Landing Station or Police Station?
.

The Department of Electronics has come out with detailed guidelines for ISP s setting up landing stations in India for submarine cables. This is part of the measure to increase international bandwidth for data transmission. While the the guidelines to clear the decks for broadening of the bandwidth is welcome, the provisions do raise some concerns.

It appears that the Government is trying to use the licensing terms to achieve some of its Policing objectives. In the process the ISP s may be forced to undertake activities which may be considered illegal and in violation of the fundamental rights of the people. A quick glance at some of the salient provisions is provided here.
 

1.The landing station should be used only for carrying Internet traffic.

2.Landing station shall not be set up in security sensitive areas. The Internt nodes covering places of security importance shall be routed through VSNL only. Such areas cover Punjab, J&K,North Eastern States, border areas of Rajasthan, Andaman & Nicobar islands and coastal areas of Gujarat and Tamilnadu (Excluding Chennai).

3. The ISP licensee shall block Internet sites and individual subscribers as identified by Telecom Authority. 

4.The ISP shall ensure that Bulk Encryption is not deployed by ISP s connecting to the landing station.

5.Individuals/Groups/Organisations are permittedto use encryption upto 40 bit key length without prior permission. If encryption equipments higher than this limit are to be deployed, individuals/groups/organisations shall do so with the prior written permission of the Telecom authority and deposit the decryption key split into two parts with the telecom authority.

6. The traffic through the ladnding station should be capable of being monitored ensure that only Internet data traffic is carried through and not voice traffic.

7.The traffic should be capable of being captured, stored and retrieved.
8. Should be equipped with good quality intrusion detection system.

9. Agencies authorized by the Government should be able ot monitor all types of traffic passed through the terminals, including data, Fax, speech, video erc., both in interactive and non interactive moders.

10.The traffic should be capable of being monitored on the basis of key words, key expressions, addresses of initiating and terminating subscribers.

11. It should be possible to scan through the entire traffic passing through the gateway, filter and store the traffic.

12. Each of the security agencies should be provided with space equipments, software and training at the cost of the setting up agency to monitor the traffic as envisaged.Additionally the ISP will pay a sum of Rs 20 lakhs towards the administrative cost of such monitoring.

While some of the provisions are understandable, there is no doubt that the authorities have gone overboard in prescribing the security requirements. First of all the entire responsibility for identifying the equipment and software nedds as well as the  cost of monitoring is shifted to the ISP/Landing station. The so called "Monitoring Authorities" will be tought what to monitor and how to monitor and they are supposed to exercise their powers thereon on the teacher and financier. The logic of such an arrangement is not comprehendable. The limitations on the key length for encryption is also not understandable. Perhaps the authorities need to explain the purpose of this provision.

Perhaps lot more discussions are needed before the license is accepted by the community. If the bandwidth is being shared by various ISP s we need to understand how the citizen would be able to exercise his right not to use this channel for Internet usage if he choses to. Secondly, it is doubtful whether it is feasible to impose restrictions on transmission of encrypted data when the channel is part of the global system.

There is need to continue this discussion. I welcome readers to send in their views.

Detailed Guidelines

Naavi 

BACK

.