The government has now exempted WhatsApp, Facebook, Twitter, payment gateways, e-Commerce and password based transactions from the draft encryption policy after it was criticised by everyone.
The central government’s new draft encryption policy, making it mandatory to store data in plain text (unencrypted) format for 90 days, has neither been liked by online experts nor the public.
As a result the government has come out with new proposed addendum to the draft encryption policy, clarifying ‘encryption products’ have been exempted from the policy.
These products include the mass use encryption products, which are currently being used in web applications, social media sites and applications such as Whatsapp, Facebook, and Twitter. It also includes Secure Sockets Layer (SSL) or Transport Layer Security (TLS) encryption products being used in Internet-banking and payment gateways as directed by the Reserve Bank of India.
Moreover, the SSL/TLS encryption products being used for e-commerce and password based transactions are also being exempted.
Earlier, the government had released a draft National Encryption Policy document online, seeking methods of encryption of data and communications used by the government, businesses, and even citizens.
A Department of Electronics and Information Technology (DeitY) expert panel was set up to prepare the draft. According to it, encrypted messaging service on demand should reproduce same text in plain format before the law enforcement agencies whenever asked to. On failing to do so, the government can even take legal action as per the laws.
Data encryption means conversion of data into a form, called a cipher text, which helps avoid unauthorised access. Banks and e-Commerce sites use encryption to protect your financial and private data, online government sites and several other messaging platforms use encryption to protect your personal data and so on.
It would impact the way you use WhatsApp and Apple’s i-Message service since these use encryption for communication as well. Since the earlier draft also put the user in a position of responsibility, it could potentially have an effect on WhatsApp and other messaging services that use encryption. However, looks like the outcry has led the government to add the exemptions that include the social and messaging services.