Following today morning’s clarification on the draft national encryption policy, which had proposed mandatory storage of all messages including those on social media for 90 days, the government decided to withdraw the paper, reports the Press Trust of India.
Speaking to reporters in Delhi, telecom minister Ravi Shankar Prasad said: “I personally feel that some of the expression used in the draft are giving rise to uncalled-for misgivings. Therefore, I have written to DeitY to withdraw that draft, rework it properly and thereafter put in the public domain.”
The government clarified that categories of encryption products are being exempted from the purview of the draft national encryption policy:
1. The mass use encryption products, which are currently being used in web applications, social media sites, and social media applications such as Whatsapp,Facebook,Twitter etc.
2. SSL/TLS encryption products being used in Internet-banking and payment gateways as directed by the Reserve Bank of India
3. SSL/TLS encryption products being used for e-commerce and password based transactions.
The original draft by the department of Electronics and Information Technology (DeitY) said that every message a user sends -be it through WhatsApp, SMS, e-mail or any such service – must be mandatorily stored in plain text format for 90 days and made available on demand to security agencies. Failure to do so could entail legal action which included imprisonment.
It’s worth noting that the government of India in separate cases has argued in the Supreme Court that “Violation of privacy doesn’t mean anything because privacy is not a guaranteed right” one week, and in case of porn and privacy, said “if someone wants to watch in the privacy of their bedroom, how can we stop that?” in another.
The draft paper also said that all service providers located within and outside India that use encryption technology must register themselves with the government.