In a letter to the Indian Government, EFF and partner digital rights organizations from around the world called on the Indian Ministry of Electronics and Information Technology to withdraw the so-called traceability requirement under its Intermediary Guidelines and Digital Media Ethics Code (2021 IT Rules). The Rules compel private end-to-end encrypted messaging services to enable the identification of the “first originator” of information on their platforms. EFF has already expressed its concerns about IT Rules’ chilling effect on Internet users’ freedom of expression and privacy, including the traceability requirement that puts strong encryption in India under attack.
End-to-end encryption is vital for private and secure communications. And while the Indian Supreme Court introduced a necessity and proportionality test when it recognized that the right to privacy as a fundamental right, the traceability requirement, in fact, is a disproportionate measure: it breaks encryption; threatens freedom of speech, privacy and national security of Indian people and businesses. Therefore, it is imperative to withdraw the traceability requirements under the Indian 2021 IT Rules.
The full text of the letter and list of signatories are below.