End-to-end encryption: How NCB retrieved chats in Bollywood drug case
New Delhi, Sep 25: The probe into the Bollywood drug scandal has thrown up the names of several A-listers and many are in line to be questioned.
Most of the information that the Narcotics Control Bureau (NCB) has managed to get is from the deleted WhatsApp chats. The mobile phone of Rhea Chakraborty and others were cloned for give the agencies the option to clone it in order to give access to the chats of the film stars.
The question is while WhatsApp claims that there is end-to-end encryption, how has the NCP managed to crack the chats.
WhatsApp says in its security settings that there is end-to-end encryption for all the messages. However, the media and message back up on Google Drive or any such Cloud Services are not protected from end-to-end encryption. This encryption would mean that messages are visible only to the sender and the recipient.
However, investigators can take a users' phone and create a clone of it on another device.
This would give them access even to deleted messages with a mirror image of a phone after which all the data can be transferred to a separate device.
The agencies also retrieve data by involving forensic experts. The agencies can retrieve data such as phone call records, messages, WhatsApp chats, images as well as the data on the cloud services present on the phone.
Retrieving the chats of this Bollywood actors has raised questions about the security on WhatsApp. In a statement, WhatsApp spokesperson said that WhatsApp protects your messages with end-to-end encryption so that only you and the person you're communicating with can read what is sent, and nobody in between can access it, not even WhatsApp. It's important to remember that people sign up on WhatsApp using only a phone number, and WhatsApp doesn't have access to your message content.
WhatsApp follows guidance provided by operating system manufacturers for on-device storage and we encourage people to take advantage of all the security features provided by operating systems such as strong passwords or biometric IDs to prevent third parties from accessing content stored on device, the statement also read.
The issue cropped up after the NCB cloned Rhea Chakraborty's phone. The analysis revealed the angle of conspiracy, the NCB said. The defence however claimed that the phone was not used by them during the chat. Rhea on the other hand said it was Sushant Singh Rajput who had asked her to sent those messages from her phone.