NEW DELHI: In what is likely to lead to a stand-off between Apple and the Indian government, the Centre has asked Apple to divulge "real and accurate information" regarding the alleged state-sponsored attacks on opposition leaders.
Meanwhile, in a statement, the US firm had already announced that it will not disclose how it detects state-sponsored hacking attempts as doing so will make these mechanisms less useful and "help state-sponsored attackers adapt their behavior to evade detection in the future."
There has been a furore after several opposition leaders, including Shiv Sena (UBT) MP Priyanka Chaturvedi, Trinamool Congress' Mahua Moitra, Aam Aadmi Party's Raghav Chadha, and Congress' Shashi Tharoor, received warning messages from the iPhone maker indicating that a hacking attempt was made by state-sponsored attackers on their accounts.
While such an attack could have been triggered by hacking attempts by any government including that of countries outside India, the opposition leaders have accused the Modi government of being behind the attempts.
“In light of such information and widespread speculation, we have also asked Apple to join the investigation with real, accurate information on the alleged state sponsored attacks,” said the minister.
Vaishnaw said it was the duty of the government to protect the privacy of all citizens, including the opposition leaders, and that it takes this role "very seriously". He said it is committed to thoroughly investigating these notifications to uncover the truth.
Vaishnaw indicated that the government wants to go through Apple's algorithms and data to make sure it was indeed a state-sponsored attack.
“Apple states these notifications may be based on information which is ‘incomplete or imperfect’. It also states that some Apple threat notifications may be false alarms or some attacks are not detected,” he said.
Apple, in a statement, clarified that it has not identified any country or government in its warnings, and indicated that its system can issue warnings to users even when it is not 100% sure that it is a state-sponsored attack.
“Detecting such attacks relies on threat intelligence signals that are often imperfect and incomplete. It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behavior to evade detection in the future,” it noted.
This is not the first time that the government of India has sought to get details of encryption used by major telecommunications companies in India.
In 2010, the Indian government demanded access to encrypted data services on BlackBerry devices, citing national security concerns. However, the company refused to provide encryption keys, arguing it would violate privacy.
After failed negotiations, the Indian government even threatened to shut down BlackBerry services, but did not carry out the threat.