Forgot your password?
typodupeerror
Google Privacy Communications Government Your Rights Online

India Now Wants Access To Google and Skype 366

Posted by CmdrTaco
from the voip-is-hoip dept.
crabel writes "A couple of weeks ago India went after RIM and its mail service; it has extended its hunger for data now to all telecommunications. All telecom companies have to give them access to all voice over IP services that go in/out or happen within the country. Heck, they are even going after VPNs used by corporate employees working remotely."
This discussion has been archived. No new comments can be posted.

India Now Wants Access To Google and Skype

Comments Filter:
  • Well... (Score:5, Informative)

    by panda (10044) on Wednesday September 01, 2010 @10:34AM (#33435438) Homepage Journal

    Fuck doing business with India or Indian corporation/nationals.

    • Re:Well... (Score:5, Insightful)

      by jgagnon (1663075) on Wednesday September 01, 2010 @10:42AM (#33435544)

      Considering how many businesses still flock to China with relatively little protection for their IP, I doubt this will affect business relations much as long as it is more profitable to do business there than elsewhere.

      • by gnieboer (1272482)

        There is, to be fair, a difference between respecting IP (or not), and monitoring all your internal VPN data traffic.

        • Re: (Score:3, Interesting)

          by jgagnon (1663075)

          There really isn't much of a difference. Either way your business has the potential to lose assets simply because you're doing business in that environment. It's all about risk versus reward and so long as the reward for doing business in India outweighs the risks, businesses will continue their efforts there.

          • There really isn't much of a difference. Either way your business has the potential to lose assets simply because you're doing business in that environment. It's all about risk versus reward and so long as the reward for doing business in India outweighs the risks, businesses will continue their efforts there.

            You are off base on this one. Consider a patent. You are explaining just how you plan to build/accomplish something and the government is recognizing it and saying to other competitors "Hands off, on

            • Re:Well... (Score:4, Insightful)

              by jgagnon (1663075) on Wednesday September 01, 2010 @12:03PM (#33436828)

              And that patent in China means far less than it does in the US. In China, companies copy products and ideas from other companies all the time, with little risk of losing more than they stand to gain by doing so.

              Now in India you may lose trade secrets (schematics, blue prints, secret recipes, etc.) simply because your email is intercepted by a corrupt government official that hands it off to your competitor for a kickback.

              Either way your company loses something that you can't easily get back. These situations are not all that different.

      • you have a good point (about china). not many posts about this subject, not really.

        before this seemingly new shift of the indian government (at least to mainstream US notice), probably many americans would have rated the indian work situation as being above china's, in pretty much every way. both places are frequent outsourcing locations, with china being much cheaper (still) but having the negative of the obvious language barrier. also, in china, it was assumed that your IP would be stolen and your comm

    • Re:Well... (Score:5, Interesting)

      by HungryHobo (1314109) on Wednesday September 01, 2010 @10:43AM (#33435576)

      I'm not sure I'd even trust certs issued by any companies based in india at this point.

      Anyone have any suggestions which cert authorities I should be excluding?

      • Re: (Score:3, Insightful)

        by Hatta (162192)

        If you want to be secure from government intrusion, all of them. Don't be naive and think that US based CAs are any better. They'll roll over for an NSL in a second. If you want to be secure from the government manually create, exchange, and verify your own certificates.

        • Re:Well... (Score:4, Informative)

          by Shotgun (30919) on Wednesday September 01, 2010 @01:14PM (#33437916)

          Case in point. In the '93 time frame, I worked in a AT&T factory (before they split off Lucent). One of the devices we manufactured was a small device that you connected to your telephone headset to encrypt your conversation (the other end would have to have a similar device).

          The US government caught wind of it, came in and bought all the stock, and paid AT&T to not produce any more.

          All the digital switches we produced were required by law to have a backdoor that the government could use at will to monitor calls.

    • Re:Well... (Score:5, Insightful)

      by moogied (1175879) on Wednesday September 01, 2010 @10:47AM (#33435636)
      Flamebait?! This is a VERY valid statement. If have sensitive documents and do a lot of work in India because you own a call center there or something, you would most certainty need to look at this.
      • Re:Well... (Score:4, Insightful)

        by tophermeyer (1573841) on Wednesday September 01, 2010 @11:09AM (#33435994)

        I'll second that because I see you got modded flamebait as well. It's nothing against Indians or companies that operate in India, but data disclosure is something you need to be aware of. If a company is going to be distributing your information you need to know who it goes to and why they want it. The fact that this would apply to every company that operates in India seems very relevant.

