- The Indian Computer Emergency Response Team (CERT-in) may soon be exempt from responding to queries under the Right to Information Act, the government informed Parliament.
- The Department of Personnel and Training has reviewed a proposal from the Ministry of Electronics and Information Technology to include CERT-in in the Second Schedule to the RTI Act, which deals with exempted organisations like the Central Bureau of Investigation (CBI) and the Border Security Force (BSF).
- Schedule-II of the RTI Act contains the names of the Intelligence and Security organizations which are exempt from the purview of the Act.
- The exemption would allow CERT-in to reject any application for information, even on policy related matters. This is significant in light of the April 2022 directions the body issued to require Virtual Private Network (VPN) providers and cryptocurrency firms to preserve user requests.
- It is an office within the Union Ministry of Electronics and Information Technology (MeitY) established in 2004 under the IT Act 2000.
- It is the nodal agency to
- Deal with cyber security threats.
- Strengthen the security-related defence of the Indian Internet domain.
- Coordinate with public and private organisations in India when cyber incidents like data breaches and ransomware attacks are reported.
- Issue advisories for software vulnerabilities as guidance for organisations.
- CERT-IN has overlapping responsibilities with other agencies such as:
- National Critical Information Infrastructure Protection Centre (NCIIPC) which is under the National Technical Research Organisation (NTRO) that comes under the Prime Minister’s Office.
- The National Disaster Management Authority (NDMA) is under the Ministry of Home Affairs.