From UPSC perspective, the following things are important :
Prelims level : Over the Top services; End to End encryption
Mains level : State surveillance; Social Media
The TRAI is studying the possibility of bringing platforms such as WhatsApp under the ambit of “lawful interception”.
- Lawful interception of online communications platforms such as WhatsApp, Skype, Signal or Telegram has been a long-running debate.
- It has ranged governments and regulators across the world against technology companies and privacy activists.
- The authorities want such platforms to provide access to messages, calls, and their logs to law-enforcement agencies to aid them with investigations.
- India, too, has made demands for traceability of communications from instant messaging platforms.
Why is TRAI looking at the lawful interception of online messaging apps?
- Issue of OTTs – The telecom sector watchdog has been carrying out consultations to build a regulatory framework for over-the-top service providers (OTTs).
- OTTs are the platforms that use the infrastructure of traditional telecom companies like the Internet to offer their services.
- TRAI has been looking at the regulation of OTTs since 2015 when mobile companies first raised concerns over services such as WhatsApp and Skype causing loss of revenues by offering free messaging and call services.
- Regulatory regime – The other argument made at the time was that these services do not fall under the licensing regime prescribed by the Indian Telegraph Act, 1885, and operated in a regulatory dark spot.
- There are concerns about the lack of a level playing field between telecom companies and OTT service providers, including the economic aspect.
- With the boom of data consumption in the country over the last two or three years, the regulator began looking at the security facet of the regulatory imbalance between the two kinds of players.
- While telecom players are subjected to lawful interception as per the telegraph law, OTT platforms, as they are not licensed, are not subject to interception by law enforcement agencies.
How will the regulator proceed with the proposal now?
- TRAI will submit its views to the Department of Telecommunications (DoT), which will decide on the next course of action.
- Currently, the regulator is studying global practices as far as a lawful interception on online platforms is concerned.
- It is also looking into whether other regulators and authorities have been provided any facilities for interception of communications, and could suggest that the platforms should provide the same facilities to the Indian government.
Under which laws are telecom firms currently subject to lawful interception?
- The Indian Telegraph Act, 1885 states that on the occurrence of any public emergency, or in the interest of public safety,
- the central government or a state government can take temporary possession as long as the public emergency exists or the interest of the public safety requires the taking of such action
- of any telegraph established, maintained or worked by any person licensed under the Act.
- This mandates telecom companies to provide access to messages, calls, and logs of these in case a court order or a warrant is issued.
- However, the government is not relying on The Telegraph Act to meet this objective. It wants the platforms to come up with a solution to enable traceability.
So, are messages sent and received on these platforms not traceable?
- Apps such as WhatsApp, Signal, Telegram, etc. claim to provide end-to-end encryption of their messages.
- This has caused some uncertainty among the authorities on how they can seek access to messages.
The case of WhatsApp
On the FAQ page on its website, WhatsApp states:
- We will search for and disclose information that is specified with particularity in an appropriate form of the legal process and which we are reasonably able to locate and retrieve.
- We do not retain data for law enforcement purposes unless we receive a valid preservation request before a user has deleted that content from our service.
- It also says that in the ordinary course, WhatsApp does not store messages once they are delivered.
- Undelivered messages are deleted from servers after 30 days.
- keep users safe
- detect, investigate, and prevent illegal activity
- respond to legal process, or to government requests
- They also offer end-to-end encryption for the services. End-to-end encryption means that messages are encrypted to protect against WhatsApp and third parties from reading them.
And what is the situation elsewhere?
- Currently, there is no jurisdiction anywhere in which messaging apps have been known to provide access to their messages.
- Pressure on such services to provide access for law-enforcement purposes has been rising everywhere.
- The United States Department of Justice has made fresh arguments for access to encrypted communications. The New York Times reported that Attorney General William P Barr has written to Facebook CEO Mark Zuckerberg, pointing out that companies should not “deliberately design their systems to preclude any form of access to content even for preventing or investigating the most serious crimes”.
- In India, Law and IT has repeatedly stressed the need to be able to trace messages to prevent serious crimes.
- The Indian government has conceded that encrypted messages may not be accessible.
- It has asked the platforms to provide the origin of messages that could possibly incite violence or other mischievous acts.