Skip to main content

Over two dozen encryption experts call on India to rethink changes to its intermediary liability rules

Security and encryption experts from around the world are joining a number of organizations to call on India to reconsider its proposed amendments to local intermediary liability rules.

In an open letter to India’s IT Minister Ravi Shankar Prasad on Thursday, 27 security and cryptography experts warned the Indian government that if it goes ahead with its originally proposed changes to the law, it could weaken security and limit the use of strong encryption on the internet.

The Indian government proposed (PDF) a series of changes to its intermediary liability rules in late December 2018 that, if enforced, would require millions of services operated by anyone from small and medium businesses to large corporate giants such as Facebook and Google to make significant changes.

The originally proposed rules say that intermediaries — which the government defines as those services that facilitate communication between two or more users and have five million or more users in India — will have to proactively monitor and filter their users’ content and be able to trace the originator of questionable content to avoid assuming full liability for their users’ actions.

“By tying intermediaries’ protection from liability to their ability to monitor communications being sent across their platforms or systems, the amendments would limit the use of end-to-end encryption and encourage others to weaken existing security measures,” the experts wrote in the letter, coordinated by the Internet Society.

With end-to-end encryption, there is no way for the service provider to access its users’ decrypted content, they said. Some of these experts include individuals who work at Google, Twitter, Access Now, Tor Project and World Wide Web Consortium.

“This means that services using end-to-end encryption cannot provide the level of monitoring required in the proposed amendments. Whether it’s through putting a ‘backdoor’ in an encryption protocol, storing cryptographic keys in escrow, adding silent users to group messages, or some other method, there is no way to create ‘exceptional access’ for some without weakening the security of the system for all,” they added.

Technology giants have so far enjoyed what is known as “safe harbor” laws. The laws, currently applicable in the U.S. under the Communications Decency Act and India under its 2000 Information Technology Act, say that tech platforms won’t be held liable for the things their users share on the platform.

Many organizations have expressed in recent days their reservations about the proposed changes to the law. Earlier this week, Mozilla, GitHub and Cloudflare requested the Indian government to be transparent about the proposals that they have made to the intermediary liability rules. Nobody outside the Indian government has seen the current draft of the proposal, which it plans to submit to India’s Supreme Court for approval by January 15.

Among the concerns raised by some is the vague definition of “intermediary” itself. Critics say the last publicly known version of the draft had an extremely broad definition of the term “intermediary,” that would be applicable to a wide-range of service providers, including popular instant messaging clients, internet service providers, cyber cafes and even Wikipedia.

Amanda Keton, general counsel of Wikimedia Foundation, requested the Indian government late last month to rethink the requirement to bring “traceability” on online communication, as doing so, she warned, would interfere with the ability of Wikipedia contributors to freely participate in the project.

A senior executive with an American technology company, who requested anonymity, told TechCrunch on Wednesday that even as the proposed changes to the intermediary guidelines need major changes, it is high time that the Indian government decided to look into this at all.

“Action on social media platforms, and instant communications services is causing damage in the real world. Spread of hoax has cost us more than at least 30 lives. If tomorrow, someone’s sensitive photos and messages leak on the internet, there is currently little they can expect from their service providers. We need a law to deal with the modern internet’s challenges,” he said.



Udimi - Buy Solo Ads from TechCrunch https://ift.tt/37Qosev
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

9 VCs in Madrid and Barcelona discuss the COVID-19 era and look to the future

Spain’s startup ecosystem has two main hubs: Madrid and Barcelona. Most observers place Barcelona first and Madrid second, but the gap appears to close every year. Barcelona has benefitted from attracting expats in search of sun, beach and lifestyle who tend to produce more internationally minded startups. Madrid’s startups have predominantly been Spain or Latin America-focused, but have become increasingly international in nature. Although not part of this survey, we expect Valencia to join next year, as city authorities have been going all-out to attract entrepreneurs and investors. The overall Spanish ecosystem is generally less mature than those in the U.K., France, Sweden and Germany, but it has been improving at a fast clip. More recently, entrepreneurs in Spain have moved away from emulating success in pursuit of innovative technologies. Following the financial crisis, the Spanish government supported the creation of startups with the launch of FOND-ICO GLOBAL, a €1.5 billi...
Post a Comment
Read more

Emulating USB Dongle – Introducing HASP Dongle Emulator Software

Information Technology Blog - - Emulating USB Dongle – Introducing HASP Dongle Emulator Software - Information Technology Blog Over the years the methods used by software developers and producers to limit the amount of users to a specific number in a licensing agreement have become more complex.  The aim of copy protection is to protect the intellectual rights and financial investment of the individual developers and manufacturing companies.   A way of getting around this protection is to reproduce the media through which you can deliver the application to other users,  meaning that the software can be replicated far in excess of that specified in the license. One of the most common methods has been to use hardware keys or dongles which will enable the user to activate an application, unlocking its full functionality without using a device.  In addition, it offers good protection against attempts to pirate the software. In this article, we will look at th...
1 comment
Read more

Advantages and Disadvantages of using Vouchers in eCommerce

Information Technology Blog - - Advantages and Disadvantages of using Vouchers in eCommerce - Information Technology Blog To decide whether vouchers and coupons are the right tool to add to your online marketing strategy, it is essential that you consider the benefit and the cost of using coupons. In this article, we will use Gtech coupon marketing strategy as an example a successful coupon strategy.  Also check out these great books on coupon codes for ecommerce . Advantages of Using Coupons Increase Sales This is the obvious benefit. Coupons serve to increase sales especially for high ticket items such as luxury gadgets. Gtech discount codes is a good example as Gtech quality is reflected on the price of both the Gtech eBike and Gtech AirRam. In order to boost sales, the company releases 10% off offers certain times of the year when online sales would normally be low. Enlarge Email List Acquiring a customer can be expensive in terms of advertising and marketing. If yo...
1 comment
Read more