Find Ways to Trace Origin of Messages: Government to WhatsApp

Find Ways to Trace Origin of Messages: Government to WhatsApp is a report published in The Economic Times on 20 September 2018, written by Surabhi Agarwal. The article examines the Indian government’s escalating demands for WhatsApp to implement technical solutions enabling traceability of viral messages linked to mob lynchings and public disorder, whilst the company maintained that such measures would undermine end-to-end encryption. The piece features technical analysis from Sunil Abraham on metadata-based approaches that could provide accountability without compromising message content encryption.

Article Details
Full Text
Context and Background
External Link

Article Details

📰 Published in:: The Economic Times
✍️ Author:: Surabhi Agarwal
📅 Date:: 20 September 2018
📄 Type:: Report
📰 Newspaper Link:: Read Online

Full Text

Synopsis
Some analysts say the government's demand from WhatsApp is reasonable and the company could provide traceability using metadata without compromising on encryption.

NEW DELHI: Unhappy with the steps taken so far by WhatsApp, the government plans to reiterate its demand to the messaging app to work out a technical solution to trace the origins of incendiary messages spread on its platform.

The Ministry of Electronics and IT (MeitY) is drafting a letter — its third since July to the Facebook-owned platform — asking it to design a technology-led solution to the issue that in the past has led to mob lynching or riots in the country.

Since India first raising its concerns, WhatsApp has announced measures such as limiting forwards to five groups at a time from the earlier 250, identifying forwarded messages, and a publicity campaign against fake news. The government says these measures may not be enough.

"It's a reasonable demand from us, and very much doable. The third letter will reiterate that WhatsApp is not meeting all our concerns," said a top government official, who did not want to be identified.

If WhatsApp feels the solution given by the government for traceability goes against its end-to-end encryption policy, then the company should be able to find a solution on its own which is technically feasible without compromising on its offering, the official said. "We are not asking them to look into the contents of the message, but if some message has been forwarded, say, 100 times and has caused some law and order problem, then they should be able to identify where it originated from," he said, adding that WhatsApp cannot absolve itself from responsibility in the name of user privacy. "We are not being unfair since we can't allow anonymous publishing."

WhatsApp could not be immediately reached for comment.

Some analysts say the government's demand from WhatsApp is reasonable and the company could provide traceability using metadata without compromising on encryption.

"For basic level of traceability, storing the metadata is enough," said Sunil Abraham, executive director of Center of Internet and Society. "For the kind of traceability that the Indian government is asking for, WhatsApp may have to break its end-toend encryption. But other kind of traceablity, such as who is messaging whom, how many times, who are the propagators of messages, and who are receivers, can all be seen through storing just metadata."

Just like every organisation used to store copies of end-of-end encrypted emails on their own servers, similarly WhatsApp can either store copies of encrypted messages or the metadata, he said. Last month, at a meeting between Union minister for electronics and IT Ravi Shankar Prasad and WhatsApp CEO Chris Daniels, the government asked the company to appoint a grievance officer in India, set up an Indian entity, and ensure traceability of messages.

While the company agreed to register a corporate entity and build a team here, a stalemate over the issue of traceability continues.

"(WhatsApp) needs to find solutions to deal with sinister developments like mob lynching and revenge porn and has to follow Indian law," Prasad said in August. "It does not take rocket science to locate a message being circulated in hundreds and thousands... (WhatsApp) must have a mechanism to find a solution."

WhatsApp has maintained that people rely on the platform for all kinds of sensitive conversations, including with their doctors, banks and families. "Building traceability would undermine end-to-end encryption and the private nature of WhatsApp, creating the potential for serious misuse. WhatsApp will not weaken the privacy protections we provide," the company's spokesperson said in August after the demand from the Indian government on traceability.

The official quoted earlier reiterated that the government is not asking the company to break its end-to-end encryption, adding that if the company could find ways to tag non-original content with 'forward' labels and flag some links as spurious, it could also find a way around this problem.

Context and Background

This 2018 report documented an escalating confrontation between the Indian government and WhatsApp over message traceability, triggered by a series of mob lynchings fuelled by viral misinformation on the platform. Between January and July 2018, dozens of people had been killed across India by mobs responding to false rumours spread via WhatsApp—including fabricated warnings about child kidnappers and organ traffickers. The Ministry of Electronics and IT’s third letter to WhatsApp reflected mounting governmental frustration with what officials perceived as inadequate corporate response to a public safety crisis.

The government’s position rested on distinguishing between message content and message metadata. Officials insisted they were not demanding access to encrypted communications themselves, but rather seeking mechanisms to identify the original source of widely forwarded content that had demonstrably caused violence. The argument invoked analogies to anonymous publishing: just as print media could not legally distribute anonymous content, neither should digital platforms enable untraceable mass communication that incited criminal acts.

Sunil Abraham’s technical analysis identified different levels of traceability with varying privacy implications. Basic metadata—recording who messaged whom, when, and how frequently—could be stored without accessing message content, similar to how email servers retained routing information whilst preserving encryption. However, the specific traceability the government sought—identifying the originator of a particular message after it had been forwarded through multiple users—posed more complex challenges that might indeed require modifications to WhatsApp’s encryption architecture.

WhatsApp’s resistance stemmed from fundamental concerns about encryption integrity and potential for government overreach. The company’s end-to-end encryption meant that even WhatsApp itself could not read message content; implementing traceability would require either retaining message copies on servers (undermining the encryption model) or embedding hidden tracking metadata (creating backdoor mechanisms that could be exploited). WhatsApp argued that people worldwide—including in authoritarian contexts—relied on their platform for genuinely sensitive communications with doctors, lawyers, journalists, and dissidents.

The technical stalemate reflected broader global debates about encryption versus lawful access. Whilst governments worldwide sought mechanisms to trace illegal content, security experts warned that any weakening of encryption—even for ostensibly legitimate purposes—created vulnerabilities that malicious actors could exploit. The “going dark” problem of end-to-end encryption preventing law enforcement access had no consensus solution that satisfied both security and civil liberties concerns.

The government’s reference to WhatsApp’s ability to implement forward labels and flag spurious links suggested officials believed selective functionality modifications were feasible without wholesale encryption compromise. However, critics noted fundamental differences: forward labels and link warnings operated at the client level without requiring server-side access to message content, whilst originator tracing would necessitate persistent message routing information that WhatsApp’s current architecture deliberately avoided storing.

The article captured India’s particular leverage as WhatsApp’s largest market with over 200 million users, giving the government substantial negotiating power. The threat of regulatory action or operational restrictions loomed over negotiations, though WhatsApp’s global policy of uniform encryption standards meant India-specific modifications would set precedents affecting the platform’s security model worldwide.