New IT rules: Social media firms discover themselves in a bind as new guidelines threaten encryption
In the midst of the controversy over the “toolkit”, the Indian government drafted several new regulations for social media a few days ago, one of which should identify the “first author” for apps like WhatsApp. When drafting guidelines on February 26, Justice and IT Minister Ravi Shankar Prasad declared that the perpetrators of agencies that abuse sovereignty, security, relations with other states and rape must be exposed. This is because the government wants to track down instigators in cases where social media apps are used to spread “mischief”.
In order to track the origin of messages, the apps that provide privacy may need to violate their end-to-end encryption policy. Encryption is a kind of security blanket. This means that no one but you and the person you are messaging with can read your conversations.
Ravi Shankar Prasad said the government does not want the content that has already been posted in the form of tweets or messages. “But who started the disaster? They (social media platforms) have to disclose this, ”he said on February 26th.
However, the government has made it clear that the “first author” search is only required in cases where the sentence is more than five years. This includes cases where the national sovereignty of India, state security, public order, and other scenarios set out in Section 69 of the IT Act could be threatened.
This also means that a valid court order must be in place. The rules make it clear that such an order should not be issued when less intrusive means are in effect.
But the question is how far back do you go to assign the blame. Platforms like WhatsApp, which do their business with promising user privacy using end-to-end encryption, will have a hard time dealing with the regulation once it comes into effect after three months. But they have to offer privacy, which is an individual’s fundamental right. However, if these platforms do not comply with the new IT rules, they will be responsible to the Indian government.
Legal experts believe that this will hold these intermediaries liable for illegal information from third parties and may even cease business.
However, it is difficult to unlock when the encryption is strong enough. According to Apple, creating a backdoor that invalidates encryption would unlock a new set of security threats for users. In the past, WhatsApp always refused such requests, citing end-to-end encryption. If the platform breaks encryption now, it is breaking its own rules and regulations.
However, securing chats on a cloud storage platform removes the end-to-end encryption protection that the intermediary can access. WhatsApp’s option to back up chats and messages in the cloud was introduced three years ago.
For users, the bigger question is freedom of expression.
But here’s the catch: within the new rules, the central government hasn’t determined who will decide whether the line has been crossed. Over the next three months, the guidelines may be adjusted to ultimately strike a balance between company rules, user privacy, and the government’s goal.