Indian govt proposes impractical encryption policy only to backtrack

22nd September 2015
Indian govt proposes impractical encryption policy only to backtrack

New Delhi, September 22 2015: A day  after  public  outcry and derision about seemingly unworkable provisions  envisaged in a new draft Encryption Policy, the Department of Electronics and Information Technology of the Indian government  has backtracked and exempt popular social media  from its ambit.
Section IV ( 7) of the original  draft  read:
"All citizens (C), including personnel of Government / Business (G/B) performing non-official / personal functions, are required to store the plaintexts of the corresponding encrypted information for 90 days from the date of transaction and provide the verifiable Plain Text to Law and Enforcement Agencies as and when required as per the provision of the laws of the country."
This meant  you and I could  delete  unwanted  junk in our Facebook  or Whatsapp folders  but had to preserve them for 3 months. What's more, without any legal sanction to abridge  our right to privacy the proposal  required citizens to provide plain text versions of such messages  virtually on demand.
The absurdity  of expecting  a nation of 300 million Internet users to  maintain bloated files of   old messages   seems not to have sunk into the framers of his draft  which could if unchallenged  well become law  and part of the IT ACT.
Fortunately the overnight storm of public protest  has had an effect:   
An amendment  to the draft  has been posted overnight and it reads: By way of clarification, the following categories of encryption products are being exempted from the purview of the draft national encryption policy:
1. The mass use encryption products, which are currently being used in web applications, social media sites, and social media applications such as Whatsapp,Facebook,Twitter etc.
2. SSL/TLS encryption products being used in Internet-banking and payment gateways as directed by the Reserve Bank of India
3.SSL/TLS encryption products being used for e-commerce and password based transactions.

The public  has till October 16 to  send  its views on the draft to akrishnan@deity.gov.in.  It has already spoken loud and clear and  forced the government to reverse one absurdity at least