Intelligence Bureau wants ISPs to log all Customer Details for 6 Months

[rajanmehta 4,056]

NEW DELHI: The Intelligence Bureau wants internet service providers, or ISPs, to keep a record of all online activities of customers for a minimum of six months, a move that can add to operational costs for companies and pose privacy concerns.

IB, in a communication to the department of telecom, or DoT , has sought that addresses of websites visited with date and time and financial transactions of all customers be stored by internet operators for six months.

If implemented, it may pose a threat to online privacy as internet service providers such as Bharti Airtel , Reliance Communications , BSNL and MTNL will now become custodians of citizens' online records.

Currently, mobile phone companies and internet service providers do not keep online logs that track the web usage pattern of their customers. They selectively monitor online activities of only those customers as required by intelligence and security agencies, explained an executive with a telecom company.

"At present, we only keep a log of all our customers' Internet Protocol address, which is the digital address of a customer's internet connection. We are not aware of the IB proposal, but such a move will pose huge logistical challenge for ISPs and increase costs," said Rajesh Chharia, president of the Internet Service Providers' Association of India.

The Intelligence Bureau communication to DoT, which was reviewed by ET, says its demands are in line with the security and monitoring provisions that already exist for mobile and landline calls. Mobile phone companies are mandated to maintain call logs for all their customers for a minimum of six months.

It added that both internet and mobile telephony permits contain several clauses that state companies offering access to the world wide web are obliged to provide tracking facilities to authorised government officials, including the police, Customs, excise and intelligence department when such information is required to detect crimes, or in the interest of national security.

But, the telecom ministry, in an internal note, is of the view that the inter-ministerial group currently looking into monitoring of internet services and networks in the country must take a final call on this issue.

In a related development, IB has asked the telecom and IT departments to work with mobile phone companies and the National Informatics Centre to put in place a system that can uniquely identify any person using the internet across the country.

The project aims to develop a technology platform where users will have to mandatorily submit some form of an online identification or password to access the internet every time they go online, irrespective of the service provider.

NIC is involved in active promotion and implementation of information and communication technology (ICT) solutions in the government and spearheads the centre's e-governance drive.

The IB communication also asks the departments of telecom and IT to expedite the creation of a national internet registry while adding that this facility would be a major facilitator for creating the technological platform to uniquely identify any person using the internet in India.

Most nations have a national internet registry that coordinates all IP address allocations and other internet resource management functions at the national level.

The telecom ministry is also of the view that the IB proposal can be examined and implemented only after India's indigenously-built Centralised Monitoring System (CMS), which can track all communication traffic—wireless and fixed line, satellite, internet, e-mails and voice over internet protocol (VoIP) calls—and gather intelligence inputs, becomes functional.

The centralised system, modeled on similar set-ups in several Western countries, aims to be a one-stop solution as against the current practice of running several decentralised monitoring agencies under various ministries, where each one has contrasting processing systems, technology platforms and clearance levels. Planning for CMS , which was aimed at strengthening the country's internal security apparatus, began in 2007, but the project was put on a fast track after the Mumbai attacks, when terrorists received orders via VoIP (internet telephony).

Source:Economic Times

[raccoon 53]

This is a nightmare. Unless something is done about this immediately, Huxley's forecast in the Brave New World stares us right in the face. Wake up guys - the govt. will soon be the biggest terror organization that has ever existed.

[ami1 237]

This is a nightmare. Unless something is done about this immediately, Huxley's forecast in the Brave New World stares us right in the face. Wake up guys - the govt. will soon be the biggest terror organization that has ever existed.

Truer words were never spoken. It is more or less already true.

[rajanmehta 4,056]

Perhaps India will need it's own version of Julian Assange and may be indialeaks for all to understand the implications!!

[_Kailash_ 63]

WTF they want now.....

[Karthik R 246]

User data so collected can get into the wrong hands and put to the wrong purposes...

[shashank 8]

I hate to say, but India is already an extremely difficult place to live on earth. And such things will add more atrocity to our country.

[raccoon 53]

WTF they want now.....

Cameras in every single room of your house are next.

Because what else remains?

No kidding. If it continues like this, it seems perfectly possible.

And I'm sure damns sure, in India, loads of simple minded folks will support it saying it will curb terrorism, blah, blah....

Seems like its not worth living here any longer.

Edited January 1, 2011 by raccoon

[parin 857]

I dont thik this will happen,

[santhoshavanoor 7]

Very good move from IB. this is really helpful for any crime investigation related with Internet.

