|
<<
^
>>
Date: 2000-01-30
ENFOPOL scharf, mit Curry
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
q/depesche 00.1.30/3
ENFOPOL scharf mit Curry
Überall auf der Welt bietet sich dasselbe Bild. Was von
gesetzlich ermächtigten Behörden in den ILETS [International
Law Enforcement Telecom Seminars] an
Überwachungsmassnahmen [in EU vordem ENFOPOL
genannt] ausbaldowert wurde, findet in seinen Weg in
nationale Legislativen. Die indische Regierung hat ihre
Überwachungs/pläne ganz besonders scharf angerichtet.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
relayed by Kai Raven via [email protected]
http://home.kamp.net/home/kai.raven/index.html
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
The BJP government wants to introduce an Indian Information
Technology Act. That, in itself, is not a bad thing. It is, in
fact, a good idea, as IT today is administered by an
increasingly ragged-looking patchwork of outdated and
inadequate laws. However, they just couldn't resist the
opportunity to try and make things easier for them to surveil
the citizenry, preferably without said citizenry's knowledge.
The draft bill which has been prepared by the Department of
Electronics (DoE) has been sent to the Law Ministry for
clearance. It will then be sent to the Cabinet for approval and
ratification.
Some of the alarming proposals in this bill are:
Any Internet Service Provider will have to make arrangements
to monitor all traffic passing through its servers, and make
such traffic available to "properly constituted authorities" for
"valid reasons of security". This would include agencies such
as the Central Bureau of Investigation (CBI), the Intelligence
Bureau (IB) and the Research and Analysis Wing (RAW).
And they aren't sparing encrypted traffic, either. On demand,
you will be expected to decode messages you have sent, in
effect handing over your private key.
The purported reason ? "National Security".
As usual.
The proposed bill also contains some confusing references to
"distant signatures" which it says will help e-commerce, but I
wish to focus on the damage which the tapping provision will
cause.
As the British net.activist Danny O'Brien said in response to
similar legislation in the UK, these are the reasons why this
is a very bad thing.
It's bad for e-commerce.
It will add billions to the cost of doing business online, and
take months - even years - to implement.
People won't trust a system which gives a government-
appointed stranger a back-door key to their e-mail.
Overseas consumers and businesses won't want to trade
with us. They won't want to give away the keys to their data,
either.
It'll impact the IT industry by driving business overseas.
There is near-zero enthusiasm for the government's proposals
amongst big business. Anywhere.
It won't catch a single criminal.
Criminals won't use the government's system. It's trivially
easy to bypass the proposed controls if you're planning on
breaking the law. For example, all it takes is one entry in
your email program to use a different server to send out your
mail, thus redering the whole issue moot.
Also, there exist techniques like steganography that hide
encrypted data in such a way as to escape detection.
Despite this, we've yet to hear of one example of an
investigation which has been hampered by an inability to
break encrypted codes. National security or otherwise.
In fact, as Fred Baker, Chair of the Internet Engineering Task
Force (IETF) said in a recent announcement,
..strong cryptography is essential to the security of the
Internet; restrictions on its use or availability will leave us with
a weak, vulnerable network, endanger the privacy of users
and businesses, and slow the growth of electronic commerce.
There is still time. If government sees that there is uproar
over this, they will push it underground for a while. It won't go
away, but it will buy time.
An example of the kind of uproar I'm talking about is the
spontaneous anger that erupted on various mailing lists when
this news got out. I have collected some of the most
technically and logically sound arguments here.
some URLs for more information:
Die Bill
http://www.mit.gov.in/it-bill.htm
http://www.tbtf.com/archive/1998-12-15.html#s01
http://members.tripod.com/~india_gii/
http://www.stand.org.uk/
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by
published on: 2000-01-30
comments to [email protected]
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<
^
>>
|
|
|
|