Hugely popular messaging platforms like WhatsApp should follow proper encryption and decryption techniques to ensure data security, say IT and software professionals
Millions of users of WhatsApp, surely the most popular messaging app today, were taken aback, with a Supreme Court bench initiating a hearing on the validity of WhatsApp’s privacy policy under which it shares user information with Facebook, which later uses it for commercial purposes. Facebook acquired WhatsApp for a whopping $19.3 billion in 2014.
The apex court raised questions about how an online messaging company could reveal the identity of its subscribers for commercial exploitation. Orissa Post speaks to IT experts and software professionals on the contentious issue of WhatsApp security and privacy.
According to UX designer Abhilas Mishra, “Data protection is about safeguarding our fundamental right to privacy and the Supreme Court should frame guidelines to protect information from being abused. Moreover, social networking sites/messaging apps need to be transparent about the data they are accessing and what they are doing with it, and get consent from their customers before monetizing their personal information.”
“The bits and pieces of data on various sources about someone can provide an incredible amount of insight into his or her personality, behaviour, political views, and personal identity and can open a window into a his/her life. This information could be misused or get into wrong hands. The pace of targeted attacks is increasing day by day and has dire consequences for public safety,” Mishra added.
According to Pritish Kumar Nayak, system consultant at Enterprise System Solutions Pvt Ltd, “There should be committee(s) regulated under the Cyber Security Department of the government that should periodically validate the policies and regulations and companies like WhatsApp should collaborate. If a company takes over another, the policy related to users’ data should remain intact. The committees should ensure the security of the users. Users’ personal information should not be used for any other purpose.”
Nayak cited an example related to tech giant Apple, which didn’t unlock the phone of a killer, even though it was asked by the government and federal agencies. Apple’s authorities maintained that people’s privacy is their concern and they can’t share anything which breaches privacy of users.
Nayak added, “A few Middle Eastern countries have banned WhatsApp and similar apps like Viber for privacy reasons. They have their own body regulating such cases. Government officials work closely with the companies. In this case the policy and regulations are transparent. The committee also needs to ensure that the encryption is good enough to secure the data of people. Even the company itself should not read it.”
Manas Prasad Rout, lecturer at the department of information technology management, Ravenshaw University said, “When users login to sites like Facebook or WhatsApp, at that very moment they lose their security by agreeing to the norms of these companies. The data they share in these media are saved in clouds, where those of billions of users get stored. The clouds of these companies are highly unsecure as they do not follow proper encryption and decryption techniques. Gmail and Yahoo too use clouds, but these companies, by adhering to a proper encryption technique, ensure that data is secured.”
Rout opined that companies like WhatsApp, Facebook and Skype must adhere to a proper encryption technology. The Software Technology Park of India should come forward to make it mandatory for social networking companies to follow strict encryption-decryption technology to secure the personal data of their users.
Nikhil Das, a software student said, there is no security of users’ data on Facebook and WhatsApp and this is a violation of law according to Article 21 of the Constitution of India.
As these applications are categorised as public utility service, the administration should take care of the personal data of users. He added that WhatsApp was safe till 2016, but trust was violated after it brought a new privacy policy and started sharing information. Even earlier, trust was breached in a deceptive manner after WhatsApp was taken over by Facebook.
PNN