It's disingenuous when the Indian government says that they want traceability but “not at the cost of encryption or privacy.” Traceability is bound to be at the cost of privacy, even if it means getting meta-data. And, when it comes to Whatsapp, traceability is likely to be at the cost of end-to-end encryption, and invariably, the removal of end-to-end encryption means that it is at the cost of privacy. It's almost as if this is a tactical PR move from the government: no one can deny that there are times when traceability is necessary, and the two clear cut cases here are terrorism and child pornography. At the same time, even though removal or dilution of encryption puts users at risk, saying that it's the platforms problem to figure out how they provide traceability without breaking encryption means that the government doesn't look as if it's trying to risk harming privacy, even if that's what its demand will end up doing. What is traceability? It's worth noting that in its Intermediary Liability consultation, the government hasn't defined what traceability is. The specific clause in the still draft amendment to the IT Rules is: (5) When required by lawful order, the intermediary shall, within 72 hours of communication, provide such information or assistance as asked for by any government agency or assistance concerning security of the State or cyber security; or investigation or detection or prosecution or prevention of offence(s); protective or cyber security and matters connected with or incidental thereto.…
