Let's Not Shoot the WhatsApp Messenger

For decades, the Indian state’s response to a decline in public order has been neutering the medium instead of combatting the message.

A viral WhatsApp message warning citizens about child abductors has resulted in mob violence against ‘strangers’, leading to 27 reported deaths over the past year. An unfortunate and recurring nadir in India’s political memory has been vigilante violence – often coloured by communal and religious undertones. The Indian state’s response to each such decline in public order has been neutering the medium instead of combatting the message.

In 1927, the publication of Rangila Rasul – a pamphlet satirising Prophet Muhammad’s marital proclivities – ended in the murder of the pamphlet’s publisher at the hands of a Muslim youth named Ilm-ud-Din. The response of the British Raj, in addition to sentencing ud-Din to death, was the enactment of the now notorious Section 295(A) of the Indian Penal Code, a blasphemy law that criminalises outraging a group’s religious feelings.

The colonial administration’s motives behind the law seemed rather straightforward. Criminalising certain kinds of speech abdicated the government of the responsibility to ensure public safety. That it came at the cost of free expression seemed like an acceptable collateral for ‘subjects’ of the Raj. This time around, that abdication is being sought through an instant messenger.

This legacy of shirking responsibility for the failure of public order is apparent in the government’s response to a spate of killings caused by the viral WhatsApp forward. So much so, that a district magistrate in Kishtwar, Jammu (aptly named Angrez Singh Rana) has demanded that administrators of all WhatsApp group chats pre-register with his office. The Ministry of Electronics and Information Technology (MEITY) has issued a strongly worded warning to the instant messaging service that it cannot “evade accountability and responsibility” for the rumourmongering on its platform.

Amidst this knee-jerk clamour for increased platform responsibility and talk of what technology can do, few are pausing to ponder what it should do.

Each renewed demand for technology control inches us closer to a slippery slope of excessive regulation. The culture of heavy-handed internet shutdowns is a testament to this inconvenient truth. In 2015, a Draft National Encryption Policy by the MEITY to neuter mass-market encryption products was swiftly rolled back amidst public outcry. In 2016, the Supreme Court dismissed a PIL seeking to ban end-to-end encryption on messaging platforms. The threat remains that any one of these mob lynchings could be seen as an adequate justification to re-introduce a similar indolent regulation.

This is one of the reasons that even proposed alternatives such as the creation of two distinct classes of public and private messages on WhatsApp are concerning. Public messages, that can be used to identify the original sender of forwarded messages, are unlikely to be effective. Instead, it could impose a chilling effect on free expression. Imagine a government employee forwarding a message that is critical of the government in power, or a whistleblower communicating with a closed group of other whistleblowers. The knowledge that a message or attachment could be traced back to them will deter them from sending it in the first place.

The problem that ‘public message attribution’ seeks to fix may already be possible through internal controls built into the WhatsApp platform. WhatsApp uses a combination of a cryptographic hash function and user reports to tackle spam and content such as child abuse. While the end-to-end encryption prevents WhatsApp from viewing the actual content of an attachment sent on a platform, the cryptographic hashing – which assigns a unique alphanumeric identity to each file – is used to block the message from being disseminated any further. Whether this can be used to identify the original sender of a message is unclear, but the Indian government should consider working with the company to control dissemination of content that has a clear and demonstrable link to public violence.

Attribution, even if successful and used conservatively, is at best a punitive measure. It will do little to curb the spread of misinformation – which is after all the present crisis. It would be advisable to not lose sight of this fact.

Other challenges such as raising awareness among users is perhaps a more daunting task. In this, the most effective measure is not law and regulation but the ability of the government, private companies, civil society and the media to work together. This needs a two-pronged approach of counter narratives and more involved community policing.

In WhatsApp’s response to MEITY, the company has listed six distinct measures that it has either rolled out or is testing to prevent abuse and curb the spread of disinformation. The idea of working with accredited media sources to warn users of viral fake news is a step in the right direction. This should ideally take the form of WhatsApp linking messages that have been reported by a certain number of users as fake news with a prompt to check verified news sources.

Similarly laudable are efforts by the Maharastra police, which has set up a WhatsApp Helpline where users can check the veracity of messages, and the Telengana police, which is working with village elders to counteract unsubstantiated social media rumours. Similar efforts need to be adopted by the Central government – to work in tandem with tech companies, the media and organisations at the grassroots. Extending support to organisations like AltNews and BOOM in this respect is critical.

A combative approach that almost always begins with the issuance of a ‘stern letter’ to a technology company has not worked in the past. Technology controls in the name of national security have almost always ended in incursions on freedom of expression and privacy – be it Telegram’s exit from Russia, Google’s departure from China or the mass surveillance in the US. It is essential that Indian policymakers and civil society not open the doors to similar abuse of power.

A lawyer by training, Bedavyasa Mohanty is an associate fellow with Observer Research Foundation’s Cyber Initiative. On twitter he is @darth_beda.