Authors: Rishab Bailey, Vrinda Bhandari and Faiza Rahman
This paper examines recent proposals in India that seek to place obligations on intermediaries to provide “technical assistance” to LEAs, by either creating backdoors or weakening standards of encryption. While LEAs have genuine concerns arising from the use of certain types of encryption, implementing a general mandate for “technical assistance” can have significant effects on privacy of individuals and network security. Such a mandate may not pass a cost-benefit analysis, and more importantly may be against constitutional norms, being disproportionate. Rather than limiting the use of certain technologies or implementing significant changes in platform and network architecture, the Indian government should focus on implementing detailed, rights-respecting procedures for data access, developing hacking capabilities with sufficient oversight, encouraging research and development, and improving coordination with industry and academia.