Statement on MEA's RTI response on International Statement on E2E Encryption

MEA's RTI response states that they do not hold any information pertaining to the Statement nor can they identify any other authority to transfer it to which raises multiple concerns.

20 November, 2020
2 min read

On October 11, 2020 India became a signatory to the “International statement: End-to-end encryption and public safety”. Interalia the statement calls on technology companies to weaken end to end encrypted secure messaging by invoking concerns about public safety by stating, “enable law enforcement access to content in a readable and usable format”.

India is one of the 7 known signatory countries. This is a concerning development because the use of encryption has again come under political attack by parts of the security ecosystem. In fact, failure to encourage and expand the usage of encryption technologies puts individual users at risk. Here millions of Indians who today conduct their lives through digital tools are also entry point vulnerabilities unless their devices are secured through encryption. It is our belief that strong encryption is necessary to protect the privacy and security of individuals, businesses and government actors who use the internet, and this is especially true for groups which lack social power such as women and other marginalised communities. Any weakening of encryption standards would leave us all vulnerable to misuse of our personal data and communications by bad actors including malicious hackers, organised criminals, terrorist groups and hostile nation states.

Concerned by this development after it was brought to our notice by an IFF Forum Member, we filed Right to Information requests with the Ministries of Home Affairs, External Affairs and Electronics & IT asking them about India’s involvement in the Statement.

In a reply dated November 13, 2020, the Central Public Information Officer & Legal Officer of the Ministry of External Affairs’ Legal & Treaties Division, Mr. Sudheer K.J., has stated that,

“... we could neither trace any records under the jurisdiction of this CPIO nor could identify any other public authority which may possess related information pertaining to the subject matter of the query...”.

This response as well as a failure to identify other relevant public authorities to transfer the application to is indicative of either one of two situations. First, information under the RTI act is being withheld with respect to a matter that squarely falls within the ambit of public interest. Or, second, there is an absence of a proper coordination or consultation with the principal ministerial office, i.e. the Ministry of External Affairs as to an international statement. Either inference is troubling since the statement undermines the fundamental right to informational privacy that is preserved through end-to-end encryption.

In the first situation, we urge for immediate disclosure and in the second urge for greater coordination between the ministerial offices within the Union Government to examine the reasons and state them publicly on what prompted it’s assent to this international statement. Here, it should be noted that that in the unlikely outcome that assent to this statement was not on the basis of proper consultation within government offices, an urgent review must be conducted and a rights based assessment may be adopted after obtaining a legal opinion on the consistency of this international statement with the constitutional articulation of the fundamental right to privacy.

Important documents

  1. “International statement: End-to-end encryption and public safety” dated October 11, 2020 (link)
  2. IFF Forum Member post “Yet another call for E2E backdoors" dated October 11, 2020 (link)
  3. Right to Information requests filed with MEA, MHA and MeitY dated October 13, 2020 (link)
  4. Reply received from MEA dated November 13, 2020 (link)

Subscribe to our newsletter, and don't miss out on our latest updates.

Similar Posts

No place for tech: How digital interventions in NREGA are undermining rural social security

Mandatory digital ‘solutions’ introduced in the NREGA scheme by union and state governments, like Aadhaar-based payments, mobile monitoring apps, facial authentication and surveillance tools, are impinging on workers’ statutory rights and poking holes in the rural social security net.

8 min read

Into IT Standing Committee’s review of action taken by MeitY following its recommendations on citizen data security and privacy

This post breaks down the 55th report of the Standing Committee on Communications and IT, in which the Committee assesses the extent to which its recommendations on citizen data security and privacy were accepted and acted upon by the Ministry of Electronics and IT.

11 min read

Statement: Reportedly, IT Ministry looks to block Proton Mail on request of Tamil Nadu

Reportedly, the E2EE email service Proton Mail has received communication from MeitY regarding a potential block under S.69-A IT Act, at the request of the TN police over a hoax bomb threat sent to private schools in Chennai. 

1 min read

Donate to IFF

Help IFF scale up by making a donation for digital rights. Really, when it comes to free speech online, digital privacy, net neutrality and innovation — we got your back!