Indian government wakes up to risk of Hotmail, Gmail

Dec 08, 2013 by Annie Banerji
Worried by US spying revelations, India has begun drawing up a new email policy to help secure government communications, but the man responsible for drafting the rules still regularly uses Hotmail

Worried by US spying revelations, India has begun drawing up a new email policy to help secure government communications, but the man responsible for drafting the rules still regularly uses Hotmail.

Like many of his peers in ministries across New Delhi, IT Minister Kapil Sibal's office recently sent an email inviting journalists to the launch of his new personal website using the free email service.

Others, including senior foreign ministry officials, the information and broadcasting minister and the health ministry secretary, also use Gmail, Hotmail or Yahoo instead of their government accounts.

When asked why he continued to use his Hotmail for official use, Sibal declined to comment, but a senior bureaucrat in his ministry admitted that he personally preferred Gmail because it is "just a lot easier".

"We keep moving, get different designations, go different places and with that, our emails change. You lose contacts and important emails, which you don't need to worry about with a Gmail account," the bureaucrat told AFP.

"To be honest, the quality of our official mail isn't that great yet. It still needs some work," he added on condition of anonymity.

Security concerns

IT security expert Sunil Abraham said the use of Gmail and the like was highly risky since the American services had their servers in the US and the National Security Agency has been known to tap into their database systems.

It is unclear how many state and federal public workers actively use popular email services for office, but some of the estimates are startling.

"As much as 90 percent of government officials use private email (services) for official use... that's because their official email is not as stable or speedy," said Abraham, executive director of the Bangalore-based Centre for Internet and Society.

More than 11,000 Indian websites were hacked or defaced between May and August this year, with a large number of attacks on the ".in" domain whose servers are in India, the Times of India reported last month

In September Sibal's ministry announced a new "Email Policy of the Government of India" in the wake of spying allegations about the NSA revealed by former NSA contractor Edward Snowden.

NSA's tentacles not only crept into the Indian embassy in Washington and its UN office in New York, but also accessed email and chat messenger contact lists of hundreds of millions of ordinary citizens worldwide, according to media reports.

During a single day last year, the NSA's Special Source Operations branch collected 444,743 email address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, The Washington Post said, according to an internal NSA presentation.

The $11 million Indian project aims to bring some five million public employees onto the government's email domain powered by the National Informatics Centre (NIC) as early as mid-December.

It is awaiting clearances and suggestions from all ministries before the proposal goes to the cabinet this month.

J. Satyanarayana, secretary of the department of electronics and IT, dismissed claims that the policy was too late and was a response to the Snowden scandal.

"The policy is not a reaction to any global spying revelations, it was already in the works. It is just a mere coincidence that both came around the same time," he said.

Fresh doubts

Some cyber security experts say bringing millions aboard a centralised server could make a hacker's job easier, with all critical government information available on a single platform.

More than 11,000 Indian websites were hacked or defaced between May and August this year, with a large number of attacks on the ".in" domain whose servers are in India, the Times of India reported last month.

"Making the use of a centralised government server is not the best way to proceed. Having everything on one platform makes it even more vulnerable to cyber attacks and hacking," said Abraham.

"It also brings about new worries of the NIC becoming the local snoop."

Some also predict that the ambitious policy would eventually fizzle out for lack of attention from ministers and bureaucrats, who work in government offices where stacks of yellowing files and papers are still a common sight.

"It's sad but most of these officials don't understand much about technology, so mastering email is something that is miles and miles away," said Vijay Mukhi, a Mumbai-based cyber security expert.

"These guys saw all the snooping news and suddenly they woke up and said 'lets make an email policy'. Enforcing this is not possible on a practical basis."

The IT ministry also plans to conduct workshops to teach employees about email security such as when to change passwords and user names and how to use email.

"Every employee should know how, what and when critical data can be vulnerable... with most work still done on paper, it is important to know the nitty-gritty of using ," Satyanarayana said.

Explore further: Report: NSA collecting millions of contact listss

add to favorites email to friend print save as pdf

Related Stories

Report: NSA collecting millions of contact listss

Oct 15, 2013

The National Security Agency has been sifting through millions of contact lists from personal email and instant messaging accounts around the world—including those of Americans—in its effort to find possible ...

Brazil announces secure email to counter US spying

Oct 14, 2013

Brazilian President Dilma Rousseff announced Sunday that her government was creating a secure email system to try and shield official communications from spying by the United States and other countries.

Mexican diplomat says Obama promises NSA probe (Update)

Oct 22, 2013

President Barack Obama has promised an investigation into spying the U.S. reportedly did on Mexico's presidential email system, Mexico's top diplomat told reporters Tuesday. The White House said Mexico's ...

EPA urged to update rules on secret email accounts

Sep 30, 2013

Senior officials at the Environmental Protection Agency have said they did not intend to circumvent federal records laws by using private and secret government email accounts to conduct government business. A new report from ...

Recommended for you

Study: Social media users shy away from opinions

19 hours ago

People on Facebook and Twitter say they are less likely to share their opinions on hot-button issues, even when they are offline, according to a surprising new survey by the Pew Research Center.

US warns shops to watch for customer data hacking

Aug 23, 2014

The US Department of Homeland Security on Friday warned businesses to watch for hackers targeting customer data with malicious computer code like that used against retail giant Target.

Fitbit to Schumer: We don't sell personal data

Aug 22, 2014

The maker of a popular line of wearable fitness-tracking devices says it has never sold personal data to advertisers, contrary to concerns raised by U.S. Sen. Charles Schumer.

Should you be worried about paid editors on Wikipedia?

Aug 22, 2014

Whether you trust it or ignore it, Wikipedia is one of the most popular websites in the world and accessed by millions of people every day. So would you trust it any more (or even less) if you knew people ...

How much do we really know about privacy on Facebook?

Aug 22, 2014

The recent furore about the Facebook Messenger app has unearthed an interesting question: how far are we willing to allow our privacy to be pushed for our social connections? In the case of the Facebook ...

Philippines makes arrests in online extortion ring

Aug 22, 2014

Philippine police have arrested eight suspected members of an online syndicate accused of blackmailing more than 1,000 Hong Kong and Singapore residents after luring them into exposing themselves in front of webcam, an official ...

User comments : 0