        Maybe you decide it's ok that the Indian government gets ahold of your data. Maybe your data is sensitive and you don't want any government obtaining it. It's worth paying attention to at the very least.

        • Re: (Score:3, Insightful)

          by Peeteriz (821290)

          Encrypt your data. Public VoIP gets the exact same treatment as the telephone network when you're calling your branch office in Mumbai - if the government asks, the call is intercepted, and any third parties will give out your data - your phone, mobile, mail and DHL/Fedex packages are all subject to this.
          If you want privacy, don't trust third-party public networks and do encrypted message exchanges that you and only you control.

          • Re: (Score:3, Informative)

            I'm fairly sure most of the issue with RIM and the others is their encrypted communications.
            • Re: (Score:3, Insightful)

              by interval1066 (668936)
              What he's saying is regardless of the encrypted status of the carrier/protocol that you are using; encrypt your data on your own; in other words, say you want to send an email or an IM, before sending the message, encrypt it, and make sure your recipient has the same encryption tools.
              • Re: (Score:3, Insightful)

                If RIM, a pretty big company with lots of corporate clients, has problems keeping their encrypted communications from the government, the government is going to give anyone using their own encryption even more of a problem.
        • Re:Well... (Score:4, Insightful)

          by delinear (991444) on Wednesday September 01, 2010 @11:22AM (#33436186)
          Unfortunately, for anyone who cares about how their data is used, it's the companies who will make the decision. I might switch my bank to one I consider more secure only to find in two months time that they intend to outsource key parts of the business. I wonder if we'll eventually see a niche market in organisations which guarantee to keep your data within the boundaries of your own country (then you only have to worry about your own government getting their hands on it).
          • Re: (Score:3, Insightful)

            by tophermeyer (1573841)
            Actually your example is perfect, that is one of the reasons I prefer to use a local Credit Union rather than a national bank. I have no real guarantee that they won't outsource a call center, but based on the model and scope of their business I can feel reasonably comfortable that they won't.
          • by kcbnac (854015)

            I'd much rather have to only worry about MY government - its one I can (theoretically, living in the US) influence.

            I know I'd prefer this, and for some industries it IS a requirement - see US Export Controls.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      I'm posting anonymously as my new employer has not found the time to purchase my company laptop and I'm "borrowing" a co-workers machine.

      So, post explanation, let me say I have many friends, a few family members, and a few acquaintances who are from India. Even knowing how nice these people are and such, I agree with Panda - fuck doing business with India. The reasons I say this are manifold, but include the fact that if American companies quit outsourcing to India (and other countries) exactly how many job

      • Re:Well... (Score:5, Interesting)

        by Anonymous Coward on Wednesday September 01, 2010 @11:25AM (#33436216)

        The Indian side of me understands completely where they are coming from. Shit, America is doing the same thing, just undercover. India is a large target for terrorist attacks and this is one way they can monitor the Indian public and anyone who communicates with the Indian public for any terrorist activities.

        I'm not saying its right, based on American laws...but what native Indian is going to fight this? They all want to be safe. They don't want to worry about another Mumbai attack.

        The American side of me understands where most of the posts here are coming from. Invasion of privacy, corrupt governments using information against its own people, and the thought of someone having all information about you at their fingertips. Again, this all happens in America, but there are atleast some laws that protect us just a little.

        To the Indian government: I hope you can come up with another way to protect our people. Demanding things from businesses such as this is a truly poor choice for international business and, eventually, the trust of your people in you. Get that census thing done right, give every Indian an ID number, map out all of the towns in the country...pretty much turn India into today's US. Train a good military force, and protect the borders. It's time to play some good defense, and when called for, put that offense into effect.

        • Re: (Score:3, Insightful)

          by bhagwad (1426855)

          but what native Indian is going to fight this? They all want to be safe.

          You'll be surprised. And not all of us prefer to cower in safety while everything we say and do is monitored.

