Google – AFP, Annie Banerji (AFP), 8 December 2013
 |
Worried by
US spying revelations, India has begun drawing up a new email policy
to help
secure government communications, but the man responsible for drafting the
rules still regularly uses Hotmail (AFP/File, Raveendran)
|
New Delhi —
Worried by US spying revelations, India has begun drawing up a new email policy
to help secure government communications, but the man responsible for drafting
the rules still regularly uses Hotmail.
Like many
of his peers in ministries across New Delhi, IT Minister Kapil Sibal's office
recently sent an email inviting journalists to the launch of his new personal
website using the free email service.
Others,
including senior foreign ministry officials, the information and broadcasting
minister and the health ministry secretary, also use Gmail, Hotmail or Yahoo
instead of their government accounts.
 |
More than
11,000 Indian websites were
hacked or defaced between May and
August this year,
with a large number of
attacks on the ".in" domain whose servers
are in India, the Times of India reported
last month (AFP/File)
|
"We
keep moving, get different designations, go different places and with that, our
emails change. You lose contacts and important emails, which you don't need to
worry about with a Gmail account," the bureaucrat told AFP.
"To be
honest, the quality of our official mail isn't that great yet. It still needs
some work," he added on condition of anonymity.
Security
concerns
IT security
expert Sunil Abraham said the use of Gmail and the like was highly risky since
the American services had their servers in the US and the National Security
Agency has been known to tap into their database systems.
It is
unclear how many state and federal public workers actively use popular email
services for office, but some of the estimates are startling.
"As
much as 90 percent of government officials use private email (services) for
official use... that's because their official email is not as stable or
speedy," said Abraham, executive director of the Bangalore-based Centre
for Internet and Society.
In
September Sibal's ministry announced a new "Email Policy of the Government
of India" in the wake of spying allegations about the NSA revealed by
former NSA contractor Edward Snowden.
NSA's
tentacles not only crept into the Indian embassy in Washington and its UN
office in New York, but also accessed email and chat messenger contact lists of
hundreds of millions of ordinary citizens worldwide, according to media
reports.
During a
single day last year, the NSA's Special Source Operations branch collected
444,743 email address books from Yahoo, 105,068 from Hotmail, 82,857 from
Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, The
Washington Post said, according to an internal NSA presentation.
The $11
million Indian project aims to bring some five million public employees onto
the government's email domain powered by the National Informatics Centre (NIC)
as early as mid-December.
It is
awaiting clearances and suggestions from all ministries before the proposal
goes to the cabinet this month.
J.
Satyanarayana, secretary of the department of electronics and IT, dismissed
claims that the policy was too late and was a response to the Snowden scandal.
"The
policy is not a reaction to any global spying revelations, it was already in
the works. It is just a mere coincidence that both came around the same
time," he said.
Fresh
doubts
Some cyber
security experts say bringing millions aboard a centralised server could make a
hacker's job easier, with all critical government information available on a
single platform.
More than
11,000 Indian websites were hacked or defaced between May and August this year,
with a large number of attacks on the ".in" domain whose servers are
in India, the Times of India reported last month.
"Making
the use of a centralised government server is not the best way to proceed.
Having everything on one platform makes it even more vulnerable to cyber
attacks and hacking," said Abraham.
"It
also brings about new worries of the NIC becoming the local snoop."
Some also
predict that the ambitious policy would eventually fizzle out for lack of
attention from ministers and bureaucrats, who work in government offices where
stacks of yellowing files and papers are still a common sight.
"It's
sad but most of these officials don't understand much about technology, so
mastering email is something that is miles and miles away," said Vijay
Mukhi, a Mumbai-based cyber security expert.
"These
guys saw all the snooping news and suddenly they woke up and said 'lets make an
email policy'. Enforcing this is not possible on a practical basis."
The IT
ministry also plans to conduct workshops to teach employees about email
security such as when to change passwords and user names and how to use email.
"Every
employee should know how, what and when critical data can be vulnerable... with
most work still done on paper, it is important to know the nitty-gritty of
using email," Satyanarayana said.
NSA surveillance: tech companies demand sweeping changes to US laws - New
Brazil announces secure email to counter US spying
Related Articles:
NSA surveillance: tech companies demand sweeping changes to US laws - New
Brazil announces secure email to counter US spying
No comments:
Post a Comment