Internet

Why We Should All Care About Brazil's War on WhatsApp

Because WhatsApp is so popular, it is a prime target for government data mining-and not just in Brazil.

|

Alvy/Flickr

The battle between the FBI and Apple over law enforcement access to encrypted communications may have died down a bit, but the international War on Crypto rages on. Brazil's recent action against the Facebook-owned messaging service WhatsApp is only the latest in a series of government jihads against strong online-security practices.

WhatsApp, which allows users to send SMS texts, media files, and audio messages to friends' phones using XMPP, is the most popular cross-platform messaging system in the world. People are drawn to the platform for its ease of use, flexibility, and affordability. By February of this year, WhatsApp had accumulated over one billion users, and it shows no signs of slowing down—unless government suppression criminalizes its business model, that is. 

Notably, WhatsApp allows individuals to communicate without needing to purchase expensive unlimited phone service plans, making the messaging service especially popular in rapidly developing countries such as Brazil, India, and Mexico. These nations harbor a new global middle class that is eager to plug into the connected world through their smartphones, although perhaps not yet able to shell out for an unlimited data plan. 

Curiously, the usual government voices for human rights and an open internet had little to say in defense of WhatsApp when the Brazilian government compelled internet service providers to block access to the messaging app. This may be because Brazil's war on strong encryption is largely in service of the international War on Drugs. 

The crusade once again came to a head in May, when Judge Marcel Montalvão of the northeastern Brazilian state of Sergipe directed telecom operators to block WhatsApp access for 72 hours in conjunction with a drug-trafficking investigation gone sour. With that one court order, 100 million Brazilians woke up to discover that they could not access one of their primary means of connecting with the world.

Such discoveries are becoming routine for Brazilians. A different judge blocked access to the messaging app for 48 hours last December, due to its non-compliance with a criminal drug investigation. And Judge Montalvão made an even bigger splash in March when he ordered that a São Paulo-based Facebook executive be put in jail in conjunction with—you guessed it—a drug case. Meanwhile, the Brazilian Congress has been considering legislative measures to roll back the online protections citizens were guaranteed in the recently-passed Marco Civil da internet, or "internet bill of rights." If implemented, these new measures will dramatically limit Brazilians' privacy and security online.

Unfortunately, Brazil is far from an outlier in its antagonism toward strong security for digital messaging. We cannot simply chalk these aggressive actions up to government corruption or cultural difference. Intelligence agencies across the world have an incentive to undermine strong encryption techniques, even though these technologies improve online security for citizens. Brazil may simply be a harbinger of things to come.

Because WhatsApp is so popular, it is a prime target for government data mining. But WhatsApp takes data security very seriously. And it is not like a typical messaging platform that can easily comply with government data demands. 

In its first few years of operation, WhatsApp suffered from a few embarrassing security oversights that called the platform's integrity into question. So it brought in the big guns, teaming up with developers at Open Whisper Systems, an open source project that maintains the Signal encryption suite popularized by Edward Snowden, to integrate end-to-end encryption into WhatsApp messaging. By April of this year, WhatsApp had accomplished its goal: over a billion WhatsApp users now enjoy the protection of seamless forward secrecy by default.

This makes WhatsApp a trailblazer in the world of professional messaging services. The app boasts a respectable six out of seven marks on the Electronic Frontier Foundation's (EFF) Secure Messaging Scorecard (as a proprietary platform, WhatsApp loses marks for not submitting its code to public review). For context, AIM, BBM, Skype, and Yahoo! Messenger score only one out of seven, while Facebook chat, Google Hangouts, and SnapChat do little better with two out of seven. The key difference between these other popular platforms and WhatsApp is that WhatsApp encrypts all communications on its platform so that the company itself cannot access the data—even if it wanted to.

In other words, there is no central repository of plain-text messages that the company can access to comply with a court subpoena. Nor is there a "universal key" that can be used as a government backdoor to decrypt information. When a user sends a message on WhatsApp, he or she can feel fairly confident that no confidence man in the middle lurks between them and the intended recipient of a message. Such security is a very strong selling point in this age of constant data breaches and headache-inducing identity thefts.

In the world of information security, the best way to protect user data is to minimize the number of access vulnerabilities. As last year's Ashley Madison incident made all too clear, trusted third parties that store user data are a major target for malicious actors. A hacker would only need to target one party to gain access to millions of individuals' data. By removing itself from the equation, WhatsApp has provided a good service for its users and virtually eliminated the incentive for hackers to target the company itself.

This obviously drives governments crazy. Brazil only provides the latest (and most dramatic) case study. Public officials from China, India, and Saudi Arabia have singled out WhatsApp for public criticism or retaliatory policies. Unfortunately, they are joined by leaders of Western governments that claim to represent liberal values. David Cameron has called for a legislative "solution" to clamp down on secure technologies like WhatsApp in the U.K. Meanwhile, in the U.S., law enforcement groups battle with WhatsApp more quietly over access to encrypted data. 

The FBI had hoped to parlay the emotionalism of the San Bernardino terrorist attacks into new legislative or judicial authority to undermine encryption. WhatsApp has so far been spared from the full force of Sauron's public eye, but that could very quickly change the moment a terrorism case can be connected to the platform in any way.