      • by gtall (79522)

        "Are companies so stupid that they have lost sight of the fact that if America's economy fails and we cannot get jobs that pay a living (or BETTER) wage then WE can't buy those nice shiny objects they're selling?"

        Why yes, yes they have. Business School Product has no allegiance to the U.S. They understand little about a company considering it to be merely the current peddler of widgets they've sold their ass to.

      • Re: (Score:2, Interesting)

        by shoehornjob (1632387)

        Bah, I've digressed a bit but the point remains - do business in America you American companies. Stop outsourcing everything, including the natural talent that America (used to?) have.

        American Corporations are suffering from a ravenous bout of greed and short term profit taking. Until they change their act or the government cracks down on outsourcing (neither of which is likely to happen any time soon) we're in for a long ride. I hoped that the government would attach conditions to all that bailout money we paid out but they failed us again. It seems like we will have to right up to the brink of complete failure before we get their act together.

      • exactly how many jobs would be created in the American economy? How much money would be pumped back into the economy that is teetering between recovery and disaster #2?

        None. They'd all go out of business when they raised their prices and could no longer afford to compete with Walmart's crappy knock off versions of everything they sell.

        The only way to change that is to change the economic equation. Stop shopping at walmart. Refuse to buy products from companies not producing here in the US (good luck with that). Refuse to sign up for internet if the company outsources its call center, and be sure to let the CEO know why you refuse to buy. Start a campaign at your e

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Who do they think they are, the US?

    • Re: (Score:3, Interesting)

      by webminer (1619915)
      Wow! This comment got modded 'insightful'? Really? Indian govt trying to do what US govt already does invites such hateful comments. Why am I not surprised. As usual Americans dont want to acknowledge the reality. Their govt already intercepts every possible communication. But when a foreign govt does it, suddenly there is a backlash. Atleast India is going public. BTW, China already does this. So, fuck US and China as well.
  • by FooAtWFU (699187) on Wednesday September 01, 2010 @10:35AM (#33435446) Homepage
    Demanding access to all the corporate VPNs is a great way to make companies more skittish about outsourcing there!
    • this theme rings loud and clear! almost all the posts (as of right now) echo this sentiment.

    • by CaptBubba (696284) on Wednesday September 01, 2010 @10:52AM (#33435704)

      This is especially true considering just how notoriously corrupt a lot of the Indian government is. It has been featured on NPR and other news outlets as being a large impediment to business.

      Then you will have someone in a position where they have access to all of your company's secure communications? For the price of a bribe anyone could find out proprietary information that could sink your company or they could gain access to listen in on calls and glean account information for identity theft or just to solicit customers.

      • by jimicus (737525)

        If your company regularly has information going around that could quickly sink it, you probably need to think about your internal security (and maybe even your business model) a little more carefully.

        • But that's the point. Maybe your internal security is fine. Do you know how secure the Indian Governments data streams are? Do you think you would have any ability to increase that security if you found a weakness?
        • by pavera (320634) on Wednesday September 01, 2010 @11:16AM (#33436092) Homepage Journal

          This really wouldn't be too uncommon. IBM has to have very detailed technical conversations/emails/etc with outsourced people in India, it would not take much to determine their future plans, product launches, progress, feature sets, etc. If you're competing with IBM and have access to all this information, you can easily beat them in the game. Same goes for any company with outsourced workers in India. It's not necessarily that it would "quickly sink" IBM, but it could easily quickly sink a new product launch, or a new division... And if you're a startup, and IBM, HP, or MSFT has access to this information that you've passed off to your outsourced labor, it could very quickly sink your company. IBM releases your product 2 months before you do you're done.

          You mentioned "thinking about your internal security" the problem isn't internal security, it is that your perceived internal security now has an open spigot to the government of India... you have no internal security by default. Employees have to be able to discuss project progress, plans, etc. You have to have product meetings, there has to be communication about these things or nothing will ever get done. And the nature of these discussions if revealed to a third party can easily spell doom to a product, business division, or startup.

