Top Story


Home >> Digital >> Article

Will WhatsApp's new encryption policy make its use illegal in India?

Font Size   16
Will WhatsApp's new encryption policy make its use illegal in India?

The encryption battle continues as WhatsApp joined the encryption wagon and showed that they support the cause of user privacy. With end-to-end encryption, messages are scrambled as they leave the sender's device and can only be decrypted by the recipient's device. It renders messages unreadable if they are intercepted by any third party. WhatsApp, which has a billion users worldwide, said file transfers and voice calls would be encrypted too. Users with the latest version of the app were notified about the change when sending messages. The setting is enabled by default.

The new revolution has cast doubts over security concerns. With encrypted messages being sent and received between the billion users, some may use it for disruptive activities.

Information Technology (Amendment) Act, 2008 provides for encryption under Section 84A. The Central Government may, for secure use of the electronic medium and for promotion of e-governance and e-commerce, prescribe the modes or methods for encryption. According to the law, the government can prescribe and permit encryption policies for e-commerce sites that use online payments and other important payments details in order to prevent any kind of misuse. Currently encryption is restricted to 40-bits under the telecom licensing policy regime which is quite weak by its own standards. The government, however, has legitimate need to access encrypted data for monitoring of suspected criminals and terrorists in what is considered as lawful interception. With a weak encryption, the rise of cyber crimes cannot be curbed. Phishing attacks of online banking accounts or cloning of ATM/Debit cards are common occurrences.

When it comes to telecom service providers and internet service providers a license needs to be obtained to render such services. The license brings with it a lot of restrictions which also include encryption requirements. Apps like WhatsApp, Skype and Viber are, however, neither telecom service providers nor internet service providers and for such OTT’s there are no encryption requirements, nor are there any other requirements in the name of security which these have to comply with. In the absence of any regulations at present, it’s clear that WhatsApp’s new end-to-end encryption policy is perfectly legal, even though it presents a new dilemma for the government.

TRAI’s OTT Consultation Paper notes that OTT is the service model not only for future communications and media services, but also for emerging services, such as e-commerce, m-commerce, e-health, e-education, smart grids and the digital economy in general. In 2013, the worldwide annual SMS traffic was around 8.16 trillion messages, compared to 18.3 trillion messages by OTT players. As per the report the impact of messaging in India is also in line with international trends. In India, as on December 2014, WhatsApp topped the messaging application market with 52% of all the users using OTT messaging services, followed by Facebook Messenger with 42%, Skype with 37% and WeChat with 26% share.

It further adds, “Communication services that use internet for transmission like VoIP and instant messaging have security implications primarily because they bypass the regulatory regime enforced on conventional voice and messaging services provided by TSPs. The differences between regulations for VoIP and conventional voice service have implications for telephone number management, public safety, emergency number access and national security. Without secure connections through TSPs, they present various cyber security threats.”

WhatsApp, being an intermediary, is expected to comply with directions to intercept, monitor and decrypt information issued under Section 69 of the Information Technology Act, 2000. Complying with such a direction will now be impossible for WhatsApp in view of its end-to-end encryption. Even before the introduction of this, since WhatsApp is not a company based in India, it may have been able to refuse to comply with such directions. In fact, compliance by such companies in regard to data requests from the Indian government has been reported to be very low.

India has now withdrawn draft encryption policy required service providers, from both India and abroad, which are using encryption technology, to enter into agreements with India in order to be able to provide such services. One of the suggestions in the draft was that people using encrypted services will be asked to keep the decrypted data for at least 90 days. This will include any interception, monitoring and decryption requests made under Section 69 of the IT Act. If WhatsApp refuses to comply with such a regime if ever applied that would make WhatsApp illegal in India.

Baba Ramdev brought his sharp wits for an interview with e4m where he promised to disrupt more markets and spoke about he the way he created a brand through consistent and selfless work

GroupM is in talks with several digital clients currently with its other agencies to shift them to Essence, which is looking at a major expansion plan in 2018

Thomas, Chief Marketing Officer, Diageo India, gives us a peek into the marketing strategy for McDowell’s No 1 Soda, its creation of ‘No 1 Yaari Jam,’ their own set of 4Ps and importance of content

NewsCode, a hyper local online news platform was launched last night with a network of over 350 local reporters in Karnataka and Jharkhand. Apurv Swarup, the co-founder talked to Exchange4Media about his vision

Voot, which is producing almost 4X content on an overall basis on the reality drama, is gunning for big numbers both on viewership and advertising revenue

YouTube today released its annual year-end edition of the YouTube Ads Leaderboard 2017 capturing the most celebrated ads that received maximum views, shares, and love from audiences across India

Real world study of Appier's network shows significant benefits of AI over traditional rule-based systems