The government has said that it will exempt popular social media and web applications like WhatsApp, Twitter and Facebook out of the purview of the National Draft Encryption Policy. Secure banking transactions and password protected e-commerce businesses would also be exempted.
This change in the proposed policy came after protests from users who opposed any restrictions on they way they use their emails, social networks, or apps. The government has now proposed an addendum to the policy saying, “By way of clarification, the following categories of encryption products are being exempted from the purview of the draft national encryption policy:
2) SSL/TLS encryption products being used in Internet-banking and payment gateways as directed by the Reserve Bank of India
3) SSL/TLS encryption products being used for e-commerce and password based transactions.”
The National Encryption Policy was drafted by a panel from the Department of Electronics and Information Technology (DeitY). According to the daft, users of encrypted messaging services should be able to reproduce data in plain text format before law enforcement agencies whenever they are asked to. Users are also required to store the encrypted information in plain text for 90 days. If they fail to do either of these, the government can take legal action as per the law.
Banks and e-commerce websites use encryption to protect your financial as well as private data. Online government sites, as well as several other messaging platforms like WhatsApp use encryption to keep your personal data safe. The outcry is quite similar to the one that happened in when the government planned to ban BlackBerry Messenger services unless BlackBerry would give it access to its data.
DeitY has invited feedback from the public regarding the National Encryption Policy. Suggestions can be emailed to firstname.lastname@example.org by the 16th of October.