Pegasus snooping row: Could have done more with govt, says WhatsApp

In May, WhatsApp became aware of NSO Group, an Israeli company, having used a coding glitch in the messaging app that let its customers spy on some people
WhatsApp has told the government it could have worked better with authorities regarding the use of Israeli spyware, Pegasus, allegedly used to snoop on Indian citizens. The spyware had exploited vulnerability in the messaging application’s code.

In a communication to the Ministry of Electronics and Information Technology (MeitY), WhatsApp assured the government it would engage more to address issues that impact Indian citizens’ privacy, said sources. A WhatsApp spokesperson said the messaging service was committed to protecting the privacy of its over 400 million users in India. 

“The government also plays a critical role here and we are committed to continuing to engage with it in a timely manner on sensitive issues related to user privacy and security. We regret that we have not met the government’s expectations on proactive engagement on these issues and will strive to do better,” the spokesperson added.

According to an official at the MeitY, there could be a delay in the communication coming its way because of the ongoing winter session of Parliament.

The Parliamentary Standing Committee on Information Technology (IT) is scheduled to meet on Wednesday, and will discuss citizens’ data security and privacy issues. It is also expected to discuss the WhatsApp-Pegasus issue. 

In response to a question from Lok Sabha member Dayanidhi Maran on the government’s right to intercept citizens’ communications, the Minister of State for Home Affairs G Kishan Reddy said 10 agencies in India are authorised to carry out lawful interception. He added that there was “no blanket permission to any agency for interception or monitoring or decryption and permission from competent authority is required, according to due process of law and rules, in each case”. 

“This power of interception is to be exercised according to the provisions of law, rules and the standard operating procedure,” said Reddy.

In May, WhatsApp became aware of NSO Group, an Israeli company, having used a coding glitch in the messaging app that let its customers spy on some people. 

WhatsApp fixed the issue, and worked with Citizen Lab, a Toronto-based digital and human rights research group, to reach out to all the affected people and told them what they could do to keep their communications safe.

As many as 1.400 people worldwide were targeted by the spyware, including 121 in India, most of activists and journalists. On October 29, WhatsApp decided to sue NSO Group for misusing the messaging platform’s code to compromise user privacy. 

NSO Group has always maintained that it sells Pegasus only to governments. 

The issue has since taken a political turn, with the government asking WhatsApp to explain the breach of privacy. The government has also come under some heat for not answering whether any of its agencies bought Pegasus software.

“We reiterate our assurance to give safe and secure services on our platform. We look forward to working with the government to address their appropriate concerns and provide the best possible protections to all those who rely on WhatsApp to communicate,” the WhatsApp spokesperson added.

In focus
  • Govt had asked WhatsApp to explain citizens’ breach of privacy 
  • Snooping has caused problems with WhatsApp’s payment service launch
  • Parliamentary committee on IT to discuss WhatsApp snooping on Wednesday
  • WhatsApp says it will work with the government to address concerns