The Supreme Court would hear a petition seeking to ban WhatsApp in India on Wednesday, June 29. The petition was filed by RTI activist Sudhir Yadav who believes that the app can help terrorists in planning and carrying out attacks and hence poses a risk to the nations' security.
Yadav, a web developer based in Gurugram (formerly Gurgaon), is also seeking a ban on other similar messaging apps, like Hike, Telegram and Viber that offer end-to-end encryption, IANS reported.
While his views may seem extreme, in an interview with International Business Times, India, Yadav said that WhatsApp should hand over the encryption keys to the Indian government. "As a regular user of the messaging app, banning WhatsApp is the last thing I want," he said.
Yadav believes that the end-to-end encryption implemented by WhatsApp is a threat to national security primarily because WhatsApp itself doesn't have the key to decrypt messages sent over its service. "While the ideal approach would be to ask the court to ask the government to ask WhatsApp to alter their encryption policies and hand over the decryption key if necessary, I honestly can't ask the court to do that," Yadav said.
The petition filed by Yadav reportedly says that decrypting a message sent via WhatsApp would require 115, 792, 089, 237, 316, 195, 423, 570, 985, 008, 687, 907, 853, 269, 984, 665, 640, 564, 039, 457, 584, 007, 913, 129, 639, 935 key combinations. This would take even the fastest supercomputer several years to crack.
Yadav believes that the end-to-end encryption would enable terrorists to plan their activities without having to worry about being discovered.
Yadav wished to clear the air by saying that WhatsApp, by implementing 256-bit encryption, isn't breaking the law. The Indian Information Technology Act permits encryption standards of only up to 40 bits and this rule set by the Department of Telecom (DoT) applies only to internet service providers (ISPs) and since WhatsApp is an over the top (OTT) player, its remains safe.
When asked whether OTT services must be regulated or not, Yadav firmly said "no." "It would not allow the sector to grow at all," he said. He added that regulations would result in a fragmented app ecosystem and adhering to each nation's regulations would be detrimental to the industry.
When asked about his opinion on government surveillance, Yadav said that the Indian Telegraph Act of 1885 needs a more modern amendment with regard to government surveillance. In his opinion, the Act should be updated such that surveillance requires a formal court order. The order would permit surveillance for up to seven days, after which, if the court finds the evidence submitted to be unsatisfactory, the surveillance permissions must be revoked.
"Much like how Facebook Messenger implements end-to-end encryption and has a decryption key, WhatsApp must possess a key," Yadav said.
WhatsApp, in the wake of the U.S. justice department battling it out with Apple over unlocking a terrorist's iPhone, introduced end-to-end encryption for all its users. Essentially, this means that only two people will be able to read the messages exchanged over WhatsApp — the sender and the receiver. Even if WhatsApp got hold of the messages, it wouldn't be able to read the contents of the message as WhatsApp doesn't have an all-access skeleton key to decrypt the messages.
