Here’s why the Indian government may not like Mark Zuckerberg's Facebook post
- Mark Zuckerberg’s new Facebook post outlines how he wants to make the social networking platform more ‘privacy focused’.
- The steps he outlined included introducing end-to-end encryption and integrating more applications under one umbrella.
- The Indian government, on the other hand, has been fighting hard for WhatsApp to break the same end-to-end encryption.
- Zuckerberg also expressed how Facebook would not be setting up data centers in country were “privacy and freedom of expression” were violated.
I understand that many people don't think Facebook can or would even want to build this kind of privacy-focused platform -- because frankly we don't currently have a strong reputation for building privacy protective services, and we've historically focused on tools for more open sharing.
While his message may have been well-intended, some parts of his plan might not sit so well with the Indian government who’s been pushing for data localisation and breaking end-to-end encryption to track the origin of messages.
Let’s talk data privacy
One of the big points of Zuckerberg’s future plan for Facebook includes introducing end-to-end encryption to the social media platform — at least for personal messages.
End-to-end encryption is basically where all messages are locked until and unless you have a key. And, the only people with the key are the sender and recipient of the message.
The issue for governments, and the benefit for users, is that since nobody else can see those messages — not law enforcement or even the messaging company — the message can’t be tracked.
But after a series of lynchings that were attributed to the spread of misinformation via WhatsApp, a Facebook owned-entity, the Indian government has been pushing the company to break the encryption — which, they obviously say isn’t possible.
If end-to-end encryption is introduced to Facebook as well, the company’s biggest market with 300 million users as of January 2019, it would put a lot more messages under the blanket of encryption — making things harder to track for the Indian government, even if it is under the guise of national security.
These include cases where a larger public purpose is satisfied by the infringement of privacy of an individual. Such an exemption must be backed by a law, and must be necessary for and proportionate to achieving the purpose. From this, it appears that an exemption for national security, pursuant to a law, may be justified.
It’s unclear whether it’s just a rouse to bring more data under one umbrella using the ‘end-to-end encryption’ sales pitch, but Facebook is looking to expand and integrate its services for the sake of “privacy and security advantages”.
There are privacy and security advantages to interoperability. For example, many people use Messenger on Android to send and receive SMS texts. Those texts can't be end-to-end encrypted because the SMS protocol is not encrypted. With the ability to message across our services, however, you'd be able to send an encrypted message to someone's phone number in WhatsApp from Messenger.
One, this again extends the use of end-to-end encryption which is unlikely to sit well with the Indian government. And two, it gives Facebook access to even more data on your phone — with consent should you oblige.
Zuckerberg even followed up by saying that Facebook will be doing something that even Apple doesn’t do. Considering that Apple’s prices only justified by the safety of user interface — doing something that Apple isn’t is probably not a good example to justify your plans.
First, Apple doesn't allow apps to interoperate with SMS on their devices, so we'd only be able to do this on Android. Second, we'd need to make sure interoperability doesn't compromise the expectation of encryption that people already have using WhatsApp.
But then there’s also data storage
And, of the all the countries in the world, India shuts down its Internet most frequently. It’s not even a close call — Pakistan, the country in second place, faced 18 shutdowns but India faced a total of 154 between January 2016 and May 2018.
There's an important difference between providing a service in a country and storing people's data there. As we build our infrastructure around the world, we've chosen not to build data centers in countries that have a track record of violating human rights like privacy or freedom of expression. If we build data centers and store sensitive data in these countries, rather than just caching non-sensitive data, it could make it easier for those governments to take people's information.
The Indian government has maintained that bringing in a data privacy law is non-negotiable. At Global Business Summit last month, India’s IT minister — Ravi Shankar Prasad — said, “The whole world is awaiting India’s data protection law” after unveiling that the consultations around county’s draft Data Protection Bill were complete and only the “nuts and bolts” have to be tightened before it’s presented before the cabinet.
While Facebook obviously has its own “nuts and bolts” to figure out with its renewed focus on privacy — the question arises of how Facebook will continue to earn revenue if it makes the social network more private.
After all, most of Facebook’s receipts are dependent on ads displayed in the News Feed.
See also:
What India needs from WhatsApp might not be so easily attainable
After Twitter, Facebook will face questions from the Indian Parliament
WhatsApp data may shift to the cloud, but may no longer be as encrypted