WhatsApp, the most popular messaging app in the India, might have accidentally made itself illegal through their new security update. That could mean that the 100 million people who use WhatsApp in India and about 10 per cent of everyone who does are using an app that is illegal in the country.
Why, what did they do?
The company announced this week that all chats on its service would be end-to-end encrypted. This means that it wouldn’t be possible for the company or others to read what is contained within them. The change means that only the sender and recipient are able to decode the encrypted messages and read their contents.
What does the law say?
India’s telecommunications rules only allows apps that use a certain kind of encryption.
New security installed in the app might mean that it breaches Indian rules that force companies to use a specific kind of encryption.
WhatsApp encryption uses a 256-bit key, which is only known to the sender and recipient, which is why the security is described as “end-to-end”. But the Indian rule requires companies to use nothing more than 40-bit encryption, unless they get explicit permission from the government.
Getting that permission would prove impossible because of the way that the system is set up. WhatsApp would have to hand the key over to the government for it to be checked but since the company doesn’t actually have those keys, they can’t be handed over at all.
The country’s authorities haven’t yet indicated whether they will pursue any action against WhatsApp. But the government has previously come up against other companies including BlackBerry over the same issue of encryption.
Like various other countries, India is currently looking to pass new policies on encryption. It is not clear if those new policies would also bring new requirements upon WhatsApp.
–By Kalyani Menon