There have been some concerning developments in India of late as regards privacy on digital platforms, with the latest development being a push from government to have greater insight into the messages and chats of WhatsApp messages. The same goes for other encrypted messaging services like Signal, but WhatsApp is in the spotlight here given its popularity in the region.
According to a report by the Economic Times, officials in the country are proposing that a system be created to assist in the tracking of messages on encrypted messaging services. This system does not wish to crack the encryption, but rather try to circumvent it by assigning an alpha-numeric hashing to messages, allowing for the origin of said messages to be tracked more easily.
It is believed this system could be used for the tracking of those who use services like WhatsApp to communicate about illicit activities or forward misinformation that is potentially harmful, but the full extent of its application and scope are unknown at this stage.
An unnamed official told the Economic Times that the Indian government is, “willing to work with WhatsApp to come up with a solution to enable traceability of messages without breaking encryption.”
Whether Facebook, which owns WhatsApp would be as willing, is unclear for now, especially as such a tracking system would set a fairly dangerous precedent.
As The Next Web points out, using a hashing method of tracking is not foolproof and inaccuracies can appear. Added to this is the fact that a forwarded viral message on WhatsApp could easily be re-hashed in an effort to change the point of origin and potentially implicating an innocent user.
Also worth considering is how this would undermine the security of WhatsApp in general, as the encrypted element of chat that the service has been known for, would now be compromised.
“This could be used by a malicious party to blackmail an innocent party by proving that they sent a given message (e.g. to persecute a whistleblower who sends a tip to a journalist, or to quote a private message out of context to embarrass the sender). Worse, it could be used by Facebook or other data brokers to gather much richer metadata about which users forward which messages to each other – further profiling users and violating their privacy,” explained Matthew Hodgson, CEO of secure messaging app, Element, to The Next Web.
The proposed system has not been implemented just yet, but any further steps taken in this process do not bode well for encrypted messaging services in India.