Source linked

India ordena a WhatsApp que detenga el rodaje de nombres de usuarios por riesgos de impersonalización

El gobierno indio cita un "aumento material" en el riesgo de fraude y impersonalización, exigiendo a Meta que explique la función en tres días y no la implemente hasta que las consultas satisfagan a los reguladores.

metawhatsappindiait actcybersecuritytechnology policy

Half a billion WhatsApp users in India—the app's largest market—just became pawns in a regulatory standoff over a feature that isn't even live yet. The Ministry of Electronics and IT sent Meta a formal notice Wednesday, citing a "material increase" in phishing, digital arrest scams, and impersonation attacks if the username rollout proceeds.

Why the Government Moved Now

The notice isn't a gentle suggestion; it's a demand for a detailed explanation within three days, backed by supporting documents. Meta is explicitly directed not to roll out the username feature until consultations are completed "to the satisfaction of the Government." That's unusual teeth for a pre-launch feature.

Indian regulators specifically called out Sections 66C and 66D of the IT Act—identity theft and cheating by impersonation using computer resources—along with intermediary due diligence obligations under Section 79. The message is clear: WhatsApp's intermediary liability shield doesn't cover features designed to enable anonymous solicitation.

WhatsApp's Defense: Reserved Names and Rate Limits

WhatsApp's response tries to sound technical but reads like damage control. The company says it has "held the highest-profile names"—public figures, government entities, verified accounts—and that lookalike derivatives are reserved. That's a claims-and-prayer approach, not a cryptographic guarantee.

The real safeguards are operational: new contacts must know the exact username to message you, WhatsApp will limit how many new people an account can contact, and it will block repeated username-guessing attempts. First-time senders will be flagged with metadata—new account, mutual groups, country origin—before the user responds. These are sensible anti-abuse measures, but they rely on Meta's detection systems catching patterns fast enough.

The Core Tension: Privacy vs. Accountability

Paytm founder Vijay Shekhar Sharma and KnotDating CEO Jasveer Singh both went public with concerns that similar-sounding usernames become vectors for impersonation. The feature's entire value proposition—chatting without revealing your phone number—is also its primary attack surface.

India's move isn't about banning usernames; it's about forcing Meta to prove the safeguards work before 500 million users become unwitting penetration testers. When a government cites Section 79(3)(a) on aiding unlawful acts, you know they're ready to pull the intermediary liability plug.

WhatsApp will try to negotiate, maybe offer a verification tier or a court-ordered disclosure mechanism. But the three-day clock is ticking, and the rollout is paused until regulators say otherwise. That's how you get a feature designed for privacy to pass muster in a country that treats digital impersonation as a national security issue.


Source: Govt asks WhatsApp to halt username rollout, issues notice to Meta
Domain: yourstory.com

Read original source ->

External source stays available while the OJO article and comment thread stay local.

Comments load interactively on the live page.