The government of India has proposed a new law on encryption that would require all citizens to maintain a plain-text version of their encrypted information for 90 days. The Times of India reports that the India Department of Electronics and Information Technology (DeitY) wants the law to enhance information security in India, but still give law enforcement officials the ability to access it in case of emergency.
Needless to say, the plain-text requirement has astounded people in the tech industry, who regard it as a potential wide-open invitation for hackers to target everyone in India, if it were enforced. The new law is in draft format right now, while it gathers comments from the public.
Plain text files are completely unencrypted and can be read by anyone who opens them, like a Word file or a simple email. The fear is that if every file in India were kept in a plain-text version for 90 days, it potentially makes it much easier for hackers to find and read them. It defeats the point of encrypting the info in the first place.
Here is the proposed text of the new law:
All citizens (C), including personnel of Government / Business (G/B) performing non-official / personal functions, are required to store the plaintexts of the corresponding encrypted information for 90 days from the date of transaction and provide the verifiable Plain Text to Law and Enforcement Agencies as and when required as per the provision of the laws of the country.
The law would also let the government of India define all algorithms and key sizes for encryption in India, and reserve the right to take action against people who don’t use those pre-approved algorithms. The proposal caught the eye of Matt Cutts, Google’s anti-web spam chief, earlier today. He sent a tweet recommending that people in India give their government feedback before they implement it.
Because Whatsapp messages and all communications on iPhones are automatically encrypted, the policy potentially would render those devices illegal.
NOW WATCH: Animated map reveals the 550,000 miles of cable hidden under the ocean that power the internet
Business Insider Emails & Alerts
Site highlights each day to your inbox.