Social Networking Encryption: A Boon Or A Bane
The WhatsApp founder had also commented that they do ‘recognise the important work of law enforcement in keeping people safe, however, efforts to weaken encryption risks exposing people’s information to abuse from cybercriminals, hackers, and rogue states’
Photo Credit :
“Messages you send to this chat and calls are now secured with end-to-end encryption. Tap for more info.” This message that all WhatsApp users recently came across, heralded the implementation of end-to-end encryption for WhatsApp services. This would essentially mean that, where an electronic message is sent (mail/ text/ video/ call), the same is scrambled in such a way that only the receiver of that particular message would be able to read or view or hear (decrypt) it. No third party, including telecom service providers, internet service providers, cyber criminals, hackers and WhatsApp itself, would be able to see this communication.
Viber has decided to follow suit, and they have also announced end-to-end encryption for all of its one-to-one and group conversations, including video, voice and text messages. Viber has gone one step further and added a new feature (Hidden Chats), whereby encrypted messages that continue to exist on both the sender’s and receiver’s phone can be hidden by the users and be made accessible only with a four-digit pin number.
WhatsApp’s founder Jan Koum, in his statement regarding this new feature, commented that ‘the desire to protect people’s private communication is one of the core beliefs we have at WhatsApp’. While privacy is without doubt one of the fundamental principles of any form of private communication, nonetheless, such a declaration may seem slightly controversial in the wake of the recent unfriendly interactions between Apple and Federal Bureau of Investigation (FBI) regarding encryption and giving the security agencies access to data/content.
This new feature could make matters difficult for authorities from a law enforcement perspective. Governmental agencies across several jurisdictions have, for security reasons, sought for services like WhatsApp to have a ‘backdoor’, in order for them to have access to data that is encrypted. Few nations are also considering statutorily mandating this requirement. However, service providers have vehemently objected to the same, stating that providing for a backdoor for encrypted services is as good as not encrypting the data, and that this would defeat the very purpose. Given this background, in the event of any misuse of the services, it is unclear as to what stand would WhatsApp or Viber take, and whether they would be in a position to help the authorities in intercepting the data. The Apple-FBI issue is a classic example, that too, in such critical situation which involved threat to national security and loss of human lives. WhatsApp / Facebook, along with several other companies, had come to the fore in support of Apple in its battle against FBI.
WhatsApp is currently owned by Facebook, which on the one hand maintains that data privacy and data protection are the prime considerations when it comes to private communication, while on the other hand, monitors user data and manipulates user behaviour in order to improve their services, and even share the results of such studies with the governmental agencies, if required. At this juncture, it may be pertinent to recollect the secret psychological tests that Facebook conducted in 2012, by reducing the number of positive messages its users saw for a particular time period, without their knowledge, in order to test what effect that had on their Facebook activities. The fiasco did create a huge concern among the general public, forcing Facebook to apologise. There does seem to be a certain element of disconnect when one tries to put together all these points.
Few ancillary issues may also crop up in this regard. For example, several applications have their own filters to screen spam and virus. Such functionality would have the capability to screen the contents of each message and detect if they contain any malware, and accordingly report spam/ delete it. With the implementation of this new feature, spam filters and antivirus applications will not be able to screen messages thus allowing all malware to come through and infect the devices.
At this juncture, it may be difficult to comprehend how this whole matter would pan out, and we may have to wait and see the issues that may be faced by the law enforcement and security agencies, and how would this be tackled. It may also be interesting to see whether India’s Information technology and Telecom laws would undergo any modification in view of this change. The WhatsApp founder had also commented that they do ‘recognise the important work of law enforcement in keeping people safe, however, efforts to weaken encryption risks exposing people’s information to abuse from cybercriminals, hackers, and rogue states’. We may soon find ourselves evaluating the two sides, trying to establish what is more important – privacy or public safety.
With inputs from Rakesh Warrier, Senior Associate, JSA
Disclaimer: The views expressed in the article above are those of the authors' and do not necessarily represent or reflect the views of this publishing house. Unless otherwise noted, the author is writing in his/her personal capacity. They are not intended and should not be thought to represent official ideas, attitudes, or policies of any agency or institution.