HUMAN RIGHTS HAVE ALWAYS BEEN NEGLECTED AND BLATANTLY VIOLATED ALL OVER THE WORLD. THESE HUMAN RIGHTS (HR) AND FUNDAMENTAL RIGHTS (FR) HAVE NOW TAKEN AN ALTOGETHER DIFFERENT SHAPE IN THE INFORMATION AND COMMUNICATION TECHNOLOGY (ICT) DRIVEN WORLD. THE NATIONS ARE INCREASINGLY BECOMING “POLICE STATES” AND “ENDEMIC SURVEILLANCE SOCIETIES”. THE VICES OF ILLEGAL E-SURVEILLANCE, PRIVACY VIOLATIONS, HUMAN RIGHTS VIOLATIONS, FUNDAMENTAL RIGHTS VIOLATIONS, ETC ARE BECOMING COMMON AND WIDELY SPREAD ALL OVER THE WORLD. THIS PLATFORM IS TRYING TO PROVIDE “TECHNO-LEGAL REMEDIES” TO NETIZENS SO THAT THEY MAY PROTECT THEMSELVES FROM THE “OVER ZEALOUS AND OVER CAUTIOUS STATE ACTIONS” THAT ARE BY THEIR VERY NATURE ILLEGAL, UNCONSTITUTIONAL AND INHUMAN.

Monday, January 25, 2010

Electronic Surveillance And Encryption Standards In India

E-Surveillance of Internet communications is not a new concept as it has been happening for many years in the intelligence agencies circles world wide. It also adversely effects "Human Rights in Cyberspace". However, now even others are using “sniffers” and other tools to gather information and communications happening between the sender and the recipient. The same is possible because of non-use of strong encryption techniques while communicating. India is insisting upon weak encryption standards and usage on the recommendations of intelligence and security agencies. This would not deter the criminals and terrorists to use the same but would make the online transactions of law abiding citizens vulnerable to eavesdropping and sniffing activities.

Electronic surveillance has been in place for long. Internet communications are sniffed by not only law enforcement agencies and intelligence agencies but also by cyber criminals. Now even terrorists are using technology for their nefarious activities.

Recent news has revealed that some unknown Pakistani hackers had intercepted an official email communication between J&K Police’s intelligence chief and the J&K Chief Minister. However, it is claimed that the intercepted email did not carry “sensitive information”. As per a senior police officer this is normal as both sides do it.

Omar Abdullah, Chief Minister J&K, has been encouraging use of Information and Communication Technology (ICT) for government functions. He has been seeking police reports and daily confidential police bulletins through e-mails instead of traditional mailing system.

According to Mr. Praveen Dalal, Managing Partner of Perry4Law and the leading Techno-Legal Expert of India, “Electronic communications sniffing is a very effective mechanism to steal e-mail passwords and confidential information. The same happens if the sniffer is at the same network in case of wired networks or through airwaves if he is targeting the wireless networks”.

To avoid the interception of the email communication by the security agencies, terrorists are not communicating between two email addresses but use a single address with several people knowing the password. The militant then save the document in the draft folder which could be subsequently read by his companions.

Similarly, security agencies are also adopting various methods to keep their e-communications safe and secure. This tussle between the terrorists and security agencies would further increase in the distant future and India should be well prepared to deal with the same.

India must also ensure that encryption standards are suitably regulated through a good and strong cyber law so that security and law enforcement requirements can be reconciled, opined Praveen Dalal. Presently, India is confused regarding the same and trying to stifle the same as much a possible. Indian authorities are insisting upon 40 bits encryption for long whereas anything below 128-bit encryption is equivalent to no encryption at all.

An enhanced encryption use would not only strengthen public trust in online transactions but also would prevent unauthorised e-surveillance by the State. However, Indian Department of Telecommunications has not been uniform in its stand against encryption standards in the Blackberry services in India. The security agencies of India are insisting upon weak encryption standards in India so that they can monitor the electronic communications of Indian citizens and others. This is resulting in an enhanced and unregulated electronic communications sniffing in India. India must change its attitude in this regard as this approach would bring more troubles than benefits.

AUTHOR: TECHTALK