BENGALURU—Government officials have been talking up a recent child pornography case, possibly as a means to get around divergent stands on the Indian government's demand that WhatsApp engineer a way for law enforcement agencies to snoop on encrypted WhatsApp messages.
The outcome of the current stand-off could have far-reaching implications for WhatsApp's 1.5 billion users across the world, 200 million of whom reside in India.
HuffPost India has reached out to WhatsApp and its parent company Facebook and will update this story if they respond.
Earlier this week, on Tuesday, India's Information and Technology Minister Ravi Shankar Prasad met WhatsApp CEO Chris Daniels in Delhi, and demanded that the Facebook-owned messaging platform provide a means to trace "sinister" messages on the platform.
"The company [WhatsApp] needs to find solutions to deal with sinister developments like mob lynching and revenge porn and has to follow Indian law," Prasad told reporters according to this report in The Economic Times.
Prasad also claimed that Daniels had assured him that WhatsApp would work out a technological solution to trace the origins of messages on its platform.
"I flagged that it does not need a rocket science to locate a message being circulated in hundreds and thousands and millions on the same day on the same issue at the same place," Prasad said.
However, on Thursday, WhatsApp told Mint that it cannot build software to trace messages. "Building traceability would undermine end-to-end encryption and the private nature of WhatsApp, creating the potential for serious misuse. WhatsApp will not weaken the privacy protections we provide," WhatsApp spokesperson Carl Woog said. "People rely on WhatsApp for all kinds of sensitive conversations, including with their doctors, banks and families... Our focus remains working closer with others in India to educate people about misinformation and help keep people safe."
Thegovernment's PR machinery also kicked in, with unnamed sources telling reporters that the company was ready to work with law enforcement agencies but could not ensure message traceability without compromising the end-to-end encryption applied to them.
These sources, however, told The Times of India about a case where WhatsApp helped the police crack down on a child porn ring without access to user data, using just the profile picture and name of the group.
So how did WhatsApp do that? Turns out it didn't.
There have been multiple cases of child porn rings busted on WhatsApp. In one, the child porn gang, as reported by The Times of India on 4 August, began as a WhatsApp group with 217 members, called BB Bad Boys, set up to circulate adult pornography.
When some members began circulating child pornography, a 26-year-old group member approached the police. His identity was withheld but the man, from Bhayander in Mumbai, gave the police access to the group and details of its members.
In another case, in Uttar Pradesh, the Central Bureau of Investigation busted an international child porn ring called KidsXXX, leading to arrests. The agency worked for nearly three months without using any WhatsApp surveillance to track down the accused, officials told the New Indian Express.
WhatsApp had nothing to do with these cases.
The moral of the story, which no one in this stand-off seems to be spelling out, is that the government doesn't need to creep into the inboxes of millions of Indians to stop a few bad guys. Old-fashioned police work should suffice.
INDIA AND ENCRYPTION
The Indian government has a long history of demanding that global companies allow local law enforcement agencies access to encrypted messages.
Back in 2012, when BlackBerry was actually a thing, the government spoke of banning the service if the company did not let security agencies snoop on emails. The government eventually won, with BlackBerry agreeing to set up a server in India to allow the government to intercept Indian e-mail traffic.
In 2015, India published a draft National Encryption Policy, which asked users to retain all forms of digital communication for 90 days. The policy was withdrawn after just two days, largely because it was poorly drafted.
And in 2016, the Supreme Court refused to entertain a petition that sought to ban WhatsApp and other applications that use strong end-to-end encryption.