Is it possible to have “selective” app bans instead of internet shutdowns?
It is possible to block websites and certain apps by ordering telecom operators to do so
The Telecom Regulatory Authority of India (TRAI) sought inputs on whether it would be possible to have “selective” app bans instead of internet shutdowns, in order to reduce the impact that a wholesale communications lockdown can entail.
The approach suggested by TRAI would require telecom operators and messaging app firms like WhatsApp to cooperate with each other and stop access to services during a shutdown.
The telecom regulator has sought inputs on licensing messaging apps in India, which may require firms to be subjected to surveillance and blocking requirements.
Has the TRAI considered app regulation before?
In 2015 and 2018, the TRAI had held consultations on regulating messaging apps, a process that led to wide-ranging protections for net neutrality — the concept that all internet traffic should be treated equally.
Telecom operators had then called for regulation because they argued that messaging apps provide the same service without going through the stringent security and surveillance regulations that telecom operators go through.
Telcos were also wary of their revenues being undercut by online calls and messages, which were cheaper than calling and SMS rates then.
However, from 2016 onwards, the Department of Telecommunication (DoT) and the TRAI have rejected this argument, holding that telcos cannot discriminate between categories of data used by consumers.
Can VPNs be blocked?
Virtual Private Networks (VPNs) make these app or website blocks trivial to bypass.
VPNs tunnel a user’s internet traffic through another server.
While these tools are mostly used for completely innocuous purposes, the government has been showing a growing distrust of VPNs.
This is because VPNs are often encrypted, leaving the government with little visibility into what goes on in users’ connections.
VPN firms usually route data through servers located in another country, and frequently cycle the IP addresses these servers use to evade detection and blocking.
Some VPN firms promise that they do not maintain logs of their customers’ usage.
Since the government has not publicly stated what procedural safeguards it exercises when intercepting web traffic of users, these services are used by both privacy-conscious users and, the government argues, terrorists and cybercriminals.
When the Indian Computer Emergency Response Team (CERT-in) published directions in 2022 requiring VPN firms to retain records of users from India, most large VPN providers stopped offering servers physically located in India.
However, these firms continued serving users in India, allowing people to connect to foreign servers through an encrypted connection and access blocked sites.
Blocking VPNs is not straightforward, as companies operating them tend to frequently change the IP addresses associated with their servers.
While VPN services’ websites may be blocked, the installation files can be found elsewhere online.
Why is blocking VPNs a threat to digital privacy?
Internet rights activists say that blocking VPNs would be a damaging move for online privacy.
“VPNs … help secure digital rights under the Constitution of India specially for journalists, whistle-blowers and activists,” the Internet Freedom Foundation wrote in 2021.
“The encrypted nature of information transfer over VPNs allows them to not only secure confidential information but also to safeguard their own identity, thus protecting them from surveillance and censorship.”
COMMENTS