Slashdot Mirror

← Back to Stories (view on slashdot.org)

Under Public Pressure, India Withdraws Draft Encryption Policy

Posted by timothy on from the rewording-furiously dept.

An anonymous reader writes: The government of India withdrew its draft policy on encryption owing to public responses just a day after releasing the document. The Communications and Information Technology minister Ravi Shankar Prasad said — "I read the draft. I understand that the manner in which it is written can lead to misconceptions. I have asked for the draft policy to be withdrawn and reworded." While it is encouraging that the government recognized it mistake and withdrew, many fear that this is part of a larger problem when it comes to this government taking technology policy decisions. Recently, the government was in the dock for its lack of clarity on Net Neutrality.

13 of 35 comments (clear)

  1. Do the needful by xxxJonBoyxxx · · Score: 3, Informative

    They yanked the link posted yesterday, but how's this for a pretentious domain name?

    >> "DIETY.gov.in" - http://deity.gov.in/sites/uplo...

    1. Re:Do the needful by PPH · · Score: 2

      DIETY

      Someone inside the NSA is kicking himself for having missed out on this acronym.

      --
      Have gnu, will travel.
    2. Re:Do the needful by cloud.pt · · Score: 2

      If you believe diets are simple, I want you to tech me how to be able to stick to them easily :D

  2. Translation by sjbe · · Score: 5, Insightful

    "I read the draft. I understand that the manner in which it is written can lead to misconceptions. I have asked for the draft policy to be withdrawn and reworded." .

    Translation: "This was a blatant power grab and we got caught. I have asked for it to be reworded so that people won't notice the problem next time."

  3. We didn't misunderstand by Enigma2175 · · Score: 3, Insightful

    Oh, it's not "yeah, this proposal a horrible thing, we shouldn't have thought that this was a good idea", it's "You misunderstood what we are trying to do, we will do it again with more obfuscated language this time". No, we fucking didn't misunderstand. Your stupid proposal makes a nationwide backdoor into anything encrypted. If this were to actually happen, it would certainly be abused - India's government is notoriously corrupt. The Indian people need to tell their government in no uncertain terms that this is unacceptable.

    --

    Enigma

  4. Misconceptions? by sims+2 · · Score: 3, Informative

    What misconceptions? It seemed to be a pretty clear F U to anyone that might use encrypted communications as part of standard business practices.

    --
    Minimum threshold fixed. Thanks!
  5. Wouldn't just be abused by governments by sjbe · · Score: 3

    If this were to actually happen, it would certainly be abused - India's government is notoriously corrupt.

    It wouldn't just be abused by the government. Backdoors cannot be restricted to just the groups you intend - i.e. just the "good guys". It's simply not possible. Governments find this fact to be highly inconvenient and keep trying to find some way to weasel around it. This is just one of the more blatant attempts at weaseling.

    1. Re:Wouldn't just be abused by governments by gstoddart · · Score: 2

      Which is why governments do stupid stuff like this they demonstrate they're clueless idiots who don't understand the technology -- essentially they don't understand, or don't care that such a backdoor undermines the entire thing.

      As long as they get what they want, they simply don't give a damn.

      --
      Lost at C:>. Found at C.
  6. Nope by sexconker · · Score: 5, Insightful

    It wasn't public pressure.
    It was the realization that all the American companies that offshore tech work to India would have to offshore to somewhere else instead.

    1. Re:Nope by cbhacking · · Score: 2

      That... that is actually a really good point. For all the talk about NSA backdoors, the tech giants of the US have, for the most part, resisted government backdoors. They are probably even less happy with allowing foreign government backdoors, which means having India-based workers would become very difficult. That's a *lot* of money (taxes, for the government) lost, and a lot of ill will from the populace.

      --
      There's no place I could be, since I've found Serenity...
    2. Re:Nope by afidel · · Score: 3, Interesting

      Exactly, here is the email I sent yesterday:

      Dear Mr. Krishnan,

      I am writing you in response to the draft National Encryption Policy recently released by your department. As an IT professional responsible for the security of my companies systems and data I feel I must write to inform you that these proposals are unacceptable to my organization. Should the proposed rules become law I will be forced to immediately terminate the access credentials of everyone who accesses our systems from the country of India. This will result in the loss of several hundred high paying jobs which we have outsourced to a company in your country. I feel that I am not alone in this stance and that you will find that there is a very real hit to your countries GDP as a large number of international companies pull access and contracts from suppliers in India as a result of these unconscionable rules. For the sake of the people of India I hope you reconsider your broad overreach in this area.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  7. Willful ignorance by sjbe · · Score: 2

    Which is why governments do stupid stuff like this they demonstrate they're clueless idiots who don't understand the technology

    Sometimes they are clueless but more often I think they understand just fine. Their "ignorance" is willful. They could easily reach out to parties that can explain the technology and the arguments for and against but they clearly are not doing this. So I think it's malicious instead of ignorant or if it is ignorant it is SO ignorant that there is effectively not difference.

    The police don't like encryption because it makes their job harder. They don't really care about the knock on effects. They only care about their ability to catch criminals and what politician wants to be against that? The politicians only care about staying in power. They don't really care about the knock on effects either so long as they don't affect their ability to stay in power. Easiest argument in the world for a politician to make is to be against criminals or terrorists. The collateral damage from their simplistic sound bite arguments gets brushed under the rug.

  8. selective enforcement ... by Ungrounded+Lightning · · Score: 3, Interesting

    I have never seen an example of the Indian state successfully enforcing anything....

    Selective enforcement is worse than no enforcement.

    Intermittent enforcement can give India all the downsides of the law without most of the (for them) benefits. The threat of occasional sporadic success, for instance, can cripple or kill outsourcing of anything with sensitive information to India, while the general failure of enforcement can still cause it to fail in its stated purpose of detecting planned attacks on the government and the like.

    As someone whose employment prospects and pay levels are severely impacted by outsourcing of technology work to India, it's tempting to cheer them on in re-wording and re-promulgating the regulation, and spiking the outsourcing. But that would probably just push the work to an even riskier to secrets country like China, rather than bring it to the US.

    Yes I know it's not a zero-sum game. But with the current US laws it's a massively sloped playing field, too.

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way