In a sudden move on Monday night, the government of India banned 59 Chinese apps including Tik Tok, Shein, Camscanner, Club Factory, among others. Some of these apps have millions of downloads in India.
As its reasoning behind banning these apps, the government said that these apps are engaged in activities which are “prejudicial to sovereignty and integrity of India, defence of India, security of state and public order.”
As of Tuesday morning, only TikTok went off from the Play Store. However, the app, if already present on your smartphone, continues to work. This has brought about confusion as to how the ban would be enforced.
While there has been no communication from the government about how it would enforce the ban, TNM spoke to a few cyber security, digital experts to understand ways in which the government could enforce the ban.
According to a paper by the Centre for Internet and Society, legal provisions in India - Section 69A and Section 79 of the Information Technology (IT) Act — allow the Central Government and the various courts in the country to issue website-blocking orders that ISPs are legally bound to comply with. The government's statement on banning these apps indicates they have used their legal authority under Section 69A of the IT Act in this case.
For starters, the government could ask these apps, especially those which have a corporate presence in India (such as TikTok's Bytedance), to voluntarily remove their apps.
Additionally, the government could write to Google and Apple and ask them to remove these apps from their Play Store and App Store for their Indian users. This would mean that Google and Apple make these apps unavailable in India (through IP address or a user's self-declaration of their country), but these would still be available in other geographical locations.
Yet another way to do this would be by approaching Internet Service Providers (ISPs) and Telecom Service Providers (TSPs).
According to Pranesh Prakash, an expert in technology law, ISPs could be asked to block specific domain names (e.g., https://tiktok.com, or any link under that domain). Or ISPs could also be asked to ban specific links(such as https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en_IN).
Or the ISPs could also try to block various sub-domains within third-party content distribution networks (CDNs) used by these apps. ISPs would find it difficult to block specific links or CDNs.
Will apps that have already been downloaded continue to work even after the ban?
It will depend on the kind of app and the how the ban is implemented. New installations of the apps and automatic updates might not take place if the apps stores remove the apps.
However, apps which don't necessarily need access to specific identifiable servers, such as CamScanner and UC Browser, might continue functioning even if they are removed from an app store and even if ISPs block some domains or IP addresses linked to them.
Even if an app isn't available on Google's Play Store or Apple's App Store, such an app can still be downloaded and installed from third party websites, says Prakash, though this may be dangerous since not all third party websites are trustworthy.
Given that the bans are focussed on users from India, if users can use technologies to hide the fact that they are from India, they can evade such bans. "People can evade the ban by using technologies that allow them to hide their Internet traffic from their ISP, for instance, using VPNs or using anonymising networks like I2P or Tor. Further, they can create Apple IDs or Google IDs with a false country location, or even download the apps from alternative app stores," Prakash notes.
A total block may not be possible because not all VPNs can be blocked. Even China, which according to Prakash has far more sophisticated Internet censorship infrastructure than India, finds it impossible to block all usage of VPNs.