The MP High Court just handed a PIL petitioner a reality check, and the digital rights crowd is already mourning. They’re wrong. By directing the petitioner to the Data Protection Board instead of entertaining a crusade against Instagram’s end-to-end encryption (E2EE), the court didn't just dodge a legal bullet—it exposed the massive, gaping hole in how we talk about "privacy."
We’ve been sold a lie that encryption is a binary choice between total freedom and a police state. It isn't. The current obsession with keeping every single byte of data in a black box is a luxury of the naive. While activists scream about the sanctity of the private chat, they are ignoring the fact that we’ve built a digital infrastructure that protects the predator just as efficiently as the protestor.
The "lazy consensus" says encryption is an absolute right. It’s time to dismantle that.
The Myth of the Sacred Black Box
The argument for E2EE is usually framed as a defense against government overreach. If the government can see your messages, we’re one step away from 1984. That’s a convenient narrative for tech giants who want to offload the massive cost of content moderation onto the "architecture" of their apps.
When Meta rolls out E2EE across Instagram and Messenger, they aren't doing it out of the goodness of their hearts. They’re doing it because it’s cheaper. If they can’t see the content, they can’t be held responsible for failing to police it. By pushing for total encryption, we aren't just protecting our "good mornings" to our moms; we are providing a friction-free environment for human trafficking, child exploitation, and radicalization.
The High Court was right to pivot. The judiciary shouldn't be the ones deciding where the "off" switch for encryption lives. That is a policy nightmare that belongs in the hands of a technical board capable of understanding that absolute privacy is absolute lawlessness.
Why the Data Protection Board Is a Better Battlefield
The petitioner wanted the court to force Meta’s hand. The court said, "Go talk to the experts." This wasn't a dismissal; it was a tactical redirection.
The Data Protection Board (DPB) under the Digital Personal Data Protection Act (DPDPA) is designed to handle the nuance that a courtroom can’t. Courts deal in precedents and statutes; boards deal in frameworks and technical reality. The "right to privacy" is not a suicide pact for society.
- Traceability vs. Privacy: The core of the row is traceability. If a crime is committed, can the originator be found?
- The Technical Fallacy: Activists claim you can’t have a "backdoor" without breaking the whole system. This is a false dilemma. We don't need a backdoor; we need a front door with a warrant.
- The Accountability Gap: Platforms benefit from the "dumb pipe" defense. They want to be the post office, but they’re actually the ones hosting the party.
If we keep treating encryption as a theological issue rather than a technical one, we lose. The DPB has the mandate to create a middle ground where metadata—the who, when, and where—can be leveraged without needing to read the "what."
The Cost of Your Digital Anonymity
I’ve seen how this plays out in the real world. I’ve worked with teams trying to track illicit networks that vanish the second they move from public feeds to encrypted DMs. It’s like chasing ghosts in a hall of mirrors.
When we talk about E2EE on Instagram, we aren't talking about whistleblowers in a dictatorship. We are talking about an app used primarily by minors. By refusing to allow any level of oversight or "lawful interception," we are effectively saying that a 14-year-old’s safety is less important than a tech billionaire’s branding of "privacy."
Let’s look at the actual mechanics. E2EE uses public-key cryptography where only the sender and receiver have the keys.
$$C = E(K_{public}, M)$$
$$M = D(K_{private}, C)$$
In this equation, $M$ is the message, $E$ is encryption, and $D$ is decryption. The "privacy" advocates argue that if anyone else gets a key, the math breaks. That’s a simplistic view of a complex social contract. We already compromise on physical privacy for safety every time we go through an airport scanner or allow a bank to report a "suspicious" transaction. Why is digital data the only realm where we demand total, uncompromised darkness?
The Fallacy of "Privacy First"
The "People Also Ask" sections of the internet are filled with variations of "How do I keep my chats private?"
The better question is: "Why do you think your chats are private in the first place?"
Even with E2EE, you are being tracked. Your location, your device ID, your contact list, and your usage patterns are all harvested. Meta knows who you are talking to even if they don't know what you’re saying. The push for E2EE is a smoke screen. It’s "privacy theater" designed to make you feel safe while the data that actually matters—the data that sells ads—is still being vacuumed up.
By fighting for E2EE while ignoring the exploitation of metadata, we are winning a symbolic battle while losing the actual war for our digital identities.
Stop Citing the Right to Privacy Without Context
The landmark Puttaswamy judgment in India didn't say privacy is an absolute. It said it’s a fundamental right subject to reasonable restrictions. National security, public order, and the prevention of crime are those restrictions.
The MP High Court’s decision to steer the petitioner toward the DPB is a signal that the era of "judicial activism" for big tech’s convenience is ending. We need a regulatory framework that demands transparency from platforms.
If Instagram wants to offer E2EE, they should be required to prove they have alternative methods to stop the spread of CSAM (Child Sexual Abuse Material) and other illegal content. If they can’t, then the encryption isn't a feature—it’s a liability.
The Uncomfortable Truth
The truth is that most people don't actually care about E2EE. They care about not having their credit card leaked or their private photos hacked. E2EE doesn't stop your phone from being compromised by malware, nor does it stop the person on the other end from taking a screenshot.
It is a specific tool for a specific problem, yet we have elevated it to a civil rights dogma.
We are currently building a world where the most dangerous people on the planet have access to the same military-grade privacy as a journalist. That is not progress. That is a failure of imagination.
The DPB has a chance to set a global standard. They should ignore the noise from the "privacy at all costs" lobby and focus on a protocol that balances the individual’s right to a private conversation with the collective’s right to a safe society.
The MP High Court didn't punt the ball. They put it in the only court where a real solution—not a slogan—can be found.
Stop crying about your "private" DMs and start asking why you’re so eager to give criminals a place to hide.
