WhatsApp told the Madras High Court on June 6 that its end-to-end encryption software made it impossible to track down the original sender of a message, including forwarded messages, Bar & Bench reported. WhatsApp made this submission during a case that is examining ways in which cybercrime might be curbed with the assistance of social media companies. The bench, comprising Justices S Manikumar and Subramonium Prasad, had asked if was possible to trace the original sender of a message that seeks to spread misinformation. WhatsApp, Google, YouTube, Facebook, and Twitter were impleaded in response to a PIL that sought to get Aadhaar linked to email IDs and other online user accounts to help detect online crimes. MediaNama has reached out to WhatsApp for comment and will update this once we get a response from the company.
How did the state of Tamil Nadu argue?
Advocate General Vijay Narayan cited a provision from the Draft Information Technology [Intermediaries guidelines (Amendment) Rules] 2018 that obligates intermediaries to assist government agencies within 72 hours in the investigation of a cybercrime. The guidelines further prohibit the uploading of a new class of content, that is, any content that threatens “public health or safety”. They also require the intermediaries (platforms) to trace the originator of the prohibited content. As these rules are still at the drafting stage, the AG argued that the intermediaries must be directed to strictly cooperate with law enforcement.
How did WhatsApp respond?
Citing WhatsApp’s end-to-end encryption technology, Senior Advocates Kapil Sibal and Arvind Datar argued that it was impossible to track the sender of a WhatsApp message, including the original sender of a forwarded message. Even WhatsApp does not have the decryption key for these messages, and thus cannot access their content, they said. It only has access to basic subscriber information – that is, who has registered to use the app. To discern the sender of any message, every message on WhatsApp will have to be recorded in a decrypted manner, thereby providing backdoor access to all WhatsApp communication, which in turn undermines WhatsApp’s basic promise of privacy through encryption. At MediaNama’s discussion on Safe Harbour, a participant had explained that as WhatsApp is built on the Signal protocol, without building a back door, decryption is practically impossible. Senior Advocate Datar pointed out that India is the only country in which a request for decryption of WhatsApp data has been made.
Narayan argued that modifying WhatsApp’s software could solve the problem, and Sibal conceded that while it might be possible to modify the software, it would still not aid in tracking down the original sender of the message alone. Sibal iterated the need to solve this issue at a policy level.
Twitter, Google give inputs
Twitter and Google both submitted that all intermediaries could not be viewed uniformly as they catered to different needs. Senior Advocate Sajan Poovayya, on behalf of Twitter, said that there is a spectrum of intermediaries with WhatsApp on one end (with its personal messaging, end-to-end encryption service) and Twitter on the other (public tweets via a public handle). Google and YouTube, represented by Senior Advocate P S Raman, argued that unlike WhatsApp, Google does not encrypt data. The case will next be taken up on June 27.
WhatsApp’s tussles with the Indian government on traceability
Over the past year, MeitY has repeatedly met with WhatsApp over the issue of traceability of messages, citing fake news and misinformation spread on the platform that led to lynchings. Thus far, WhatsApp has resisted the Indian government’s demands for allowing traceability, as it would compromise users’ privacy. MediaNama’s editor Nikhil Pahwa explains why the government needs to modify its “rights, but” approach to WhatsApp and traceability here.