Update : National Encryption Policy

National Encryption Policy paper has invited criticism from all medium has it had intended to secure and store information locally for 90 days which means your WhatsApp / Facebook messages could be read by local authorities and could delete it too as an extreme measure.  This could also mean that's it will be harm Individual Privacy.

However Government Of India and Deity has clarified that it will not include Social Networking & E commerce Sites under this preview.

Copy of First Draft Encryption Policy as below.

DRAFT NATIONAL ENCRYPTION POLICY

Under Section 84A of Information Technology Act, 2000 Rules are to be framed to prescribe modes or methods for encryption. In this regard, a draft National Encryption Policy as given
under has been formulated by an Expert Group setup by DeitY based on which the Ruleswould be framed. Comments from the public are invited on the draft Policy. You can sendyour comments by 16/10/2015 to Shri A. S. A. Krishnan, Scientist ‘G’, Department of
Electronics and Information Technology, Electronics Niketan, 6, CGO Complex, Lodhi Road, New Delhi: 110003, Email: akrishnan@deity.gov.in.

Preamble

Cryptography has emerged as a powerful tool that can help to assure the confidentiality,non-repudiability and integrity of information in transit and storage as well as to authenticate the
asserted identity of individuals and computer systems. Encryption technology was traditionally deployed most widely to protect the confidentiality of military and diplomatic communication.

With the advent of computer and Internet revolution and online applications as well as the recent innovations in the science of encryption, a new market for cryptographic products in E-commerce
& E-Governance civilian applications has rapidly developed. Communication and E-commerce applications such as electronic mail and electronic fund transfer, which require secure means of
communication, make extensive use of encryption for securing the information and authentication.

The recognition of the need to protect privacy and increase the security of the Internet and associated information systems have resulted in the development of policies that favour the spread of encryption worldwide. The Information Technology Act 2000 provides for prescribing modes or
methods for encryption (Section 84A) and for decryption (Section 69). Taking into account the need to protect information assets, international trends and concerns of national security, the cryptographic policy for domestic use supports the broad use of cryptography in ways that
facilitates individual / businesses privacy, international economic competitiveness in all sectors including Government.

This policy is not applicable to sensitive departments / agencies of the government designated for performing sensitive and strategic roles. This policy is applicable to all Central and
State Government Departments (including sensitive Departments / Agencies while performing non-
strategic & non-operational role), all statutory organizations, executive bodies, business and commercial establishments, including public sector undertakings and academic institutions and all citizens (including Personnel of Government / Business performing non-official / personal functions).

I. Vision

To enable information security environment and secure transactions in Cyber Space for individuals, businesses, Government including nationally critical information systems and
networks.

Read more and for source, click here

0 Comments