In an extremely controversial policy decision, Indian government is considering making it mandatory for the WhatsApp users to store their messages for at least 90 days.
Every message that is sent, through email, Whatsapp or SMS, should be stored in plain text format for 90 days from the date of transaction and should be made available to the law enforcement agencies on demand, says a draft National Encryption Policy.
The mission of the policy is to provide confidentiality of information in cyber space for individuals, protection of sensitive or proprietary information for individuals and businesses, ensuring continuing reliability and integrity of nationally critical information systems and networks, it said.
“Users or organizations within B group (that is business to business sector) may use encryption for storage and communication. Encryption algorithms and key sizes shall be prescribed by the government through notifications from time to time,” the draft said.
“On demand, the user shall be able to reproduce the same plain text and encrypted text pairs using the software or hardware used to produce the encrypted text from the given plain text. Such plain text information shall be stored by the user or organization or agency for 90 days from the date of transaction and made available to law enforcement agencies as and when demanded in line with the provisions of the laws of the country.”
The move has already evoked angry reactions from social media users and civil rights activists.
Eminent Supreme Court lawyer Prashant Bhushan said;
Govt's encryption policy confirms the CMS system it is putting in place to monitor all our communications. Big brother will be watching you!
— Prashant Bhushan (@pbhushan1) September 21, 2015
Hashtag #ModiDontreadmywhatsApp was a top national trend on twitter with an overwhelming majority of twitter users reacting very angrily to this proposed move.
According to government, ‘the objectives of the draft policy is to synchronize with the emerging global digital economy, network society and use of encryption for ensuring the security, confidentiality of data and to protect privacy in information and communication infrastructure without unduly affecting public safety and national security.’
The draft proposes to introduce the New Encryption Policy under section 84A of Information Technology Act 2000.
The last date for public to comment on the draft is October 16.