Open letter to messaging apps urging platform changes to protect users

We, along with other stakeholder organizations and individuals, are issuing an open letter urging Internet-based messaging service providers like WhatsApp, Telegram, Signal and others to make modifications to their platforms so users can no longer be added to group chats without express permission. Highlighting that the current implementation of group chats leave users vulnerable to large-scale harassment and privacy violations, the open letter urges messaging service providers on behalf of the multi-stakeholder community to take immediate corrective action. We call upon other organizations and members of civil society around the world to lend their names and support to this letter.




Chris Daniels

CEO, WhatsApp Inc.

1601 Willow Road

Menlo Park, California 94025

United States of America


Mark Zuckerberg

CEO, Facebook Inc.

1 Hacker Way

Menlo Park, California 94025

United States of America


Pavel Durov

CEO, Telegram Messenger LLP

71 – 75 Shelton Street

Covent Gardent, London

United Kingdom


Moxie Marlinspike

CEO, Signal Foundation

Ma Huateng

CEO, Tencent Holdings Ltd.

Tencent Building, Tower C

No.1081 Hongmei Road, Xuhui District

Shanghai, P.R. China


SUB: Concern over handling of group messages by online messaging services


As active users of your online messaging services, and also as members of the global multi-stakeholder community around Information and Communication Technologies, we are writing to express our concern regarding the handling of group messages by your services – specifically, the ability of any user with administrator rights to add any other user to a group without the latter’s express permission. In the absence of a mechanism to prevent themselves from being added to groups that they would not like to participate in, users have no option but to manually exit the groups. This is a troubling state of affairs because users may be forcefully exposed to a range of subjectively undesirable content that they would never have signed up for otherwise, which can be particularly damaging, especially in situations where malicious actors attempt to intimidate, disparage, harass or harm individuals in any way.

For instance, journalists and reporters writing/speaking about controversial topics like political misconduct often face constant harassment from those who seek to subdue criticism. On the Internet, organized troll-groups (and independent trolls) make concerted efforts to prevent engagement on such topics by any means necessary. This frequently involves attacking the journalists/reporters with content (like highly derogatory remarks and false statements) that is designed to break spirits and discredit work. In India, prominent journalists and reporters like Ravish Kumar, Arnab Goswami, Rana Ayyub, and Karuna John among many others have expressed that they face crippling levels of online hate and harassment on a regular basis.

The problem is equally relevant for non-public-personalities as well, especially those belonging to minority and otherwise vulnerable groups. A significant number of women report having been harassed online at some point in their lives, and cyber-bullying against children is on the rise. Members of ethnic/religious minorities are routinely attacked online, as is anyone holding what is perceived to be “unpopular” opinions.

While blocking malicious actors can usually help mitigate the damage to an extent, on online messaging services like yours, they are able to easily circumvent blocks by creating groups and adding their targets to these groups. The problem is only made worse from there as personal information like phone numbers, user IDs and photographs are shared with a large number of users, which opens the doors to even greater abuse. Considering that the Internet is believed to be an important enabler of free speech and open discourse, it is highly unfortunate that a design flaw with group messages is undermining this role of the Internet in a big way. Your services also violate individual privacy as personal information is shared amongst group members without consent. In addition, they fail to observe the “privacy by design” principle – “privacy as default setting” in particular – as they do not provide adequate safeguards to prevent infringement of user rights.

We therefore urge you to take immediate steps to address this issue, and implement measures to make it so that being added to group conversations without permission is no longer a possibility. Not only will this greatly help in limiting abusive uses of your services, but it will also make users less wary of using the services, making the Internet a safer space for us all. We hope you treat this matter with utmost urgency and take corrective measures at the earliest.


Software Freedom Law Centre, India

Digital Empowerment Foundation

Centre for Internet and Society

Society for Knowledge Commons

Prof. Rahul De, Hewlett-Packard Chair Professor in ICT for Sustainable Economic Development, IIM Bangalore

Faisal Farooqui, CEO,

Geeta Seshu, Independent Journalist

Hartosh Singh Bal, Political Editor, The Caravan

Abhinandan Sekhri, Co-Founder, Newslaundry


If you would like to add your name as a signatory, please fill in your details in the fields below. Alternatively, you can support the petition here.

Related Posts