Yes they are outdated, they're mostly poor copies of other laws (in particular some from Singapore) that are fairly old.
And the regulators / law enforcement often need more training But this is not a cyberlaw issue as such. These efforts at lawful intercept are amateurish, yes. Join the india-gii mailing list where this is discussed in much more detail (Udhay and I help moderate it, and its owned by Arun Mehta and Vickram Crishna) http://lists.cpsr.org/lists/info/india-gii srs > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Ashok Krish > Sent: Tuesday, June 24, 2008 1:09 PM > To: [email protected] > Subject: [silk] Fwd: India's Cyber Laws > > A couple of questions from my journalist brother seeking to outsource > his > leg work to the wise folks on Silk. > > Krish Raghav says - > > 'In the context of the Blackberry issue, would you say that its time to > rethink India's Information technology laws? > > Are Indian Cyber Laws outdated? If they are, are there, say, five > instances > where this outdated-ness is glaring?' > > Ive deliberately left 'technology laws' and 'cyber laws' ambiguous, as > Im > trying to look at as wide an angle as possible - policy on technology, > security and encryption, TRAI's machinations, e-governance etc etc. > > Just as an example, > > Telecom regulations require any 'service/person/organisation' who uses > 'encryption greater than 40 bit key length in the RSA algorithms' > (Source: > http://www.dot.gov.in/isp/guide_international_gateway.htm) has to > deposit > the decryption key with the Telecom Authority. > > Now, 40 bit encryption, as I understand, is hopelessly outdated, and > requiring keys to be submitted to the government for just about > anything > that uses >40bit is quite unwieldy. > > -- > Krish Ashok > Blog: krishashok.wordpress.com > GTalk: krishashok > www.stage.fm/krishashok
