The encryption debate
The thing to appreciate most about the government’s draft encryption policy, brought forth with the ostensible goal of ensuring privacy and promoting Internet security, was the speed with which it was withdrawn. There was little in the draft that was true to the goal; the provisions, instead, had enough in them to harm the cause. Encryption, a process in which digital messages are scrambled so they can’t be accessed by anyone other than those they are meant for, is a means to ensure freedom of expression and to keep information secure in the digital world. The aliases one uses in the social media environment can be a fun way to keep casual users from identifying you. But that isn’t enough. The digital world also comprises criminals and terrorists, and repressive regimes. Some of them would not only want to know who you are and hack into your information and messages but also have the means to do so. Encryption keeps intruders at bay. So, on Monday when the draft was released, experts and netizens could quickly figure out that the provisions had the real potential to undermine encryption. One of the provisions sought to give the government access to encrypted data that rest with government departments (save the sensitive ones), corporates and individuals. Another provision required users to store all encrypted communications for a period of 90 days. The backlash had its effect; the draft was withdrawn the very next day.
Union Minister for Communications and Information Technology Ravi Shankar Prasad rightly and quickly chose to emphasise that it was “just a draft and not the view of the government”. But while the draft goes back to the drawing board, it is important to realise that any debate on encryption isn’t going to be easy and straightforward. Bigger battles await us. The world over, administrations have sought weaker encryption standards or backdoor access to Internet products. They present this as a public safety vs privacy issue. Administrations cite public safety as the reason for asking for encryption access. FBI Director James Comey even complained to U.S. lawmakers recently: “We cannot break strong encryption.” British Prime Minister David Cameron has already created a stir by calling for a ban on strong encryption. Granting governments the power to tap into every message and item of information and store them, will have the potential to make the system extremely vulnerable. David Kaye, UN Special Rapporteur on freedom of expression, wrote in a report in May: “It is a seemingly universal position among technologists that there is no special access that can be made available only to government authorities, even ones that, in principle, have the public interest in mind.” Access to encrypted data should, therefore, be provided as an exception, not as a rule.
