Meta, the parent company of WhatsApp, has threatened to withdraw its services from India due to ongoing conflicts over privacy and encryption standards required by new IT regulations. The controversy centers around India’s 2021 IT rules for social media intermediaries, which include a mandate for messaging services like WhatsApp to enable the tracing of chats and to identify the original source of information shared on the platform. This requirement challenges WhatsApp’s policy of maintaining end-to-end encryption, which ensures that messages are only readable by the sender and recipient, with no possibility of access by the platform itself or any third parties.
During a recent hearing at the Delhi High Court, WhatsApp’s representation argued against the Indian government’s demands, emphasizing that complying with these rules would fundamentally alter the nature of the platform. Tejas Karia, the lawyer for WhatsApp, stated that if forced to break encryption, WhatsApp would cease operations in India. He highlighted the implications of such changes, which would involve keeping extensive logs of messages to potentially decrypt them later, a practice not required or observed anywhere else in the world.
The Indian government defends the regulations as necessary tools to combat the spread of fake news and hate speech, arguing that the ability to trace the origin of messages would help in quickly addressing and mitigating harmful content circulated on social media platforms. In court, the government’s lawyer contended that these measures are essential, especially in scenarios involving communal violence, while also noting that privacy rights are not absolute and can be adjusted for greater public safety.
This dispute occurs in a broader context where India does not yet have a comprehensive data privacy law akin to the European Union’s GDPR. The recently passed Digital Personal Data Protection Act is still awaiting the notification of its rules, which are expected to be clarified post-elections. This situation places India at a pivotal point in defining its stance on digital privacy and encryption, balancing state security interests with individual privacy rights.
