Draft encryption policy withdrawn amid public protests over privacy concerns

After coming under fire from experts and netizens, IT Minister Ravi Shankar Prasad has withdrawn the draft encryption policy.

Published Date
22 - Sep - 2015
| Last Updated
22 - Sep - 2015
Draft encryption policy withdrawn amid public protests over priva...

Following the massive backlash, the draft encryption policy has been withdrawn by the government. Earlier, it had proposed an addendum to the policy, exempting banking and e-commerce transactions as well as social media applications from the regulations.

Union IT Minister Ravi Shankar Prasad has acknowledged that the draft encryption policy was poorly worded and has therefore withdrawn it. Since the news broke yesterday, social media websites have been buzzing with protests. Experts and netizens alike have criticised the draft policy drawn up under Section 84A of the Information Technology Act, 2000. The minister said that the draft is being reworked and has clarified that the rules will not affect individual users.

The original draft had proposed that any encrypted data or communication must be kept in plain text for a period of 90 days. The vague wording further contributed in creating panic among social media users. Although the government later clarified that social media won’t come under the purview of the policy, it still had too many flaws. Apart from the fallacious argument put forth in support of the proposed policies, it raised questions about the contentious issue of government surveillance. In essence, the policy would have vastly impeded the Digital India initiative. We’re all too familiar with the NSA surveillance controversy and internet users cannot be blamed for fearing the same. #‎ModiDontReadMyWhatsapp‬ has been trending on Facebook for the better part of the day. Users are voicing their concerns over the government’s attempt to turn the country into a surveillance state. Tweets are also pouring in, slamming the draft. Derek O’Brien (@quizderek)  tweeted “First you issue a draft encryption policy. Then you realize it is a daft encryption policy.”

An important aspect in this debate is the citizen’s right to privacy. The Centre has previously argued that the Right to Privacy may not be a fundamental right. This has some serious implications on a citizen’s right to use encryption technologies. Although the government has iterated its commitment to a free internet, the rights can be suspended in matters concerning national security. It therefore opens up the door to misuse of the provisions. There are precedents of the administration misusing a law to harass citizens. Section 66A of the IT Act had been one such provision, until it was struck down by the Supreme Court.

TheNextWeb said “The Indian government has made a fool of itself and caused anxiety among citizens with a woefully misguided proposal for a national encryption policy that it’s just released to the public for feedback.” Security experts have identified numerous loopholes that will compromise the data of users if the policy had been implemented. Government surveillance is something that we have to deal with at some level or the other. But, it should never endanger the very foundations of our democracy.