Donate
Strong Encryption Is Central to Good Security – India’s Proposed Intermediary Rules Puts It at Risk Thumbnail
‹ Back
Encryption 9 January 2020

Strong Encryption Is Central to Good Security – India’s Proposed Intermediary Rules Puts It at Risk

Ryan Polk
By Ryan PolkSenior Policy Advisor

Security and encryption experts from around the world are calling on the Indian Ministry of Electronics and Information Technology (MeiTy) to reconsider proposed amendments to intermediary liability rules that could weaken security and limit the use of strong encryption on the Internet. Coordinated by the Internet Society, nearly thirty computer security and cryptography experts from around the world signed “Open Letter: Concerns with Amendments to India’s Information Technology (Intermediaries Guidelines) Rules under the Information Technology Act.”

MeiTy is revising proposed amendments to the Information Technology (Intermediaries Guidelines) Rules. The proposed amendments would require intermediaries, like content platforms, Internet service providers, cybercafés, and others, to abide by strict, onerous requirements in order to not be held liable for the content sent or posted by their users. Freedom from intermediary liability is an important aspect of communications over the Internet. Without it, people cannot build and maintain platforms and services that have the ability to easily handle to billions of people.

The letter highlights concerns with these new rules, specifically requirements that intermediaries monitor and filter their users’ content. As these security experts state, “by tying intermediaries’ protection from liability to their ability to monitor communications being sent across their platforms or systems, the amendments would limit the use of end-to-end encryption and encourage others to weaken existing security measures.”

End-to-end encryption is one of the strongest tools for digital security online. With end-to-end encryption, only the sender and intended recipients have access to unencrypted content, providing trustworthy confidentiality and integrity to their communications. As the threats to computerized and networked technologies increase, confidentiality and integrity is critical. Since no third party, including the platform provider, has access to user content in an end-to-end encrypted system, content monitoring or filtering is impossible. As the letter notes, “There is no way to create ‘exceptional access’ for some without weakening the security of the system for all.”

Whether intended to filter online misinformation or to provide access for law enforcement purposes, laws or policies like those being proposed in India would make the Internet less safe, unintentionally allowing access to online communications to malicious hackers and criminals.

It is imperative that digital security not be undermined for hundreds of millions of people in an effort to force blanket data retention and network observability. Digital security is the foundation of our connected economies and societies. It is up to governments to make the right decision and support strong digital security, and it is up to all of us to hold them to account.


Image: Guna city, India. © Atul Loke/Panos for Internet Society

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Making Intermediaries Liable for Encrypted Content Breaks Trust and Security
Making Intermediaries Liable for Encrypted Content Breaks Trust and Security
Encryption4 June 2020

Making Intermediaries Liable for Encrypted Content Breaks Trust and Security

In December 2018, the Indian Ministry of Electronics & Information Technology (MeitY) proposed a significant change to its intermediary rules....

Internet Society Delhi Chapter and CCAOI Organize Webinar on India's Draft Intermediary Rules
Internet Society Delhi Chapter and CCAOI Organize Webinar on India's Draft Intermediary Rules
Encryption17 January 2019

Internet Society Delhi Chapter and CCAOI Organize Webinar on India’s Draft Intermediary Rules

On 10 January, the Internet Society Delhi Chapter and CCAOI jointly organised an interactive webinar on the draft Information Technology [Intermediary Guidelines (Amendment)...

In India, Days Left to Comment on Rules That Could Impact Your Privacy
In India, Days Left to Comment on Rules That Could Impact Your Privacy
Encryption28 January 2019

In India, Days Left to Comment on Rules That Could Impact Your Privacy

The public has until 31 January to comment on a draft set of rules in India that could result in...

Join the conversation with Internet Society members around the world