Regulating WhatsApp and other social media: How to improve security without infringing on privacy
Social media such as WhatsApp, in the last decade, has become a sort of force multiplier for terrorists and other violent extremist groups in terms of communication. This has been further complicated with the introduction of encryption for communications over the internet. What could be a workable mechanism in the context of growing legitimate security demands and the march of technology?opinion Updated: Jun 12, 2017 16:21 IST
The terrorist attacks in London last weekend have resulted in a strong demand from British PM Theresa May for cyberspace and social media to be regulated. Just after the terrorist attack in Westminster on March 22 this year, UK Home Secretary Amber Rudd had said that WhatsApp and other services cannot provide “a secret place for terrorists to communicate with each other.” Recently, the European Union Justice Commissioner for Human Rights Věra Jourová had alluded to proposing three or four plans in June this year that would require encrypted communications to provide law enforcement access to encrypted data with a swift and reliable response in a mix of voluntary and mandatory options. Just a year ago, the US Justice department wanted Apple to unlock the iPhone of one of the terrorists involved in the San Bernardino shootings in December 2015 and Apple refused to do so and fought a court order asking its compliance. The impasse was settled with the FBI managing to get into the iPhone with the help of an unidentified third party. Likewise government requests for users data to Google from across the world are quite high in numbers and according to the latest biannual Google transparency report, it received 45,000 government requests for user data worldwide between July and December 2016, with 31,000 of them coming from outside the US.
Clearly a situation has emerged where the balance or imbalance between privacy and security concerns are hitting us right in the face and there is no clear solution. Social media in the last decade has become a sort of force multiplier for terrorists and other violent extremist groups in terms of communication. This has been further complicated with the introduction of encryption for communications over the internet. While encryption is a legitimate tool for ensuring privacy and security for the network and its users, it has also offered opportunities for terrorists and criminals to hide many of their nefarious activities and potential evidence. Their emergence has made terrorists reduce their recourse to code languages and steganography, which allowed at least some form of tracing possibilities. Since April 2016, when Whatsapp incorporated end to end encryption for all messages sent via the app, the matter of finding a workable balance between privacy and security has become the concern of many stakeholders.
So what are the solutions and is there a workable mechanism in the context of growing legitimate security demands, the march of technology and the past response from OTTs? The scenario for creating a special window for law enforcement or judicial access could be definitely thought of with provision for specific accesses without providing blanket access. Clearly cyberspace has to remain a free medium and not become a surveillance domain to allow all forms of surveillance in the name of security. Meanwhile the EU Justice Commissioner’s expected points could help the discourse move in a more focused direction.
Subimal Bhattacharjee advises and writes on issues of defence and cyberspace policy.
The views expressed are personal.