Withdrawal of the Draft Encryption Policy

The draft Encryption Policy was released by the Department of Electronics and Information Technology (Deity) which mandated users and organizations to store plain text versions of all encrypted communications for 90 days and provide these to law enforcement agencies upon request. The policy aimed to enhance security and regulation of encryption use.

However, criticisms regarding the government’s control over encryption policies, privacy concerns on storing plain text data and impractical demands on users and foreign service providers have been raised by different stakeholders. In response to the same, the government decided to withdraw the policy and instructed Deity to redraft it.

Draft Encryption Policy: Draft Encryption Policy

Comments are closed.