NicotineTech
WhatsApp, the global instant messaging company said Friday that it would offer end-to-end encryption for backup messages. This could be a problem as security agencies around the globe may object.
Will Cathcart was the WhatsApp global chief executive office (CEO), and announced the launch via a series of tweets.
“This has been years in the making. We’re taking advantage of developments in hardware storage to safely store your backup encryption key in a vault no one else can access. We’re providing options to remember a 64-bit key or choose a password we do not know and cannot access. Neither can Apple or Google,” Cathcart said on Twitter.
WhatsApp allows Android phone users to save their messages on Google Drive and other storage, while iPhone users can do the same on iCloud. The company, however, makes it explicitly clear that the media and messages that users backup in iCloud or Google Drive are not protected by WhatsApp’s end-to-end encryption.
Defending the launch of the new service, which is likely to make it difficult for security agencies to request access to the backup of the chats, Cathcart said that everyone, including people, experts and the industry must push for more security since devices have become extremely important in people’s lives.
“Some governments continue to suggest using their powers to require companies to offer weaker security. We think that’s backwards: we should demand more security from companies for people’s sensitive information, not less,” he said.
End-to-end encryption of backups will ensure that messages and media stored in iCloud or Google Drive are encrypted using a completely unique encryption key. The company also stated that users can choose to create a password.
“To enable E2EE (end-to-end encryption) backups, we developed an entirely new system for encryption key storage that works with both iOS and Android. When someone opts for a password, the key is stored in a Backup Key Vault that is built based on a component called a hardware security module (HSM)—specialised, secure hardware that can be used to securely store encryption keys”, Facebook, which owns WhatsApp, said in a blog post.
India, home to more than 53 million users of WhatsApp, is the biggest market for WhatsApp. The new IT Rules require that all companies involved in instant messaging have the ability to track the originator of messages on the platform.
WhatsApp approached Delhi High Court to contest the requirement that it trace the source of the messages. This was on the 25th of May, which was the deadline for complying with the social media intermediary guidelines. In its plea, WhatsApp said that this would require it to break its “end-to-end” encryption on its platform, which would in turn infringe upon the fundamental right to privacy of users.
The Ministry of Electronics and Information Technology, however, had said that WhatsApp’s move to legally challenge the provision of tracking the first originator of a message is an “unfortunate attempt” and “a clear act of defiance of a measure whose intent can certainly not be doubted”.
