BlackBerry service providers in the country have been asked by the Centre to stop providing these services by March-end. Security agencies want to access communication on BlackBerry, the brand owned by a Canadian company, Research in Motion (RIM).
Security agencies have wide-ranging powers, used and abused, to intercept electronic communication originating in India. They can’t do this with BlackBerry as its servers are not located in India. They need the cooperation of RIM to do so.
There is, however, more at stake here. Business and commercial communications in the age of instant decisions are no longer the domain of a postman. Internet and mobile devices are the order of the day. It took a lot of effort to make these secure and enable contracts, confidential business information and decision making possible by them. Any large-scale intrusion by security agencies will wipe the trust businesses have in them. High transaction costs and losses cannot be ruled out.
The problem lies with security agencies. The Internet age caught them napping. Their preparedness to meet security challenges was minimal. Hence, their reliance on crude techniques. For example, Internet service providers (ISPs) have been asked to reduce encryption from the 128-bit standard, the one that permits secure online payments, to a 40-bit level. Most online services and ISPs have spent huge sums of money to make the medium secure from phishing, online banking scams and payment frauds. A 40-bit encryption level will bring these back with a vengeance.
Interception is carried out by executive agencies without effective oversight from the legislature and the judiciary. The law, The Indian Telegraph Act, 1885, is obsolete. In comparison, in the US, interception for security mandated, for example, by the Foreign Intelligence Surveillance Act, 1978, has strong oversight. There is a court and a court of appeals for actions taken by security agencies under the act. A judge has to give approval for wiretaps. In India, the legal infrastructure permitting orderly conduct of security measures is non-existent. Unless this is done, serious damage to commerce cannot be ruled out.Should security agencies have blanket powers to tap communication? Write to us at email@example.com