<p dir="ltr">Beautiful news Mishi!</p>
<p dir="ltr">Excellent development. This news must be publicised as far and wide possible so if there are other authorities thinking on the same lines should refrain from it.</p>
<p dir="ltr">Best wishes<br>
Shahzad</p>
<div class="gmail_quote">On 22 Sep 2015 20:03, "Mishi Choudhary" <<a href="mailto:mishi@softwarefreedom.org">mishi@softwarefreedom.org</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Post a public outcry, DEITY has withdrawn this policy.<br>
<br>
On 09/21/2015 03:46 PM, Raman Jit Singh Chima wrote:<br>
> Happy to add a few brief notes on the background to this if it is helpful:<br>
><br>
><br>
> - The Indian Govt has had encryption policy discussions ongoing for<br>
> about a decade. Pre-existing telecom sector regulation placed a limit of 40<br>
> bits on the encryption that could be deployed by ISPs or telcos on their<br>
> networks, though that arguably applied only to them directly and was<br>
> unclear as to how it affected third parties<br>
> - A provision in the Information Technology Act (Section 69) allowed the<br>
> Union Government to issue orders forcing decryption of data in addition to<br>
> allowing for interception requests. When the Information Technology Act was<br>
> amended in 2008, another provision was added (Section 84A) which allowed<br>
> the Union Government to specify "modes or methods for encryption" by<br>
> executive rule-making. The text of the provision said that this was<br>
> supposed to be for "secure use of the electronic medium and for promotion<br>
> of e-governance and e-commerce". The internal political context for this<br>
> included strong political pressure from law enforcement and the security<br>
> establishment, who raised concerns about not being able to intercept<br>
> encrypted communications<br>
> - No rules for the above provision was publicly brought up from 2008<br>
> until now, though there have been regular internal discussions - mostly<br>
> with industry and intergovernmental consultation<br>
><br>
><br>
> Additionally - perhaps in response to the initial negative reaction in the<br>
> press - the Indian Dept. of Electronics and IT released an addendum document<br>
> <<a href="http://deity.gov.in/sites/upload_files/dit/files/Addendum%20-%20NEP-1_0.pdf" rel="noreferrer" target="_blank">http://deity.gov.in/sites/upload_files/dit/files/Addendum%20-%20NEP-1_0.pdf</a>><br>
> today. It essentially appears to be trying to suggest that the draft rules<br>
> could exempt "mass use encryption products" along with SSL/TLS products<br>
> used for Internet banking (though only those specified by the Reserve Bank<br>
> of India) or for e-Commerce passwords.<br>
><br>
> Sincerely,<br>
> Raman.<br>
><br>
> On 22 September 2015 at 01:12, Mishi Choudhary <<a href="mailto:mishi@softwarefreedom.org">mishi@softwarefreedom.org</a>><br>
> wrote:<br>
><br>
>> Hi Carol,<br>
>><br>
>> Thanks for highlighting this. Its a draft National Encryption Policy<br>
>> and public comments are invited by October 16, 2015. Comments are to be<br>
>> emailed to Mr A,S.A. Krishnan, <a href="mailto:akrishnan@deity.gov.in">akrishnan@deity.gov.in</a><br>
>><br>
>> The key highlights of the policy are :<br>
>><br>
>><br>
>> 1. A stipulation that businesses and citizens are to maintain plain text<br>
>> (unencrypted) copies of encrypted content for a period of 90 days, to be<br>
>> made available to Law Enforcement Agencies (LEAs) when so directed under<br>
>> law.<br>
>><br>
>> 2. Vendors of encryption products are required to register their<br>
>> products with the Government as a pre-condition to conducting business<br>
>> in India. They are also expected to re-register their products with<br>
>> every update. This requirement is not limited to vendors of dedicated<br>
>> encryption products, and seemingly includes even products that use<br>
>> encryption in the course of providing a larger service such as messaging<br>
>> or e-commerce. (Service Providers located within and<br>
>> outside India, using Encryption technology for providing any type of<br>
>> services in India must enter into an agreement with the Government<br>
>> for providing such services in India).<br>
>><br>
>> 3. Encryption algorithms and key sizes shall be prescribed<br>
>> by the Government through Notifications from time to time.<br>
>><br>
>><br>
>> On 09/21/2015 03:33 PM, Carolina Rossini wrote:<br>
>>> Hi folks, I feel this could be a good topic for a coalition response<br>
>> through the BB platform. Can the folks for India give some context to the<br>
>> folks in this list? Let us know if such an action would be helpful.<br>
>>><br>
>>> Carol<br>
>>><br>
>>> Sent from my iPhone<br>
>>><br>
>>>> On Sep 21, 2015, at 2:24 PM, Mishi Choudhary <<a href="mailto:mishi@softwarefreedom.org">mishi@softwarefreedom.org</a>><br>
