The objection of masses over the Union Government’s new draft of Encryption Policy, which mandates users to store data in plain text for 90 days. The government has now exempted social sites and Apps like WhatsApp, Facebook and Gmail from the policy.
A new proposed addition to the draft encryption policy clears up that, social media sites like WhatsApp, Twitter, payment Gateways , E-commerce and password based transaction are exempted from the list of ‘encryption products’.
These categories of Encryption products are exempted from the policy:
- The encryption products used by the masses, which include web based application, social media sites, social media applications such as WhatsApp, Twitter, Facebook, Viber, etc.
- SSL/TLS encryption products used in Internet banking and payment gateways as directed by Reserve Bank of India.
- SSL/TLS encryption products used by e-commerce websites along with password based transaction.
The central government has let-off a draft National Encryption Policy online in document, seeking methods of data encryption of data and communication used by the government, businesses and general public.
The Department of Electronics and Information Technology (DeitY) has been appointed to prepare a draft. A previous draft stated that encrypted messaging service on demand should reproduce messages in plain text before law enforcement agencies. On failing to do so, will be entitled of a legal action as per laws.
Encryption means switching of data in a form, which is called ciphertext – ensuring unauthorized access to private data of individual or party. Banks and E-commerce websites use encryption to protect financial and private data, while messaging applications uses it to safeguard personal information of users.
However, when the outline of draft was made public, it received huge criticism and hatred on social media. The outcry of masses was well received by the Government, which resulted in exemption of these messaging platforms and payment gateways from Encryption policy.
Overall, expecting everyone to store encrypted data in a plain text for 90 days is absolutely unpractical unreasonable at the same time dodgy.
One can send his/her opinion over the draft to akrishnan@deity.gov.in till 16th October.
