XING Hyderabad

Posts 1-6 of 6

Sandy Riedel Premium Member Group moderator Ambassador
The company name is only visible to registered members.

Encryption in India
Hello Everyone,

Here is a good PowerPoint comparing best practices with encryption guidelines and laws. Laws must be stable; however they need to change with technology advancement and security risks.

Link: http://www.acto.in/presentations.php

Upgrade your Privacy,
Sandy Riedel
Director of Operation
GoSecure Inc.
http://www.gosecure.com
- 06 Jul 2010, 9:44 pm
Sandy Riedel wrote: > Hello Everyone, > > Here is a good PowerPoint comparing best practices with encryption > guidelines and laws. Laws must be stable; however they need to > change with technology advancement and security risks. > > Link: http://www.acto.in/presentations.php > > Upgrade your Privacy, > Sandy Riedel > Director of Operation > GoSecure Inc. > http://www.gosecure.com
Sandy Riedel Premium Member Group moderator Ambassador
The company name is only visible to registered members.

Re: Encryption in India
Short note on IT Amendment Act, 2008 from Pranesh Prakash of the Centre for Internet and Society

The amending bill does not really bring about much of a change with respect to encryption, except for expanding the scope of the government's power to order decryption.

The government already controls the strength of permissible encryption by way of the Internet Service Provider licences, and now has explicitly been granted the power to do so by s.84A of the Act. However, the government may only prescribe the modes or methods of encryption "for secure use of the electronic medium and Modes or for promotion of e-governance and e-commerce". Thus, it is possible to read that as effectively rendering nugatory the government's efforts to restrict the strength of encryption to 48-bit keys (for symmetric encryption).

Link: http://www.cis-india.org/advocacy/igov/it-act/short-note-on-...

Upgrade your Privacy,
Sandy Riedel
Director of Operation
GoSecure Inc.
http://www.gosecure.com
- 06 Jul 2010, 9:57 pm
Sandy Riedel wrote: > Short note on IT Amendment Act, 2008 from Pranesh Prakash of the > Centre for Internet and Society > > The amending bill does not really bring about much of a change with > respect to encryption, except for expanding the scope of the > government's power to order decryption. > > The government already controls the strength of permissible > encryption by way of the Internet Service Provider licences, and now > has explicitly been granted the power to do so by s.84A of the Act. > However, the government may only prescribe the modes or methods of > encryption "for secure use of the electronic medium and Modes or for > promotion of e-governance and e-commerce". Thus, it is possible to > read that as effectively rendering nugatory the government's efforts > to restrict the strength of encryption to 48-bit keys (for symmetric > encryption). > > Link: > http://www.cis-india.org/advocacy/igov/it-act/short-note-on-amendment- > act-2008 > > Upgrade your Privacy, > Sandy Riedel > Director of Operation > GoSecure Inc. > http://www.gosecure.com
Sandy Riedel Premium Member Group moderator Ambassador
The company name is only visible to registered members.

Re^2: Encryption in India
In his latest report , Mr Ron Kirk has said India's restrictions on use of strong encryption are both confusing and detrimental to the security of companies operating in India.

Link: http://www.thehindubusinessline.com/blnus/10091965.htm

Upgrade your Privacy,
Sandy Riedel
Director of Operation
GoSecure Inc.
http://www.gosecure.com
- 06 Jul 2010, 10:03 pm
Sandy Riedel wrote: > In his latest report , Mr Ron Kirk has said India's restrictions on > use of strong encryption are both confusing and detrimental to the > security of companies operating in India. > > Link: http://www.thehindubusinessline.com/blnus/10091965.htm > > Upgrade your Privacy, > Sandy Riedel > Director of Operation > GoSecure Inc. > http://www.gosecure.com
Sandy Riedel Premium Member Group moderator Ambassador
The company name is only visible to registered members.

Re^3: Changing Face of Encryption Standards in India
It's time to beef up the encryption standards of India to safeguard information being exchanged over the Internet. Let's take a look at the encryption standards prevailing in India, and how it's evolving:

Link: http://gosecureprivacy.wordpress.com/2010/07/06/changing-fac...

Upgrade your Privacy,
Sandy Riedel
Director of Operation
GoSecure Inc.
http://www.gosecure.com
This post was modified on 06 Jul 2010 at 10:24 pm.
- 06 Jul 2010, 10:16 pm
Sandy Riedel wrote: > It's time to beef up the encryption standards of India to safeguard > information being exchanged over the Internet. Let's take a look at > the encryption standards prevailing in India, and how it's evolving: > > Link: > http://gosecureprivacy.wordpress.com/2010/07/06/changing-face-of-encry > ption-standards-in-india/ > > Upgrade your Privacy, > Sandy Riedel > Director of Operation > GoSecure Inc. > http://www.gosecure.com
Sandy Riedel Premium Member Group moderator Ambassador
The company name is only visible to registered members.

Re^4: Changing Face of Encryption Standards in India
Here are two interpretations of what the law said:

The IT amendment Act, 2008 has given central Govt the discretion to prescribe the modes or methods of encryption for secure use of electronic medium and for promotion of e-Governance and e-Commerce. But as on date, Govt has not prescribed any specific modes of encryption
Pavan Duggal, Advocate, Supreme Court of India and President, Cyberlaws.Net
Link: http://pcquest.ciol.com/content/topstories/2010/110043009.as...