>> wrote:<br>
>>>><br>
>>>> Worrisome development from India through this encryption policy<br>
>>>><br>
>>>><br>
>>>><br>
>> <a href="http://deity.gov.in/sites/upload_files/dit/files/draft%20Encryption%20Policyv1.pdf" rel="noreferrer" target="_blank">http://deity.gov.in/sites/upload_files/dit/files/draft%20Encryption%20Policyv1.pdf</a><br>
>>>><br>
>>>> --<br>
>>>> Warm Regards<br>
>>>> Mishi Choudhary, Esq.<br>
>>>> Legal Director<br>
>>>> Software Freedom Law Center<br>
>>>> 1995 Broadway Floor 17<br>
>>>> New York, NY-10023<br>
>>>> (tel) <a href="tel:212-461-1912" value="+12124611912">212-461-1912</a><br>
>>>> (fax) <a href="tel:212-580-0898" value="+12125800898">212-580-0898</a><br>
>>>> <a href="http://www.softwarefreedom.org" rel="noreferrer" target="_blank">www.softwarefreedom.org</a><br>
>>>><br>
>>>><br>
>>>> Executive Director<br>
>>>> <a href="http://SFLC.IN" rel="noreferrer" target="_blank">SFLC.IN</a><br>
>>>> K-9, Second Floor<br>
>>>> Jangpura Extn.<br>
>>>> New Delhi-110014<br>
>>>> (tel) <a href="tel:%2B91-11-43587126" value="+911143587126">+91-11-43587126</a><br>
>>>> (fax) <a href="tel:%2B91-11-24323530" value="+911124323530">+91-11-24323530</a><br>
>>>> <a href="http://www.sflc.in" rel="noreferrer" target="_blank">www.sflc.in</a><br>
>>>><br>
>>>> ____________________________________________________________<br>
>>>> You received this message as a subscriber on the list:<br>
>>>> <a href="mailto:bestbits@lists.bestbits.net">bestbits@lists.bestbits.net</a>.<br>
>>>> To unsubscribe or change your settings, visit:<br>
>>>> <a href="http://lists.bestbits.net/wws/info/bestbits" rel="noreferrer" target="_blank">http://lists.bestbits.net/wws/info/bestbits</a><br>
>>>><br>
>>>><br>
>>>> ____________________________________________________________<br>
>>>> You received this message as a subscriber on the list:<br>
>>>> <a href="mailto:bestbits@lists.bestbits.net">bestbits@lists.bestbits.net</a>.<br>
>>>> To unsubscribe or change your settings, visit:<br>
>>>> <a href="http://lists.bestbits.net/wws/info/bestbits" rel="noreferrer" target="_blank">http://lists.bestbits.net/wws/info/bestbits</a><br>
>><br>
>> --<br>
>> Warm Regards<br>
>> Mishi Choudhary, Esq.<br>
>> Legal Director<br>
>> Software Freedom Law Center<br>
>> 1995 Broadway Floor 17<br>
>> New York, NY-10023<br>
>> (tel) <a href="tel:212-461-1912" value="+12124611912">212-461-1912</a><br>
>> (fax) <a href="tel:212-580-0898" value="+12125800898">212-580-0898</a><br>
>> <a href="http://www.softwarefreedom.org" rel="noreferrer" target="_blank">www.softwarefreedom.org</a><br>
>><br>
>><br>
>> Executive Director<br>
>> <a href="http://SFLC.IN" rel="noreferrer" target="_blank">SFLC.IN</a><br>
>> K-9, Second Floor<br>
>> Jangpura Extn.<br>
>> New Delhi-110014<br>
>> (tel) <a href="tel:%2B91-11-43587126" value="+911143587126">+91-11-43587126</a><br>
>> (fax) <a href="tel:%2B91-11-24323530" value="+911124323530">+91-11-24323530</a><br>
>> <a href="http://www.sflc.in" rel="noreferrer" target="_blank">www.sflc.in</a><br>
>><br>
>><br>
>> ____________________________________________________________<br>
>> You received this message as a subscriber on the list:<br>
>> <a href="mailto:bestbits@lists.bestbits.net">bestbits@lists.bestbits.net</a>.<br>
>> To unsubscribe or change your settings, visit:<br>
>> <a href="http://lists.bestbits.net/wws/info/bestbits" rel="noreferrer" target="_blank">http://lists.bestbits.net/wws/info/bestbits</a><br>
>><br>
><br>
><br>
><br>
<br>
--<br>
Warm Regards<br>
Mishi Choudhary, Esq.<br>
Legal Director<br>
Software Freedom Law Center<br>
1995 Broadway Floor 17<br>
New York, NY-10023<br>
(tel) <a href="tel:212-461-1912" value="+12124611912">212-461-1912</a><br>
(fax) <a href="tel:212-580-0898" value="+12125800898">212-580-0898</a><br>
<a href="http://www.softwarefreedom.org" rel="noreferrer" target="_blank">www.softwarefreedom.org</a><br>
<br>
<br>
Executive Director<br>
<a href="http://SFLC.IN" rel="noreferrer" target="_blank">SFLC.IN</a><br>
K-9, Second Floor<br>
Jangpura Extn.<br>
New Delhi-110014<br>
(tel) <a href="tel:%2B91-11-43587126" value="+911143587126">+91-11-43587126</a><br>
(fax) <a href="tel:%2B91-11-24323530" value="+911124323530">+91-11-24323530</a><br>
<a href="http://www.sflc.in" rel="noreferrer" target="_blank">www.sflc.in</a><br>
<br>
<br>____________________________________________________________<br>
You received this message as a subscriber on the list:<br>
<a href="mailto:bestbits@lists.bestbits.net">bestbits@lists.bestbits.net</a>.<br>
To unsubscribe or change your settings, visit:<br>
<a href="http://lists.bestbits.net/wws/info/bestbits" rel="noreferrer" target="_blank">http://lists.bestbits.net/wws/info/bestbits</a><br></blockquote></div>