Amid increasing threat from the Dark Web to national security, the Centre is planning to amend the Information Technology Act to create a legal basis to compel the popular Internet giants, whose servers are located outside India, to share their keys for monitoring by the security agencies here.
Entities hit by cyber attacks will have to mandatorily disclose it to the authorities concerned after the new regulatory framework is put in place.
"Servers of popular sites like social media platforms like WhatsApp, Facebook and Gmail are located outside India with encrypted data and unshared keys without having any backdoor for monitoring by the law enforcement agencies," a senior Union Home Ministry official said.
In what is indicative of the terror connection with the Dark Net, as many as 9,800 websites and over 46,000 Twitter accounts with terrorist contents have been blocked at the behest of Indian security agencies.
The Government in coordination with the Intelligence Bureau is now working to amend the IT Act to deal with such attacks on even private entities besides subversive activities on the Dark Net.
The amendment to the IT Act will lead to localization of servers of major service providers and sovereign cloud deployment as was done by Microsoft for China and Germany, the official said, adding this is in a bid to facilitate better monitoring of the service providers.
The Union Home Ministry is working on putting in place legal provisions for mandatory disclosure of cyber attacks besides formulating a regulatory framework for web channels.
The changes in the IT Act and regulatory mechanisms are needed as India now has 120 crore mobile/ telephone subscribers, 42 crore Internet subscribers and 28 crore mobile Internet connections amid lurking threat to cyber communication. India has already displaced the US as the numero uno in terms of number of Facebook users. But India stands at 23rd position out of 165 nations in Global Cyber Security Index 2017 of the United Nations.
Proposals for making stringent KYC (Know Your Customer) norms for mobile wallets for tracing flow of funds from fraud and crime are also under consideration.
Cyber communication poses threat at personal level, in the social and economic field and in the domain of national security. Threat to national security is mostly posed by the Dark Web which facilitates online trading of drugs and arms, human trafficking, Red Rooms (hidden website on Deep Web where one can participate/see interactive torture or murder), mass mobilization through social media, online rumour mongering and perception shaping. Other threats include radicalization and recruitment by terror groups, inter-terrorist group communication, unregulated communication through VoIP, unauthorized telephone exchanges and unregulated online video channels like Peace channel of alleged terrorist and online terror motivator Zakir Naik.
An international cooperation mechanism through formation of international convention on monitoring and regulation of cyber space, bilateral and multilateral treaties and MoUs with industry and academia of global repute is also being worked out, officials added.