Sunday, May 16, 2010

Authority For Telecom Security In India

Praveen Dalal

In this guest column, Mr. Praveen Dalal is sharing his views regarding the recent controversy of banning Chinese telecom products and establishment of a telecom security regulatory authority of India.

Telecom infrastructure forms the backbone of information and communication technology (ICT) base of any nation. Telecom is also an essential part of critical infrastructure of a nation that requires security norms of the highest level. This has necessitated formation of effective telecommunication laws in India on the one hand and establishment of effective telecom security on the other.

India presently does not have a telecom security regulatory authority that can perform these cyber security and telecom security tasks nor does it have any specific law that ensures telecom security in India.

In this background it came as a pleasant surprise when the Indian government declared to set up a regulator to provide security certification at different stages for equipment brought to India by both the public and private sectors.

There cannot be a doubt about the proposition that both hardware and software based backdoors and malware can be preinstalled. However, what is frustrating is targeting China exclusively for this purpose. Let me ask the government of India a simple question: Has you found any malware, vulnerability or backdoor in the Chinese telecom or other equipments? If the answer is in positive then Indian government must give Chinese manufactures an opportunity to explain the same and if found guilty can proceed to blacklist them partially or permanently.

Similarly, Indian government must clear its head regarding crucial issues like encryption standards, network sniffing, e-mails sniffing, mobile phones interceptions, cell phone data usages, etc. It is high time for India to enact a comprehensive legislation in this regard.