Indian Government Moves To Ban ProtonMail After Bomb Threat

Following a hoax bomb threat sent via ProtonMail to schools in Chennai, India, police in the state of Tamil Nadu put in a request to block the encrypted email service in the region since they have been unable to identify the sender. According to Hindustan Times, that request was granted today. From the report: The decision to block Proton Mail was taken at a meeting of the 69A blocking committee on Wednesday afternoon. Under Section 69A of the IT Act, the designated officer, on approval by the IT Secretary and at the recommendation of the 69A blocking committee, can issue orders to any intermediary or a government agency to block any content for national security, public order and allied reasons. HT could not ascertain if a blocking order will be issued to Apple and Google to block the Proton Mail app. The final order to block the website has not yet been sent to the Department of Telecommunications but the MeitY has flagged the issue with the DoT.

During the meeting, the nodal officer representing the Tamil Nadu government submitted that a bomb threat was sent to multiple schools using ProtonMail, HT has learnt. The police attempted to trace the IP address of the sender but to no avail. They also tried to seek help from the Interpol but that did not materialise either, the nodal officer said. During the meeting, HT has learnt, MeitY representatives noted that getting information from Proton Mail, on other criminal matters, not necessarily linked to Section 69A related issues, is a recurrent problem.

Although Proton Mail is end-to-end encrypted, which means the content of the emails cannot be intercepted and can only be seen by the sender and recipient if both are using Proton Mail, its privacy policy states that due to the nature of the SMTP protocol, certain email metadata -- including sender and recipient email addresses, the IP address incoming messages originated from, attachment name, message subject, and message sent and received times -- is available with the company. "We condemn a potential block as a misguided measure that only serves to harm ordinary people. Blocking access to Proton is an ineffective and inappropriate response to the reported threats. It will not prevent cybercriminals from sending threats with another email service and will not be effective if the perpetrators are located outside of India," said ProtonMail in a statement.

"We are currently working to resolve this situation and are investigating how we can best work together with the Indian authorities to do so. We understand the urgency of the situation and are completely clear that our services are not to be used for illegal purposes. We routinely remove users who are found to be doing so and are willing to cooperate wherever possible within international cooperation agreements."

So, shoot the messenger?

[fahrbot-bot]

In future news, the Indian government tries to ban India Post after an actual bomb was mailed through them w/o a return address.

Re:

[rsilvergun]

The messages India is a right wing authoritarian government and you do not have the right to privacy. Everything else is just smokescreens and excuses.

Re:

[arglebargle_xiv]

You've got this the wrong way round. Modi didn't like Protonmail because his stooges couldn't get access to it, banning it outright would have been problematic so a bomb threat conveniently shows up and now banning it is no problem.

expect more blocking

[zeiche]

that is one hell-of-a denial-of-service attack! now that the attack was successful, expect to see many more.

Classic

[NFN_NLN]

1. Indian Government doesn't want anonymous mail services.
2. Indian Government sends themselves a bomb threat through said mail service.
3. ???
4. Profit.

Re:Classic

[ffkom]

I'd replace your (1.) with:
1. Indian Government only wants communication channels it has complete control over to exist.

The "Profit" is basically "the ruling party having tools for keeping opposition at bay". Like in so many other countries. Democracy, currently enjoyed by ~8% of the world's human population - and shrinking, will turn out to be a short exceptional "blip" in history.

Re:

[Uldis Segliņš]

That could be the great filter. Not too high curiosity as in cats, not nucular winter as in stupid politicians, not AGI as in stupid populations, but social interaction forms for large groups. And we can forget about reaching stars, at least consciously.

Re:

[ObliviousGnat]

How is Protonmail supposed to verify that it was really a bomb threat and not just something that embarrasses the government?

Re: Meta data is not private

[140Mandak262Jamuna]

It does not have to before. But if they trace the bomb threat to a device that has ProtonMail, once court orders it, all Meta data on that phone should be disclosed.

Pretty good ad for Proton Mail

[JeffOwl]

If a state actor can't trace it

Re:

[bill_mcgonigle]

India can't.

They used to allow a bitcoin payment to get an account (to prevent spam) in lieu of providing a phone #, clearnet email, or credit card.

Now you have to provide a way to uncover your identity.

Re:

[Anonymous Coward]

All it says is that Proton wouldn't cooperate this time.

You can't really trace most mail without help from the service. In the old days the headers had the chain of IP addresses. These days all of that is gone due to everyone using cloud and mail sending services.

Also banning...

[julian67]

Also banning...messages from aliens (even the real ones), and all terrestrial messages in funny foreign languages (British English, French, Hindi).

No one should be surprised.

[SvnLyrBrto]

India has been descending into 1984-esque authoritarianism for quite some time now. Everybody remember when they extorted RIM to give them a backdoor into everyones' Blackberries? Yup... same India. And, vicious scumbag that he is, that can't even be blamed on Modi. The Blackbnerry backdoor was forced open before he was PM.

Re:No one should be surprised.

[Brett Buck]

The world has been descending into 1984-esque authoritarianism for quite some time now.

      FTFY

Authoritarian autocracy demands no privacy

[sinkskinkshrieks]

Color me surprised. Film @ 11.

Re:

[FurryOne]

You, like many on the internet, seem to think you have a God-given right to anonymity. You are mistaken, and eventually enough jerks will misuse it so that Governments will force it to disappear. If you're too chickenshit to say it to someone's face, you shouldn't say it. While the internet is a great tool, it's also an empowering weapon that bad actors take advantage of, ie; bomb threats.

Imagine this happened in the US

[vasanth]

are you telling me that if a bomb threat occurred on US or any western soil, the email service will refuse to provide any details regarding the email origins?

Re:

[SouthSeb]

I don't understand all the fuss, sometimes.

This type of problem is easily solved by simply by the legislative power doing it's work and creating laws demanding that given a due process and a regular court order, companies should provide the data they have.

It's really just a matter of establishing a legal, comprehensive procedural channels. This way, if a company refuses to comply, then penalties are known and expected.

Of course, some governments can still abuse its power to pass said laws. But I guess most

Re:

[Antique Geekmeister]

This occurred decades ago with anon.penet.fi, a very respected anonymous remailer used by dating message boards. It was also used by victims of sexual and physical abuse to join support forums and seek help. The site was eventually compelled to give up an anonymous email address to a quite fraudulent claim of a bomb threat from a critic of Scientology who'd been publishing their secrets. The case was strangely reminiscent of the fake bomb threat planted to discredit Paulette Cooper, the author of "Scandal o