EnglishFrenchGermanItalianPortugueseRussianSpanish
Home » News » WhatsApp’s end-to-end encryption makes it illegal to operate in India
0

WhatsApp’s end-to-end encryption makes it illegal to operate in India

By on April 8, 2016
whatsapp-stock-image.jpg

WhatsApp’s latest move for end-to-end encryption makes it illegal to operate according to Indian laws.

WhatsApp earlier this week turned on end-to-end encryption for its services. This means all of its features including group messages, voice calls and personal messages are encrypted and cannot be accessed by anyone else, including WhatsApp itself, other than the sender and receiver. Even though the feature ensures users’ privacy, it may land into legal troubles in India. WhatsApp has enabled a 256-bit encryption whereas Indian law only permits up to 40-bit permission for the private parties.

But here’s the catch. The Indian government’s encryption policy is primarily for Internet service providers and cellular carriers. WhatsApp is an OTT player and doesn’t have any operations in India. So technically WhatsApp cannot come under Indian government’s purview for encryption. However, WhatsApp is now owned by Facebook, which has offices and operations in India. Last month, Facebook’s vice president of Latin America was arrested in Brazil for WhatsApp’s refusal to turn up information related to drug trafficking cases. The executive was later released and Facebook claimed WhatsApp was a separate entity and it did not store user information.

End-to-end encryption, the kind that WhatsApp has implemented, becomes a huge challenge for law enforcement agencies considering even WhatsApp cannot decrypt the information. The case is similar to what happened with BlackBerry in India a couple of years ago, where it was forced to set up its servers in India and provide information to the government in a readable format, if it was served a legal warrant to do so.

Last year the Telecom Regulatory Authority of India (TRAI) had floated a consultation paper for regularizing the OTT players in the country. On encryption, the regulator had commented that “special encryptions” make it difficult for law enforcing agencies to intercept. It also pointed out that after prolonged persuasion by the Indian government BlackBerry had agreed to monitor, track and intercept its services including mails, chats and browsing history on BlackBerry devices.

Here’s what the existing law says, “Individuals / Groups/ Organisations are permitted to use as customer encryption up to 40 bit key length in the RSA algorithms or its equivalent in other algorithms without having to obtain permission. However, if encryption equipments higher than this limit are to be deployed, individuals/groups/organisations shall do so with the permission of the Telecom Authority and deposit the decryption key.”

In WhatsApp’s case, the encryption is higher than the set limit and the company doesn’t possess any decryption keys either that can be “handed over” to the regulator. It is unlikely that WhatsApp would even set up servers in India and provide the government access to it or create any backdoor.

“No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private – sort of like a face-to-face conversation,” WhatsApp co-founders Jan Koum and Brian Acton had written in a blog post announcing the end-to-end encryption.

WhatsApp’s desire for privacy comes from its co-founder Jan Koum, whose family escaped the USSR and migrated to the US. It is one of the reasons why WhatsApp never implemented advertising as a revenue model, since it would have been a breach of the users’ privacy.

“The desire to protect people’s private communication is one of the core beliefs we have at WhatsApp, and for me, it’s personal. I grew up in the USSR during communist rule and the fact that people couldn’t speak freely is one of the reasons my family moved to the United States,” Koum wrote.

So, what the government can do next? Since WhatsApp is highly popular among the Indian youth, the government is likely to take any extreme action such as imposing a ban on the service, but it may very well step up pressure to backtrack the encryption decision. It is worth pointing out that WhatsApp has 1 billion users worldwide but a major share of its user base, over 100 million, reside in India.

Industry expert Pawan Duggal says that the Indian government can pressurize WhatsApp to withdraw encryption or give backdoor to its platform. The government may aim to replicate the BlackBerry model where the company was asked to set local server and share access with the law enforcement agencies.

Mishi Choudhary, an expert on technology and policy and also active participant in the Save The Internet campaign, says the government and local laws should catch up with the change in technologies and trends.

“There are sector specific regulations. The Stock Exchange regulator (SEBI) says minimum of 64 bit/128bit encryption standards are necessary. India’s Reserve bank of India (RBI), as well as the banking regulator, states that banks should use at least 128-bit encryption.The Data Security Council of India (DSCI) in 2009 recommended changes to the encryption rules with the use of 256 bit AES encryption, however no changes have yet been made. Limiting upto 40bit key length as the default standard makes no viable sense in today’s world,” she said.

Source: bgr.in

#Amazon #Android #Apple #Asus #camera #Galaxy #Google #Games #iPad #iPhone #Lenovo #Lumia #Laptop #Microsoft #Moto #Motorola #news #Nexus #Note #OnePlus #phone #Plus #Releases #review #Samsung #smartphone #Sony #Watch #Windows #Xiaomi #Xperia



Top Brands

Related Articles
No Comments

    Leave a reply

    About Dixplore

    Dixplore is an online magazine about news in tech field, reviews of the latest gadgets, computers, tablets and other cool features which take place in our life.

    Subscribe to NEWSLETTER

    Subscribe to our news by email.