New Delhi, India – July 5, 2026 – In a significant move that underscores the escalating tension between digital innovation and regulatory oversight, the Indian government has intervened to halt the rollout of WhatsApp’s much-anticipated username feature. Citing grave concerns over a potential surge in online fraud, impersonation, and other malicious activities, the Ministry of Electronics and Information Technology (MeitY) issued a stern notice to Meta, the parent company of WhatsApp, on July 1, 2026. This directive has ignited a crucial debate about user privacy, platform responsibility, and the extent of governmental authority over privately operated digital services in a nation with one of the world’s largest internet user bases.
The controversy centers on WhatsApp’s planned feature that would allow users to engage in chats without sharing their mobile numbers, instead relying on a unique username. While Meta champions this as an enhancement to user privacy, the Indian government views it as a significant vulnerability, potentially empowering malicious actors and complicating the already challenging landscape of cybercrime investigation. The issue has quickly evolved from a technical rollout decision to a critical test of regulatory power and the future of digital identity in India.
The Genesis of the Conflict: A Feature Under Scrutiny
The "story so far" began to unfold rapidly, with the government’s intervention coming even before the feature’s widespread launch.
WhatsApp’s New Identity: The Username Feature Explained
WhatsApp’s username feature is designed to offer users an alternative way to connect, enhancing privacy by allowing individuals to communicate without revealing their personal phone numbers. Instead of a mobile number, new contacts would only see a user’s chosen username, an optional identifier that users can reserve. This functionality aligns with similar features already present on other popular messaging platforms like Telegram and Signal, aiming to provide greater control over personal information.
According to WhatsApp, the feature is intended to simplify connections and offer an added layer of privacy. To contact someone, users would need to know the exact username, as there is no public search directory within the app itself. Recognizing potential concerns, WhatsApp also announced a Personal Identification Number (PIN) safeguard. Users worried about their usernames being guessed could set a PIN, preventing unauthorized contact even if the username is known. Meta has consistently stated that the feature, while in its reservation phase, would be rolled out widely over the next few months, complete with multiple security safeguards. The underlying intent, from Meta’s perspective, is to empower users with more choices in how they manage their digital identity and interactions on the platform.
Government Intervention: MeitY’s Formal Notice
On July 1, 2026, the Ministry of Electronics and Information Technology (MeitY) dispatched a formal notice to Meta, demanding an immediate halt to the rollout of WhatsApp’s username feature. The Ministry’s communication, a copy of which was reviewed by The Hindu, minced no words in expressing its apprehension. The core of MeitY’s argument was that by allowing users to hide their phone numbers behind a username, the feature would create an environment ripe for various forms of online malfeasance. Specifically, the notice highlighted an anticipated increase in online fraud, sophisticated phishing attacks, the alarming trend of "digital arrest" scams, and pervasive impersonation attacks.
The government’s stance was clear: the anonymity afforded by usernames, coupled with the absence of directly verifiable phone numbers, could significantly hamper law enforcement’s ability to track and apprehend perpetrators. The notice served as a direct challenge to Meta’s product development strategy, signaling a proactive and assertive approach by the Indian government towards regulating digital platforms operating within its jurisdiction. This initial notice to WhatsApp was swiftly followed by similar advisories sent to other messaging applications – Telegram, Signal, and the homegrown Arattai – all of which have long offered username functionalities that permit phone number concealment. This broader action indicated a systemic concern rather than an isolated issue with WhatsApp alone, pointing towards a comprehensive re-evaluation of digital identity norms across major communication platforms.
Unpacking the Government’s Concerns: A Digital Minefield
The Indian government’s trepidation is rooted in a pragmatic assessment of the country’s vast and rapidly digitizing population, where online fraud and impersonation schemes are already rampant.
The Specter of Impersonation and Fraud
MeitY’s primary apprehension revolves around the ease with which the username feature could "facilitate impersonation and identity spoofing." The Ministry articulated that this could extend to individuals, public authorities, financial institutions, and even government agencies. By allowing the adoption of usernames "closely resembling those of genuine persons or institutions," the feature, in MeitY’s view, creates a fertile ground for deception. The absence of a readily identifiable phone number, which often serves as a primary verification layer, could make it significantly harder for users to distinguish legitimate contacts from malicious actors.
