The government is working on a new regulatory framework for lawful interception and monitoring of telephone calls and messages while safeguarding the privacy of users, Telecom Minister Ravi Shankar Prasad has said.
The Communications and Information Technology Ministry is consulting the Home Ministry to sort out the issues related to interception by security agencies, he said. A National Telecom Security Policy in this regard has been in the making for many years, while a draft was proposed by the previous UPA government also. Amid differences between the Home and Telecom ministries over interception powers of the security agencies, a final policy could not see light of the day during the previous government, while it had also faced opposition from telecom operators and other quarters on privacy and other issues. “…it is an ongoing process. We are in consultation with them (Home Ministry)…you may have seen that security centres have already been approved by the Cabinet. We are on the job and we have the highest level of coordination for that,” Telecom Minister Ravi Shankar Prasad told PTI.
The Minister said that the security and privacy issues will be taken care of in the new policy. Meanwhile, the Department of Telecom feels there is a need for a separate security policy, as telecommunication infrastructure is not only used for mere voice communication but all the economic activities of the country. A DoT official said in the present circumstances, confidentiality, integrity and authenticity of communication messages and security of telecom network is the key for the success of digital revolution. “To provide safe and secure network along with confidence building in users as well as law enforcement agencies, there is a need to have a structured regulatory policy framework,” the official said.
The policy, which is technology agnostic, envisages network protection through built-in security features in the systems, services, equipment, devices and software rather than being an add-on feature. The official added that all service providers are required to create facilities for monitoring all intrusions, attacks and frauds and report the same to the DoT and to CERT-In. The policy aims to address concerns of all categories of entities such as telecom service providers, equipment manufacturers, content service providers, law enforcement agencies, government entities and individuals.
The objective of the policy, the official said, is to ensure optimum communication security for different types of communication needs, to have a telecom network that is aligned with international norms and to provide assistance to security agencies for lawful interception. To automate the process of lawful interception of telephone and Internet services, government has already set up centralised data centres in Delhi and Bengaluru while servers have been installed at locations of telecom operators. The government in June 2011 had approved a centralised monitoring system (CMS) to automate the process of lawful interception and monitoring of communications like voice, data, SMS and Internet. For the purpose, the Cent re had allocated a sum of Rs 400 crore.