A recent circular, accessed by PTI, issued to all government bodies by the CERT-In under the Union Ministry of Communication and Information Technology has stated that homegrown and India-based email communication systems should be preferred for official work as the servers of private email service providers are based out of India and is prone to "misuse" or "leakage" of classified and proprietary data.
"It has been observed that a number of officials in the ministries/departments in the central and state governments are using the private mail services particularly hosted and operated from outside India for official communications. Such official communications are government and also the public records. It is to mention that data pertaining to such emails and web services is stored by these service providers outside Indian and is fully under their control.
The agency, while issuing the circular, has invoked Section 4 of the Public Records Act, 1993 (Prohibition against taking public records out of India) and some recent concerns raised by the Delhi High Court to buttress its point.
Keeping in view both the things in mind, the circular said, "All the ministries, departments of central and state governments should either use email services provided by National Informatics Centre (NIC) or they should use their own email and web services being fully controlled by them and hosted in India for official communication. CERT-In security guidelines/advisories as issues time to time should be followed."