In a country where millions of new internet users come online annually, often with varying levels of digital literacy, the risk of falling prey to such sophisticated schemes is substantial. Impersonation can range from simple identity theft for personal gain to more complex scams designed to extract financial information or manipulate public opinion. The government fears that a widespread rollout of usernames without robust safeguards could erode trust in digital communications and make it easier for criminals to operate undetected.
Public Personalities Raise Alarm
The government’s concerns found immediate resonance among prominent public figures and industry leaders, who quickly pointed out the practical challenges posed by the username system. MobiKwik founder Bipin Preet Singh, a respected voice in India’s digital economy, took to the social media platform X (formerly Twitter) to share his experience. He revealed that variations of his own name had already been reserved by other users, illustrating the immediate potential for confusion and impersonation. Singh’s post, stating "Not a good idea at all. Will lead to proliferation of fraud and impersonation," encapsulated the anxieties of many who foresee a chaotic scramble for legitimate digital identities.
This immediate real-world example provided concrete evidence supporting MeitY’s theoretical concerns. The ability for anyone to claim a username resembling that of a public figure, a government official, or a well-known brand, without stringent verification, creates an environment where trust can be easily exploited. Victims could inadvertently share sensitive information or engage in transactions with imposters, believing they are communicating with genuine entities.
Precedent and Parallels: Other Messaging Platforms
MeitY’s decision to extend similar notices to Telegram, Signal, and Arattai highlights a broader regulatory philosophy. While these platforms have offered username features for some time, allowing users to conceal their phone numbers, the government’s current action suggests a re-evaluation of these existing functionalities in light of the evolving threat landscape. This move indicates that the government is not merely singling out WhatsApp but is concerned about the systemic implications of such features across the digital communication ecosystem.

The existence of these features on other platforms, however, also presents a complex challenge. If the government seeks to ban or significantly alter such features, it must do so consistently across the board, raising questions about the practicality and legal enforceability of such widespread interventions. The historical context of these features on other apps could either strengthen the argument for uniform regulation or highlight the difficulty of retroactively imposing new rules on established functionalities.
The Digital Arrest Scam: A Growing Threat
Among the specific threats highlighted by MeitY, the "digital arrest scam" stands out as a particularly insidious and rapidly evolving form of cybercrime. This scam typically involves fraudsters impersonating law enforcement agencies, government officials, or even judiciary members. They contact victims, often through messaging apps, claiming that the victim’s identity has been used in a crime, such as money laundering, drug trafficking, or a terror plot. The scammer then threatens the victim with "digital arrest" or immediate legal action unless a "bail" or "fine" is paid, usually through digital channels.
The psychological manipulation involved is significant, with scammers often using sophisticated tactics to create a sense of urgency and fear. The ability to hide behind a username, rather than a traceable phone number, would make it exponentially easier for these criminals to operate. Victims, unable to verify the identity of their accuser through a direct phone number check, would be more susceptible to believing the false claims and complying with demands. MeitY’s explicit mention of this scam underscores the government’s deep concern about protecting citizens from these high-stakes, emotionally manipulative frauds, which have already resulted in significant financial losses for many in India.
WhatsApp’s Defense: Safeguards and Dialogue
In response to the Indian government’s assertive stance, WhatsApp has moved quickly to address the raised concerns, emphasizing its commitment to user safety and compliance.
Proactive Measures: Username Reservation and Visibility
A WhatsApp spokesperson immediately countered some of the government’s fears by outlining existing and planned safeguards. Crucially, Meta had already "reserved" usernames of prominent personalities, including public figures, government entities, celebrities, and verified Meta accounts. This proactive measure aims to prevent imposters from claiming these high-profile handles, a direct response to concerns like those voiced by Bipin Preet Singh. While this addresses one aspect of impersonation, the vast majority of ordinary users and smaller businesses remain potentially vulnerable.
Furthermore, WhatsApp stated that if a user receives a message from someone who has hidden their phone number, the platform will display the sender’s country of origin. It will also indicate whether the sender is already saved in the recipient’s phonebook. This mechanism aims to provide recipients with additional context to assess the legitimacy of an unknown sender, potentially allowing them to make a more informed decision about whether to engage. The spokesperson also reiterated that users always retain the choice to avoid responding to strangers, emphasizing user autonomy in managing their interactions.
