"Government will cancel your licence if you don't comply with these police requests," he said finally. I was astounded. Here was I, hoping for a morally and hopefully legally defensible resolution to our dilemma and what we were getting was "practical" advice. "Our business does not depend on any government licences," I finally managed to blurt out.
Seeing the disappointed look on our faces, he leafed through his papers again. "You see, the law that governs this kind of case, the Indian Telegraph Act, 1885, was enacted with the shadow of the 1857 'mutiny' still over the Raj government, and is really an instrument to control such events rather than to govern the evolution of an industry. There is nothing you can do but comply if the request comes with the proper authorisation."
Which brings me to a couple of interesting questions:
- In case I'm under surveillance and the investigating agency has proper "search warrents" can it order me to decrypt my PGP (choose your favourite encryption mechanism here) data with my private key? What if I delete my private key or claim that I lost it? Compare it with a real world analogy -- if they ask me to unlock a physical safe, and I claim to have lost the key, they can break down the locks. What in the case of encrypted data?
- Is Rediff trying to "do a Google"? I remember reading a lot of blog posts on the Official Google Blog about their stand in the case where the US government wanted search query logs to track down "child porn".
- Is there a free webmail solution where all my mail is encrypted and the private key is with me alone? Decryption is done on the fly? I'm sure it can't be done without a browser plugin.
