While traceability will make law enforcement easier, it could also undermine voices of dissent, say experts.

news Court Thursday, August 08, 2019 - 18:36

One of the strengths of the messaging service used by 400 million Indians, WhatsApp, is the end-to-end encryption it offers, which means that only the sender and receiver can view the messages. However, there is a possibility that this may change, with the Madras High Court taking up the issue of traceability of messages. 

Two petitions filed in the Madras High Court in July last year by animal welfare activists Antony Rubin and Janani Krishnamurthy, called for Aadhaar or any government-authorised identity proof to be mandatory for any email or social media accounts and utility accounts (such as Ola and Uber). A division bench of the court comprising Justices S Manikumar and Subramonium Prasad expanded the scope of the petition to include curbing of cybercrime and intermediary liability. At a hearing in June, the High Court reportedly said: “Aadhaar is a government accord used only for social welfare schemes. You cannot have the government linking it with social media.” However, the court is looking at the traceability of messages, which experts argue could affect WhatsApp and other big players and have larger ramifications.

Pranav Bidare, a policy officer with the Centre for Internet and Society, says that at present, bringing traceability into the picture will make law enforcement easier, but take away the benefits of end-to-end encryption, which are based on privacy.

“The benefits of whatever tool we're trying to improve has to be weighed in comparison to the potential wrongs that could happen. In this case, when WhatsApp messages have the possibility of not being end-to-end encrypted, the fact that you will be able to trace forwards could mean that you could create a situation where people are afraid to send messages or forward things for fear of action being taken against them. There are two things — fear of spreading problematic material because one is afraid that action will be taken against them, but also fear of spreading material that could put you in a potential situation of danger,” he says. 

The Madras High Court asked IIT Madras Prof V Kamakoti, who is also a member of the National Security Advisory Board (NSAB), to submit a report on the feasibility of messages on WhatsApp being traced. In late July, he informed the court that it was possible to trace the original sender of messages on social media platforms, including Facebook and WhatsApp. He suggested that an information tag must be added to the message that was originally sent, so when it is eventually forwarded, the original person’s information details would be attached along with it. Another feature he suggested was that some messages be flagged as messages that cannot be forwarded.

Pranav says that he would favour features to tackle fake news, which is the system of making some messages un-forwardable. “I don't see a free speech problem there. I see a problem in adding actual traceability where if you make people liable for messages that they have been sending, then there is a thin line between curbing fake news, and curtailing free speech,” he adds. To tackle this, Pranav says that design changes are the way to go. 

‘Could undermine voices of dissent’

The Internet Freedom Foundation (IFF) filed to be an intervenor in the case, which the High Court accepted. An intervention allows the applicant to address the court on a specific matter but is not a party in the case. 

Speaking to TNM, Apar Gupta, the Executive Director of IFF, says that while it may not be best to speculate, the stakes in this case are significant and can have wide ramifications “because it wouldn’t be limited to a WhatsApp only”. 

“It could extend to any form of encryption deployed in a messaging system, which could potentially mean that even smaller uses of it, and could creep into other areas where encryption is utilised to maintain confidentiality. For instance, in areas such as business and trade secrets, encryption is used widely to ensure trade secrets do not leak out,” he says. 

Apar says that it could remove anonymity, which was a point raised by the Tamil Nadu government for traceability. “It could undermine voices of dissent, people who speak up against instances of abuse and harassment online, and also for addressing issues. One very good instance of this was the MeToo accounts put out by several women in India, quite often not under their name because they fear reprisals from men who have done these criminal acts,” he adds. 

Once the Madras High Court widened the scope of the petition, Google, Facebook and Twitter have all been impleaded in the case. 

Apar agrees that traceability is a debate which is merited, even if it is limited by the court to only WhatsApp. “It could stretch beyond the big players because it’s not limited to them, and it will eventually apply to functionality as opposed to size,” he adds.

This isn’t the first time that the government has gone after social media platforms, and WhatsApp in particular, over encryption and lack of sharing data with law enforcement. Minister of Electronics and IT Ravi Shankar Prasad met with WhatsApp’s global head Will Cathcart late last month after which he said that the company was told that traceability shall be their job and they need to find the mechanism to do so.

“But in the event that the WhatsApp platform is thought to be abused by rogue, terrorist, extremist elements, by repeating some kind of recirculation of messages, then there must be a mechanism whereby those can be traced to enforce appropriate law and order, and safety and security of the country,” Ravi Shankar Prasad then said, according to Medianama.

According to Buzzfeed News, WhatsApp, in a submission to the court, said: “Journalists could be at risk of retaliation for investigating issues that may be unpopular, civil or political activists could be at risk of retaliation for discussing certain right and criticizing or advocating for politicians or political, and personal information like sexual orientation, health, religious affiliation, Aadhaar, and financial information could be at risk of becoming publicly exposed.”