Govt Writes To WhatsApp: New 'Username' Feature May Spike Phishing, Digital Arrest Scams

Government flags cyber fraud and impersonation risks, seeks detailed response from WhatsApp within three days.

Advertisement
Read Time: 3 mins
Govt asks WhatsApp to pause usernames rollout, flags cyber fraud and impersonation risks.
(Photo: Wikimedia Commons)

The Centre has directed WhatsApp to explain why regulatory action should not be initiated over its newly announced usernames feature, saying the rollout could increase cybercrime risks, including phishing, impersonation and digital arrest scams.

In a communication to the Chief Compliance Officer of WhatsApp LLC (Meta), India Operations, the government said it had taken note of the platform's announcement that it had begun a phased global rollout of the feature, including in India.

Advertisement

According to the government, the usernames feature would allow users to reserve unique usernames and communicate without sharing their mobile phone numbers. It noted that once fully enabled, first-time contacts would be able to initiate conversations using usernames alone, while users could also opt for an additional username key as a security control.

The government, however, said the feature may materially increase the incidence of online fraud, phishing, digital arrest scams and impersonation attacks by making it easier for bad actors to contact potential victims.

Advertisement

It further warned that the feature could facilitate impersonation of individuals, public authorities, financial institutions and government agencies by allowing usernames that closely resemble genuine identities.

ALSO READ: Govt Issues Notice To Meta Over WhatsApp's 'Usernames' Feature Amid Impersonation Concerns

"Accordingly you are directed to explain why regulatory action ought not to be initiated under the Information Technology Act, 2000 ('IT Act'), the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ('IT Rules, 2021') and other laws as may be applicable for launching a feature that may increase cybercrimes," the government said in its letter.

The Centre noted that WhatsApp is classified as both an intermediary and a significant social media intermediary under the IT Act and the IT Rules, 2021, making it subject to due diligence obligations prescribed under the law.

Advertisement

The communication specifically cited Section 79 of the IT Act, which grants intermediaries safe harbour protection subject to compliance with due diligence requirements, along with Rules 3(1)(b), 3(2) and 4 of the IT Rules, 2021, including provisions relating to identifying the first originator of a message when lawfully required.

ALSO READ: Govt To Examine WhatsApp's Usernames Feature Over Impersonation Concerns

The government also referred to Sections 66C and 66D of the IT Act, which deal with identity theft and cheating by personation using computer resources or communication devices.

The Centre has directed WhatsApp to submit a detailed explanation, supported by relevant documents, within three days of receiving the communication. It has also instructed the company not to roll out the usernames feature in India until consultations with the government are completed to its satisfaction.

Essential Business Intelligence, Sharp Market Insights, Practical Personal Finance Advice, Daily Fuel, Gold and Silver Prices and Latest Stories — On NDTV Profit.

Loading...