Equally important though is how the IL guidelines follow a 50 year trend of nation states trying to limit access to cryptography and encryption technology for the general public. The United States tried to limit access to cryptography in the late 90s when the cypherpunks stopped this attempt by fighting for free speech in software. When restrictions were put to not allow cryptographic code to be exported abroad, the cypherpunks printed code on t-shirts to bypass and export crypto to the rest of the world.
The end-to-end encryption protocol that we depend on today is an outcome of a 50 year resistance movement, started by the cypherpunks, to protect the sanctity of whispers from prying ears. One way to think about the Narendra Modi government’s IL guidelines is that it is trying to ban whispers completely in the realm of conversations by effectively logging every whisper forever in the form of a permanent record.
The issue hence is not just about free speech in the media, but also about free speech in software. At a fundamental level, there is no difference between writing ‘code’ and publishing it and writing opinions and publishing books. The new intermediary guidelines mandating traceability should be seen as an attempt to dictate how messaging apps use cryptography. It is a form of free speech restriction applicable on a technical domain.
At the heart of this particular issue is the Signal protocol, which through the expression of opinionated code in the cyber domain, has allowed free speech to flourish in the physical domain, and was developed by a non profit company named “Open Whisper Systems” with the deep belief that whispers must not be snooped upon.
Fingerprinting at Madras HC
The end-to-end encryption debate first flared up in India because of a public interest litigation (PIL) filed in the Madras High Court by an animal rights activist, Anthony Clement Rubin, who faced persistent cyber bullying.
The debate in the court soon shifted towards whether WhatsApp could track the originator of a viral message – an incredibly hot issue at the time – without breaking encryption.
Even then, anonymous government officials proposed ‘fingerprinting’ every message as a solution. Tamil Nadu’s advocate general even argued that end-to-end encryption is not essential when WhatsApp shot down the fingerprinting proposal as impossible to implement.
With the guidelines now being notified, there is now an executive push to implement the fingerprinting solution, with the false claim that it will not break end-to-end encryption.
To understand why the fingerprinting solution breaks end-to-end encryption, we need to understand the concept of forward secrecy.
The Signal Protocol uses Double Ratchet algorithm, a cryptographic scheme which ensures that encryption keys change frequently for every chat session. The key rotation process thus ensures that all messages are never encrypted with the same cryptographic key. This allows forward secrecy, where even if your current encryption key is stolen by an attacker, your previous messages are still secure, as they don’t use the same encryption key.
Forward secrecy is quite useful against nation state adversaries like China, who can intercept all your messages by breaking into the telecom infrastructure and can afford to store them for a very long time till it can crack the encryption keys or obtain it forcefully from your phone, by use of physical force. Weakening encryption affects everyone and especially when your adversaries have more advanced cyber operations.
Forward secrecy becomes more achievable, when past messages are automatically deleted after some time, so that no one can access them even when your phone is lost or forcefully taken. Disappearing messages hence have become a standard feature in both the Signal messenger and in WhatsApp, just like how secrets whispered in another person’s ear, die out in the wind. This applies even when you send messages in a group, and message copies are deleted from every other device, thus enhancing your privacy and also allow you to speak your mind freely without any inhibitions and within a group of your own choosing.
Unlike Twitter and Facebook, which create a public sphere for sharing viewpoints and for influencing people, messaging platforms are primarily used by individuals and groups for personal communication. It is a given that some of these groups and conversations will be criminal in nature and this segment of users would be no different than a set of like-minded people who would talk about crime after congregating inside a closed room. Law enforcement handled such activities by either infiltrating such groups or by accumulating evidence and prosecuting them for crimes committed, but did not demand all property owners of closed rooms to record everything told within its confines, so that they can identify the speaker of every word.
By ordering the messaging applications to change their encryption methodology to find the first originator of a particular message, the government is forcing them to store hash values of every message and its user. This hashing of every message would effectively mean seeing the content of the messages once requested by law enforcement
For end-to-end encryption to provide privacy by default, platforms are required to store as minimal data as possible. Signal does not store any metadata about users, except their data of joining and last date of accessing the platform and encrypts everything else, which only users can decrypt. WhatsApp however stores metadata, which it hands over to law enforcement when demanded, along with IP addresses and other device identifiers. How useful can this metadata be for law enforcement? Well, it was enough to help prosecute an ISIS recruiter in the US.
The specific feature that converts whispers uttered in a closed room into a broadcasting mechanism that can fuel a misinformation and fake news binge – which is what the government should really be worried about – is the ‘forward message’ functionality. In the past, WhatsApp has tried to add friction to this, by specifically slowing the spread of messages through the introduction of forwarding limits, while still not going the full hog by allowing people to choose whether a message should be private within the group by default. It did so because there exist many unauthorised spinoffs of its client app, that simply use copy-paste of the message text and deploy the download-store-post sequence that work around these limits.
In the recent arrest of Disha Ravi, the Delhi court observed that “freedom of speech and expression includes the right to seek a global audience. There are no geographical barriers to communication”. Rather than enacting rules that attempt to ban whispers forever, an attempt that is doomed to fail, there should be more discussion and debate on how messaging forwarding can be tamed.
Srinivas Kodali is an independent researcher working on data, internet and governance.