Cloud Hosting

New Delhi: India is seeking global action to counter the use of a slew of technologies including virtual private networks (VPN), end-to-end encrypted messaging services and blockchain-based technologies such as cryptocurrency by terrorists, people aware of the development told ET. This mirrors New Delhis domestic stance on the issue.

Indian officials said the anonymity, scale, speed and scope offered to (terrorists), and increasing possibility of their remaining untraceable to law enforcement agencies by using these technologies, is one of the major challenges before the world.

This was part of Indias suggestions to members of an ad hoc committee of the United Nations debating a comprehensive international convention on countering the use of information and communications technologies for criminal purposes.

Innovative online means misusedET reviewed copies of speeches delivered by the Indian contingent. The ministry of external affairs, which led the Indian delegation, did not respond to ETs queries on the matter.

Noting that most cybercrimes are committed for economic gains, officials told the gathering that money is laundered using innovative online means, such as cryptocurrency. Often, this money movement happens in numerous countries before it is siphoned off by the perpetrators of crimes, including cyber terrorists using emerging technologies to finance terrorist activities.

The multilateral grouping was established by a resolution during the 74th session of the UN General Assembly in January 2020, as an open-ended ad hoc intergovernmental committee of experts, representative of all regions, which would discuss and decide on developing an international convention to counter global cybercrime. The committee has since met four times thrice in New York and once in Vienna.

NordVPN becomes the third VPN provider to exit India following a cybersecurity directive from CERT-In on April 28 mandating VPN companies, among others, to maintain basic information about customers including IP addresses, names, email IDs and more.

On April 28, the Indian Computer Emergency Response Team (CERT-In) issued a set of guidelines that require companies providing VPN services to keep a log of their users for five years. They are also to store information such as username, email ID used while signing up, contact numbers and internet protocol addresses.

Three VPN companies ExpressVPN, Surfshark and NordVPN have since quit India, citing their inability to continue services owing to the new CERT-In rules.

Despite the concerted pushback from VPN companies, privacy activists, tech policy groups and cybersecurity experts who argue that such provisions would breach the privacy and security of users, the Centre has remained firm on its stance.

Rajeev Chandrasekhar, minister of state for IT, had also said companies that did not want to adhere to the norms were free to leave India.

Separately, the Information Technology (IT) Rules of 2021 mandate that internet platforms that provide instant messaging services must allow for tracking the first originator of the message even when it is end-to-end encrypted. The rule is under judicial challenge at the Delhi High Court.

The decision of the ministry was conveyed to the industry as well as other stakeholders on Friday at a roundtable meeting chaired by Minister of State for Information Technology Rajeev Chandrasekhar.

At a recent press conference on CERT-In guidelines, Chandrasekhar told reporters that the government would adopt a zero-tolerance policy on anonymity being a cover for online crimes.

The production of evidence, the minister said, was an unambiguous obligation" that VPN service providers, social media intermediaries and instant messaging platforms had, and they could not then claim to not have the details that the law enforcement agency wanted because the platform was end-to-end encrypted.

Similarly, at a discussion organised by the International Monetary Fund in April, finance minister Nirmala Sitharaman stated that regulating cryptocurrencies at a global level was crucial to mitigate the risk of terror funding and money laundering.

Continue reading here:
India urges world to act on use of VPN, crypto, encryption for terror - ETTelecom