WhatsApp ‘Can’t Exist’ Under India’s Information Technology Rules
Platform Tells Court No Other Country Has Rules Like This on Encryption
Newsreel Asia Insight #203
April 26, 2024
WhatsApp, the globally popular messaging platform, has told the Delhi High Court that it would cease to operate in India if forced to break its end-to-end encryption of messages. The statement was made during a hearing concerning Rule 4(2) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, which requires social media intermediaries to trace the first originator of information when ordered by a court or competent authority.
Representing WhatsApp, Advocate Tejas Karia explained to the court, presided over by Acting Chief Justice Manmohan and Justice Manmeet Pritam Singh Arora, that the rule would necessitate WhatsApp to store billions of messages for several years, a requirement unique to India, as reported by Business Standard.
Karia noted that no other country in the world mandates such measures, not even in countries where WhatsApp operates with a significant user base, such as Brazil. In his argument, he emphasised that breaking the platform’s encryption would violate WhatsApp’s commitment to privacy and secure communication. He stated, “As a platform, we are saying, if we are told to break encryption, then WhatsApp goes.”
The case involves petitions filed by WhatsApp and its parent company Facebook (now Meta), challenging the IT rules. The rule in question mandates significant social media intermediaries to enable identification of the first originator of information when ordered by a court or a competent authority. This requirement is not mandated by the Information Technology Act, according to Karia.
Representing the central government, Advocate Kirtiman Singh argued that the rule’s intent is to trace the originator of messages for security purposes, particularly given the current circumstances. He asserted that the platform’s largest user base is in India, with over 500 million users, and that WhatsApp plays a critical role in disseminating information from government bodies to citizens. Singh mentioned that tracing message originators is crucial for public safety and national security.
The court adjourned the case to Aug. 14, where it will be heard alongside other cases challenging various provisions of the IT Rules 2021.
The traceability requirement under the IT Rules undermines the right to privacy as defined by Article 21 of the Indian Constitution, according to Software Freedom Law Centre, which explains that requiring WhatsApp to identify the first originator would breach the privacy of all its users in India.
End-to-end encryption ensures that messages exchanged between individuals remain inaccessible to anyone else, including the platform itself. Altering this encryption would compromise the established privacy inherent in end-to-end encrypted messaging apps.
WhatsApp contends that the traceability provision fails the three-part test established by the Puttaswamy I ruling: legality, legitimate state aim and proportionality. The platform also points out that Rule 4(2) lacks the necessary judicial oversight.
“To implement this rule, entities will have to ‘fingerprint’ each message and this may defeat end-to-end encryption. As a consequence, privacy of every user will be compromised to investigate crimes committed by a miniscule-minority,” says the Internet Freedom Foundation.