India's CERT given exemption from Right To Information requests

2023-11-28 06:31

India's government has granted its Computer Emergency Response Team, CERT-In, immunity from Right To Information requests - the nation's equivalent of the freedom of information queries in the US, UK, or Australia.

Reasons for the exemption have not been explained, but The Register has reported on one case in which an RTI request embarrassed CERT-In. That case related to India's sudden decision, in April 2022, to require businesses of all sizes to report infosec incidents to CERT-in within six hours of detection.

The Register sent multiple requests to CERT-In seeking clarification of its capabilities and the extent of compliance.

CERT-In's exemption from India's 2005 Right To Information Act has generated criticism from India's Internet Freedom Foundation, which called the move "Certainly not in the public interest as it weakens the rights of the people by diluting an Act meant to empower them."

According to IFF, any exemption of an organization from the RTI must go before parliament, but at this time there is no certainty that will occur for CERT-In. "The notification which exempted them contains no reasons," warned lawyer and IFF founding director Apar Gupta.

The minister last week held a meeting with social media platforms to discuss deepfakes - the day after the CERT-In RTI exemption announcement was made.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/11/28/cert_in_rti_exemption/

#cert #india