Facebook-owned WhatsApp could be the next tech company in line for a legal battle with the US government over encryption that's seen as frustrating a criminal investigation.
US government officials are weighing up options to resolve a "prolonged standoff" over an approved wiretap order that investigators can't act on due to WhatsApp's messaging encryption, the New York Times has reported.
Unlike Apple's predicament with the US government over the San Bernardino shooter's iPhone, this case is under seal, although according to the report it is not a terrorism investigation.
Also, the WhatsApp wiretap order is not for stored data, as with the Apple case, but rather for real-time access to messages, available under wiretap laws through phone carriers but not from the makers of encrypted messaging apps.
WhatsApp implemented end-to-end encryption in 2014, which only allows the recipient and sender to see messages.
In response to the recent arrest of Facebook's Latin America boss for non-compliance with an order relating to a criminal investigation in Brazil, Facebook said, "We cannot provide information we do not have".
According to the NYT, the Justice Department has not decided whether to ask the courts to force WhatsApp to unscramble encrypted messages. Some investigators are looking to new legislation that would introduce civil penalties for tech companies that don't help law-enforcement agencies decrypt data.
The Electronic Frontiers Foundation (EFF), which filed an amicus brief in support of Apple, notes that should the courts force WhatsApp's hand under the Wiretap Act, they will need to consider whether compliance constitutes an "undue burden", just as the courts must do in Apple's case under the All Writs Act.
"If your argument is, 'strong encryption no matter what' and that we can and should, in fact, create black boxes, that, I think, does not strike the kind of balance we've lived with for 200, 300 years," he said.
"It's fetishizing our phones above every other value. And that can't be an answer. I suspect the answer is going to come down to how do we create a system where the encryption is as strong as possible, the key is as secure as possible, it is accessible by the smallest number of people possible for a subset of issues that we agree are important."