[iwar] India's attempts to monitor emails
From:
From: r_v_p@yahoo.com
To: iwar@yahoogroups.com
Tue, 13 Feb 2001 11:23:46 -0000
fc Tue Feb 13 03:24:08 2001
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Tue, 13 Feb 2001 03:24:08 -0800 (PST)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Tue Feb 13 11:24:01 2001)
X-From_: r_v_p@yahoo.com Tue Feb 13 05:23:47 2001
Received: from ej.egroups.com ([64.211.240.230])
by multi33.netcomi.com (8.9.3/8.9.3) with SMTP id FAA00330
for ; Tue, 13 Feb 2001 05:23:44 -0600
X-eGroups-Return: sentto-279987-933-982063428-fc=all.net@returns.onelist.com
Received: from [10.1.4.53] by ej.egroups.com with NNFMP; 13 Feb 2001 11:23:49 -0000
X-Sender: r_v_p@yahoo.com
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_0_3); 13 Feb 2001 11:23:47 -0000
Received: (qmail 41234 invoked from network); 13 Feb 2001 11:23:47 -0000
Received: from unknown (10.1.10.26) by l7.egroups.com with QMQP; 13 Feb 2001 11:23:47 -0000
Received: from unknown (HELO hj.egroups.com) (10.1.10.42) by mta1 with SMTP; 13 Feb 2001 11:23:47 -0000
X-eGroups-Return: r_v_p@yahoo.com
Received: from [10.1.10.105] by hj.egroups.com with NNFMP; 13 Feb 2001 11:23:47 -0000
To: iwar@yahoogroups.com
Message-ID: <96b5g2+j2ho@eGroups.com>
User-Agent: eGroups-EW/0.82
X-Mailer: eGroups Message Poster
X-Originating-IP: 203.197.192.188
From: r_v_p@yahoo.com
MIME-Version: 1.0
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe:
Date: Tue, 13 Feb 2001 11:23:46 -0000
Reply-To: iwar@yahoogroups.com
Subject: [iwar] India's attempts to monitor emails
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Published in The Telegraph, Calcutta, on Monday, 05 February 2001,=20
Edit Page
http://www.telegraphindia.com
By Ravi Visvesvaraya Sharada Prasad
According to Delhi's police, the Lashkar-e-Taiba militants=20
responsible for the Red Fort attack were using electronic mail to=20
receive instructions from abroad. Since they were not able to=20
intercept and decipher these messages, our security agencies=20
reiterated their long-standing demand that India's entire e-mail=20
traffic should be monitored at the servers of internet service=20
providers (ISPs). They cited the instance when a member of Harkat Al=20
Ansar, Khalid Ibrahim, tried to obtain classified information about=20
India's nuclear programme immediately after the Pokhran-II blasts. He=20
used several Hotmail accounts from numerous cybercaf=E9s, but could be=20
detected only because Videsh Sanchar Nigam (VSNL) was India's sole=20
ISP then, and the IP addresses allocated to him could be correlated.=20
Today, he would be able to avoid detection because there are over 300=20
ISPs in India. Moreover, he can now use strong-encryption email=20
services like HushMail and ZipLip, which cannot be decrypted easily=20
even by USA's National Security Agency.
Intercepting emails of suspected terrorists and criminals, without=20
infringing on fundamental rights of law-abiding citizens, is=20
problematical. Several so-called democracies recently passed laws=20
which grant them sweeping powers to intercept emails of large=20
sections of their populace. Their security agencies are worried about=20
USA's lifting of export controls on strong cryptographic programmes;=20
the ready availability of Freenet as well as of the cryptographic=20
algorithms Pretty Good Privacy (PGP) and Rivest-Shamir-Adelman (RSA);=20
and the emergence of free email services using strong cryptography=20
such as HushMail and ZipLip.
A proponent of individual liberty, 23-year old Ian Clarke, recently=20
developed Freenet for his undergraduate thesis at the University of=20
Edinburgh. He has already distributed 35,000 copies worldwide, free=20
of charge. Clarke explained: "I developed Freenet so that people=20
under oppressive regimes can describe their plight without=20
retribution. Freenet provides complete anonymity and confidentiality=20
both for those transmitting information and those reading it. It is=20
virtually impossible for anyone to destroy or forcibly remove a=20
particular piece of information, or find out who is reading it, or=20
who wrote it in the first place, making censorship impossible."
Keith Akerman, Britain's chief police officer handling computer=20
crimes, attacked Clarke: "Freenet will be misused by criminals,=20
terrorists and pedophiles, with no risk of getting caught. While I'm=20
all for freedom of speech, Freenet will severely impede our ability=20
to investigate crimes."=20
Governments are attempting both technological and legal measures to=20
counter the likes of Freenet, HushMail, and ZipLip. Australia=20
recently passed the Telecommunications (Interception) Legislation=20
Amendment Act which grants the Australian Security Intelligence=20
Organization and other law enforcement agencies "the power to order=20
internet service providers, telecommunications service providers,=20
computer hardware and software vendors, and telecommunications=20
equipment vendors to provide all possible assistance in order to gain=20
access to any remote or networked computer if there are reasonable=20
grounds for believing that data held in the target computer will=20
substantially assist the collection of intelligence important to=20
national security." ASIO and other security agencies are "permitted=20
to copy, add, delete or alter any data in the target computer that is=20
relevant to the security matter" and will not be subject to the=20
Australian Crimes Act, which forbids computer hacking.
