END-TO-END ENCRYPTION OF CHATS

End-to-end encryption (E2EE) is a communication system in which only the people communicating may read the messages. In theory, it prevents prospective eavesdroppers from accessing the cryptographic keys needed to decode the discussion, such as telecom providers, Internet providers, and even the communication service provider. The goal of end-to-end encryption is to prevent data from being read or secretly manipulated by anybody other than the sender and recipient (s). The sender encrypts the messages, but the third party has no way of decrypting them and stores them encrypted. The recipients obtain and decrypt the encrypted data on their own. Companies that provide end-to-end encryption, for instance, are unable to provide up texts of their customers’ messages to authorities since no third parties can decode the data being sent or stored.

WhatsApp is now used by millions of people all around the world. Since the start of the corona virus pandemic, During the lockout, WhatsApp allowed users to communicate with their friends and family. End-to-end encryption of conversations was created to ensure that when a person sends a message to another person, it cannot be read by anybody other than the recipient of the message. Encryption is defined in Schedule V of the IT Act (certifying Authorities) Rules 2000. Let’s use WhatsApp as an example. When we send a message using WhatsApp, neither WhatsApp nor the recipient can read it. WhatsApp introduced end-to-end encryption in its messaging platform in 2016, ensuring that no one, including WhatsApp, can read the messages. The new intermediary laws demand the polar opposite of WhatsApp: the discussions must be open in order to see who sends what to whom.

WhatsApp has filed a complaint in the Delhi High Court against the Central Government’s new IT rule requiring message senders to track their origin. According to the new IT standards for digital media platforms in 2021, social media platforms such as WhatsApp must include a feature that allows users to “identification of the first originator of the information.” This is against WhatsApp’s policies.

There have been stories of Bollywood stars’ WhatsApp communications being leaked in drug cases, including Sushant Singh’s case in Mumbai, during the last year. Following the breach of Bollywood actress Deepika Padukone’s WhatsApp talks, various questions concerning WhatsApp’s privacy and policy surfaced. For 90 days, the Facebook-owned messaging service takes various procedures to protect records of the account that is linked to an official criminal inquiry. Requests submitted by non-law enforcement officers are not examined, implying that no news outlet has the authority to write to WhatsApp and read the user’s communications.

According to a source, customers sign up for WhatsApp using only their phone number, and WhatsApp has no access to the content of the messages. He went on to say that WhatsApp backups include chats, documents, and all other files on Google Drive for Android devices and iCloud for iPhones, and that nothing is in WhatsApp’s hands in that situation. These Google Drive and iCloud backup files and chats are not encrypted end-to-end. This implies that anyone can access it. Finally, he advised WhatsApp users to take advantage of all of the operating system’s security features, such as strong passwords and biometric IDs to prevent third-party access.

Can traceability and end-to-end encryption co-exist?

Because someone may have copied anything they saw on social media and copy pasted it, WhatsApp’s traceability will not be successful in locating the source of a particular message. Technically, systems like WhatsApp and Signal do not allow for traceability. According to WhatsApp, permitting traceability implies “lowering the wall” of privacy for everyone. It’s still unclear whether the new Rules will reduce the barrier in order to catch the “first creator.” The new Information Technology Rules 2021 will apply to social media companies operating in India. These recommendations were published in February, giving these platforms three months to comply.

Services that traceability rule cover?

Rule 4(2) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, requires all significant social media intermediaries, defined as social media platforms with more than 50 lakh users, to provide information “primarily in the nature of messaging” to enable the first originator to be identified.

Neither the rules nor the Information Technology Act of 2000 define messages. On open public social media platforms such as Facebook, Twitter, LinkedIn, YouTube, and others, traceability is not an issue because they can all save information about what was posted, when it was posted, and who posted it, as well as the IP address from which it was posted. In 2009, Twitter filed a lawsuit in the Madras High Court, asking the court, “Is Twitter essentially a messaging service?” Would it be possible to determine when a DM was first sent in India?”

National security

One of the accused in the Parliament attack was in contact with a terrorist. The Court stated that the length of a phone call between two people is unimportant; what matters is the content of the communication. According to Maharashtra Police General Inspector Brijesh Singh, if a bank fraud occurs, the police have access to the transaction’s details, and the same is true with end-to-end encryption. There must be a way to apprehend the perpetrator.

Do the rules break encryption?

The Indian government has not requested that end-to-end encryption be broken; instead, it has very clearly described the information it seeks, namely the first originator, without specifying the means.

The clauses that are used to notify the Rules deal with the central government’s general rule-making authority. Section 69A, as well as the standards that intermediaries must follow under Section 79(2), do not deal with encryption.

Section 87(2)(zh) relates to the government’s ability to prescribe encryption modes or procedures. Invasion of privacy is prohibited by Section 79 of the IT Act, which governs notification rules.

CONCLUSION

In light of the current situation of chat leakage, it is clear that end-to-end encryption is required to protect the user’s privacy on the internet. However, there must be a system in place that can identify the perpetrator of any crime while respecting the privacy of other users (chat encryption). In addition, WhatsApp may integrate an encryption system in its backup. If this type of technology does not emerge, anti-socials will increasingly use WhatsApp for their actions because it is encrypted and cannot be read by third parties.

Aishwarya Says:

I have always been against Glorifying Over Work and therefore, in the year 2021, I have decided to launch this campaign “Balancing Life”and talk about this wrong practice, that we have been following since last few years. I will be talking to and interviewing around 1 lakh people in the coming 2021 and publish their interview regarding their opinion on glamourising Over Work.

If you are interested in participating in the same, do let me know.

Do follow me on FacebookTwitter  Youtube and Instagram.

The copyright of this Article belongs exclusively to Ms. Aishwarya Sandeep. Reproduction of the same, without permission will amount to Copyright Infringement. Appropriate Legal Action under the Indian Laws will be taken.

If you would also like to contribute to my website, then do share your articles or poems at adv.aishwaryasandeep@gmail.com

We also have a Facebook Group Restarter Moms for Mothers or Women who would like to rejoin their careers post a career break or women who are enterpreneurs.

We are also running a series Inspirational Women from January 2021 to March 31,2021, featuring around 1000 stories about Indian Women, who changed the world. #choosetochallenge

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.