          Further, it would be a huge temptation to use this information to trade stocks... Think you overhear an HP conversation where its revealed that they just lost a major customer to IBM, or they are months behind schedule on a new product... You've finally found step 2
          1) Use gov't access to private communication to glean insider information
          2) Short/Buy stock as appropriate
          3) Wait for information to become public/earnings release
          4) Profit

          • Re: (Score:3, Interesting)

            by Lonewolf666 (259450)

            I agree with all your points, and the consequences are obvious:

            If a company wants to avoid this, they have to stop transferring sensitive work to India. First and second level support can stay there, because they deal with
            -already released products
            -and semi-public information (common support cases that are too frequent to keep the topic secret).
            What has to stay outside of India is most of development, and maybe third level support where more sensitive stuff is handled.

        • Re: (Score:3, Interesting)

          by Joce640k (829181)

          Is there any large company (ie. more then one building) which doesn't need secure communications?

          Today it's the VOIP and VPNs, next week it will be the encrypted email or whatever else is preventing them from snooping. If you're doing any kind of corporate business in India you should be planning to leave before your competitors figure out who to bribe.

    • Re: (Score:3, Interesting)

      by NetNed (955141)
      Should be a lesson to all businesses that outsourcing has even more draw backs then originally thought.

      Have worked for companies over the years that outsourced design work there and it was a lesson in "you get what you pay for". S.O.P. not followed, formats disregarded, no concept of how to use software correctly, and not using any kind of standard in the dimensional drawings.

      If you have ever dissected a product and wondered why on earth it was designed in such a stupid way it is because of design taking
      • Re: (Score:2, Troll)

        by Lumpy (12016)

        They dont care.

        Period.

        Corporations care about the next 3 months. They do not give a rats ass about next year. If the CEO can make a bigbonus by destroying the company this quarter, he will do it.

      • by jc42 (318812)

        Somewhere along the way corporations convinced themselves that people do not want quality products and instead would like to pay full price for something that will definitely break prematurely.

        Well, in the computer and related electronics/comm fields, the explanation for this is fairly clear: What company is the top seller of the software in the equipment on most business counters and desktops? What sort of computers to most people use at home? We all know the answer: Microsoft.

        That tells us all we need t

  • well... (Score:3, Insightful)

    by Anonymous Coward on Wednesday September 01, 2010 @10:38AM (#33435490)

    Maybe this is a good thing, in a way. maybe if India requires access to corporate vpn, it will dissuade security-conscious companies, such as a large, multinational, 3-lettered one, from outsourcing to india

  • by TheGratefulNet (143330) on Wednesday September 01, 2010 @10:39AM (#33435512)

    trying to look at the bright side (sort of). selfishly, I realize that-

    but if there is fear in US companies that they can no longer trust people in india (eg, tech workers) because the risk of losing their competitive edge either to the government or other companies might be too much.

    if I had signature authority on outsourcing for a company, I'd strongly reconsider pulling back any 'sensitive' work that is being done there. as of now, its no longer 'secure' (not sure it ever really was but now its totally worthless as a trustable domain).

    this could actually help tech workers in the US. in a left-handed kind of way, that is.

    suddenly, I'm all for india filtering and spying on its citizens!

    • Re: (Score:3, Insightful)

      by kungfugleek (1314949)
      The flaw in your logic is that you're thinking about the long term. In my experience, senior executives are brought in to a company with the understanding that they will do whatever it takes to jack the stock price up a certain percentage, then get the hell out. Outsourcing is perfect for them because it lowers the bottom line short-term, they post record profits, and then get out before it all comes tumbling down.

      Ok, I admit, I'm only thinking of one or two executives in particular right now, but it can'

  • If only ... (Score:4, Insightful)

    by m0s3m8n (1335861) on Wednesday September 01, 2010 @10:42AM (#33435538)
    If only all google, skype, and others would just stop service for 1 day, maybe the Indian Government would reconsider. But that would probably be called collusion or something and branded illegal. Were is the State Department? Are they trying to defuse the situation? I ask because I don't know if they have any involvement.
    • Re: (Score:3, Informative)

      by jgagnon (1663075)

      Any action by the US government on this issue would not go over well diplomatically.

      • by mitgib (1156957)
        Agreed, I think the best solution is abandon India, let it revert to it's former 3rd world status.
    • by gtall (79522)

      Stop giving them ideas, damnit. If India wants to shoot their economy in the head, please let them get on with it. Maybe we'll get some of our jobs back.

