Claiming that tracing the origin of message is technically possible, Chennai-based KPost Software wants to be impleaded in the ongoing WhatsApp traceability case in the Madras High Court. KPost says that its communication platform can “trace the origin of complete string of forwarded messages”.

KPost claims that it can give a technical explanation for how traceability can be enabled; they have submitted the proof (given below) for this to the court:

“If required, we can trace the origin of communication without much difficulty,” KPost told MediaNama. “We believe this is the need-of-the-hour very much. Otherwise, it will create total chaos.”

It says that traceability can be done in chronological order, with timestamp, irrespective of whether the subscribed user deletes the message or not. The company’s application also suggests that it stores deleted messages, or at least their metadata, indefinitely. MediaNama has reached out to KPost for clarification.

KPost’s founder-director Sarath Kakumanu had filed for impleadment on September 12. It claims to offer end-to-end encrypted messaging services for individuals and businesses. It operates two apps, KPost and KPost SMACC (for small business), which are available on App Store and Google Play Store.

  • KPost has fewer than 100 downloads on Google Play Store, and KPost SMACC has fewer than 1000.
  • Google Play Store says that both apps are in development stage and “may be unstable”.
  • They’re currently available in India, UK, China and Singapore.
  • KPost told MediaNama that their app is “fully developed, some of its features are awaiting Patent, Trademark approvals and it is under testing and is likely to be launched very soon”.

So far, the Madras HC has sought expert opinion from IIT Madras professor Dr V. Kamakoti, who said that traceability is possible on WhatsApp without compromising end-to-end encryption. WhatsApp and intervener Internet Freedom Foundation have submitted their technical responses to the court.

KPost says local servers will help in traceability, chastises Big Tech

KPost said that “when a start-up [like KPost] can retrieve the origin of a message it is always possible for the techno-giants …, provided they have their servers based in our country.” The company claims that traceability is technically possible if the communication platform has its server in India, along with a 24X7 helpline to attend all queries and complaints from users. The company has not explained how localising servers would help in traceability.

It has called for Facebook, Twitter, WhatsApp, Google, YouTube to “take responsibility to trace the source message and also source forwarding such message so as to minimize the damages such as spreading of fake news, rumours, hoax, etc.”

The company told MediaNama in an email: “Even disclosing the complete details, and citing ‘privacy’ as the issue, some of the big social media giants are not allowing the Government to ‘Trace’ the origin of the messages. Another frequently cited reason is the usage of ‘encryption tech.’ As a team who developed such a system, we are fully aware of this issue inside out and we can give the verifiable proof in this matter.”

KYC norms on platforms will help fight fake news: KPost

According to KPost, KYC norms would help in holding spreaders of fake news accountable. Kakumanu claims that the company has a verified user base as it adheres to KYC norms.

The company had obtained sanction from the UIDAI to link Aadhaar to register and open an account with the platform, but the UIDAI revoked this authorisation after the SC judgement on Aadhaar. But KPost’s home page still clearly states that it provides “verification of all users via KYC/Aadhaar”. It continues, “It will be the Deterrent to Anti Social / Criminal elements against using the Communication platform.” Also, their Privacy Policy says that the company may still ask users for Aadhaar number for some financial products and services.

The company has called on Big Tech to adhere to “basic KYC norms … [which] would make the user accountable for their communication to curtail various online menaces”.

KPost Privacy Policy Screenshot

A screenshot from KPost’s Privacy Policy saying that they may still ask for Aadhaar 

We have reached out to KPost for more details and clarifications, and will update this article as we get them.

Dive Deeper: WhatsApp Traceability Case | Facebook Transfer Petition

*

Update (3:33 pm): This article was edited for clarity.