NEW DELHI, September 22: The draft policy that was put up on the website of Department of Electronics and Information Technology (DeitY) yesterday meant that the government could access all encrypted information stored on computer servers in India, including personal e-mails, messages or even data.
The draft policy wanted users to store all encrypted communication for at least 90 days and make them available to security agencies, if required, in text form.
The move was criticised on the Internet, with many expressing fears that law enforcement agencies with easy access to encrypted information could easily compromise security and privacy.
Defending the decision, Prasad said the government under the leadership of Prime Minister Narendra Modi has promoted social media activism.
"The right of articulation and freedom we fully respect, but at the same time, we need to acknowledge that cyber space transaction is rising enormously for individuals, businesses, the government and companies," he said.
The Minister, however, maintained that there is a need for an encryption policy which would apply to those who are involved in encrypting a messaging product "for a variety of reasons".
"I wish to make it very clear that there are two issues.
One, creation of encryption. Many companies send messages in an encrypted form. Other is those who are consumers of applications like WhatsApp, social media and other platforms available in the cyber domain.
"The purpose of this encryption policy relates only and only to those who encrypt. This has to be made very clear. As far as ordinary consumers of applications are concerned, they do not fall in this domain. Because (for) those who encrypt, for a variety of reasons, there has to be a policy regulating the manner of their encryption," he said.
Prasad said while the government supports freedom on social media, "some sort of encryption policy is being followed all over the world, particularly in free democratic societies".
Stating that there are obvious concerns of security, he said, "We in India are lacking any sound policy on encryption.
A proper expert committee recommended, within the ambit of the Information Technology Act, that we need to have a proper encryption policy."
