Indian Agencies Gearing Up to Intercept Emails and Chats
After the Indian security agencies found out that the terrorists of the Mumbai, 26/11 blasts had actually hacked into an insecure Wi-Fi zone to communicate with each other, they have been vehemently trying to get access to major communication services such as the Blackberry's encrypted messenger service.
A few months back, the Indian Government had given orders to Research In Motion (RIM), the developers of the Blackberry service to build a hidden backdoor or a switch to allow the agencies to read all the encrypted data.
Yesterday they took another step in this direction by announcing procurement of a CMS(Centralised Monitoring System) which will enable them to intercept emails and chats in real time. CMS will enable intercepting upto 1500 GB of data per second through international gateway. It will also allow decryption of Voice over Internet Protocol (VOIP) on which popular software such as Skype runs.
CMS will also allow voice matching and quickly locate a mobile within 50 meter radius as compared to the current 500 meter range capacity system being used by Indian agencies.
The new system will also exclude service providers from tracking and intercepting. Earlier the agencies had to contact all the telecom providers and ask them to intercept a target's phone conversation. This was a time consuming process and susceptible to influence by political and media parties. The new system will be controlled by the Central Government.
It has been reported that such a system will cost around Rs 450 crore (approx. $100 million) and will monitor fax, GPRS, voice calls including CDMA and GSM networks.
Such moves always raise issues of privacy and confidentiality. Such powerful tools can be abused and with the huge volume of sensitive data being stored at one place it will not be a surprising news if hacker groups are able to infiltrate and steal the data.
DoT's Telecom Enforcement Resource and Monitoring (TERM) Cell will monitor to prevent unauthorized interception or access to records and violation of norms.