WhatsApp end-to-end encryption update might have made chat app illegal in India
The country’s telecommunications rules only allow apps that use a certain kind of encryption — and WhatsApp says that it is impossible to provide it
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.WhatsApp might just have accidentally made itself illegal.
New security installed in the app might mean that it contravenes Indian rules that force companies to use a specific kind of encryption.
The company announced this week that all chats on its service would be end-to-end encrypted, meaning that it wouldn’t be possible for the company or others to read what is contained within them. The change means that only the sender and recipient are able to unscramble the encrypted messages and read their contents.
WhatsApp encryption uses a 256-bit key, which is only known to the sender and recipient, which is why the security is described as “end-to-end”. But the Indian rule requires companies to use no more than 40-bit encryption, unless they get explicit permission from the government.
Getting that permission will prove impossible because of the way that the system is set up. WhatsApp would have to hand the key over to the government for it to be checked — but since the company doesn’t actually have those keys, they can’t be handed over at all.
That could mean that the 100 million people who use WhatsApp in India — about 10 per cent of everyone who does — are using an app that is illegal in the country. The app is the most popular in the entire country, and more people who are on the internet use the app than don’t.
The country’s authorities haven’t yet indicated whether they will pursue action against WhatsApp. But the government has previously come up against other companies including BlackBerry over encryption.
Like many countries, India is currently looking to pass new policies on encryption, and it is unclear whether those will also bring new requirements upon WhatsApp.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments