WhatsApp has filed a petition in the Delhi High Court challenging the new IT rule that require the Facebook-owned company to trace the originator of any message on its platform. The messaging platform said that doing so would severely undermine user privacy.
The Government had notified The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (IT Rules) in February. The new rules have come into effect today. One of the major issues of contention under the new rule is the requirement to trace the originator of a post or a message. Facebook-owned WhatsApp, which counts India as its largest market with over 400 million users, has been resisting this on grounds of its privacy norms and its inability to trace the original sender of any message.
Also read:
“Requiring messaging apps to “trace” chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people’s right to privacy. We have consistently joined civil society and experts around the world in opposing requirements that would violate the privacy of our users. In the meantime, we will also continue to engage with the Government of India on practical solutions aimed at keeping people safe, including responding to valid legal requests for the information available to us,” said a WhatsApp spokesperson.
In a blog post the messaging platform said while some governments are seeking to force technology companies to find out who sent a particular message on private messaging services, technology and privacy experts have determined that traceability breaks end-to-end encryption and would severely undermine the privacy of billions of people who communicate digitally.
“Reasonable and proportionate regulations for an increasingly digital world are important, but eroding privacy for everyone, violating human rights, and putting innocent people at risk is not the solution. WhatsApp is committed to doing all we can to protect the privacy of people’s personal messages, which is why we join others in opposing traceability,” WhatsApp said.
The company said that tracing messages would be ineffective and highly susceptible to abuse. “If you simply downloaded an image and shared it, took a screenshot and resent it, or sent an article on WhatsApp that someone emailed you, you would be determined to be the originator of that content. At another point, someone might copy and paste the same piece of content and send it along to others in an entirely different circumstance. Think of this like a tree with many branches – looking at just one branch doesn’t tell you how many other branches there,” it said.
WhatsApp also said that tracing the originator of messages is against human rights.
Traceability forces private companies to turn over the names of people who shared something even if they did not create it, shared it out of concern, or sent it to check its accuracy. "Through such an approach, innocent people could get caught up in investigations, or even go to jail, for sharing content that later becomes problematic in the eyes of a government, even if they did not mean any harm by sharing it in the first place.
The threat that anything someone writes can be traced back to them takes away people’s privacy and would have a chilling effect on what people say even in private settings, violating universally recognized principles of free expression and human rights," WhatsApp said.
Experts are backing WhatsApp in this case. According to Software Freedom Law Centre this provision of traceability will undermine end-to-end encryption and will severely impinge on security and privacy of communications. "This is because in order to comply with the traceability provision, there is a high likelihood that the significant socialmedia intermediaries will have to break end-to-end encryption and access the contents of a message, thereby compromising the privacy of communication. This will considerably weaken security of end-to-end encrypted platforms. This move would severely dent theprivacy by design principle by acting both ways i.e. being a valuable target for malicious third parties," SFLC said in a post.