ADVERTISEMENT

CERT-in may be exempted from giving information under RTI Act, says Centre

March 31, 2023 01:53 pm | Updated 11:09 pm IST - NEW DELHI

The cybersecurity agency may soon not be required to respond to Right to Information queries

Indian Computer Emergency Response Team (CERT-in) soon to be exempted from responding to queries under the Right to Information Act. | Representational image | Photo Credit: The Hindu

The Indian Computer Emergency Response Team (CERT-in) may soon be exempt from responding to queries under the Right to Information Act, the government informed Parliament on Friday. The Department of Personnel and Training has reviewed a proposal from the Ministry of Electronics and Information Technology to include CERT-in in the Second Schedule to the RTI Act, which deals with exempted organisations like the Central Bureau of Investigation (CBI) and the Border Security Force (BSF).

Inter-departmental consultations are ongoing to examine the proposal, with the Ministry of Law and Justice participating, Minister of State for Electronics and Information Technology Rajeev Chandrasekhar said in the response to Biju Janata Dal MP Amar Patnaik.

The exemption would allow CERT-in to reject any application for information, even on policy related matters. This is significant in light of the April 2022 directions the body issued to require Virtual Private Network (VPN) providers and cryptocurrency firms to preserve user requests. The directions are being challenged in the Delhi High Court, and the government has argued that absolute anonymity online is not acceptable. Several major VPN providers have pulled their servers out of India, arguing that the directions would compromise users’ privacy on the internet.

ADVERTISEMENT

Also read: Explained | Are ransomware attacks increasing in India? 

CERT-in coordinates with public and private organisations in India when cyber incidents like data breaches and ransomware attacks are reported. It also issues advisories for software vulnerabilities as guidance for organisations.

When deliberations on exempting CERT-in from the RTI Act were first reported last May, the Delhi-based Internet Freedom Foundation said in a statement, “On the one hand, CERT-In wants our logs [under the April 2022 Cyber Security Directions], non-compliance with which will lead to one year jail time, but on the other hand, doesn’t want to be transparent to the citizens in return.”

This is a Premium article available exclusively to our subscribers. To read 250+ such premium articles every month
You have exhausted your free article limit.
Please support quality journalism.
You have exhausted your free article limit.
Please support quality journalism.
The Hindu operates by its editorial values to provide you quality journalism.
This is your last free article.

ADVERTISEMENT

ADVERTISEMENT