1.10 SECURITY CONSIDERATION:
1.10.1 Individuals / Groups/ Organisations are permitted to use as customer encryption upto 40 bit key length in the RSA algorithms or its equivalent in other algorithms without having to obtain permission. However, if encryption equipments higher than this limit are to be deployed, individuals/groups/organisations shall do so with the permission of the Telecom Authority and deposit the decryption key, split into two parts, with the Telecom Authority..
1.10.2 The LICENSEE shall provide to the LICENSOR, location details of the equipment provided by ISP. Implementation of any installation of the concerned equipment and execution of the concerned project shall be taken up only after the approval by the LICENSOR and locations of these centres shall not be changed without prior approval of the LICENSOR. This requirement shall be applicable only to such areas as are sensitive from security point of view, as may be notified from time to time by the LICENSOR. In the interest of national security, the ISPs shall block Internet sites and / or individual subscribers, as identified and directed by the Telecom Authority from time to time.
1.10.3 Each ISP must maintain a log of all users connected and the service they are using (mail, telnet, http etc.). The ISPs must also log every outward login or telnet through their computers. These logs, as well as copies of all the packets originating from the Customer Premises Equipment (CPE) of the ISP, must be available in REAL TIME to Telecom Authority. Type of logins, where the identity of the logged-in user is not known, should not be permitted.
1.10.4 The LICENSEE shall provide necessary facilities to the Government to counteract espionage, subversive act, sabotage or any other unlawful activity. The said facilities to be provided by the LICENSEE will depend upon the specific situation at the relevant time. Type and extent of facility(ies) required shall be at the sole discretion of the Government of India.
1.10.5 The LICENSEE shall not use any hardware/software which are identified as unlawful and/or render network security vulnerable. The LICENSEE shall make available , on demand, to the agencies authorised by the Government of India, full access to the equipment provided by the ISP for technical scrutiny and detailed inspection.
1.10.6 All foreign personnel likely to be deployed by the LICENSEE for installation, operation and maintenance of the LICENSEE’s network shall be required to obtain security clearance by the Government of India prior to their deployment. The security clearance will be obtained from the Ministry of Home Affairs, Government of India.
1.10.7 Software used by each ISP shall conform to a set of latest operational requirements which will be periodically published by the Telecom Authority.
1.10.8 LICENSOR shall have the right to take over the SERVICE, equipment and networks of the LICENSEE either in part or in whole of the Service Area as per directions if any, issued in the public interest or national security by the Government in case of emergency or war or low intensity conflict or any other eventuality. Provided any specific orders or direction from the Government issued under such conditions shall be applicable to the LICENSEE and shall be strictly complied with.
1.10.9 LICENSOR reserves the right to modify these conditions or incorporate new conditions considered necessary in the interest of national security.
1.10.10 On Security related issues, an Inter-Ministerial Committee shall be set up consisting of the representatives of DOT, Cabinet Secretariat, MHA, MOD, DOE and NIC and representatives from NASSCOM to look into the technical aspects of monitoring of communications in this sector (including Internet) to enable the setting up of the monitoring infrastructure (which, in many cases, would have to be funded by the ISPs). Any condition imposed by this Inter-Ministerial Committee during the validity of the licence shall be binding on the licensee.
|
