---
layout: default
title: "Information Security Policy on Govt Agenda"
description: "A Mint news report by Surabhi Agarwal on India's proposed internal information security policy, with Sunil Abraham cautioning that it must not weaken citizens' RTI rights."
categories: [Media mentions]
date: 2012-11-07
authors: ["Surabhi Agarwal"]
source: "Mint"
permalink: /media/information-security-policy-govt-agenda-mint/
created: 2026-02-26
---

**Information Security Policy on Govt Agenda** is a *Mint* news report by Surabhi Agarwal published on 7 November 2012. The piece reports on the Indian government's plans to introduce an internal information security policy covering electronic transmission and storage of classified data, and includes comment from [Sunil Abraham](/sunil/) cautioning that the proposed policy must not dilute citizens' rights under the Right to Information Act.

## Contents

1. [Article Details](#article-details)
2. [Full Text](#full-text)
3. [Context and Background](#context-and-background)
4. [External Link](#external-link)

## Article Details

<dl class="media-details">
  <dt>📰 Published in:</dt>
  <dd><em>Mint</em></dd>

  <dt>📅 Date:</dt>
  <dd>7 November 2012</dd>

  <dt>👤 Author:</dt>
  <dd>Surabhi Agarwal</dd>

  <dt>📄 Type:</dt>
  <dd>News Report</dd>

  <dt>📰 Newspaper Link:</dt>
  <dd>
    <a class="btn" href="https://www.livemint.com/Politics/TyFgDxthlTap5XwzA84gdO/Information-security-policy-on-govt-agenda.html">
      Read Online
    </a>
  </dd>
</dl>

## Full Text

<div class="highlighted-text" id="fulltext">

<p>New Delhi: As an increasing quantity of sensitive information is transmitted through electronic channels, the government is considering putting in place an internal information security policy to reduce the risk of leaks and counter possible cyber attacks, said three government officials involved in discussions on the proposal.</p>

<p>The policy will include new guidelines on top of the standards set out by the Official Secrets Act, 1923, and mandate safeguards for each category of information on how it should be transmitted, stored and preserved. The categories are "top secret", "secret", "confidential", "restricted" and "official use only".</p>

<p>Experts argue that given the easy portability of such information and its vulnerability to hackers, the policy should have been in place much sooner.</p>

<p>The Official Secrets Act seeks to protect sensitive information including official communications, sketch plans, documents and other information pertaining to government functioning. Gaining wrongful access to information deemed to be an official secret or unauthorized use of such information are regarded as offences.</p>

<p>Given that the law was enacted almost a quarter century before independence, it had no provisions to deal with electronic transmission of such information made possible by technological advances in subsequent decades, said cyber expert Pawan Duggal.</p>

<p>One of the three government officials cited above said the aim of the proposed internal information security policy is to protect classified information that's transmitted electronically much as it is done currently in the paper format.</p>

<p>"As more information is getting transmitted in the electronic format, we have to put in place procedures, guidelines, policies and standards for protecting that information in the electronic format," the official said.</p>

<p>A second official said the policy will lay down the dos and don'ts for government officers on how information has to be transmitted, stored and preserved in the electronic format. "In case of a breach, the investigation agencies can then look into whether the requisite safeguards were followed or not," the official said.</p>

<p>The proposal follows a rash of attacks on government computer systems that exposed their vulnerability to hackers.</p>

<p>Former minister of state for communications and information technology Sachin Pilot told Parliament recently that between December 2011 and February 2012, a total of 112 government websites had been hacked.</p>

<p>A third government official, who also didn't want to be identified, said that every government official would have to follow standard procedures in electronic transmission of information.</p>

<p>"The moment one's computer is connected to the Internet, it is part of a global network, so attackers in the cyber space know which information can be stolen from where if the necessary deterrents are not in place," the official said.</p>

<p>Sensitive information such as tax matters and intellectual property issues are part of the information that's transmitted electronically by government offices, which if leaked can have market implications as well as an impact on governance, experts said.</p>

<p>"The government leaks like a sieve," said B.G. Verghese, a visiting professor at New Delhi-based Centre for Policy Research.</p>

