Ravi Shankar Prasad: ‘Govt not in favour of breaking WhatsApp’s encryption, users have full right to it’

India is not the only country seeking a regulatory mechanism to access “limited” data from end-to-end encrypted instant messaging platforms such as WhatsApp in order to be able to detect and prevent crime, Union Information Technology Minister Ravi Shankar Prasad said.

Also, this would not change anything for ordinary WhatsApp users, the Minister said.

“On WhatsApp, I would like to clarify. The ordinary user of WhatsApp has nothing to fear. They will continue using WhatsApp as they have been using. What we are seeking is very limited,” Prasad told The Indian Express in an interview.

Prasad’s comments come at a time when Facebook-owned WhatsApp has approached the Delhi High Court saying that the Ministry of Electronics and Information Technology’s (MeitY) norms on the identification of the first originator of the information would mean breaking end-to-end encryption.

It is due to this end-to-end encryption that its users — including government officials, law enforcement officials, journalists, members of ethnic and religious groups, scholars, teachers, and students — are able to “exercise their right to freedom of speech and expression without fear of retaliation”, WhatsApp has said in its plea.

Prasad said that as much as the government respected the privacy of individuals and would follow the Supreme Court’s instructions on the same, it should also be kept in mind that the same judgment had mentioned that “terrorist, a criminal or a corrupt person does not have any right to privacy”.

“How could Cambridge Analytica obtain information of lakhs of social media users? Are all these lectures (on privacy) reserved for India? You (WhatsApp) are updating the privacy policy, saying that users who are interacting with the business account, their data will be shared with Facebook. There, they (WhatsApp) are themselves trying to compromise with privacy and here they are giving us gyaan on privacy. These are double standards,” Prasad said.

An end-to-end encryption method on instant messaging platforms like WhatsApp means the message is encrypted in an unreadable format when it leaves the sender’s device and is decrypted in a readable format only when it is delivered on the intended receiver’s device.

WhatsApp and other instant messaging platforms have repeatedly claimed that even they cannot know what their users are sending, and therefore, cannot help governments when it comes to breaking the encryption even for specific cases.

On Wednesday, the IT Ministry had in a statement cited two sources of information to establish its claim that India was not alone in demanding that instant messaging platforms like WhatsApp include some mechanism in the design of their products and services so that governments and law enforcement agencies could, with the backing of an appropriate legal authority, access certain data in a readable format.

One of the sources that the Ministry cited was a October 11, 2020 press release from the Office of Public Affairs under the United States Department of Justice, while another quoted news reports that said Brazil was planning a similar approach to apprehend the data of drug traffickers.

“We are not seeking the content of the WhatsApp message. We only say who started the mischief. And if it has come from abroad, who picked it up in India first? That is all. Therefore, we are not asking any big moon or breaking their encryption at all. I repeat, ordinary users have full right to encryption,” Prasad said.

On February 25 this year, the government had announced new guidelines for all social media intermediaries, including instant messaging platforms. The IT Ministry had then mandated that instant messaging platforms should enable the identification of the first originator of the information on its computer resource.

Prasad also censured Twitter for its statement claiming the “core elements of the new IT Rules” were a threat to the freedom of expression for users in India and inhibited “free, open public conversation”.

Twitter had said it was “particularly concerned” about the requirement of making the chief compliance officer criminally liable for content on the platform.

Prasad said the government does not interfere on issues of social media on a daily basis, and does not want to either.

“Does it require a big infrastructure to establish a good grievance redressal officer based in India whose name is in circulation? Does it require a UPSC (Union Public Service Commission) selection to have a nodal officer or a compliance officer? Why are you (Twitter) reluctant not to set up a good office with a grievance redressal mechanism?” the Minister said.