Indian Legislators Want The Government To Be Able To Intercept Encrypted Messages
from the residents-asked-to-pay-for-man-in-the-middle-attacks-against-them dept
India is still a democracy. Or so it pretends. But it’s becoming indistinguishable from autocratic regimes, like those found in some of its nearby neighbors, China, Turkey, and Pakistan.
Under Prime Minister Narendra Modi, India has become indistinguishable from dozens of other abusive regimes run by dictators, all while trying to uphold the pretense of democracy. Since Modi’s election in 2014, the government has endlessly sought ways to stifle dissent and monitor all local internet activity. The Indian government has taken legislative swipes against VPN providers, made third party platforms directly responsible for user-generated content, and leveraged fear-inducing (but poorly defined) terms like “terrorism” and “fake news” to propose and pass laws that expand already generous government snooping powers.
Despite its best efforts, the Indian government has been unable to outlaw device and communication encryption. But that hasn’t stopped it from trying. If the government can’t mandate backdoors, perhaps it can force providers of encrypted communication services to allow the government to BCC itself on communications it can’t force out the hands of those providing end-to-end encryption.
The government has proposed a law to bring under a legal framework the interception of over-the-top communication services (OTT), such as WhatsApp and Signal which are encrypted, according to the new draft telecommunications bill uploaded late on Wednesday.
Presumably, this will be justified with assertions about national security and fighting rampant crime and corruption. The ends are a subversion of encrypted communications under the assumption that those who utilize encryption are criminals or subversives who must be spied on to secure the nation and, perhaps most importantly, secure Modi’s position.
The government will decided who’s affected by this, no matter what the final language of the bill says. It is seeking public feedback on the bill, but history indicates the government won’t be dissuaded by commenters who think the government should not give itself this much power.
The legislation would not only target text messages, but also allow the government to piggyback on encrypted voice and video calls. This gives it an opportunity to listen in on communications made by people who’d rather not create a digital paper trail of text messages.
All the government would need to do is utter the magic words (“terrorism,” “fake news,” “public safety,” “misinformation,” “crime,” etc.) and encrypted services would be forced to become open books. Here’s the relevant language:
Under section 24 of the draft, the central and state government, or any officer specially authorised in this behalf by the central or a state government can “on the occurrence of any public emergency or in the interest of the public safety” — if it is satisfied that it is necessary or expedient to do so, in the interest of the sovereignty, integrity or security of India, friendly relations with foreign states, public order, or preventing incitement to an offence, for reasons to be recorded in writing, by order — direct that any message or class of messages, to or from any person or class of persons received by any telecommunication services… shall not be transmitted, or shall be intercepted or detained or disclosed to the officer mentioned in such order.
Governments — not the governed — have the power to decided what is “in the interest of public safety.” These two parties rarely see eye-to-eye. But only one of the parties has the power to decrypt communications. The Modi government — and legislators who prefer fealty to serving the public — are hoping this is what the future holds: a country where encryption no longer matters because the government has the power to insert itself into conversations between citizens. Vague language will permit the intrusion. The occasional recovery of something incriminating will be endlessly touted as justification for the law’s existence. And if this means providers of encrypted communications are no longer willing to offer their services in India, it will give the government what it wants, without all the hassle of prosecuting entities that refuse to subject their users to government eavesdropping.
Filed Under: backdoors, encrypted messaging, encryption, india
Comments on “Indian Legislators Want The Government To Be Able To Intercept Encrypted Messages”
The tighter the government tries to grip the population, the more likely that there will be riots and terrorist attacks
Personally I don’t have an issue with the Indian government being BCC’d on all my encrypted messages.
I presume that includes every encrypted packet I send that uses TLS? Because they’re welcome to all my E2E encrypted traffic, assuming it’s properly secured. I’d love them to receive not just mine, but that of every other TLS session worldwide.
But I hope they’re not planning to tax the Indian people to build a new data capture and storage warehouse once the existing one is melted to a pile of unusable slag by the sheer volume of random data it’ll be processing.
“Indian Legislators Want The Government To Be Able To Intercept Encrypted Messages” ?
If the Indian Legislators Want The Government To Be Able To Intercept their Encrypted Messages then just give the Government their encryption details ! It is not rocket science.
Re:
The cynic in me says what they really want this access for is so they can seize all the money scammer call centers make and pocket it for themselves…plus they’ll have all the financial details the scammers have on their victims so an unscrupulous official down the road could rip the victims off again.
Hmmm...
So how is that supposed to work with end-to-end encrypted messengers…? Especially the quasi-serverless ones, that don’t even have a “presence” in the country…?
So? USA does IT and why can’t anyone else? Patent?