Engagement with Authorities
Recognizing the gravity of the situation, WhatsApp officials promptly met with MeitY representatives on July 3, just two days after the initial notice, to present their views and clarify their position. This direct engagement signifies WhatsApp’s intent to cooperate and find common ground with the Indian government. A formal written response to the government’s notice was due on July 4, indicating a rapid and structured communication process between the platform and the regulatory body.
The dialogue between WhatsApp and MeitY is critical, as it provides an opportunity for both sides to articulate their concerns and proposed solutions. WhatsApp’s challenge is to convince the government that its planned safeguards are robust enough to mitigate the risks of fraud and impersonation without compromising the privacy benefits of the username feature. The outcome of these discussions will likely shape not only the future of WhatsApp’s feature in India but also broader regulatory frameworks for digital identity on messaging platforms.
The Legal Labyrinth: Government Authority vs. Platform Autonomy
The government’s notice has not only sparked a debate about fraud but has also opened a crucial legal discussion regarding the extent of state power over private digital platforms.
Defining "Intermediary" and "Significant Social Media Intermediary"
MeitY’s legal basis for issuing the notice rests on WhatsApp’s classification as an "intermediary" and, more specifically, a "significant social media intermediary" (SSMI) under Indian law. The notice cited Section 2(1)(w) of the Information Technology Act, 2000, read with Rules 2(1)(v) and 2(1)(w) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. An SSMI is defined as a platform with more than 50 lakh (5 million) registered users in India; WhatsApp, with an estimated user base exceeding 80 crore (800 million) in the country, clearly falls into this category.
This classification is crucial because SSMIs are subject to enhanced due-diligence obligations and other responsibilities outlined in the 2021 IT Rules. These obligations include appointing resident grievance officers, nodal contact persons, and chief compliance officers, along with enabling the identification of the "first originator" of information for specific offenses. The government’s argument is that these rules grant it the authority to ensure that platform features do not undermine the safety and security objectives that SSMIs are mandated to uphold.
The IT Act, 2000 and Rules, 2021: A Closer Look
Beyond the SSMI classification, the government’s notice also invoked specific sections of the Information Technology Act, 2000, to buttress its claims. These included Section 66C (punishment for identity theft), Section 66D (punishment for cheating by personation by using computer resource), and Section 79 (Exemption from liability of intermediary in certain cases).
Sections 66C and 66D directly address the crimes of identity theft and cheating by personation, which are at the heart of MeitY’s concerns regarding the username feature. By citing these, the government implies that a feature facilitating such crimes could potentially make the platform complicit or, at the very least, fail in its duty to prevent them.

Section 79, concerning "intermediary liability/safe harbour," is particularly contentious. In essence, Section 79 provides intermediaries with protection from liability for third-party content, provided they adhere to certain due diligence requirements. The government appears to be interpreting this section not just as a shield for platforms, but also as a basis for demanding that platforms actively prevent features that could lead to illegal activities, thereby fulfilling their "due diligence" obligations.
The Internet Freedom Foundation’s Stance: A Challenge to Authority
The government’s legal interpretation, however, has been swiftly challenged by digital rights advocacy groups. The Delhi-based Internet Freedom Foundation (IFF) issued a scathing statement, asserting that MeitY’s notice treats "the launch of a lawful feature as a wrong the company must justify." The IFF argued that the IT Act and its accompanying rules do not grant the government the power to "approve a product feature before release or order one withdrawn."
According to the IFF, MeitY "does not name any provision that lets it approve a product feature before release or order one withdrawn, because there is none, and the provisions it does cite do not supply that power." Specifically, regarding Section 79, the IFF clarified that it is a "safe harbour that protects an intermediary from liability for what its users post, so long as it observes due diligence." It defines when a platform can be held liable, but critically, "It is not a power for MeitY to decide what features the platform may offer." This interpretation suggests that while the government can hold platforms accountable for illegal content after it appears, it cannot preemptively dictate or veto product design. The IFF’s position highlights a fundamental disagreement over the scope of regulatory authority in the digital sphere, setting the stage for a potential legal showdown.
