WhatsApp on Tuesday moved the Delhi high court against the new rules announced in February for digital media companies, saying the requirement for them to adopt features such as traceability for identifying originators of messages violated the right to privacy under the Indian law and the company’s end-to-end encryption policy. It said the company does not believe traceability can be imposed in a way that cannot be spoofed or modified, leading to new ways for people to be framed for things they did not say or do.
WhatsApp moved the court on the day the deadline for social media companies to put in place new mechanisms to comply with the rules ended. At least one company, Facebook, has said it was working on the new rules but that “a few of the issues need more engagement with the government”.
The rules pertain to new guidelines notified under the Information Technology Act on February 25. They gave digital media companies three months to implement new content moderation mechanisms, appoint new officers who will be liable for compliance, and adopt features such as traceability of messages.
The company said it is committed to doing all it can to protect the privacy of people’s personal messages and that is why it is opposing traceability. “Requiring messaging apps to ‘trace’ chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people’s right to privacy,” a WhatsApp spokesperson said. “We have consistently joined civil society and experts around the world in opposing requirements that would violate the privacy of our users.” The company said it will also continue to engage with the government of India on practical solutions aimed at keeping people safe, including responding to valid legal requests for the information available to WhatsApp.
In a blog, WhatsApp said some governments were seeking to force technology companies to find out who sent a particular message on private messaging services. It cited technology and privacy experts and said they have determined that traceability breaks end-to-end encryption and would severely undermine the privacy of billions of people who communicate digitally. “Reasonable and proportionate regulations for an increasingly digital world are important, but eroding privacy for everyone, violating human rights, and putting innocent people at risk is not the solution.”
WhatsApp has opposed moves that violate its end-to-end encryption. A similar case of the company is pending in the Supreme Court of Brazil.
HT reached out to the ministry of electronics and information technology for comments but did not receive a response immediately.
An official on Tuesday said the rules had been notified and no further discussions on those were happening. On Monday, officials warned of stern action if the companies did not adhere to the deadline. They added none of the companies have informed the government of the compliance or shared details of the officers they were meant to have appointed on their websites.
Also Watch | Could India ban Facebook, Twitter, WhatsApp, Instagram? New rules explained
The new policy also includes bringing digital news publishers under the ambit of Section 69(A) of the Information Technology (IT) Act. The provision empowers the government to order the blocking of access to content that is considered a threat to public order.
An officer, who will head an inter-ministerial committee at the apex of the three-tier self-regulatory system, can also issue this order under emergency circumstances where the companies will not be given a chance for explanation. The committee will have to meet within 48 hours to ratify the emergency block.
The news media publishers and over the top (or streaming) such as Netflix and Hotstar, will fall under the ambit of the ministry of information and broadcasting. .
The rules also mandate increased due diligence by social media companies and data sharing with enforcement agencies.
Under part four of the guidelines, the intermediaries are required to appoint compliance officers, “responsible for ensuring compliance with the Act and rules” and be “liable in any proceedings relating to any relevant third-party information, data or communication link made available or hosted by that intermediary where he fails to ensure that such intermediary observes due diligence while discharging its duties under the Act”.
Intermediaries are also required to appoint nodal contact persons for 24×7 coordination with law enforcement agencies and resident grievance officers.
Koo, the Indian social media app, has announced it had complied with the new requirements and appointed a resident grievance officer, chief compliance officer, and nodal contact officer.