  • Not A Surprise (Score:4, Interesting)

    by anonymousNR (1254032) on Wednesday September 01, 2010 @10:44AM (#33435596) Homepage
    When I was doing my masters(in India) , my friend through his relative was able to get a project with DRDO(One of India's Defence Research Department).
    His project was to develop a GUI in QT in linux for the Data Packet Sniffer program they already had in place, yes it reads all the incoming and outgoing emails of all the employees
    , and everybody knows about this and nobody cares about it.
    India has bigger problems called Corruption,Terrorism [wikipedia.org],Communal Conflicts [wikipedia.org] to deal with that everyone is treated Guilty until proven Innocent.
    • Re:Not A Surprise (Score:5, Insightful)

      by jgagnon (1663075) on Wednesday September 01, 2010 @11:00AM (#33435850)

      This level of monitoring without transparency will just make corruption easier.

    • Re: (Score:3, Insightful)

      by celtic_hackr (579828)

      Sniffing of all incoming and outgoing email in a Department of Defense is usually a good thing. Sniffing all incoming and outgoing email in the country is usuially NOT a good thing. Big difference here. You want your military secrets protected from being emailed by employees and contractors.

  • S/MIME (Score:5, Informative)

    by Lord Ender (156273) on Wednesday September 01, 2010 @10:45AM (#33435600) Homepage

    There is a solution: Use S/MIME. This is the email encryption standard supported by all major mail clients without need for plugins. It can even work with web-based gmail using a firefox addon: http://richard.jones.name/google-hacks/gmail-smime/gmail-smime.html [jones.name]

    You can create your own certificates or get free certificates from places like Comodo.

    One quirk of S/MIME is that the subject line is not encrypted. This is a good place to add the text "India can suck my beef jerky" to every encrypted message.

  • That's Nice (Score:4, Insightful)

    by Greyfox (87712) on Wednesday September 01, 2010 @10:45AM (#33435604) Homepage Journal
    They could potentially do some real damage to their economy while still not being able to monitor all electronic communications in their country. Hopefully they're not putting all their security eggs in the "monitoring" basket, because people will find a way to communicate under the radar. Any terrorists that monitoring catches are probably not the ones you have to worry about.
  • Seems like the Indian government has found a more effective way of building a great wall around its borders - let the people outside build it.

  • by nedlohs (1335013) on Wednesday September 01, 2010 @10:48AM (#33435644)

    virtual private network, surely.

    Or did some group decide to replace a perfectly good name with a crappy one?

  • by TheGratefulNet (143330) on Wednesday September 01, 2010 @10:48AM (#33435646)

    so let me get this straight. the indian government thinks it has a RIGHT to intercept all communication that it wants to (sans warrant, mind you).

    does that essentially make personal end-to-end encryption illegal? it has to! the concept of you being able to conceal your comms is in the process of being ILLEGAL there.

    people are commenting on 'well, just use SSH or SSL or ...'.

    but you are missing the point. if they insist on getting access to all comms, you think they'll tolerate people doing an end-run around this?

    the VERY next step is to identify users who side-step this with their own encryption layer and persecute them, one way or another. it has to follow. first you require all data to be sniffable and then you go after those that won't agree.

    I remember about 20 yrs or so ago, it was illegal for french citizens to use encryption (details are fuzzy; I may not have this exactly accurate). but france was some kind of exception and vendors had to do all kinds of backflips to sell to french companies. are we going back to shit like this, again??

    I think we are. its absolutely coming that encryption will be deemed 'munitions' again. or, encryption that WORKS; the bullshit encryption you think you can trust but is breakable will be 'allowed' to you to keep you feeling like you have some control.

    I guess its now: any encryption that is legal is encryption you cannot trust.

    • by Yvanhoe (564877) on Wednesday September 01, 2010 @11:00AM (#33435856) Journal

      people are commenting on 'well, just use SSH or SSL or ...'. but you are missing the point. if they insist on getting access to all comms, you think they'll tolerate people doing an end-run around this?

      I think the legislators miss the point about "encrypted VPN" being such a trivial technology. They probably think there must be around 100 big companies doing that in India right now and they will soon discover that their law is inadapted. Back to the drawing board.

      I remember about 20 yrs or so ago, it was illegal for french citizens to use encryption (details are fuzzy; I may not have this exactly accurate). but france was some kind of exception and vendors had to do all kinds of backflips to sell to french companies. are we going back to shit like this, again??

