Friday, April 15, 2011

Encryption Standards In India

Although India is a destination for technology related services yet when it comes to use of the same India is poorly situated. India has a badly drafted and decayed cyber law in the form of information technology act, 2000 that needs urgent repeal, inadequate cyber security, missing cyber forensics capabilities, inadequate critical infrastructure protection and so on.

On the policy front also India has no cyber security policy, encryption policy, cyber crimes policy, ICT crisis management policy and so on. So on both law making and policy formulation, India has performed extremely poor.

Naturally, India is facing growing numbers of cyber attacks. In fact, India has no effective and practically applicable crisis management plan for cyber attacks and cyber terrorism. There are growing cases of cyber terrorism against India in one form or other. Some of them have been detected while others are still stealth in nature.

In fact, cyber attacks and cyber terrorism preparedness of India is missing at all. Cyber Terrorism is a concept that is closely related to National Security and Cyber Security of any Nation, says Praveen Dalal, managing partner of New Delhi based law firm Perry4Law and leading techno legal expert of India. While the definition and nature of Cyber Terrorism is still debatable yet none can doubt about the use of ICT for attacking crucial computer systems of others, says Dalal.

Encryption is a very useful technology to thwart cyber attacks upon sensitive and crucial computer systems and networks. Encrypted data is more difficult to intercept and decrypt than data and information traveling in plain text. Encryption makes online banking and e-commerce more secure and reliable.

Presently, we have neither encryption laws in India nor there are any encryption standards and norms in India. Due to security concerns of intelligence agencies of India, encryption is still a feared technology in India. Indian Government must clear its head regarding crucial issues like Encryption Standards, Network Sniffing, E-Mails Sniffing, Mobile Phones Interceptions, Cell Phone Data Usages, etc, says Dalal.

Encryptions standards must be urgently formulated and immediately implemented. The more we ignore and postpone the same the greater would be practical difficulties and commercial losses for India.