WhatsApp is making headlines once again, almost four years after it infamously changed its policies and then reversed them. This time, the company has threatened to quit India if it is forced to compromise its end-to-end encryption and provide user data to the authorities. The 2021 IT regulations for social media intermediaries in India, which require them to identify the primary originator of content, are being challenged by WhatsApp and its parent firm Meta in a case. The social media platform informed the Delhi High Court that should it be compelled to abide by the rule mentioned above, it will essentially cease operations in India. "As a platform, we are saying, if we are told to break encryption, then WhatsApp goes," Tejas Karia stated before a Division Bench on behalf of the company. Let's take a closer look at what precisely has transpired between WhatsApp and the government.
For those unaware, messages, media files, documents, and other things you share on WhatsApp are converted to binary digits and decrypted only at the recipient's end. This makes WhatsApp one of the few applications that maintains end-to-end encryption throughout the network. That being said, these communications and media files are private and only the sender and recipient have access to them.
The government released new rules for social media companies in 2021. It was announced that all social media firms present in India would have to designate a grievance redressal officer who lives in India, a chief compliance officer, and a monthly compliance report that included information on the complaints they received and the steps they took to address them. A topic of discussion concerned the requirement that big social media networks and messaging apps be able to locate and identify the "first originator" of each message. This sparked some concerns about user data privacy. Since then, these regulations have faced challenges in several courts, and changes have been made.
WhatsApp has insisted that the privacy of users would be violated if this end-to-end encryption was compromised to share the data with the authorities. It claimed that the "fundamental right to privacy" is violated by the traceability provision. It has now requested that Rule 4(2) of the intermediate rule be declared unlawful by the Delhi High Court.
India does not yet have a national data privacy law, in contrast to the European Union. Although it has been discussed for a very long time, nothing has been done about it. The Digital Personal Data Protection Act was passed by the Parliament last year, and following the Lok Sabha elections, the government intends to announce regulations regarding it. Should the law be passed, it will establish an appropriate framework for safeguarding user data and governing its processing by tech firms.
