Private e-mail IDs expose govt offices to snoop threat

It’s been about six months since revelations about the US government’s snooping programme, PRISM, hit the headlines.

The documents leaked by former National Security Agency contractor Edward Snowden had also indicated that India was fifth among the countries that were under constant surveillance -- its nuclear, space and political discussions possibly being spied on.

Despite this, and knowing well the pitfalls of using private emails, the Indian government seems to be dragging its feet on a contract to provide official email addresses to five million government employees.

And, the use of private email services, such as those offered by Google and Yahoo! by government officials, including some Union ministers, continues unabated.

The photograph is used for representational purpose only

. . .

In early 2012, the National Informatics Centre, which caters to the technological needs of the government, had planned a project to increase its servers’ capacity to host up to five million IDs; currently, NIC operates a network called NICNET, capable of handling only half a million accounts.

The project also aimed at making the official email service more user-friendly (many government officials cite unsavviness of NIC email IDs for using private ones).

The project, which has seen several changes in specifications over the past two years, is still inviting proposals from potential bidders.

Global emailing solution companies said to be in the fray for the project include the likes of IBM, Microsoft and Oracle (Sun Microsystems, which currently handles the government’s emailing service, was acquired by Oracle).

The photograph is used for representational purpose only

. . .

An official of one of these companies, requesting he or his company was not identified, said the entire project could take six to eight months to be completed.

This means the new emailing system will not be in place before mid-2014.

“There also are some chances of the current tender being trashed and the project being re-tendered.”

Sivarama Krishnan, executive director at audit & consultancy firm PricewaterhouseCoopers, said the higher the internal information sharing through private emails, the higher the exposure to risk.

“If the US government snoops into servers located in India, it will be illegal; that will act as some kind of a limitation for them.”

The photograph is used for representational purpose only

. . .

However, the servers of most private email services are based in the US.

“So, under the National Patriots Act, they (the US) have the right to snoop; we have no control over the privacy of our citizens,” Krishnan said, adding, therefore, it was important for India to use an email system that was protected, especially for its government officials.

“There is no escape from it.”

Apart from the 500,000 email IDs in the central servers, the total capacity of the country was to host six million IDs, including those for states, he said.

The photograph is used for representational purpose only

. . .

So, he added, some ‘willingness and seriousness’ was all that was required to stop the use of private emails.

In fact, the communications & information technology ministry is readying a diktat for government officials in the form of an email policy to ban use of private email accounts by them.

However, this policy cannot be implemented before the first phase of the NIC project has been rolled out.

In the past, several circulars had been sent out advising against the use of private emails, a senior communications & IT ministry official told Business Standard.

Apart from bureaucrats who, in droves, find it convenient to carry out official business through private emails, several Union ministers also prefer to use these.

The photograph is used for representational purpose only

. . .

For instance, Minister of State for Communications & IT Milind Deora uses a Gmail address, as does Minister of State for Defence Jitendra Singh. 

Ironically, when contacted for comment, their offices sought email queries be sent to the private email IDs of these ministers.

“This is the only ID the minister uses for official purposes,” said the office staff of one of the ministers.

But none responded to the queries.

In fact, ministries like commerce & industry and communications & IT use Gmail accounts even for releasing official press statements. 

The government hopes to enforce the email policy by the end of December, or early next year.

The official added that the project was ‘very important’ and that a policy had been in the works even before the revelations on PRISM came to light.

The photograph is used for representational purpose only

. . .

The official, asking not to be named, said: “In a review meeting held three-four weeks ago, NIC promised us to complete the project by December-end.”

He added comments on the policy had already been received from all stakeholders. 

An NIC official, asking not to be named, said the project would be completed very soon and ‘will be in tandem’ with the policy deadline.

The official added the delay was explained by the ‘huge magnitude’ of the project.

Inviting trouble?

• Constant glare: India is fifth among the countries that were said to be under the US government’s watch under its snooping programme, PRISM
• Soft areas: The country’s nuclear, space and political discussions are alleged to have been snooped on
• Private emails loved: Despite knowledge of pitfalls involved, Indian bureaucrats and ministers continue to prefer private email services to official ones
• 0.5 million: Email accounts that NIC’s NICNET can currently host on its server
• 5 million: Number of IDs NIC plans to raise its capacity to, through a project that has seen several changes over the past two years but is still inviting proposals
• Drab savvy: For use of private email services, most cite official accounts’ user-unfriendliness as a reason

The photograph is used for representational purpose only