The Indian government is trying to find a solution that would allow its intelligence agencies to monitor Facebook and Twitter encrypted traffic.
The Indian regulators are considering asking telecom providers to put the encryption keys for their secure services in an escrow account for use in surveillance operations when required.
India’s push to monitor communications in recent years even led to threats of banning BlackBerry services because of their use of encryption by default.
RIM negotiated with the government and provided a solution for the interception of consumer traffic, but could not do the same for the enterprise space where companies manage their own encryption keys.
The government also eyed Google and Skype in the past since many of their services are also encrypted by default, eg. Gmail or Google Docs.
Last year, Vinay Goel, Google India’s head of products, told the Economic Times that the company has not yet been asked to provide the encryption keys for Gmail and noted that such a request would almost certainly be declined.
The recent push for default full-session HTTPS support by major sites like Facebook or Twitter is worrying the Indian government because it will make it impossible for its agencies to monitor traffic on these services.
According to the Hacker News, the home ministry asked the telecom one to come up with possible solutions and the issue was also raised in Parliament. The provisions of India’s new IT Act require websites to provide the government with access to accounts without a court order.
It’s unlikely that Facebook or Twitter will comply with such surveillance requests given that they don’t even have local subsidiaries. Also it’s extremely unlikely that they will share their private keys with the Indian authorities, since that would give them the power to monitor anyone in the world, not just Indian users.