This article argues that the traceability mandate imposed in India by the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 undermines encryption and negatively impacts cybersecurity as well as the fundamental right to privacy. In doing so, it explains how the traceability requirement fails the necessity and proportionality test laid down by the Indian Supreme Court in the Puttaswamy judgment, wherein it held that the right to privacy is a fundamental right under the Constitution of India. Further, the article makes a case for why encryption is important for protecting privacy, free expression, and other human rights, and also for bulwarking the economy, preserving democracy, and ensuring national security. Part I of the article provides a background on how encryption works and the purpose it serves in the digital era. Part II analyzes the trajectory of encryption policy in India and the relevant legal frameworks. Thereafter, Part III explains the traceability mandate under the New Intermediary Guidelines and its effect on encryption, and consequently, the impact on cybersecurity and the right to privacy. It assesses whether it meets the requirement of necessity and proportionality as set out by the Supreme Court. Finally, Part IV explains that encryption should be protected and encouraged because it guards against unwarranted surveillance and preserves privacy and expression, is a crucial tool to protect human rights in the digital age, strengthens national security, and benefits the economy

Included in

Law Commons