister Ravi Shankar Prasad said that the Draft encryption policy will be redrawn to specify who it will apply to. Earlier, government has said that WhatsApp, Snapchat and social media services will be exempted from the purview of the new draft National Encryption Policy. The draft new encryption policy had originally envisaged that every message sent through WhatsApp, SMS, e-mail or any such service must be mandatorily stored in plain text format for 90 days and made available on demand to security agencies. Encryption used in Internet banking and payment gateways, and those used for e-commerce and password-based transactions were also to be exempted. ALSO READ: Govt’s New Policy Will Make Deleting Your WhatsApp Messages A Crime! Here Is All You Need To Know
  • Information and technology minister Ravi Shankar Prasad said that the Draft encryption policy will be redrawn to specify who it will apply to. He said purpose of encryption was not related to social media messaging platform used by common man. He also said that the draft was not the final view of the government.
  • Hours after controversy erupted over government's plans to 'snoop' on every message sent through WhatsApp, SMS, e-mail or any such service, the Department of Electronics and Information Technology clarified that social media websites and applications will be exempted from the purview of the draft National Encryption Policy.
  • The mass-use encryption products, which are currently being used in web applications, social media sites, and social media applications such as WhatsApp, Facebook, Twitter etc are being exempted from the purview of the draft National Encryption Policy, said a proposed addendum to the policy posted on the department's website.
  • Encryption products used in Internet banking and payment gateways, and those used for e-commerce and password-based transactions will also be exempted.
Capture
  • The original draft of new encryption policy has said that every message that you send--be it through WhatsApp, SMS, Email or any such service--must be stored in plain text format for 90 days and made available on demand to security agencies. The move has triggered widespread privacy concerns and generated heated debate.
  • The original draft had also proposed legal action that could also include imprisonment for failure to store and produce on demand the encrypted messages sent from any mobile device or computer. The policy also wanted everyone to hand over their encryption keys to the government.
  • The draft proposed that users of encrypted messaging service on demand should reproduce same text, transacted during a communication, in plain format before law enforcement agencies and failing which the government can take legal action as per the laws of the country.
  • The proposed policy, issued by the Department of Electronics and Information Technology, would have applied to everyone including government departments, academic institutions, citizens and for all kind of communications -- be it official or personal.
  • Generally, all the modern messaging services like WhatsApp, Viber, Line, Google Chat, Yahoo Messenger etc, come with high level of encryption and many a time security agencies find it hard to intercept these messages.
  • "All information shall be stored by the concerned B/C entity for 90 days from the date of transaction and made available to Law Enforcement Agencies as and when demanded in line with the provisions of the laws of the country," the draft said.
  • The draft has defined 'B category' as all statutory organizations, executive bodies, business and commercial establishments, including all Public Sector Undertakings, academic institutions.
  • The 'C category' as per the draft are all citizens including personnel of government and business performing non-official or personal functions. "The common man is not likely to be impacted by this (proposal)," an IT Ministry spokesperson had earlier said.
  • In case of the user having communicated with foreigner or entity abroad, then the primary responsibility of providing readable plain text along with the corresponding encrypted information would be that of the user in the country, as per the original draft.
  • Besides this, all service providers located within and outside India that use encryption technology for providing any type of services in India must register themselves with the government, as per the draft.
  • The draft proposes to introduce the New Encryption Policy under Section 84 A of Information Technology Act, 2000. This section was introduced through amendment in 2008.
  • You can share feedback on the proposed national encryption policy by emailing akrishnan@deity.gov.in. The last date for public to comment on the draft is October 16, 2015.
  • The encryption document was prepared by experts of Department of Electronics and Information Technology (DeitY) which works under the Ministry of Communications and Information Technology.
ALSO READ: National Encryption Policy: Twitter Reacts To Latest Govt Draft On Deleting WhatsApp Message

Draft Encryption Policy Was For Snooping: Aam Aadmi Party | Focus News

[…] draft encryption policy, that the Centre withdrew following public uproar, was a tool for “snooping” and […]