      There was a limitation to the key length. More than a certain length was considered "military material" and required some authorization. Mind you we were happily generating 1024 bits keys (the limitation was something ridiculous. IIRC but it was something like 56 bits), using them routinely. I doubt anyone has ever been prosecuted for this. It bothered vendors though. We do that a lot in France : vote bad laws, do not apply them, use them as a precedent to vote even worse laws, rinse, repeat.

    • by bsDaemon (87307)

      No, we'll probably just go back to regulating crypto export and keep all the good stuff for ourselves.

    • so let me get this straight. the indian government thinks it has a RIGHT to intercept all communication that it wants to (sans warrant, mind you).

      Buddy, Government of India thinks it has the RIGHT to take all the minerals from ground. There are no private mineral rights in India. If they discover oil or coal or manganese under your property, they will eminent domain you out of the property to dig a mine. That is a different country, with a completely different notions of property rights and privacy rights than what you are used to in the USA.

    • Actually, if you are using encryption > 40 bits,you must deposit the key with the govt in an escrow account,

      so yeah,"any encryption that is legal is encryption you cannot trust."

      http://economictimes.indiatimes.com/articleshow/6308052.cms [indiatimes.com]
      Read the 2nd para

  • I doubt things are going to work out well for either of us.
  • by Anonymous Coward on Wednesday September 01, 2010 @10:51AM (#33435692)

    India Now Wants Access To Google and Skype

    Google and Skype should just say no. In fact, if everybody said "NO!" then India would condemn itself to being a third world country. It would also give BlackBerry an incentive to say "NO!" too, because if your competition isn't making money off of evil, then BlackBerry isn't losing any business from competition. Of course India (et al) could always just continue to steal technology, but at least that would give trading partners an incentive to retaliate.

    When the democracies start spying on there own citizens then being in a "democracy" is quite useless. Warrants, oversight and checks and balances are what made America (on paper at least) a great nation. Too bad everybody is falling for the lowest common denominator repression that used to be the primary domain of dictatorships.

  • by Drakkenmensch (1255800) on Wednesday September 01, 2010 @10:52AM (#33435720)
    They'll never want to eavesdrop on private communication data again!
  • Given the amount of money flowing in and out of India that is a result of VPN's, skype and google I seriously doubt this will happen.

    RIM is one thing. Skype and Google quite another. You might as well pass a law requiring that everybody in India stop using Windows. Not gunna happen.

  • Shouldn't mean you will necessarily get. Certainly if I were subject to EU or even the lower US privacy standards, I'd have grave concerns about out-sourcing *anything* to a locale that so cavalierly violated the most rudimentary notions of privacy and security. More pro-actively, to the extent a mere slashdot-peon can, I'd encourage RIM to go back to their pre-agreement stance and begin negotiations with other telecommunications providers and ex-pat companies with an India presence to present a united fr
  • Generations allowed the NSA and GCHQ with their helper countries to do this and more. Cheap US cryptography was gifted to NATO that kept the Soviets out but gave plain text back to the NSA.
    European cryptography was subverted from inception and exported to the world.
    Now this is happening to the next generation of hand held devices and people sit up?
    Another country is getting what a select few had for decades.
    The strange question is - why is anyone with anything interesting to say still silly enough to u
  • As India extends its reach into all communications, they will create an undesireable environment for foreign corporations to do any confidential work. This will make those corporations think twice about offshoring work to India that includes trade secrets, confidential or personal data, or even just really interesting stuff.'

    As an American, I look forward to the return of jobs sent there in the past.

    Bring it on!

  • Appeasement... (Score:3, Insightful)

    by divisionbyzero (300681) on Wednesday September 01, 2010 @11:44AM (#33436538)

    never works. It only emboldens that aggressor.

  • I am all for India making itself as business unfriendly as possible, so cheapass companies quit outsourcing there. It really was amazing when I called tech support and got an actual AMERICAN person speaking English, because it had been years since this happened, another reason to buy Apple...

  • Indian access = India having access to American consumers data, given the amount of interaction we have. CS at your bank send you an email from India help desk, I think India would/could attempt to use that interaction for access. Somebody better be standing up for me! (oh wait, I can do that for myself)

FORTH IF HONK THEN

Working...