Inthe US, law enforcement and security agencies have raised privacy concerns with a new proposal for electronic eavesdropping powers to track terrorists and criminals and unscramble their encrypted messages.
But in India, government authorities are well beyond the proposal stage. Prompted by fears of digital-era plotters, officials are already demanding that network operators give them the ability to monitor and decrypt digital messages, whenever the Indian Ministry of Home Affairs deems the eavesdropping to be vital to national security.
Critics, though, say India’s campaign to monitor data transmission within its borders will hurt other important national goals: attracting global businesses and becoming a hub for technology innovation.
The most inflammatory part of the effort has been India’s threat to block encrypted BlackBerry services, widely used by corporations, unless phone companies provide access to the data in a readable format.
However, Indian officials have also said they will seek greater access to encrypted data sent over popular Internet services like Gmail, Skype and virtual private networks that enable users to bypass traditional telephone links or log in remotely to corporate computer systems.
Critics say such a threat could make foreigners think twice about doing business there. Especially vulnerable could be outsourcing for Western clients, like processing medical records or handling confidential research projects, information that is typically transmitted as encrypted data.
“If there is any risk to that data, those companies will look elsewhere,” said Peter Sutherland, a former Canadian ambassador to India who is now a consultant to North American companies doing business there.
S. Ramadorai, vice chairman of India’s largest outsourcing company, Tata Consultancy Services, echoed that sentiment in a newspaper column on Wednesday last week.
“Bans and calls for bans aren’t a solution,” he wrote. “They’ll disconnect India from the rest of the world.”
Few doubt that India has valid security concerns. In recent years, attacks against India have included the use of sophisticated communications technology — as when the terrorists who stormed Mumbai two years ago communicated with their Pakistani handlers by satellite phone and the Internet, or when Chinese hackers infiltrated India’s military computer networks this year.
But critics say that India’s security efforts, which they describe as clumsy, may do little to protect the country, even as they intrude on the privacy of companies and citizens alike.
“They will do damage by blocking highly visible systems like BlackBerry or Skype,” said Ajay Shah, a Mumbai-based economist who writes extensively about technology. “This will shift users to less visible and known platforms. Terrorists will make merry doing crypto anyway. A zillion tools for this are freely available.”
Senior Indian officials argue that they have no choice but to demand the data that could help thwart and investigate terrorist attacks.
“All communications which is done by Indians or coming to and fro into India — and where we have a concern about national security — we should have access to it,” said M Gopal Krishna Pillai, the secretary of India’s home ministry, which oversees domestic security.
During the Mumbai attacks, he said, officials could not gain access to some of the communications between the terrorists and their handlers.