The recent Brazilian blockage was quickly overturned by another court. In the meantime, tech-savvy citizens wasted little time in downloading alternative secure messaging services that had not been blocked. Governments engaging in a counterproductive war on cryptography would do well to learn from this experience. Wise policymakers will reject this counterproductive road and choose instead to focus resources on making better use of the information that law enforcement can access.

I'm not betting that many will follow this path, however. We can expect a lot more headaches from government encryption blunders over the coming years. At least, for now, we have options.

NEXT: Energy in the West Cheap and Ubiquitous Despite Policymakers' Best Efforts

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. Are you single tonight? A lot of beautiful girls waiting for you to http://goo.gl/pI9ucn
    The best adult dating site!

    1. Sheesh, Karinka — get a life!

      1. She’s trying! She seems kind of desperate, though. It’s not very attractive.

    2. start working at home with Google! It’s by-far the best job I’ve had. Last Wednesday I got a brand new BMW since getting a check for $6474 this – 4 weeks past. I began this 8-months ago and immediately was bringing home at least $77 per hour. I work through this link ====== http://goo.gl/JNLxe5

  2. there is no central repository of plain-text messages that the company can access to comply with a court subpoena.

    This reminds me of something ….

    1. PHAKE SKANDUL

      1. “It ain’t over ’til it’s over.”

      2. Anything fake should certainly not be allowed. Our distinguished leaders and law enforcement authorities, moreover, are rightly worried about this dangerous device, not only because of the threat of terrorism hanging over our head but, perhaps even more importantly, because the device can potentially be used by Trolls to further campaigns of anonymous harassment and “parody.” See the documentation of America’s leading criminal “satire” case at:

        http://raphaelgolbtrial.wordpress.com/

  3. Before I saw the bank draft which had said $9426 , I didnt believe that…my… brother woz like actualy earning money part-time at there labtop. . there uncles cousin has done this 4 less than fifteen months and by now repaid the dept on there place and got a great new Mini Cooper . read the full info here …

    Clik This Link inYour Browser
    ========== http://www.MaxPost30.com

  4. The spambots are out in force today.

  5. How are they blocking this stuff? Via DNS? Something else?

  6. here come dat boi!!!!!!

    o shit whatsapp!

  7. Super and Easiest 0nl!nee Home opportunity for all. make 87 Dollars per hour and Make 5500 Dollars per month.All you just Need an Internet Connection and a Computer To Make Some Extra cash.K2…

    ————- http://www.Review80.com

  8. Super and Easiest 0nl!nee Home opportunity for all. make 87 Dollars per hour and Make 5500 Dollars per month.All you just Need an Internet Connection and a Computer To Make Some Extra cash.K2…

    ————- ====== http://goo.gl/JNLxe5

  9. “WhatsApp has so far been spared from the full force of Sauron’s public eye, but that could very quickly change the moment a terrorism case can be connected to the platform in any way.”

    Well, if it’s honestly good encryption that will be pretty tough but I’m sure our boys in black can find a way to install that application on an unlocked iPad of a just-killed Terrorist one of these days. Just give them some time!

  10. I am making $89/hour working from home. I never thought that it was legitimate but my best friend is earning $10 thousand a month by working online, that was really surprising for me, she recommended me to try it. You will lose nothing, just try it out on the following website.

    === http://www.maxpost30.com

  11. $89 an hour! Seriously I don’t know why more people haven’t tried this, I work two shifts, 2 hours in the day and 2 in the evening?And i get surly a chek of $1260……0 whats awesome is Im working from home so I get more time with my kids.
    Here is what i did

    ?????? http://www.richi8.com

  12. Super and Easiest 0nl!nee Home opportunity for all. make 87 Dollars per hour and Make 52512 Dollars per month.All you just Need an Internet Connection and aComputer To Make Some Extra cash.
    Visit this link…… …. http://www.Reportmax90.com

  13. I’m making over $9k a month working part time. I kept hearing other people tell me how much money they can make online so I decided to look into it. Well, it was all true and has totally changed my life. This is what I do…. Go to tech tab for work detail..

    CLICK THIS LINK===== http://www.cashapp24.com/

  14. I’ve made $76,000 so far this year working online and I’m a full time student.I’m using an online business opportunity I heard about and I’ve made such great money.It’s really user friendly and I’m just so happy that I found out about it.

    Open This LinkFor More InFormation..

    ??????? http://www.Centernet40.com

  15. good Holds cross punch program copy and showing between Google android and iOS devices Xender APK mouse click on install to mount xender on pc Xender Download nice.

  16. Amazing post. I agree with you that we should take interest in our personal privacy matters and what government wants to do with our privacy. Really worth sharing post. However you can use Whatsapp for PC as it is a great free messenger app.

  17. Love Status for Whatsapp have their own charm and appeal because unlike Facebook, they are short, pithy, crisp, and even at times, monosyllabic. This lends an ambiguity and curiosity to them which urges readers to read them and respond to them unlike Facebook where the long status messages are not being read by most people.

  18. Love Status for Whatsapp have their own charm and appeal because unlike Facebook, they are short, pithy, crisp, and even at times, monosyllabic. This lends an ambiguity and curiosity to them which urges readers to read them and respond to them unlike Facebook where the long status messages are not being read by most people.

Please to post comments

Comments are closed.