Strong Encryption Is Central to Good Security – India’s Proposed Intermediary Rules Puts It at Risk Thumbnail
Encryption 9 January 2020

Strong Encryption Is Central to Good Security – India’s Proposed Intermediary Rules Puts It at Risk

By Ryan PolkDirector, Internet Policy

Security and encryption experts from around the world are calling on the Indian Ministry of Electronics and Information Technology (MeiTy) to reconsider proposed amendments to intermediary liability rules that could weaken security and limit the use of strong encryption on the Internet. Coordinated by the Internet Society, nearly thirty computer security and cryptography experts from around the world signed “Open Letter: Concerns with Amendments to India’s Information Technology (Intermediaries Guidelines) Rules under the Information Technology Act.”

MeiTy is revising proposed amendments to the Information Technology (Intermediaries Guidelines) Rules. The proposed amendments would require intermediaries, like content platforms, Internet service providers, cybercafés, and others, to abide by strict, onerous requirements in order to not be held liable for the content sent or posted by their users. Freedom from intermediary liability is an important aspect of communications over the Internet. Without it, people cannot build and maintain platforms and services that have the ability to easily handle to billions of people.

The letter highlights concerns with these new rules, specifically requirements that intermediaries monitor and filter their users’ content. As these security experts state, “by tying intermediaries’ protection from liability to their ability to monitor communications being sent across their platforms or systems, the amendments would limit the use of end-to-end encryption and encourage others to weaken existing security measures.”

End-to-end encryption is one of the strongest tools for digital security online. With end-to-end encryption, only the sender and intended recipients have access to unencrypted content, providing trustworthy confidentiality and integrity to their communications. As the threats to computerized and networked technologies increase, confidentiality and integrity is critical. Since no third party, including the platform provider, has access to user content in an end-to-end encrypted system, content monitoring or filtering is impossible. As the letter notes, “There is no way to create ‘exceptional access’ for some without weakening the security of the system for all.”

Whether intended to filter online misinformation or to provide access for law enforcement purposes, laws or policies like those being proposed in India would make the Internet less safe, unintentionally allowing access to online communications to malicious hackers and criminals.

It is imperative that digital security not be undermined for hundreds of millions of people in an effort to force blanket data retention and network observability. Digital security is the foundation of our connected economies and societies. It is up to governments to make the right decision and support strong digital security, and it is up to all of us to hold them to account.

Image: Guna city, India. © Atul Loke/Panos for Internet Society

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Strengthening the Internet 12 March 2024

Nevada Wants to Reduce Online Protections for Children: All Internet Users Should Benefit from Strong Encryption

Protect children online by supporting end-to-end encryption in Facebook Messenger. Join us in the fight against weakening online protection...

Strengthening the Internet 31 January 2024

Keeping Kids Safe Online: Navigating the New Parents’ Guide to Encryption

Do you know how you're keeping your kids safe online? Using encryption, there are simple changes you can make...

Encryption 21 September 2023

Techxit: The UK Declares Its Exit from the High-Tech Startup World

No one in their right mind would now want to start up a high-tech company in the UK. With...