Updated: September 24, 2015 12:01:42 am
The release and speedy withdrawal of the draft National Encryption Policy by the Centre must be some kind of record. Made public for comments on Monday, the policy attracted a firestorm of criticism, especially on social media, for legally requiring that end users retain their electronic messages for 90 days, to be furnished should the authorities ask.
Wilting under the force of public ire, the department of electronics and information technology (Deity), which issued the draft, clarified early Tuesday morning that “mass-use products and social media applications”, like WhatsApp and Facebook, were exempt. Later that day, when this concession failed to dampen the furore, Minister for Communications and Information Technology Ravi Shankar Prasad announced that the government was revoking the draft policy so it could be “reworded”, blaming a “scientist” employed by Deity for the “misconceptions”.
In internet-speak, the entire episode was an epic fail. First, Deity released an under-researched and potentially embarrassing document days before Prime Minister Narendra Modi’s much-publicised visit to Silicon Valley — the hub of technological innovation and activity — where, among other engagements, he is due to hold a townhall-style Q&A at Facebook HQ (which also owns WhatsApp).
Second, the minister cannot absolve himself of responsibility for the mess by pointing the finger at a nameless subordinate. Instead of owning up to the misjudgement displayed by his ministry, Prasad sought to divert attention to an expert panel constituted by Deity that, he says, made these recommendations.
Sadly, internet governance across governments has been characterised by similarly shambolic and arguably uninformed policymaking. The UPA shepherded the notorious (and now defunct) Section 66A of the IT (Amendment) Act, 2008 through Parliament, while the NDA earlier this year encountered fierce resistance to yet another ill-conceived draft policy, this time on net neutrality, that forced it back to the drawing board. In several of these cases, the government has simply failed to consider the probably unintended ramifications of its proposals.
Yet, even accounting for the challenge of governing the still-uncharted territory of cyberspace, these missteps suggest a worrying inability to exercise restraint, or protect the interests of private citizens. With the ambiguously phrased draft encryption policy, for instance, the government appears to have tried to give itself the keys to the decryption codes of vendors, opening itself up to accusations of mass surveillance and snooping, particularly in a post-Edward Snowden era. It is no one’s case that India should not have an encryption policy to secure internet communications and transactions, or that the government’s goal of accessing information to investigate threats to national security is unwarranted. But its track record invites suspicion — which it could address, at least partially, by bringing a legal right to privacy.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines
- The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.