14 DAY TRIAL // Google does not plan to provide the Indian government with the encryption keys necessary to intercept Gmail traffic in a readable format, but will comply with lawful access requests.
The Indian government's department of telecommunications considers mandating that all companies offering secure communication services in the country hand over the encryption keys in order to allow national security agencies to intercept data when needed.
Vinay Goel, Google India's head of products, told the Economic Times that the company has not yet been asked to provide the encryption keys Gmail, but noted that such a request would almost certainly be declined.
"When users entrust their data with us, we are expected to protect it, which is why, user privacy is very important for Google," Mr. Goel said.
The Mountain View-based Web search giant has enabled SSL encryption by default for its Gmail service since the beginning of this year.
In fact, Gmail is currently the only large free email service which provides default full-session HTTPS, a feature protecting communications from being intercepted by cyber criminals or governments.
Google will not release Gmail encryption keys because the service falls under US legislation and because such a move would expose Gmail users everywhere to monitoring by Indian authorities, which is unreasonably broad.
However, the company is willing to comply with requests for specific Gmail data when there is a legitimate belief that the information can prevent others from being harmed.
"We are not advocating non-compliance and are definitely open to offering the Indian government access to encrypted Gmail communication in the event of a large-scale risk to human life and property," Mr. Goel explained.
For the past half year, Indian officials have been in a dispute with RIM over access to encrypted BlackBerry Messenger and Enterprise Email data, threatening to ban the company's services in the country.
Back in 2008, the government asked all Indian Internet service providers to lower their encryption to under 40 bits so that data can be easily intercepted.