Friday, 8 April 2011

Encryption Policy Of India

Use of encryption has many benefits. From ensuring the security and integrity of electronic transactions, encryption also helps in avoiding illegal cell phone tapping and e-surveillance by private persons that is rampant in India.

There are no privacy laws in India and data protection laws in India. This means that sensitive and personal data is open for all sorts of abuses. For example, telemarketing woes in India are well known where privacy is openly and blatantly violated by telemarketing companies.

Similarly, data stealing through cyber espionage is well known in India. With a cyber criminal friendly cyber law of India, it is very difficult to punish the cyber criminals who engage in trans border cyber espionage.

Encryption has also become essential to defeat the illegal and unconstitutional electronic sniffing and e-surveillance approach of India. We have no lawful interception law in India and telephone tapping in India is done in an unconstitutional manner.

Indian government is pressuring companies like Skype, Google/Gmail, Research in Motion (RIM) Blackberry, etc for practically using no encryption services for their communications. For instance, India is pressurising Blackberry for providing unencrypted e-mail and telecom communications in India. By threatening to ban Blackberry services in India, the government has already obtained access to Blackberry’s messenger services. Now India is forcing the telecom service providers of India to drop Blackberry’s services if it does not provide free and unencrypted access to its services in India.

Encryption policy is also important for ensuring strong and effective telecom policy of India. However, encryption is an unresolved enigma in India. We have no encryption laws in India and despite the suggestions of many experts’ encryption laws and regulations in India are still missing.

India is compromising the Mobile Security of India and Mobile Governance in India by insisting upon a Weak Encryption Infrastructure, says Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of India. Mobile Cyber Security in India is not upto the mark and unencrypted communication would further increase the risks, claims Dalal. New Telecom Policy of India 2011 is in pipeline and it would be a good idea if Mobile Security Policy of India is also made a part of the same, suggests Dalal. The proposed Telecom Security Council of India can take this issue when constituted, suggests Dalal.

Let us hope that Indian government would consider and accept the suggestions of experts and would come up with a sound and effective encryption policy of India.