WhatsApp response on snooping row shows Indian government was aware of privacy breach affecting users


Days after Union Minister Ravi Shankar Prasad reacted angrily to reports of privacy breach by Israeli spyware affecting a group of WhatsApp users in India, the Facebook-owned messaging platform has claimed that it informed the Narendra Modi government about malware attack way back in May only.


A statement by WhatsApp said, “Our highest priority is the privacy and security of WhatsApp users. In May we quickly resolved a security issue and notified relevant Indian and international government authorities.”

It added, “Since then we’ve worked to identify targeted users to ask the courts to hold the international spyware firm known as the NSO Group accountable.”

The statement by WhatsApp concluded, “We agree with the government of India it’s critical that together we do all we can to protect users from hackers attempting to weaken security. WhatsApp remains committed to the protection of all user messages through the product we provide.”

If WhatsApp’s claims are true, then the question may arise on Prasad’s outrage to the latest reports of certain WhatsApp users’ privacy breach by spyware, manufactured by Israeli company NSO. Prasad’s response was aimed at countering reports that certain journalists and human rights activists were targeted at the behest of the central government.

The Congress had demanded immediate intervention by the Supreme Court since the top court had ruled in 2017 that privacy was a fundamental right. The apex court is currently also hearing a host of petitions on the government’s attempts to monitor WhatsApp messages.

The controversy gained momentum after it emerged that Israeli spyware was used to snoop on several Indian journalists and civil rights activists in April and May this year. The government is accused of using Israeli spyware Pegasus to compromise mobile phones of Indian journalists and activists critical of the government policies.

WhatsApp and its parent Facebook have sued the Israeli NSO Group, the manufacturer of the spyware, alleging that the Israeli company used malware to hack into the mobile phones of 1,400 people and conduct surveillance.

Usually, Pegasus sends a link to a user it intends to snoop on. Soon after the user clicks the link, his or her phone is comprised as the malware allows the hacking of phone calls, text messages and even the use of the camera to take live photos of locations that the user is visiting. However, on this occasion, Pegasus was believed to have targeted users by simply giving them missed calls.