[shashank 8]

^^Are you kidding??

I will get a VPN/Server in russia and perform all the stuff that i want to on that server remotely from india..how the god damn bloody hell can the govt track that then?

This is only the BASIC example, there are several other methods to avoid such hopelessly stupid policing.

[KanagaDeepan 1,084]

Seems like persons sitting in those responsible seats are perverts , who are having darkest desires to know others private details as much as possible.. I dont think these moves will be beneficial in any way to us, reg security issues...

[Honest 836]

This is utter rubbish. Ab kuch nahi soojh raha toh log details chahiye.

Huh.

[raccoon 53]

^^Are you kidding??

I will get a VPN/Server in russia and perform all the stuff that i want to on that server remotely from india..how the god damn bloody hell can the govt track that then?

This is only the BASIC example, there are several other methods to avoid such hopelessly stupid policing.

It is not "stupid policing"! Do you really think they are doing it because they are stupid? Security is just a cover they are using to use to further their own ends. We are seeing the emergence of a Police State.

Edited January 1, 2011 by raccoon

[digitalnirvana 646]

I will put my neck out and say real time monitoring of voice/data communication is required provided (and this is the operative word)the data collection is handled by the IB i.e. government itself and not by ISPs/telecom operators. There must be provisions to ensure that the data collected is encrypted, and remain safe. We cannot entrust public/private operators to do this monitoring. It must be done only by the government.

I know most members will disagree and say this is invasion of privacy etc. but fact is, in the dangerous world we live in, surveillance is required real-time. Outdated policing methods will not work, preemptive action is the only option. The intelligence agencies must know of threats before they are carried out.

Most of us are already giving all our personal data to ubiquitous third party - Google - GMail, GTalk, Youtube, Orkut, Chrome browser, Android, Chrome OS etc. with very little concerns(Dkaile ji had infact opened a thread for such issue).

It is only when our government asks for it that we have a tendency to cry foul.

Most developed countries already have such evesdropping mechanisms in place since way back. The CIA has been monitoring citizen's calls for years - and this is public domain information, god knows what else they are monitoring. In the UK there is highest concentration of CCTVs, infact on average a person is photographed over 1000 times daily in London. There is a proposal by UK government to stop porn at ISP end for households with children. I will not give more examples as the list of big brother activities in these countries is endless. I have read even there the people are angry at obtrusion and there have been cries of police state but at the end of the day, they know what is required for national security and they comply.

Bottom line is, if monitoring is required for national security then do it. But do it efficiently and do not dither over it. We cannot afford another 26/11.

PS I do not think that this real time monitoring will be done in the end. There will be hue and cry from operators and the government will backtrack. If it really meant to do it, then the government would have ensured that all operators are compliant with this from day 1. After all, cyber crime has been going on for long time (recently the CBI website was hacked by friends across the border and was down for multiple days), so operators and government had enough time. So I think this will mostly be a gimmick with no real results.

[raccoon 53]

This should be engraved in gold:

They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.

-Benjamin Franklin

[digitalnirvana 646]

This should be engraved in gold:

They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.

-Benjamin Franklin

Raccoon ji the reverse is also true - They who can give up essential safety to obtain a little temporary liberty, deserve neither liberty nor safety.

Nothing personal but surveillance is here to stay. The debate is - what limit of surveillance is ethical, and how to ensure that the process is unobtrusive, foolproof and robust. No one wants their data in the wrong hands.

[raccoon 53]

What is this "essential safety"? Has it ever been brought about anywhere? Ultimately, all talk of safety is a mirage. There is no safety in life, because death is certain... it may be waiting for you the next moment itself. However fleeting it is, without freedom, liberty and privacy, life is worthless. Thats my opinion. For many the mirage of safety may be more real and "big brothers" may be desirable.

What you expect is impossible even in other ways. If this kind of blanket monitoring is done, it takes no genius at all to just imagine all kinds of hands that it will fall in.

Further, the utility of this kind of surveillance itself is questionable. As mentioned earlier, all your tappings and other stunts will not deter those who are ready to die for their cause.

Edited January 4, 2011 by raccoon

[kesav 127]

I will put my neck out and say real time monitoring of voice/data communication is required provided (and this is the operative word)the data collection is handled by the IB i.e. government itself and not by ISPs/telecom operators. There must be provisions to ensure that the data collected is encrypted, and remain safe. We cannot entrust public/private operators to do this monitoring. It must be done only by the government.

