Internet Freedom Foundation Raises Alarm Over India’s Move For Backdoor Access To Encrypted Data

The Internet Freedom Foundation (IFF), an Indian digital rights advocacy group, has raised concerns over the government’s move to call on tech companies to allow backdoor access to encrypted communication, asking if such a statement was issued with legal consultation. 

The group has filed an RTI with the home ministry, external affairs ministry and IT ministry asking if any legal opinion was sought before becoming a signatory and whether the government plans to introduce any legislation pursuant to the becoming a signatory. IFF has raised concerns over India’s move to join five other countries, including the US, in urging tech companies to end encryption. 

This comes after the UK home department released a joint statement on October 11 which is signed by governments of Australia, Canada, India, Japan, New Zealand and the United States asking tech companies to work with governments and find solutions to ensure the safety of citizens, without eroding user privacy or cyber security. End-to-end encryption is used by many apps, including the likes of WhatsApp, to offer users a private and secure communication channel, where contents of the messages cannot be seen by any third-parties. 

“End-to-end encryption is implemented in a way that precludes all access to content, even to investigate the most serious crimes, including terrorism, and child sexual exploitation and abuse,” the document revealed. 

IFF had earlier criticised the government’s move to ban Chinese apps including TikTok, ShareIT, UC Browser, Helo and WeChat among others, which was said to be in order to safeguard Indian user data.

Why Cybersecurity Is Crucial For Indian Startups

Cybersecurity and local data storage are two major issues in the Indian tech industry with many questions of whether India can tap into its data economy without adequate privacy measures and steps to ensure security of data.

Last year, bike-sharing startup Bounce and Bengaluru-based edtech startup Vedantu reported vulnerabilities that resulted in user data being exposed. Besides incidents of data leaks, the Pegasus spyware controversy has also been a major point of contention. Journalists, lawyers, academics, writers and social activists were spied on by unknown entities through Facebook-owned WhatsApp thanks to Pegasus, which was created by Israel’s NSO Group. The spyware was allegedly also used to hack into Jeff Bezos’ phone by Saudi Arabia.

According to a Data Security Council of India (DSCI) report this year, India witnessed the second-highest number of cyber attacks in the world between 2016 and 2018. This comes at a time when digitisation of the Indian economy is predicted to result in a $435 Bn opportunity by 2025.

Additionally, a report by Cisco says that Indian organisations rely more on automation, machine learning and artificial intelligence for cybersecurity. It says that 75% of Indian organisations relied on automation, while over 60% depended on machine learning and artificial intelligence. The reason behind the trend was stated as a heavy workload for cybersecurity officers (CISOs) that makes it difficult for them to take on new responsibilities.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.