Britain's Parliament passed the Regulation of Investigatory Powers=20
Act, which forces ISPs to provide complete information about all=20
their subscribers to security agencies. At their cost, all ISPs are=20
required to install surveillance equipment which is hardwired to MI5,=20
Britain's intelligence agency. This permits MI5 to monitor, in real-
time, each and every email, website visited, and banking and e-
commerce transaction. Subscribers who refuse to reveal their=20
encryption keys face a two-year jail sentence.
A few months ago it was discovered that USA's Federal Bureau of=20
Investigation had been covertly using a surveillance system named=20
Carnivore. It is rack-mounted at the ISP's server and uses a high-
speed packet sniffer which intercepts and records every single e-mail=20
message. Even though FBI claimed that it would use Carnivore only=20
against specific persons after obtaining judicial warrants, it was=20
found that Carnivore actually recorded every email of each subscriber=20
of the ISP. US ISPs complied with FBI's orders to install Carnivore=20
and did not inform their subscribers that all their emails were being=20
recorded.
Our security agencies have been insisting that India enact laws=20
similar to those of Britain and Australia. In the Information=20
Technology Bill, they had introduced clause 73 which would have=20
required cybercaf=E9s to maintain lists of all websites that their=20
customers visited. However, in May 2000, MPs across the political=20
spectrum assailed this clause as a violation of fundamental rights,=20
and both the Lok Sabha and the Rajya Sabha rejected this attempt to=20
turn India into a police state. In addition to being a violation of=20
fundamental rights, clause 73 would have been unenforceable, being=20
akin to requiring every public phone booth to maintain a register of=20
all callers, called parties, and transcripts of entire conversations.
Undeterred by the defeat in Parliament, our security agencies then=20
drafted several provisions in the "Guidelines For Setting Up Of=20
Submarine Cable Landing Stations For International Gateways For=20
Internet" issued by the Department of Telecommunications in August=20
2000, which did not require parliamentary approval.
25) On-line and off-line (capture, store and retrieve) monitoring of=20
all classes of traffic (Internet, video, audio etc.) specified by=20
various attributes viz. destination, recipient, sender, key words=20
etc.=20
27) Agencies authorized by the Government should be able to monitor=20
all types of traffic passed through the landing terminals, including=20
data, FAX, speech, video and Multimedia etc., both in interactive and=20
non-interactive modes.=20
28) The monitoring should be possible on the basis of key words/key=20
expressions/addresses (IP address or e-mail address) of initiating or=20
terminating subscribers.=20
29) It should be possible to scan through entire traffic passing=20
through the gateway and filter the traffic as per the key words/key=20
expressions and addresses defined by the security agencies. Filtered=20
traffic should be stored in the memory/directory provided for the=20
security agencies=85The filtered information must be decoded and stored=20
in such a way that direct hard copy of FAX and data or audio/video=20
tapes of the speech/video recording could be produced=85=20
33) It should be possible to monitor the same traffic by more than=20
one security agency simultaneously. However, no agency should know=20
the traffic being monitored by other agencies.=20
14) The ISP licensee shall make available all the billing details of=20
any subscriber on demand by Telecom Authority.=20
15) The ISP licensee shall block Internet sites and individual=20
subscribers, as identified by Telecom Authority.=20
While India certainly is a target of several terrorist organizations,=20
such clauses are a violation of fundamental rights since they demand=20
that every incoming and outgoing message of every internet user=20
located in India should be intercepted and recorded permanently.=20
Keeping in view the guidelines issued a few years ago by the Supreme=20
Court regarding phone tapping, Draconian measures such as these=20
should be permitted only against a specific person and only after=20
obtaining a warrant from a High Court judge.
VSNL recently blocked the emails of a prominent scholar of Middle=20
Eastern affairs, Seema Kazi of Delhi. When she discovered that she=20
was under surveillance and complained to VSNL, a senior official told=20
her that Muslims indulged in anti-national activities and had=20
contacts with Pakistan. VSNL said that they had received complaints=20
that she was a security risk but refused to provide her details.
In addition to the human rights aspect, India's emergence as a global=20
power in information technology and electronic commerce would be=20
seriously jeopardized by the impractical and costly measures proposed=20
by our security agencies. To record every incoming and outgoing email=20
and website visited by each Indian resident, each landing station=20
would have to install about a million 20-gigabyte hard disks every=20
day, each of which costs about Rs 8,000. It is obvious why no ISP has=20
come forth to establish a landing station.
We should take heed of the protests of British industry against the=20
RIP Act. William Roebuck of E-Center, Britain's electronic commerce=20
association, warned: "British companies will no longer utilize e-
commerce. They will move as much of their businesses offshore as they=20
possibly can." Both the London School of Economics and the British=20
Chambers of Commerce estimated that the RIP Act would cost Britain 45=20
to 50 billion pounds over the next five years.
By Ravi Visvesvaraya Sharada Prasad
Published in The Telegraph, Calcutta, on Monday, 05 February 2001,=20
Edit Page
http://www.telegraphindia.com
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ravi Visvesvaraya Sharada Prasad
rvp@lycos.com, rvp@excite.com, rvp@india.com
Faxes : {91} [11] 526-6868, {91} [11] 567-6386
Phone : {91} [11] 526-5439
Mail :
Ravi Visvesvaraya Sharada Prasad=20
19, Maitri Apts,=20
A - 3 Paschim Vihar,=20
New Delhi, 110 063
------------------------ Yahoo! Groups Sponsor ---------------------~-~>
eGroups is now Yahoo! Groups
Click here for more details
http://click.egroups.com/1/11231/1/_/595019/_/982063428/
---------------------------------------------------------------------_->
------------------
http://all.net/