I know most members will disagree and say this is invasion of privacy etc. but fact is, in the dangerous world we live in, surveillance is required real-time. Outdated policing methods will not work, preemptive action is the only option. The intelligence agencies must know of threats before they are carried out.

Most of us are already giving all our personal data to ubiquitous third party - Google - GMail, GTalk, Youtube, Orkut, Chrome browser, Android, Chrome OS etc. with very little concerns(Dkaile ji had infact opened a thread for such issue).

It is only when our government asks for it that we have a tendency to cry foul.

Most developed countries already have such evesdropping mechanisms in place since way back. The CIA has been monitoring citizen's calls for years - and this is public domain information, god knows what else they are monitoring. In the UK there is highest concentration of CCTVs, infact on average a person is photographed over 1000 times daily in London. There is a proposal by UK government to stop porn at ISP end for households with children. I will not give more examples as the list of big brother activities in these countries is endless. I have read even there the people are angry at obtrusion and there have been cries of police state but at the end of the day, they know what is required for national security and they comply.

Bottom line is, if monitoring is required for national security then do it. But do it efficiently and do not dither over it. We cannot afford another 26/11.

PS I do not think that this real time monitoring will be done in the end. There will be hue and cry from operators and the government will backtrack. If it really meant to do it, then the government would have ensured that all operators are compliant with this from day 1. After all, cyber crime has been going on for long time (recently the CBI website was hacked by friends across the border and was down for multiple days), so operators and government had enough time. So I think this will mostly be a gimmick with no real results.

Fantastic Fantastic Fantastic ........

+1 for you.

:clap:

Nothing can be said better than this for the people who're acting dumb although they understood real facts....

Hard real-time monitoring of each and every bit of data is essential and it's there to stay forever in any part of the world.........

My dear friends, if anyone of you want to leave the country for the monitoring issue better leave immediately. I'm sure you'll return back to India within next month because you'll realize India is the country where monitoring is least stringent in the world......

The time should not be wasted on debating whether we require monitoring or not which I feel should not even be dreamed to be stopped.

Focus should be on the methods/controls to avoid the leakage of such monitored data outside Govt.'s domain.

The very reason why we're debating this issue in this topic is because of the leak of the communication between IB and DoT.

We've to strive hard as a nation to close such holes in the Govt. through which such information is siphoned by 'unethical' media.

Life of a human is more precious than any other human's privacy.

Nothing should left untouched to protect the lives.

Try to put yourself in the shoes of a low earning parents who have toiled all their lives to bring up their 25-yr child to lose him/her to such an atrocious act of terrorism.

Privacy can never be an excuse for not preventing terrorism.

Edited January 6, 2011 by kesav

[digitalnirvana 646]

What is this "essential safety"? Has it ever been brought about anywhere? Ultimately, all talk of safety is a mirage. There is no safety in life, because death is certain... it may be waiting for you the next moment itself. However fleeting it is, without freedom, liberty and privacy, life is worthless. Thats my opinion. For many the mirage of safety may be more real and "big brothers" may be desirable.

What you expect is impossible even in other ways. If this kind of blanket monitoring is done, it takes no genius at all to just imagine all kinds of hands that it will fall in.

Further, the utility of this kind of surveillance itself is questionable. As mentioned earlier, all your tappings and other stunts will not deter those who are ready to die for their cause.

By essential safety I mean safety to life and limb - this is essential. Any safety measures designed by the state to protect citizen's lives must go ahead.

We are a democracy and one of the few countries where freedom of speech is truly practised. That is why we are debating this. If we were in a dictatorship like our eastern/western/northen/southern neighbours no one would bat an eyelid before snooping on information. Face the facts, we are only one democracy in the subcontinent, we cannot choose our neighbours. So if the government decides to put safeguards in place, we should welcome it - but at the same time the people implementing this must ensure that the purpose of surveillance is not misused. That is why I had mentioned this should be strictly in the government's domain, not private/public operators.

We can go on debating, but as I had mentioned in my first post, nothing fruitful will come out of this. Because our government just made this as a for-show declaration, and then backtracked. Already Rajan had posted yesterday that government is allowing 3G video calls to go ahead without monitoring. This is what was expected, as government always takes half cooked steps to appease vested interests.

If there is anything that we should debate and criticize, it is the inefficiency and corruption of our government - not the question of whether monitoring is needed or not. Because we all know the answer already, surveillance is needed. No one of us would accept it if another incident happened due to "intelligence failure".