If you’re using WhatsApp’s latest version on any platform and on any device, congratulations, you’ve now received the best technologies we’ve got to prevent snooping – end to end encryption. By default WhatsApp has added encryption to its services from server end. This might make it one of the safest apps to communicate – but also makes it technically illegal in India. What does this mean and how does it affect you as an Indian?
What's going on here?
End to end encryption means nobody except you or the sender you’re sending data, text, multimedia, location, contact or any other data you’re sending can be tapped or intercepted, by anyone. This includes your service provider and even the local police.
What is encryption really?
Imagine you have a safe, whose combination is only known to you. Now this combination is complex enough for nobody to try to brute force and try all possible combinations in reasonable time, and the key must only be known to you and someone you intent to give the contents of your safe with. Even if one other person knows this, it’s possible that they might be able to break into this. End to end encryption is the same process – the sender’s phone scrambles the message (encrypts it) and only the receiver once verifies it has the right key which is decided by the user, will be able to open it. Even if the government taps through your connection and copies these packets, it’s useless information for them which cannot be utilized at all.
Does this make Whatsapp truly private and untracklable?
There’s nothing called absolutely secure in the digital world. A brute force software could in theory crack any combination but this would take unreasonable amount of time. The government would have better ways to tap into your data and communications – such as installing a backdoor key logger. But as far as current technology goes, yes, it does enhance your communications significantly, unless the hacker/government has physical access to your device.
Why should the government be worried?
Such highly secure communications also mean that that for national security purposes, WhatsApp communications cannot be read by legal authorities – even with a warrant. And this is not just limited to Indian audiences, almost entirely worldwide (at least what we know of today), no government can. This raises serious questions of how surveillance and lawful legal checks can take place. For example, governments cannot tap communications between potential murders, terrorists or a political assassination. This is dangerous amount of power available to one billion people.
What makes it illegal?
According to rules issued by the Department of Telecommunications in 2007, License Agreement for Provision of Internet Service (including Internet Telephony) mandates that private parties in India cannot use encryption that is higher than 40-bits without explicit permission from the government. Whatsapp now uses 256-bit encryption. And aside from this, India mandates private parties share its encryption keys if they want to work in India – which is probably never going to happen considering the huge debate in US federal courts where Whatsapp openly supported Apple against revealing its security mechanisms to the government. Not only India, but almost entirely globally governments have forever asked for encryption keys and several countries have labeled such encryption illegal.
What does the future hold for India? Do you think someone will take legal action anytime soon for the same? How does encryption matter to you? Let us know in the comments on our official Facebook page Entrepreneur India