WhatsApp or WiretApp?
There is a whole new generation growing up in an era of hyperconnectivity, where almost everything can connect to a network and be controlled remotely. Their sources of anxiety include low battery power, freezing apps, and no wireless network connection. This new generation expects Internet availability the same way the previous one expected electricity and water availability. They sleep with their mobile devices and use apps to fulfill functions that may have necessitated some human interaction before, such as shopping. As people and businesses increasingly become more dependent on being online to survive, the Internet has become a veritable goldmine of data about people, their activities, associations, preferences, and habits. It has garnered the interest of governments, businesses, and criminals alike. Only strong encryption provides the necessary security and privacy, as everything we send to the Internet can be seen, gathered, processed, and even abused at our expense by anonymous actors at any point before it reaches the intended recipient. Without it, most of the Internet based services that we now take for granted today, such as Amazon, e-Banking or social media would not be reliable. Encryption is even more crucial to preserve user privacy, with the rise of identity theft, and Edward Snowden’s revelations on the breadth of mass surveillance by American spy agencies. I have since migrated my email address to Criptext, a secure email platform based in New York City but my favorite means of communication are Telegram, Signal and WhatsApp by far for a host of reasons.
Privacy has always been a priority for me, having worked as the personal secretary for the Attorney General in Ukraine. The staff assumed that we were constantly under surveillance, and thus we communicated somewhat like drug dealers trying to fly under the radar. The Attorney General was named “Usatyi Nyan” after a cartoon character he vaguely resembled, we scheduled meetings with a two-hour offset to the actual time, “cabbage” was the code-word for money, and “the show must go on” meant that a case was pending at the court. We communicated very much like drug dealers trying to fly under the radar. The AG had three secured landline phones to communicate with other government officials: The red phone was a direct line to the President, the “10” was for the Prime Minister, and the “100” for Parliament. Nowadays, I have WhatsApp to ensure that I can have a secured line of communication on the cheap to call my grandma.
Brian Acton and Jan Koum created the WhatsApp mobile app in 2009, it was meant to be utilitarian, and as reflected in their initial patent filings, was initially a system that would allow users to publish and update their availability status on the phone, before finally focusing on messaging. Acton penned their principles on paper as “No ads, no games, no gimmicks”. With a simple design and functionality based on those principles, integration with most mobile operating systems, and being accessible to most people at $1 per year, WhatsApp disrupted traditional mobile text messaging, especially in countries like Brazil where SMS and MMS were far more expensive. From there, it had a rapid and linear active user base growth. During the DLD 2014 tech conference, in an interview featuring Jan Koum, it was revealed that WhatsApp had more active users than the entire population of the United States any given month, with 16 billion messages passing through its platform in one day, and at least half a million new users joining daily. For a low-key company with only about 50 employees, those were impressive statistics. So impressive in fact, that in February 2014, Facebook bought WhatsApp for a mind boggling $19.3 billion, $4 billion in cash, and the rest in Facebook shares. Today there are about 1.2 billion active WhatsApp users monthly. In 2015 WhatsApp implemented end-to-end encryption using Open Whisper Systems’ Signal protocol, making it virtually impossible for anyone but the sender and recipient to see messages.
WhatsApp’ssuccess however have been marred by ceaseless legal challenges from governments accusing Facebook of collusion with criminals. Back in spring 2017, one of the WhatsApp Founders took the stand to answer questions from the Brazilian Supreme Court. He explained WhatsApp’s raison d’être, the technology behind WhatsApp protecting its users from hacking and eavesdropping, and why WhatsApp would not be able to hand them user messages, although it would always fully cooperate with investigations by releasing the information they had. It boils down to this: WhatsApp wants to know as little as possible about its users. The users hold the encryption and decryption keys, meaning that even if WhatsApp captured the communication between two parties under investigations and released it to the Brazilian government, while it would be established that the parties did communicate, there would be no way to decipher the contents without the keys.
A competent government would not resort to suing companies like WhatsApp for a backdoor to catch criminals. In the case of Brazil, the rumor is that the legal challenges, fines, and ISP blackouts against WhatsApp are mostly ploys by corrupt officials less concerned about the security of their citizens than recouping a loss of revenue since they no longer have enough visibility to elicit kickbacks through blackmail and extortion. A competent government would commit people to do actual investigative work, the same way it has always been done, but using modern tools, and despite encryption. Some of you may still remember Silk Road, a secure trading platform in the Dark Net, hiding behind the Tor network, and using Bitcoin currency to run illicit online trades of drugs, weapons, and other illegal items. Despite its anonymity it was shut down by the FBI and Europol, since criminals used it to open a black market for illicit and illegal products. Countless other crime rings have been shut down likewise. More recently, in the San Bernardino terrorism case in the US, the FBI initially sued Apple to give them a backdoor to the perpetrator’s iPhone, but eventually dropped the case, by doing the right thing: Figuring out a way to circumvent the security themselves. Criminals do their homework when they want to break into secure systems, there is absolutely no reason why the privacy and security of citizens should be compromised, and thus a security hole be created, so that a government could have its way without much effort.
Encryption is not a threat to security. Such an assertion actually sounds absurd, since governments rely on it to protect their secret, when they are diligent enough. As evidenced in the recent news cycles, even governments get hacked. It is because of the possibility online abuse, eavesdropping and mass surveillance leading to actual harm that encrypted apps such as WhatsApp, Criptext, iMessage, Signal, or Protonmail became a necessity. And personally, without trying to sound Libertarian, encryption has become the lynchpin of freedom and security in this digitally interconnected world. Even if the government was somehow given a backdoor to wiretap encrypted communications, criminal elements would find a different way to evade surveillance, and in the end the government would be eavesdropping on law abiding citizens. What then would stop abuse and overreach?