India is considering extending tough new security rules covering imports of telecoms equipment to include all communications services offered in the country.
The government proposes to force firms to provide details of how to crack data encrypted at over 40 bits – the maximum level its security forces can currently deal with – in a move that could hit smartphone makers and e-mail providers.
Firms would be required to supply the details in a so-called “sealed envelope” escrow account, so authorities can readily access the details in the event of a security scare the Economic Times reports.
The move would impact services including RIM’s BlackBerry e-mail, Gmail, Skype, Nokia messaging services, and wireless internet access via data cards, which all typically use 256-bit encryption.
GK Pillai, India’s home secretary, discussed the idea with members of India’s Intelligence Bureau and the Department of Telecommunications (DoT) at a recent meeting to examine how encrypted messages could be intercepted, the newspaper said.
India’s prime minister’s office recently suspended tough new security rules for foreign infrastructure vendors, following heavy lobbying from vendors and governments.
It ordered the DoT to review the measures, and decide if alternative methods would be more suitable.
However, the home ministry said operator’s licenses already include the escrow rule, noting that it simply hasn’t been enforced until now.