Precedent and the Future of Digital Regulation in India
This isn’t the first time WhatsApp’s operations have come under the Indian government’s scrutiny. Given its status as arguably the largest digital platform in the country, with an unparalleled reach, WhatsApp has been a frequent subject of regulatory attention. For instance, following a global outage of the app in October 2022, then IT Minister Ashwini Vaishnaw confirmed that the government had asked the company to share the reasons for the disruption. More significantly, WhatsApp has been embroiled in protracted legal battles with the Indian government over its privacy policy updates, particularly concerning data sharing with parent company Meta, with the government consistently pushing for greater transparency and user control.
The current dispute over the username feature adds another layer to this ongoing regulatory saga. It signifies a potential shift from post-facto accountability for content to pre-emptive control over product features. If MeitY succeeds in compelling WhatsApp to halt or significantly alter the feature, it could set a powerful precedent for how digital platforms are designed and operated in India. This could embolden the government to exert greater influence over product development, impacting innovation and the autonomy of technology companies. Conversely, if WhatsApp and digital rights groups successfully challenge the government’s authority, it could reaffirm the limits of state intervention in platform design.
Broader Implications and the Road Ahead
The standoff over WhatsApp’s username feature is more than just a debate about a single app; it represents a microcosm of the larger global challenge of balancing technological innovation with public safety and national security.
Balancing Innovation with User Safety
At its heart, this conflict encapsulates the tension between user privacy and public security. WhatsApp argues that usernames enhance user privacy by allowing communication without sharing personal phone numbers, a legitimate privacy benefit in an age of increasing data breaches and unsolicited contact. However, the government counters that this very privacy mechanism can be exploited by malicious actors, making it harder to identify and prosecute criminals. The challenge lies in finding a solution that preserves the benefits of innovation (like enhanced privacy) while rigorously mitigating the risks to user safety. This often requires complex technical solutions, robust verification mechanisms, and agile regulatory frameworks that can adapt to rapidly evolving digital threats.
The Evolving Landscape of Digital Identity
The debate also delves into the fundamental nature of digital identity. Traditionally, phone numbers have served as a primary, albeit imperfect, form of digital identity on messaging platforms. The shift to usernames represents a move towards a more abstract, self-assigned identity. While this offers flexibility, it also raises questions about accountability and traceability in the digital realm. As more of our lives move online, the integrity and verifiability of digital identities become paramount for everything from financial transactions to social interactions. This incident highlights the need for a comprehensive policy framework for digital identity that addresses both privacy and security concerns.
Potential Outcomes and Future Scenarios
Several outcomes are possible. WhatsApp could agree to implement more stringent safeguards than initially planned, such as enhanced verification for usernames, tighter restrictions on similar-looking handles, or a more transparent reporting and redressal mechanism for impersonation. The government might accept these assurances, allowing the feature to proceed with modifications.
Alternatively, the government could maintain its firm stance, potentially leading to a protracted legal battle. Such a battle would have far-reaching implications, potentially setting a precedent for how much control governments can exert over feature design on digital platforms. A third scenario involves WhatsApp choosing to delay or entirely abandon the feature in India, a significant setback given the country’s massive user base. The outcome will largely depend on the ongoing negotiations, the legal interpretations of the IT Act, and the political will of both sides to reach a compromise.
Conclusion
The Indian government’s intervention regarding WhatsApp’s username feature marks a critical juncture in the ongoing dialogue between digital platforms and national regulators. It vividly illustrates the challenges of navigating the complex terrain where technological advancements, user privacy, and national security intersect. While WhatsApp aims to empower users with greater control over their digital identities, MeitY’s concerns about escalating fraud and impersonation are equally valid in a country grappling with a surge in cybercrime.
As both parties engage in dialogue and potential legal skirmishes, the ultimate resolution will not only determine the fate of a single WhatsApp feature but will also cast a long shadow over the future of digital innovation and regulation in India. The balancing act between fostering technological progress and safeguarding the digital well-being of over a billion citizens remains a formidable task, with this particular incident serving as a poignant reminder of the high stakes involved in shaping India’s digital destiny.
