Recipient of an E Mail must have the right to know the sender’s IP address

We speak a lot about “SPAM” and need to prevent it. We also speak of Phishing and other forms of impersonation that arises because people can send out e-mails (and also hide their domain registration details) all in the name of “Privacy”.

Actually, “Hiding the originating IP address” which both Google and Microsoft as well as other service providers do actually is a boon to criminals to the extent that we can say that there is a “Conspiracy” to promote spam and help criminals.

Whenever law enforcement need to identify the source of an e-mail, they need to raise a CrPc notice and seek the information. Even then these “Privacy Protectors” who are themselves the biggest Privacy invaders try to frustrate the law enforcement by not providing the information until they are forced.

It is time for all Privacy protagonists to self introspect if this practice is actually protecting the “Privacy” and if so is it the “Privacy of the Criminal” that it is protecting while at the same time invading the privacy of an honest internet user.

If as a spam filtering mechanism we disable all incoming e-mails which donot allow the recipient to view the originating IP address then technically we can prevent spamming and perhaps even phishing. Unfortunately, this is not  practical at present since this would block almost all incoing e-mails.

We therefore need a solution where by the e-mail service providers like Google or Microsoft should enable an automatic process by which a “Recipient of an E-Mail” should be provided a direct request for originating IP option  so that at the click of a button, he should be able to get the Originating IP address.

The header information without originating IP address is of no use to the recipient and hence there should be some provision by which an “Expanded header with originating IP address” can be requested and immediately responded to by the ISPs.

This can also be enabled through a change of law making such a provision mandatory and I urge the Government of India to consider this change of law in the next amendment of ITA 2008.

Hopefully this will ease the burden on our law enforcement people and also reduce the need for the service providers to spend time attending to law enforcement demands.

Naavi

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.