The telecom regulator is working to regulate over-the-top (OTT) service providers on recommendations from the Department of Telecommunications (DoT). On acceptance of the recommendations, OTT apps like WhatsApp might have to register themselves, and potentially allow “lawful interception” of communication sent or received through their platforms.
A senior TRAI official told The Indian Express “Currently, OTTs aren’t subject to lawful interception. This brings the question of regulatory imbalance between telecom players, which have to adhere to lawful requests of enforcement agencies for interceptions, and OTTs which don’t give, saying the communication is end-to-end encrypted. We are finding out more about the international practices. What is being followed outside, the same should be provided to the Indian government as well,”
The change is coming from the continuous global pressure on service providers to access said ‘encrypted’ information on OTT platforms which the platforms themselves cannot access.
The US Department of Justice has added new arguments on the state of access to encrypted communications. According to a report by The New York Times dated October 3, US Attorney General William P Barr, jointly with his British and Australian counterparts, has written to Facebook CEO Mark Zuckerberg, pointing out that companies should not “deliberately design their systems to preclude any form of access to content even for preventing or investigating the most serious crimes”.
WhatsApp clearly states in their FAQ page that the app does not store any message after it is delivered. The online chat app adds, “We will search for and disclose information that is specified with particularity in an appropriate form of legal process and which we are reasonably able to locate and retrieve. We do not retain data for law enforcement purposes unless we receive a valid preservation request before a user has deleted that content from our service”.
WhatsApp provides end-to-end encryption which protects the messages from being read by third-parties and WhatsApp itself. The app’s claim of not having access to encrypted messages has stirred up concerns for the regulatory board.
“We are studying the possibility of registration of OTT service providers. Once we have decided, we will recommend to the DoT. Lawful interception is prescribed under Telegraph Act. There is a process for this, and something similar to that process will need to be prescribed for OTTs as well but currently, they claim they don’t have any communication because there is end-to-end encryption. They only claim to have a log of messages but not the message itself,” the TRAI official cited above, said.
According to the Telegraph Act of 1885, the state has the right to temporary possession in circumstances of public emergency, or in the interest of public safety until the public emergency exists or the action is necessary to maintain public safety.
However, the government does not want to rely on the Telegraph Act to solve its problem of access to communication online. The Minister of Law & Justice, Communications and Electronics & IT, Ravi Shankar Prasad has hinted that technology companies should create a passway to solve the issue themselves.
“Facebook, WhatsApp, Google all have a good market in India. But if their system is being abused for violence, mob-lynching, terrorism, communalism, etc knowledge of its origin is important. Our dialogue is ongoing (about traceability of messages) and my reply is very simple – the problem of technology can only be solved with technology. I have made it very clear that if situation of abuse arises, they have to answer to a lawful authority where the mischief originated. The problems of the virtual world have to be solved in the real world and how can that be addressed with the antiquated Telegraph Act,” Prasad said.
The Supreme Court of India is currently hearing a traceability case’ petition transferred from the Madras High Court. The case is dealing with the intersections of government policy with social media platforms, the possibility of tracing end-to-end encryption services provided by platforms like WhatsApp for law enforcement and privacy concerns. The court has scheduled its next hearing on the 22nd of October.