India Proposes New Encryption Law, Then Quickly Retracts It

Last week India released some draft legislation surrounding encryption. As reported by the New York Times, the proposed law “would have required users of social media and messaging applications to save plain-text versions of their messages for 90 days so that they could be shared with the police.”

The law was retracted after just a few days, due to intense criticism and concerns over privacy. The Indian government was not supportive of the law either, and publicly stated the encryption law was merely a draft and didn’t express the government’s views. The law was proposed by the Department of Electronics and Information Technology. The timing of the situation was bad for the country, as it created embarrassment in advance of the Indian Prime Minister’s trip to Silicon Valley.

This is yet another instance of draft cybersecurity legislation that threatens privacy and the right to encryption. We’ve seen similar draft legislation from both China and Russia recently, with both countries standing behind their proposals. We’re glad that India has quickly backtracked on their law, and that the public expressed such strong opposition to it. It’s essential we continue the fight for online privacy and security for Internet users around the world.

View the full policy and read more about the proposed data retention rules. Learn more about the importance of encryption.

Update – June, 2016: A public interest litigation petition that looked to achieve a ban on WhatsApp was dismissed by the Supreme Court in India. The petition was brought forth due to concerns surrounding the encryption in the platform, and that it hindered police efforts. This decision seems to echo the theme of India considering enacting restrictive legislation, but then choosing not to enact it.