All of us have seen the flashing
notification of WhatsApp “Your messages
are end to end encrypted”. What does this notification refer to? With the
internet sprawling around the world, privacy has become a major concern for
users. Privacy activists around the world have been demanding the security of
the shared data of users[1] on
the internet for ages. The majority of the time, the intermediaries[2]
which we use to share the information on the internet have the power to access
and read into the data being shared by us[3], making our private data
accessible to every possible medium it traverses.
End to End encryption provides the
user with the assurance of data being kept safe and not falling into the hands
of servers, hosts, intermediaries, etc. Encryption in the simplest of languages
means modifying data in such a way that no intermediary can read it and only
the person whom the data is intended to be given can read it given, he/she has
the means to do that. Encryption is not a new terminology, ancient
civilizations like Greece, Mesopotamia, Egypt, etc. used to encrypt their data
to protect from enemy kingdoms. Encryption was also extensively used in World
War 2 by the Allies and Axis forces to conceal their messages from enemy
countries.
The modern end to end encryption
mechanism uses the technology of asymmetric cryptography to protect their data.
There are two keys involved here. The originator encrypts his message/data with
his private key and a certificate provided by the certifying authority that the
key belongs to the sender. After encryption, the data is changed into a certain
form that is not decipherable by any server. The encrypted message is received
at the addressee’s end who decrypts the message by using the originator’s
public key and in this way the privacy of the user’s data is kept intact.
End to End encryption is highly
advocated by a lot of activists. Whistleblower Edward Snowden from the USA has
also advocated the use of end to end encryption to protect user data by
arbitrary action by the state[4].
Apps like WhatsApp, Telegram, Signal
etc. have started providing end to end encryption. But the encryption
technology poses a threat to the security of the state also, wherein extremist
activities can occur under the garb of end to end encryption. This has led to a
phenomenon known as crypto wars in
the USA where the government wants to have access to the encrypted messages to
ensure the security of the state. In India also, the government has introduced
OTT guidelines[5]
where the intermediaries need to disclose the first originator of the
information during grievance redressal.
Therefore, a balanced approach needs to be taken on part of the governments to ensure that the user privacy is kept intact and security of the state is also maintained at the same time.
By: Prakhar Tripathi
(Legal Intern, WCSF)
For more info & updates, please visit our website: https://www.worldcybersecurities.com/
FOOTNOTES:
[1] Privacy Activist Challenges Data Collection for Internet
Businesses https://www.alstonprivacy.com/privacy-activist-challenges-data-collection-for-internet-businesses/ (Last Modified 2 May 2019, 3:15 PM)
[2] The
Information Technology Act, 2000 § 2(1)(w), No. 21, Acts of Parliament, 2000
(India)
[3] Does Google Read Your Email? https://securityboulevard.com/2019/11/does-google-read-your-email/#:~:text=Make%20no%20mistake%2C%20Google%20can,get%20all%20of%20your%20data. ( Last Modified 12 November 2019, 5:25 PM)
[4] Without encryption, we will lose all privacy. This is our new battleground https://www.theguardian.com/commentisfree/2019/oct/15/encryption-lose-privacy-us-uk-australia-facebook ( Last Modified 15 October 2019 12:40 AM)
[5] Government notifies Information Technology
(IntermediaryGuidelines and Digital Media Ethics Code) Rules 2021https://pib.gov.in/PressReleasePage.aspx?PRID=1700749 (Last
modified: February 25, 2021 2:44 PM)
Comments
Post a Comment