Draft encryption policy: Frequent changes in key positions & talent crunch in DeitY led to the debacle

Draft encryption policy: Frequent changes in key positions & talent crunch in DeitY led to the debacle

As the blame game for the fiasco created by the draft National Encryption Policy plays out, experts are asking if frequent changes in key positions and a talent crunch in the Department of Electronics and Information Technology (DeitY) led to the debacle.

After the government held a junior scientist responsible, officers in the department are now pointing fingers at each other, while maintaining all along that due procedure was followed.

“You think anything in the government moves without due procedure? All I can tell you is that all rules and regulations were followed,” said an official who requested anonymity. The draft policy, which proposed that social media text messages be stored for scrutiny by the government, was withdrawn after a public outcry.

Another set of officials alleged that the junior officer did not seek the advice of higher-ups before making the policy public. Some officials said they were out of the country when the policy was released online and others said they were not involved in framing it, laying the blame squarely on the junior official.

The episode has led experts to ask whether organisational instability in DeitY over the past few months led to the embarrassment. The department, which is part of the Ministry of Communications and IT, has the mandate of running the government’s ambitious Digital India project. However, several key posts have been lying vacant for many months. DeitY has also seen several changes, including that of the secretary, additional secretary and joint secretary, over the last one month.

“Unfortunately, DeitY has gone through a number of changes very frequently. Every change affects function and decision making,” said an official of a Big Four consultancy firm, who requested not to be identified.

While the position of the director general of the National Informatics Centre (NIC), which manages technology of the entire government machinery, has been lying vacant for over a year, the key post of director general of the Computer Emergency Response Team (CERT) has not been filled after Gulshan Rai was appointed national cyber security chief under the PMO in March.

CERT is responsible for warding off and fighting cyber attacks. While ministry officials have been given additional ge of these positions, it may be adding to instability and workloads. Nodal officer for the encryption policy is supposed to be the group coordinator for cyber law — but there is confusion in the ministry on who holds that post after Rai moved to the PMO.

Even the National e-Governance Division and the Controller of Certifying Authorities are being run by acting chiefs for months now. Appointments to the position of additional secretary (egovernance) and joint secretary (electronics) are also awaited.

“Though vacancies and frequent changes are routine in the government, the secretary, additional secretary and joint secretary, all in charge of the same function – e-governance – should not have been changed at the same time, especially with all the focus on Digital India,” said another technology consultant. The person added that because of these vacancies, several key initiatives such as restructuring of NIC have been stuck.

Ministry officials, while conceding that there are vacancies, countered by saying that business in the government never stops. “There are lots of competent people in the department to take on additional responsibilities,” said a senior official of the department.

The first consultancy official said there is a vacuum in the department in terms of the second rung of leadership.