Forever In Sight

• Government wants to monitor all content and services on the Internet, whatever be the access device—PCs or mobiles
• It wants to make telcos and ISPs maintain usage data for a longer period and mobile firms record location, data of users
• Last month, government blocked three sites—Mobango, Typepad and Clickatell
• Government has asked telcos to put real-time monitoring infrastructure for all 3G services by July 31
• The long-standing war for access to corporate e-mail from Blackberry and others continues with no end in sight
• Real-time monitoring could well lead to privacy issues

***

India could soon mirror George Orwell’s world of pervasive surveillance. In the past few months, the Union home ministry has begun an exercise whereby it seeks to control every internet and mobile service in the country. This includes e-mail, chat, mobile calls, SMS and web searches. While the tussle to gain control over Blackberry’s enterprise e-mail service has been on for a couple of years, the government’s intent has intensified. “Everything, everyone on the internet would be monitored. The Department of Telecommunications (DoT) is working on this and will contact all the concerned people,” home secretary G.K. Pillai told Outlook.

Government agencies are working on new rules that will make internet service providers (ISPS) and telecom companies maintain user data for a year instead of the current practice of keeping them for six months. This would include caller-receiver and text message information for telcos and e-mail and usage details by ISPS. According to sources, the government also wants to intercept the e-mail service of Google (Gmail) and internet video telephony provider Skype; the DoT is communicating with the companies.

All this, say officials, is being done based on concerns of national security. In December, the government stopped telecom companies from providing 3G mobile services for a similar reason. The primary attractions of 3G are live video telephony and fast data transfer, both of which could come in handy for anti-social elements, the government feels. The government wants real-time monitoring of all 3G services in India and has asked service providers to put in necessary infrastructure by July 31.

With the internet moving in a big way to mobile phones, the government is faced with a huge problem as mobile internet is more difficult to monitor than usage on computers. At present, there are just 11.21 million broadband subscribers in the country as compared to over 770 million mobile phone users. With 3G expected to provide better and faster internet on mobiles, the government machinery has woken up to the reality and wants to bring this into their surveillance zone. With services like mobile money and banking likely to become popular with 3G, there is concern about fraud and money-laundering. Tracing services like internet telephony and Skype on the mobile platform could also prove to be a nightmare.

Meanwhile, the government’s pitched battle with Research in Motion (RIM), makers of Blackberry phones, has gone on to a different level. The government changed tack to go through service providers over which it has full control, unlike RIM, which is a Canadian company. Says Pillai, “We’re not dealing with Blackberry. We’re now dealing with service providers directly.” At the end of the government’s January 31 deadline, RIM had said it couldn’t give access to its enterprise e-mail service, though it provided access to its messenger service. The government’s concern also comes from the usage of the Blackberry e-mail service in the recent uprising in Egypt.

The government has asked other corporate and secure e-mail providers like Nokia and Motorola to “open doors”. In December, Nokia set up two servers in India and offered access to the Indian authorities. But while Nokia agrees that the government’s demand is legitimate and the company has complied with the law, it is yet to provide access to the enterprise e-mail service that the government is gunning for. Nokia’s servers provide access to consumer e-mail—like Blackberry has offered with its messenger service. Says Pillai, “It is being examined whether it (Nokia’s action) fulfils our requirement or not.” Nokia says it is still testing the servers and will take three months to get clarity on the issue.

The DoT has given the service providers time till the end of this month to declare how they can provide access to all their services—telephony, e-mail, as well as Blackberry e-mail. It is also setting up a committee that will specifically look at technology and encryption-related areas. The government certainly looks serious this time. Last month, it blocked three websites—blog site Typepad, mobile applications site Mobango and bulk SMS site Clickatell.

This led to a huge uproar in the online community. The government’s power for such actions stems from the new proposed rules under the IT Act that authorise it to intercept, monitor and control all content on the internet. Nikhil Pahwa, a blogger, says, “The new rules give significant power to the government without involvement of civil society. There’s total lack of transparency. Online businesses could go for a toss if they are suddenly blocked without notice.”

Obviously, companies can only but  comply. A senior official from a leading mobile service provider says, “We need a comprehensive security policy. The 3G monitoring orders have come out of the blue. The DoT or home ministry should have made these part of the compliance document. At this stage, it hurts, as it needs investment.” Internet and Mobile Association of India president Subho Ray adds, “The ministry should come out with a 10-point clearance list for all services. It could lead to operational problems at this stage.”

Experts, however, feel that many operational and bilateral issues also need to be looked at to prevent or penalise the culprits as none of the data may be residing in India and, at most, the government would be able to pull the plug on a website. At the same time, the government needs to strengthen its on-ground machinery—that is, implementation and execution. The proposed rules address some of these issues. So does a bit of noise: according to Google, between January and June 2010, the government made 1,430 data requests and 130 item removal requests from Google’s servers. This is a big surge from the 142 requests made between July-December 2009.

Clearly, it’s a statement of intent—the current actions create sufficient noise about how the government aims to go about spreading its tentacles of control online. National interest, or interpretations of it, will reign supreme—even among the bits and bytes.