Interim Government’s Use of Gmail Instead of .gov.np Raises National Security Concerns

Kathmandu: On October 5, the Office of the Prime Minister and Council of Ministers issued a statement introducing the official social media accounts of Prime Minister Sushila Karki. The move aimed to clarify authenticity amid a rise in fake accounts under her name. However, the same notice triggered serious debate, as it listed ‘[email protected]’ as the contact email for the Prime Minister’s social media.

The use of a private company’s email for official government communication has raised strong concerns about digital governance, data security, and national sovereignty. Experts and citizens alike questioned why the Chief Executive’s Office would rely on Gmail instead of the government domain ‘.gov.np’.

The backlash spread quickly across social media. Users criticized the government for negligence and potential security lapses. On Facebook, Keshav Paudyal wrote, “The Prime Minister’s official social media account is registered under a Gmail address, not a government one, how can this be official?” Rajendra Prasad Poudel added, “The Prime Minister’s Office using Gmail for official use is shocking. Why can’t an email like ‘[email protected]’ be created by the IT Management System (IDMS)? The data center already has the capacity for that.”

Similar criticism poured in on X. A user named Sirjan asked, “Shouldn’t the Prime Minister’s email be @gov.np? Why Gmail? Isn’t that a privacy breach?” Another user, Tekjung Mahat, said, “Is the Prime Minister using Gmail to open official accounts? Don’t you think about national security? Don’t make a joke of this country.”

Others called the situation “a national embarrassment.” A user named PRP wrote, “Why not use gov.np? Personal handles can vary, but organizational ones should always remain official.” Similarly, Samir Poudel commented, “Using Gmail for the Prime Minister’s office is disgraceful. Even a custom domain like @nepal.gov.np would make sense.” Another user, Arjan Baskota, quipped, “It seems like the Prime Minister needs a Gen-Z technical advisor, Gmail should never be the official address.”

The controversy deepened further when the Inquiry Commission, formed to investigate damage during the Gen-Z movement, used ‘[email protected]’ to collect evidence and personal information. This raised fresh questions about the government’s trust in its own IT infrastructure, especially when dealing with sensitive national data.

When asked why government bodies use private services, Prakash Dawadi, Information Officer at the Department of Information Technology, said the department has the capability to create official emails but admitted there may be a “lack of coordination.” He said, “We can provide government emails, but sometimes Gmail is used for convenience. I don’t know why they didn’t request one.”

An engineer from the department confirmed that the central government email system can currently support up to 20,000 accounts, though the quota is nearing full use. “We can archive unused ones to make space,” the engineer told TechPana, adding that neither the Prime Minister’s Office nor the Inquiry Commission had approached the department to create official accounts.

Cybersecurity experts warn that this practice poses serious risks. Naresh Lamgade, Director of cybersecurity firm Bugvi, said, “When government agencies use Gmail publicly, it becomes easier for phishing and impersonation attacks. Scammers can easily create similar emails to deceive the public. Government emails ensure accountability, they can be handed over during transitions. Gmail, on the other hand, is personal property. There’s no guarantee who will control it tomorrow or what will happen to the data stored in it.”

Lamgade further explained that using Gmail for government work today could lead to bigger risks tomorrow. “Anyone can create a similar Gmail address, increasing the possibility of misuse. When third-party email services are used without a clear long-term management plan, the risk of abuse and data leakage remains high,” he said.

Another technology expert highlighted that this also questions Nepal’s control and sovereignty over national data. According to Richan Shrestha, Executive Member of the Nepal Association for Software and IT Services (NAS-IT), even though global companies like Google have strong security systems, it is crucial from a national perspective to store government data within the country’s own infrastructure. “From a national security standpoint, government-level data must remain under our control. We cannot rule out the possibility that a foreign company could come under pressure and expose sensitive data,” Shrestha said.

Experts further argue that the government’s reliance on free email services like Gmail sends a negative message internationally about Nepal’s technical capacity and digital literacy.

 

पछिल्लो अध्यावधिक: कात्तिक २, २०८२ १२:३३

टिप्पणीहरू