<p>"This is a step and they are trying to lay some ground rules to regulate a process that fits in with concepts of law, good governance, Constitution, privacy and prevents any wrongdoing," Verghese said.</p>

<p>The proposed policy, when put in place, will be a step forward so long as it does not dilute the powers available to citizens under the Right to Information Act, said Sunil Abraham, executive director of Bangalore-based research organization Centre for Internet and Society.</p>

<p>Currently there are several concerns centred on electronic transmission, including questions about who is responsible for information, especially its unauthorized use. "This could help establish an audit trail," Abraham said.</p>

<p>The first government official quoted above stressed that although cyber security and information security cut across each other, the two concepts are different.</p> 

<p>"Cyber (security) is basically about devices and networks, whereas information security is very particularly about the information which travels on the net," this official said. Reinforced cyber security will be an additional benefit once the information security policy comes into force, he said.</p>

</div>

<button class="copy-btn-full" data-copytarget="#fulltext">Copy Full Text</button>

{% include back-to-top.html %}

## Context and Background

The article was published at a time when government cyber security in India was coming under increasing scrutiny. The 112 government website hackings cited by Sachin Pilot covered just a three-month period, and the pace of such incidents had been accelerating through 2011–12. The National Cyber Security Policy was eventually published in July 2013, about eight months after this article appeared.

Sunil Abraham's caveat about the Right to Information Act reflected a wider policy concern. The RTI Act, 2005 created statutory access rights to government-held information, and any new classification or security framework raised questions about how those rights would be operationalised in practice. Transparency advocates had long cautioned that procedural safeguards must not become indirect barriers to lawful disclosure.

B. G. Verghese, quoted here as a visiting professor at the Centre for Policy Research, was a senior journalist and long-time observer of media and governance issues. His colourful observation that "the government leaks like a sieve" was as much a commentary on the informal culture of selective disclosure as it was on the absence of formal security procedures.

## External Link

- [Read on Mint](https://www.livemint.com/Politics/TyFgDxthlTap5XwzA84gdO/Information-security-policy-on-govt-agenda.html)

<style>
.media-details {
  background: #f9fbfe;
  border: 1px solid #d8e2f0;
  border-radius: 10px;
  padding: 1.2rem 1.4rem;
  max-width: 700px;
  margin: 1.2rem auto;
  font-size: 0.96rem;
  line-height: 1.5;
  color: #333;
  box-shadow: 0 2px 4px rgba(0,0,0,0.04);
}
.media-details dt {
  font-weight: 600;
  color: #1b2a49;
  margin-top: 0.7rem;
}
.media-details dd {
  margin: 0 0 0.3rem 0.3rem;
  color: #555;
}
.highlighted-text {
  background-color: #fffbea;
  border-left: 4px solid #f2ce61;
  padding: 1rem 1.2rem;
  border-radius: 8px;
  line-height: 1.65;
  color: #333;
  box-shadow: 0 1px 3px rgba(0,0,0,0.05);
  margin-bottom: 0.8rem;
}
.highlighted-text p {
  margin-bottom: 1rem;
}
.copy-btn-full {
  display: inline-block;
  background: #f1f1f1;
  border: 1px solid #ccc;
  font-size: 0.85rem;
  padding: 0.4rem 0.8rem;
  border-radius: 6px;
  cursor: pointer;
  transition: background 0.2s ease;
  margin-bottom: 1.5rem;
}
.copy-btn-full:hover {
  background: #e5e5e5;
}
</style>

<script>
document.addEventListener('DOMContentLoaded', () => {
  document.querySelectorAll('.copy-btn-full').forEach(btn => {
    btn.addEventListener('click', async () => {
      const target = document.querySelector(btn.getAttribute('data-copytarget'));
      if (!target) return;
      try {
        await navigator.clipboard.writeText(target.innerText.trim());
        const original = btn.textContent;
        btn.textContent = 'Copied!';
        setTimeout(() => (btn.textContent = original), 1500);
      } catch (e) {
        btn.textContent = 'Copy failed';
        setTimeout(() => (btn.textContent = 'Copy Full Text'), 1500);
      }
    });
  });
});
</script>