However, the government may only prescribe the modes or methods of encryption "for secure use of the electronic medium and Modes or for promotion of e-governance and e-commerce". Thus, it is possible to read that as effectively rendering nugatory the government's efforts to restrict the strength of encryption to 48-bit keys (for symmetric encryption).
Pranesh Prakash of the Centre for Internet and Society
Link: http://www.cis-india.org/advocacy/igov/it-act/short-note-on-...

Upgrade your Privacy,
Sandy Riedel
Director of Operation
GoSecure Inc.
http://www.gosecure.com
- 07 Jul 2010, 1:40 pm
Sandy Riedel wrote: > Here are two interpretations of what the law said: > > The IT amendment Act, 2008 has given central Govt the discretion to > prescribe the modes or methods of encryption for secure use of > electronic medium and for promotion of e-Governance and e-Commerce. > But as on date, Govt has not prescribed any specific modes of > encryption > Pavan Duggal, Advocate, Supreme Court of India and President, > Cyberlaws.Net > Link: http://pcquest.ciol.com/content/topstories/2010/110043009.asp > > However, the government may only prescribe the modes or methods of > encryption "for secure use of the electronic medium and Modes or for > promotion of e-governance and e-commerce". Thus, it is possible to > read that as effectively rendering nugatory the government's efforts > to restrict the strength of encryption to 48-bit keys (for symmetric > encryption). > Pranesh Prakash of the Centre for Internet and Society > Link: > http://www.cis-india.org/advocacy/igov/it-act/short-note-on-amendment- > act-2008/ > > Upgrade your Privacy, > Sandy Riedel > Director of Operation > GoSecure Inc. > http://www.gosecure.com
Sandy Riedel Premium Member Group moderator Ambassador
The company name is only visible to registered members.

Re^5: India’s Surveillance Plan Said to Deter Business
Hello Everyone,

In the United States, law enforcement and security agencies have raised privacy concerns with a new proposal for electronic eavesdropping powers to track terrorists and criminals and unscramble their encrypted messages. Research In Motion, maker of the BlackBerry, says it is willing to meet “the lawful access needs of law enforcement agencies.”
But here in India, government authorities are well beyond the proposal stage. Prompted by fears of digital-era plotters, officials are already demanding that network operators give them the ability to monitor and decrypt digital messages, whenever the Home Ministry deems the eavesdropping to be vital to national security.

Critics, though, say India’s campaign to monitor data transmission within its borders will hurt other important national goals: attracting global businesses and becoming a hub for technology innovation.

The most inflammatory part of the effort has been India’s threat to block encrypted BlackBerry services, widely used by corporations, unless phone companies provide access to the data in a readable format. But Indian officials have also said they will seek greater access to encrypted data sent over popular Internet services like Gmail, Skype and virtual private networks that enable users to bypass traditional telephone links or log in remotely to corporate computer systems.

Critics say such a threat could make foreigners think twice about doing business here. Especially vulnerable could be outsourcing for Western clients, like processing medical records or handling confidential research projects, information that is typically transmitted as encrypted data.

Link: http://nyti.ms/c174rv

Upgrade your Privacy,
Sandy Riedel
Director of Operation
GoSecure Inc.
http://www.gosecure.com
This post was modified on 28 Sep 2010 at 04:30 pm.
- 28 Sep 2010, 4:26 pm
Sandy Riedel wrote: > Hello Everyone, > > In the United States, law enforcement and security agencies have > raised privacy concerns with a new proposal for electronic > eavesdropping powers to track terrorists and criminals and unscramble > their encrypted messages. Research In Motion, maker of the > BlackBerry, says it is willing to meet “the lawful access needs of > law enforcement agencies.” > But here in India, government authorities are well beyond the > proposal stage. Prompted by fears of digital-era plotters, officials > are already demanding that network operators give them the ability to > monitor and decrypt digital messages, whenever the Home Ministry > deems the eavesdropping to be vital to national security. > > Critics, though, say India’s campaign to monitor data transmission > within its borders will hurt other important national goals: > attracting global businesses and becoming a hub for technology > innovation. > > The most inflammatory part of the effort has been India’s threat to > block encrypted BlackBerry services, widely used by corporations, > unless phone companies provide access to the data in a readable > format. But Indian officials have also said they will seek greater > access to encrypted data sent over popular Internet services like > Gmail, Skype and virtual private networks that enable users to bypass > traditional telephone links or log in remotely to corporate computer > systems. > > Critics say such a threat could make foreigners think twice about > doing business here. Especially vulnerable could be outsourcing for > Western clients, like processing medical records or handling > confidential research projects, information that is typically > transmitted as encrypted data. > > Link: http://nyti.ms/c174rv > > Upgrade your Privacy, > Sandy Riedel > Director of Operation > GoSecure Inc. > http://www.gosecure.com

XING Hyderabad

Encryption in India

Re: Encryption in India

Re^2: Encryption in India

Re^3: Changing Face of Encryption Standards in India

Re^4: Changing Face of Encryption Standards in India

Re^5: India’s Surveillance Plan Said to Deter Business