We have asked WhatsApp to explain what it is doing to safeguard the privacy of Indian citizens, Prasad tweeted on Thursday (Photo: HT)
We have asked WhatsApp to explain what it is doing to safeguard the privacy of Indian citizens, Prasad tweeted on Thursday (Photo: HT)

Centre to WhatsApp: Why didn’t you tell us about hacks earlier?

  • IT Minister Ravi Shankar Prasad met WhatsApp officials on 26 July and 11 September to discuss concerns over traceability of messages
  • Responding to the Centre’s complaint, WhatsApp said it had told the government about the incident in May

NEW DELHI : New Delhi: The Centre said on Friday it was unhappy that social messaging platform WhatsApp had failed to disclose in past meetings with the government that Indian citizens were being spied upon.

Information technology minister Ravi Shankar Prasad had met the senior management of the company on 26 July and 11 September to discuss the government’s concerns over “traceability of messages".

“In all our high-level interactions with WhatsApp over traceability concerns, the senior management never disclosed that snooping was happening," a senior government official said, requesting anonymity.

According to the Information Technology Act, all companies operating in India are required to report any incident of cyber fraud to the Centre.

“Social messaging platforms are answerable to national security agencies, something that the government has been asking for in the past," the official added.

Over the past one year, the Centre has been urging WhatsApp to devise a system to trace the origin of malicious messages for reasons of national security, and to maintain law and order, after cases of mob lynching surfaced due to alleged misuse of the platform.

The government is also puzzled over how a particular set of people, who had spoken against the government, was targeted for snooping. “The timing is suspicious," the official said, adding that the government was wondering if “it was a rear guard action by WhatsApp to prevent the government’s measures to bring in traceability and accountability".

At least two dozen Indian journalists, activists, lawyers and academics were targeted for surveillance through a spyware developed by an Israeli company called the NSO Group, The Indian Express reported Thursday.

The Centre has already asked WhatsApp for a report on the alleged security breach after a senior executive of the social messaging platform said Indians were among those snooped upon by the Israeli company that works for governments around the world.

“Government of India is concerned at the breach of privacy of citizens of India on the messaging platform WhatsApp. We have asked WhatsApp to explain the kind of breach and what it is doing to safeguard the privacy of millions of Indian citizens," Prasad tweeted on Thursday.

The Indian breach was reported after WhatsApp sued NSO Group on Tuesday, accusing it of helping government spies break into the phones of roughly 1,400 users across four continents in a hacking spree whose targets included diplomats, political dissidents, journalists and senior government officials.

The controversy dates back to May, when the Financial Times reported WhatsApp’s vulnerability, which allowed attackers to hack into people’s smartphones using a commercial spyware called Pegasus developed by NSO Group, which also goes by the name Q Cyber Technologies.

After investigating the attack with assistance from experts at Citizen Lab, a cybersecurity research laboratory based in the University of Toronto, and an NSO employee, WhatsApp filed a lawsuit against the group seeking permanent injunction to ban the firm from using WhatsApp.

The company told the court that NSO had sent malware to 1,400 mobile devices to conduct surveillance of specific users.

WhatsApp says alerted govt in May

Responding to the Centre’s complaint, WhatsApp said it had told the government about the incident in May.

“In May we quickly resolved a security issue and notified relevant Indian and international government authorities. Since then we’ve worked to identify targeted users to ask the courts to hold the international spyware firm known as the NSO Group accountable," it said in response to a Mint query.

Close