Message tracing: WhatsApp challenges new IT rules in Delhi High Court – The Financial Express

Clipped from: https://www.financialexpress.com/industry/technology/message-tracing-whatsapp-challenges-new-it-rules-in-delhi-high-court/2259633/

Against clause which requires it to provide first originator of ‘mischievous messages’

What WhatsApp means to say is that end-to-end encryption was designed to help ensure that nobody other than the person you are talking to can say that you sent a particular message. This is the exact opposite of traceability, which would reveal who sent what to whom.

WhatsApp has challenged a clause of the new intermediary guidelines notified by the government under the Information Technology Act, which requires it to provide the first originator of what is deemed as mischievous messages by the government. The new guidelines came into force from Wednesday. The company, which filed the petition in the Delhi High Court on Tuesday evening, has stated that the new requirement under Rule 4(2) is “unconstitutional”, “illegal”, and “ultra vires the IT Act”.

The clause singularly impacts WhatsApp, which has long resisted the inclusion of this clause with some support from civil society activists, on the pretext that it forces it “to break end-to-end encryption on its messaging service, as well as the privacy principles underlying it, and infringes upon the fundamental rights to privacy and free speech of the hundreds of millions of citizens using WhatsApp to communicate privately and securely”.

Referring to Rule 4(2), WhatsApp in its petition has stated that it “infringes upon the fundamental right to privacy without satisfying the three-part test set forth by the Hon’ble Supreme Court: (i) legality; (ii) necessity; and (iii) proportionality”, in the KS Puttaswamy vs Union of India, (2017) ruling.

Interestingly, while WhatsApp has moved the Delhi High Court against a government law on the grounds of protecting privacy of individuals and their data, it is facing another case in the same court where the government has challenged its new privacy policy wherein it can share commercial user data with its parent Facebook.

Though technology experts have in the past rejected WhatsApp’s claims that tracing the first originator of messages tantamount to breaking end-to-end encryption, since the same can be done through source codes instead of reading the content of the messages; the messaging platform has a different take on it. It has stated in its petition that there is no way to predict which message will be the subject of such a tracing order. Therefore, it would be forced to build the ability to identify the first originator for every message sent in India on its platform upon request by the government forever. “This breaks end-to-end encryption and the privacy principles underlying it, and impermissibly infringes upon users’ fundamental rights to privacy and freedom of speech,” it has said in its petition.

What WhatsApp means to say is that end-to-end encryption was designed to help ensure that nobody other than the person you are talking to can say that you sent a particular message. This is the exact opposite of traceability, which would reveal who sent what to whom.

For instance, traceability may force private companies to collect and store who said what and who shared what for billions of messages sent each day. This could lead to platforms to collect more data than they need on the pretext that law enforcement agencies may need it. Advocates of WhatsApp’s position also say that traceability would not be effective in finding the originator of a particular message because people commonly see content on websites or social media platforms and then copy and paste them into chats.

The new intermediary rules, which were notified on February 25, are aimed at regulating all social media intermediaries like Twitter, Facebook, Instagram, Google, YouTube, etc, as as well as over-the-top platforms like Netflix, Amazon Prime Video, and stand-alone digital media outlets. While the guidelines relating to intermediaries were already in force from earlier times, through the addendum the government has tightened some clauses such as reducing the time provided to some platforms to remove what is deemed by it as unlawful content under Section 69A of the IT Act. Such content now needs to be removed within 36 hours of being flagged against 72 hours earlier.

Further, these platforms would now have to appoint grievance redressal officers in the country and resolve consumer grievances within a specific time period, as well as have designated nodal officers for coordination with the government over law and order matters. It was only for messaging platforms like WhatsApp that a new requirement was inserted which required it to provide the first originator of what is deemed as mischievous messages by government which may lead to law and order problem or threatens the country’s sovereignty, integrity, or friendly relations with neighbours.

While the new guidelines came into force from Wednesday, none of the intermediaries have fully complied with them. They have through their industry associations sought extension in the timeline for compliance and are engaging with the government on some aspects of it. Non-compliance with the rules would result in these social media companies losing their intermediary status, which provides them exemptions and certain immunity from liabilities for any third-party content and data hosted by them. Once this happens, they could be liable for criminal action, in case of complaints.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s