The New IT Rules would undermine end-to-end encryption: Neeti Biyani, Internet Society

Laxitha Mundhra
New Update
Data Protection

Whatsapp is suing the Indian government as it seeks to block the new IT rules and regulations coming into force due to its traceability clause. The new guidelines aim to cover all digital content including news portals and anything that disburses content over the internet. WhatsApp, Twitter, Facebook, Instagram, Telegram (you name it) all social media apps come under the government radar. While many are worried that the Government can read our messages and hear our calls, the Guidelines state that intermediaries would not be required to disclose the contents of any electronic message”, in the identification of the first originator of the information.


The new IT Rules aim to dismantle the polarised social media environment owned by Silicon Valley giants. Yet, some points in the rules signal the stringent and China-like authority on freedom of speech. For some, the idea that Government keeps a tab on the misuse of social is a win for national security; for others, it opposes the basic freedom of privacy.

The Internet Society, an American non-profit, reiterates its concern that it shares with cybersecurity experts. It states that to comply with these traceability requirements, platforms will have to undermine end-to-end encryption. “With the traceability requirement, the government appears to be compelling popular online platforms to weaken encryption without explicitly telling them to do so. The likely outcome will be for those platforms to stop offering end-to-end encrypted services altogether. End-to-end encryption is the gold standard for keeping Internet users and systems secure and an essential aspect of digital privacy which is imperative to the hundreds of millions of people in India who use Whatsapp,” the non-profit states.

A company spokesperson, Neeti Biyani, Policy and Advocacy Manager at Internet Society, throws light on what the rules mean and the concerns of the Internet Society.


What are your major concerns about the new IT Rules?

Our primary concern is that the New IT Rules which require traceability of the first originator of harmful content would undermine end-to-end encryption. End-to-end encryption is the most secure and confidential form of communication. Thus, undermining it in any way compromises the security and privacy of people worldwide; even the people that the rules are trying to protect.

Finding an originator of one particular message is tough right now, WhatsApp states. But can over some time, tech enable better content filtering?


First, it is important to note that traceability is not the same as content filtering. We are opposed to any approach that breaks end-to-end encryption; in which only the sender and recipient (not even the service provider itself) can access the contents of a message. Many experts believe that the traceability mandate in the rules would do just that; thus, undermining the security and privacy of about half a billion Indian users.

The traceability requirements in the rules would require messaging services to store information. This could subsequently be used to tie the originator to a piece of content. It will thus effectively undermine the confidentiality protection of end-to-end encryption. Providing traceability for any given message also implies that messaging apps will need to trace all messages, creating a window into users' content that could be stolen or misused.

The issue with content filtering in an end-to-end encrypted service presents a similar challenge. To filter the content, you have to know what it is, which means seeing it in unencrypted (or hash equivalent) form, which again undermines the confidentiality protection of end-to-end encryption.


Help us debunk this. If all social media platforms accept the new IT Rules, will the government have access to chats as well as calls?

One of the additional challenges of the new IT Rules is understanding how the Indian government will interpret and apply them; what effect that will have on all types of end-to-end encrypted services. Where traceability of the first originator would even be possible, it would undermine end-to-end encryption. In turn, it would undermine, the security and privacy of all those who rely on the technology.

About Neeti Biyani, Policy and Advocacy Manager at Internet Society


Neeti Biyani, Internet Society Neeti Biyani, Policy and Advocacy Manager at Internet Society

Before joining the Internet Society, Neeti has worked with the Centre for Budget and Governance Accountability. She has also worked with the Financial Transparency Coalition. Here, she helped to curb illicit financial flows and advance transparency and accountability in the global financial system. She has worked at the intersectionality of equity, rights, and justice. Her endeavours further focus on policy research, advocacy, capacity development, and coalition building. Previously, Neeti has also worked on issues of national electoral reform and transparency in political financing.

A delhite, Neeti holds a Master’s in International Politics from the School of Oriental and African Studies, University of London.

whatsapp new-it-rules internet-society