India’s National Encryption Policy poses threat to country’s security, puts user privacy in danger

New Delhi: A lot of controversies seem to be arising out of DeitY’s (Department of Electronics & Information Technology) recently introduced draft about National Encryption policy on their website.

As per the concerned department, this policy will activate a highly secure environment where web-based information and transactions for personal or business or governmental use will be all secured.

The DeitY held this step to be of utmost necessity for the web-based services are progressing rapidly and protecting privacy in such a situation is extremely crucial.

But sadly, the internet experts as well as online activists condemn this policy called Encryption Policy and claim that the government needs to re-think about it as it is unfair to open up the access to users’ personal information, liable to be misused, by law administering agencies.

The experts are of the opinion that the policy apparently seems to be welcoming, but the current form of its document will produce only hazardous results hampering the overall research and development in encryption field.

According to them, the worst part of this policy stays the storing of personalized data of users for as many as 3 months that would be available and accessible to law administrators who can access it anytime.

Pranesh Prakash, the policy director at CIS, criticizes this policy saying that it should aim at propagating national security as well as augmenting informational confidentiality without privileging any such agencies. There are many sensitive departments that cannot afford to expose the data to anyone.

Going with his words, he does not find it relevant enough to keep to keep the emails in plain text form instead of keeping them in encrypted form as usual.

The policy will only open the mischievous doors to hackers as well as other foreign firms to keep track of what our government and Indian citizens are up to.

Cyber Initiative head, Arun Mohan Sukumar appreciated government for realizing the need to protect communications setup from scammers and online intruders finally. But this step of coming up with such a policy, as per him, will not do much good but would rather trick cyber security research work.

Other critiques note that this policy with such rules, appearing to regulate encryption, will only hold back Indian developers from using it. And the less usage of encryption will make the communications of Indians insecure.

The Department of Electronics and Information Technology feels quite optimistic about their policy. According to it, the research and development in cryptography field will be enhanced.

It has released a mail id,, and invited the general public to post their comments via mail over this policy, which can be done by people till 16th Oct.