Signal isn't in compliance with IT Ministry rules, claim officials
Signal, the not-for-profit messaging service that shot to fame amid WhatsApp's privacy policy fiasco, is allegedly not in compliance with the Indian Government's new IT guidelines for social media intermediaries. The new rules offer social media platforms immunity from penal action if they provide authorities with the identity of a flagged message's originator. They are also required to set up robust grievance redressal systems.
Social media intermediaries must nominate grievance redressal officers for compliance
The IT Ministry's new guidelines mandate all major social media intermediaries nominate compliance officers, nodal officers, and grievance redressal officers to ensure compliance with new rules. Twitter had a tense faceoff with authorities when it didn't appoint the officers within the stipulated timeframe and ultimately lost indemnity due to non-compliance. While Facebook has complied, it claims the Ministry's guidelines would break WhatsApp's end-to-end encryption.
Signal hasn't yet shared details of compliance officer with authorities
In a recent development, Hindustan Times reported that officials familiar with the matter called out Signal for non-compliance with the IT Ministry's guidelines. The end-to-end encrypted messaging platform will be liable for prosecution under the Information Technology Act and won't be given immunity since it hasn't shared a compliance officer's details, the officials said. Signal didn't immediately respond to HT's request for comment.
Eight social media intermediaries have challenged guidelines in high courts
Meanwhile, HT quoted an anonymous government official as saying that services like Apple's iMessage "do not fall under the traceability clause since the significant social media intermediaries in the nature of messaging services have to comply." To note, WhatsApp and seven other social media entities have contested the Information Technology Act in various high courts alleging that their services are beyond its scope.
Platforms must break the law or break encryption for compliance
For WhatsApp, Signal, or any other messaging service that uses end-to-end encryption to provide the government with the solicited details of a particular message's originator, it would have to break the encryption, thereby making the platform less secure. While breaking the encryption would ensure compliance with the guidelines, it would make the platforms more vulnerable to government overreach and misuse by bad actors.
