SFLC.in Statement on MeitY’s Notice to WhatsApp to Halt Rollout of Username Feature

 Statement on MeitY’s Notice to WhatsApp to Halt Rollout of Username Feature 

 

On 29th June 2026, WhatsApp announced a phased rollout of a feature that lets users choose a username and opened reservations for username on the app. Pursuant to this, the Ministry of Electronics and Information Technology (“MeitY”) has issued a notice (“Notice”) to halt the rollout of the username feature in India, the country that has the largest user base for WhatsApp in the world. MeitY has issued the said notice primarily in regard to concerns over increased online fraud, ​phishing, and impersonation attacks that allow bad actors to contact victims without disclosing their phone numbers. MeitY has asked WhatsApp to furnish a detailed explanation on the username feature in the next three days, and has directed the company to not rollout the feature until consultation on the matter is over.

 

SFLC.in is concerned by MeitY’s Notice directing WhatsApp not to rollout its proposed username feature until consultations are completed “to the satisfaction of the Government.” We also maintain that WhatsApp needs to establish security safeguards and provide better transparency to users prior to the rollout of the username feature.

 

The username feature is intended to allow users to communicate without immediately disclosing their mobile numbers to first-time contacts. In today’s digital ecosystem,  mobile number is used as a digital identifier and is linked to a user’s banking services, government platforms, financial accounts, messaging services, social media, e-commerce platforms, and numerous other aspects of an individual’s digital life. To connect with another person on WhatsApp, users can simply share their username instead of unnecessarily sharing a mobile number which can expose them to spam calls and other digital frauds. The username feature is thus a privacy-enhancing technology that minimizes the disclosure of personal information. Such features are also available for other messaging apps, for example, Signal primarily relies on username feature, while ensuring user safety with safety prompts.

 

Firstly, we agree that India continues to witness a sharp rise in cyber-enabled financial fraud, phishing attacks, impersonation, and digital arrest scam among others  and that the concerns identified by MeitY are justified. However the law doesn’t allow the Government to halt a new feature rollout nor does it confer power to require platforms to obtain prior approval before introduction of a new product feature. A Notice that effectively prevents the deployment of a product feature raises concerns about executive overreach in the absence of a clear statutory basis for such intervention. The Notice issued by MeitY effectively means any platform will require a new feature to be vetted by the Government before it can be rolled out. This is a slippery slope towards executive pre-censorship of product design without any legal basis. Such a precedent, if left unquestioned for legal authority, would allow the Government to exercise unauthorised power to subject product design to executive approval prior to launch.

 

SFLC.in therefore urges MeitY to withdraw the Notice that subjects software features to prior governmental approval and to publicly identify the precise statutory provision under which it claims the authority to direct halt of the rollout of the username feature.

 

Secondly, while we appreciate WhatsApp for its efforts to introduce a privacy preserving username feature, in light of increased cyber crimes happening in India and considering the large-scale user base that WhatsApp has in India, we urge WhatsApp to provide greater transparency regarding the safeguards planned for the username feature. WhatsApp should provide a username reservation policy which should explain how username will be protected against impersonation especially with regard to public institutions, business and public figures. The policy should also clarify how usernames that closely resemble reserved usernames will be identified and treated to prevent impersonation and misuse. Additionally, WhatsApp can introduce a message request feature for first-time chats through usernames. Until the recipient accepts the request, the sender will not be able to send links, APK files, or media. This would help reduce scams while protecting user privacy. Further WhatsApp should state how its grievance redressal mechanisms will function in a timely and effective manner. WhatsApp should also clarify whether the username feature has any implications for cross-platform data sharing across Meta platforms, account linking or profiling across Meta platforms.

 

SFLC.in therefore urges WhatsApp to introduce stronger safeguards for the username feature prior to its rollout and provide greater transparency to its users regarding its design, operation and usage.