Blog: Are WhatsApp India woes a blow to encryption? - Mobile World Live

Blog: Are WhatsApp India woes a blow to encryption?

18 SEP 2018

India is WhatsApp’s biggest market, where it has 200 million users, but of late the app maker has found itself at the centre of controversy in the country.

Reportedly, around a dozen people were killed between May and July by angry mobs incited to violence by fake news spread on the app, related to issues including organ harvesting and child trafficking.

There have even been reports Hindu nationalists are using such platforms to push inflammatory propaganda.

How is WhatsApp coping?
WhatsApp is trying to deal with the problem. In July, it said it is limiting the number of groups a message can be forwarded to worldwide, with further restrictions in India, where it removed a quick forward button.

Naturally, the Indian government doesn’t think this is enough. IT minister Ravi Shankar Prasad took aim at the company’s practice of sharing information with Facebook for advertising purposes, noting if WhatsApp can share such details, there is no reason it shouldn’t be able to find “explosive messages filled with rumours” and put an end to them.

Prasad is not alone in this. The UK and Brazilian governments have also asked WhatsApp for access to messages related to criminal cases.

It’s worth noting that rival app Telegram has also come under fire for being an easy way for terrorists to communicate: it was described by Vox as the “app of choice” for ISIS.

WhatsApp has repeatedly asserted it cannot access messages. After all, this is what end-to-end encryption (a feature it introduced in 2016) is all about.

Derek Roga, co-founder and CEO of secure mobile communications equipment supplier Equiis, told Mobile World Live (MWL) he believes a white paper published by WhatsApp about its encryption in 2017, which shows it genuinely doesn’t have access to messages.

Rather, it uses metadata (a set of data that describes and gives information about other data) and runs algorithms and hypotheses on that to then direct advertising.

An end to end-to-end encryption?
Does that mean, in some cases, the answer is to get rid of encryption? The consensus among experts seems to be no.

Thomas Reed, director of Mac and Mobile at anti-malware company Malwarebytes, told MWL: “Security experts and privacy advocates are in agreement that these are misguided efforts. There are many important transactions that we engage in every day that must be protected against eavesdropping, such as financial transactions, internal company communications, coordination of law enforcement activities, et cetera.”

WhatsApp representative Carl Woog, echoed these sentiments, telling CNN: “People rely on WhatsApp for all kinds of sensitive conversations, including with their doctors, banks and families”.

Reed also made the point that journalists and their sources rely, in some cases at a risk to their lives, on secure communication. Without it, “they would be unable to bring ugly truths out into the light of day. This is especially true in countries where human rights violations are rampant, and if a journalist’s sources were revealed, they could be executed.”

“Ultimately, the problems that are specific to end-to-end encryption, such as law enforcement’s need to monitor suspects’ communications, cannot be solved without destroying that communication medium for everyone,” he said.

He added the issue in India is not particular to WhatsApp or to encryption, but to social media in general: “Any other social media platform could be used to spread inflammatory rumours instead.”

Meanwhile Roga argued that in the current climate, one where Edward Snowden revealed the existence of global surveillance programmes, “individuals felt rightly that their privacy rights are being infringed upon and encryption helps protect that”.

The argument is moot anyway given WhatsApp has said it will not trace individual messages as “this would undermine end-to-end encryption and the private nature of WhatsApp, creating the potential for serious misuse,” Woog said.

What can be done?
Roga added it is not easy to align the interests of consumers and governments, and neither is it possible to eliminate the problem completely. However, there are ways in which it can be mitigated.

For one, WhatsApp should have a way for people to report messages they deem to be dangerous or fake news as not everybody falls for them. Another solution could be based around message tagging, and using chatbots and artificial intelligence to monitor chats.

“Most apps generate metadata and there’s ways to integrate that into some type of monitoring activity, perhaps through an algorithm that would give alerts” when it picked up on messages which were fake or dangerous, Roga said.

In relation to Roga’s point of getting people to report messages comes the topic of creating awareness and WhatsApp knows this. It is working on a radio advertisement campaign to help users spot misinformation and sensitise them about the challenges of fake news in India.

WhatsApp has partnered with the Digital Empowerment Foundation for this and it appears to be on the right path. But, given the repercussions we have already seen, it will certainly need to do more.

The editorial views expressed in this article are solely those of the author and will not necessarily reflect the views of the GSMA, its Members or Associate Members.

Author

Saleha Riaz

Saleha joined Mobile World Live in October 2014 as a reporter and works across all e-newsletters - creating content, writing blogs and reports as well as conducting feature interviews...More

Read more

Related

Tags