U-turns on net neutrality, porn ban and now the draft encryption policy. This is the third time in as many months that the Centre has had to take a step back in the face of a strong public outcry against ‘draft policies’ relating to technology and the digital consumer.
For a government that is committed to a Digital India and transformative powers of technology, the series of missteps point to something bigger — that of a disconnect between the stated objectives and visions of the prime minister or his government and what the bureaucratic machinery, or ‘expert committees’, are trotting out.
The products of two ‘expert committees’ under the ministry of IT/DoT — first on net neutrality and now this encryption — were incomprehensible and of poor quality. Worse, they were unimaginative and intrusive and contradicting Modi’s avowed position of empowered digital consumers. Same too was the comical response on child porn by the DoT.
In this case of encryption, it is accepted that regulating encryption and indeed the Dark Internet is an important policy objective for any government’s cybersecurity framework. But for it to suggest that every message a user sends — be it through WhatsApp, SMS, email or any such service — must be mandatorily stored in plain text format for 90 days and made available on demand to security agencies with failure to do so entailing legal action which included imprisonment — was head-shakingly outrageous.
Issues like privacy, net neutrality, and freedom of expression online and fettered rights of government to take down the Internet, etc, are all part of a matrix of consumer rights and expectations that make the building blocks of a successful Digital India. The government position on the issues of policy relating to the digital and technology space seems to be led more by courts and public outcries rather than being set politically by original and clearly thought through positions. The mandate for this government was to make a marked departure from the UPAs ‘control’ mindset to a more liberal consumer-oriented one.
This is also spotlighting the lack of capability within these government departments to deal with the sophisticated and complex issues relating to the fast- changing and disruptive technology space. While governments all over the world are dealing with similar challenges — they have also deployed best minds and leadership to evolve solutions — we seem to continue to rely on bureaucratic knowledge or lack thereof in addressing this complex world of technology.
The DoT, the Telecom Regulatory Authority of India (Trai) and, in this instance, the department of electronic and information technology (DeitY) don’t have the technical capacity to deal with issues relating to high-end technology, let alone going forward and proposing policies for governing them. In this case, for example, the draft policy on encryption put the onus on the citizens to store the encrypted information for 90 days and provide the verifiable plain text to law and enforcement agencies as and when required, and that only the government shall define the algorithms and key sizes for encryption in India. This is hardly a cutting-edge technology solution and instead smacks of lack of imagination and innovation, signalling the country’s security agencies’ inability to crack encryption as is done routinely by the security agencies in the West.
Capacity building in Trai, the DoT and DeitY are critical if we are not to look and act like amateurs in a world of professionals. There is a need for a realisation that the seemingly conflicting issues of national security and
consumer rights, and Internet freedom can co-exist if dealt with creatively and technology.
Rajeev Chandrasekhar is a technology entrepreneur and Rajya Sabha MP
The views expressed are personal