The government said on Tuesday it will keep mass-use social media and web applications like WhatsApp, Twitter and Facebook out of the purview of a new policy that seeks to control secured online communication.
Secure banking transactions as well as password protected e-commerce businesses would also be kept out of the ambit of the proposed National Encryption Policy, it said.
The climb down by the government came following a storm on protests from users who objected to any stringent state controls on the way people use their emails, social media accounts and apps.
The government proposed an addendum to the draft document, saying: “By way of clarification, the following categories of encryption products are being exempted from the purview of the draft national encryption policy:
1) The mass use encryption products, which are currently being used in web applications, social media sites, and social media applications such as Whatsapp, Facebook, Twitter etc.
2) SSL/TLSencryption products being used in Internet-banking and payment gateways as directed by the Reserve Bank of India.
3) SSL/TLS encryption products being used fore-commerce and password based transactions.”
The draft National Encryption Policy on internet security also seeks to control the level of security online apps can build into their products and proposes that digital business save all information in plain text format for 90 days, potentially exposing such sensitive data to both government agencies as well as cyber attacks.
Experts told HT the draft, if implemented in its current form, could compromise the privacy of users and hamper the functioning of several multi-national service providers in India.