The government has proposed that WhatsApp assign an alpha-numeric hash to every message sent through its platform as a solution to break the deadlock over traceability on the messaging app, senior government officials told ET. The hash can travel with the message and in case of any unlawful activity, the originator of the message can be traced without breaking the app’s encryption, the sources said.
“The government is willing to work with WhatsApp to come up with a solution to enable traceability of message originators without breaking encryption,” according to officials in the know.
In February, the Centre notified the Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code) Rules, 2021 that mandates traceability of first originator of a message flagged by either a court of law or an authorised government agency.
Facebook-owned WhatsApp, which counts India as its largest market with over 400 million users, has so far, resisted the demand to trace the origin of flagged messages citing inviolability of its privacy norms while also communicating its inability to provide traceability due to the lack of appropriate technology.
However, the government has remained steadfast in its demand for compliance on what it terms as a “law and order” requirement.
“The discussions are currently ongoing, WhatsApp has not formally communicated its position so far,” said the official cited above. The messaging app has three months to comply with the February notification as it is considered a “significant social media intermediary” with over five million users in India.
WhatsApp did not respond to ET’s queries till press time.
The San Francisco headquartered messaging platform has argued that billions of messages are sent from its platform every minute making it impossible to store or keep track of them.
On its part, the government doesn’t require WhatsApp to store the entire message but only the hash so that it can be traced back in case of a law and order situation, officials said. “You can’t run such a large platform and build no
accountability into it. Even if one woman’s dignity is compromised, they must help in nabbing the perpetrators,” the sources added.
Pointing out that the IT Act contains a clause which requires companies to decrypt messages as and when ordered by the government, a senior official said, “the government has never enforced that clause, so far.”
Large social intermediaries must also provide voluntary verification of users, appoint nodal grievance and compliance officers stationed in India and put in place automated tools to filter out abusive content targeted at children and women.
Earlier this month, while speaking on a podcast, WhatsApp chief Will Cathcart had said the company hoped to find a solution to address the Indian government’s traceability concerns without breaking end-to-end encryption.
Separately, IIT Madras Professor V Kamakoti, who is a member of the National Security Advisory Board, had offered a couple of solutions to enable traceability without breaking end-to-end encryption in his submissions to the Madras High Court in 2019.
He had earlier told ET that WhatsApp could employ options such as tagging the originator’s phone number with the message and displaying it every time it is forwarded. This, he had said, would not require WhatsApp to read the messages at any stage, thus keeping its encryption in place and avoiding violation of privacy rights. Alternatively, “the originator information can remain encrypted and upon receiving a court order, they can decrypt and provide the information,” Kamakoti had said.