NEW DELHI -- Swiftly responding to an online backlash over a policy, which allows the government to access all encrypted information on email, apps, websites and business servers, Union Information Technology Minister Ravi Shankar Prasad announced today that the Modi government had withdrawn a draft on encryption policy, and it will be released after being reworded.
At a press conference on Tuesday, Prasad told reporters that the draft, which had sparked a storm on the Internet, contained some expressions were causing misgivings, but this not yet the view of the government. The draft policy was open for public comments until October 16th.
"Our government supports the freedom of social media," he said. "That is just a draft and not the view of the government. I have noted the concern expressed by enlightened sections of the public."
The decision to withdraw the draft comes ahead of Prime Minister Narendra Modi's visit to the United States in which he will meet technology entrepreneurs at Silicon Valley, and join Mark Zuckerberg for a town hall-style Q-and-A session at the Facebook headquarters in Menlo Park, California.
The government's IT ministry had stoked controversy by mulling a law that--almost impossibly--encumbers every citizen to be accountable for all encrypted information that passes through their email, apps, websites and business servers.
Thus companies, especially those who host mail services, have to keep passwords to your email and similar services in a plain text form that can be easily accessed by law-enforcement agencies.
Following the backlash by cyber-law activists and experts, the Department of Electronics and Information Technology on exempted WhatsApp, Facebook and Twitter from the proposed encryption policy.
In a terse, three-paragraph clarification on Monday, the Department of Electronics and Information Technology has said that some of the "encryption products" were "exempt." These include:
1. The mass use encryption products, which are currently being used in web applications, social media sites, and social media applications such a Whatsapp,Facebook,Twitter etc.
2. SSL/TLS encryption products being used in Internet-banking and payment gateways as directed by the Reserve Bank of India
3. SSL/TLS encryption products being used for e-commerce and password based transactions.
While this covers the vast majority of internet transactions that India's 300-million strong netizenry engage in, it would still force businesses and enterprise applications to conform to prescribed encryption methods and is still silent on whether this can make online communication vulnerable to malicious cyber attacks.
While withdrawing the draft, Prasad said that all countries used some level of encryption.