A cyber secure India, starts with securing Indians

Our submission to the National Security Council Secretariat for framing of the National Cyber Security Strategy 2020 (NCSS 2020) focusses on protecting individual privacy.

13 January, 2020
2 min read


We live in a world that is often outside our control. Many people have faced risks to their online and digital security. These same anxieties are present in securing our national cyber assets. Towards this, the government of India plans to release a Cybersecurity Strategy in 2020 and asked for inputs. We sent our comments on securing people like you. This recognises 5 important points that promote both security and human rights. Sounds, too good to be true? Read on!

Institutional security has to be individual centric

We recently sent our comments to the National Security Council Secretariat which invited public comments for framing of the National Cyber Security Strategy 2020 (NCSS 2020). Our clear belief is that India requires to focus strongly on protecting its cyber assets and infrastructure. This has to be done in a manner in which we focus on creating an environment with the right incentives and grow a respect for individual privacy.

More tangibly as we outline in our submission to achieve this we make five distinct reccomendations.

  • Recommendation 1: Independent vulnerability testers and cyber security specialists are strategic national assets  – India’s innovative and expanding community of security researchers is a net asset, for cybersecurity in both the public and private sectors. There should be a clear policy and standard operating procedure devised for departments to be notified by security researchers without the threat of civil or criminal prosecution.
  • Recommendation 2: Encryption protects India by protecting IndiansThe use of encryption has far too often come under political attack by some parts of the security ecosystem. In fact, failure to encourage and expand the usage of encryption technologies puts individual users at risk. Here millions of Indians who today conduct their lives through digital tools are also entry point vulnerabilities unless their devices are secured through encryption.
  • Recommendation 3: Encourage a strong data breach reporting mechanism in the Data Protection ActData breach reporting under a data protection legal framework is immensely useful for enhancing cybersecurity.
  • Recommendation 4: Malware use makes all of insecureWe further recommend that the use of malware should be clearly prohibited. The collection of, “Zero-day” hacks or the proliferation in the use of technical exploits to hack into the devices and digital services of Indians makes the nation insecure.
  • Recommendation 5: The open web is the secure webToday, there are both economic forces and regulatory suggestions that threaten the decentralised framework of the internet. This undermines not only the stability of the public core but has a negative impact on cyber security in real and tangible ways.

We will keep advocating for the safety of India by advocating for the rights of users to use technologies that will secure thier devices. Our submission also benefits from the growing community of supporters and experts includes many from the domain cyber security and their work is incredibly advancing the national interest.

It is our earnest hope that the National Security Council Secretariat considers our submission for a cyber secure India that starts with securing Indians.

Important Documents

  1. IFF's Submission to India's Cyber Security Policy (link)

We believe that security and human rights are natural allies. Do you want to support positive, solution oriented policymaking? Become an IFF member today!

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

No place for tech: How digital interventions in NREGA are undermining rural social security

Mandatory digital ‘solutions’ introduced in the NREGA scheme by union and state governments, like Aadhaar-based payments, mobile monitoring apps, facial authentication and surveillance tools, are impinging on workers’ statutory rights and poking holes in the rural social security net.

8 min read

Into IT Standing Committee’s review of action taken by MeitY following its recommendations on citizen data security and privacy

This post breaks down the 55th report of the Standing Committee on Communications and IT, in which the Committee assesses the extent to which its recommendations on citizen data security and privacy were accepted and acted upon by the Ministry of Electronics and IT.

11 min read

Statement: Reportedly, IT Ministry looks to block Proton Mail on request of Tamil Nadu

Reportedly, the E2EE email service Proton Mail has received communication from MeitY regarding a potential block under S.69-A IT Act, at the request of the TN police over a hoax bomb threat sent to private schools in Chennai. 

1 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!