AI With Sanket | Should WhatsApp be banned in India?

What is being shared across online platforms or with advertisers? Is it your private chat message?

That was the central question raised on AI with Sanket as the Supreme Court’s sharp remarks on WhatsApp and Meta triggered a wider debate on privacy, data-sharing, and whether India’s legal framework is equipped to deal with Big Tech.

The Federal spoke to Nikhil Pahwa, Founder and Editor of Medianama, Khushbu Jain, Advocate, Supreme Court, and Pratishtha Arora, CEO, Social and Media Matters, on what changed in 2021, what regulators and courts are probing, and what “solutions” could look like.

The discussion unfolded against the backdrop of WhatsApp’s 2021 privacy policy change and the questions it raised about how the platform monetises user data. The panellists also debated whether WhatsApp’s “end-to-end encryption” claims need independent technical auditing and how consent should work for users who cannot realistically parse complex privacy policies.

The show also returned to the Supreme Court’s blunt framing: If a platform wants to operate in India, it must respect the country’s laws and constitutional principles—an argument that shaped much of the panel’s disagreement on “privacy”, “sovereignty”, and where the boundary lies between business interests and public rights.

What changed in 2021

Pahwa traced the controversy to WhatsApp’s 2021 update to its terms and privacy policy. He said the change effectively allowed WhatsApp to share user metadata with its parent company (then described as Facebook) to enable advertising across Meta platforms such as Facebook and Instagram.

Also read: SC warns Meta, WhatsApp, says 'won’t allow exploitation of user data'

He argued that this was a reversal of earlier assurances associated with WhatsApp, including the idea that advertising would not be enabled through WhatsApp. Pahwa also noted that WhatsApp’s commercial ecosystem has grown over time, with business messaging becoming commonplace and users increasingly receiving promotional messages from businesses.

From this perspective, the 2021 policy shift was not merely a legal update but a foundational move that enabled Meta to integrate WhatsApp more tightly into its broader advertising-driven business model—while WhatsApp remained the default messaging platform for a vast user base.

The “take it or leave it” fight

Jain described WhatsApp’s 2021 policy approach as “take it or leave it,” arguing that users were effectively compelled to accept expanded data-sharing to continue using the service. She linked this to concerns that a dominant platform can impose unfair conditions by leveraging the fact that it has become a “digital town square”.

She also pointed to the tension in WhatsApp’s public posture: she said the platform has claimed that encryption prevents even the company from reading messages, while its policy changes expanded what could be shared for advertising and “business purposes”. In Jain’s framing, the core concern is not whether a company can run a business, but whether a dominant platform can change rules in a way that undermines user rights or violates Indian law.

Also read: 149 million passwords for Gmail, Facebook, Instagram, others leaked online

Arora added that for many users, privacy policies are functionally unreadable: terms appear in small fonts, written in complex language, and require acceptance to proceed. She described this as a design issue that weakens “informed choice”, especially for users who may not have the capacity or context to interpret lengthy policy documents.

Encryption vs monetisation

Pahwa underlined a separate and more serious concern: he cited a lawsuit in the US that, he said, claims WhatsApp employees can access messages—an allegation that would directly challenge WhatsApp’s long-standing encryption assertions. He explained end-to-end encryption in simple terms: the sender encrypts a message with a key, and only the recipient has the key to decrypt it, making the content unreadable even as it passes through WhatsApp servers.

Pahwa argued that these claims should be independently audited and said WhatsApp should make its platform available for technical audits by cybersecurity researchers. He also suggested that users often attribute targeted ads to message content when platforms can infer intent through other signals and datasets.

At the same time, Pahwa made a broader point: he said monetisation is a business imperative for a service acquired for billions of dollars, and that ongoing services can change terms and conditions over time—as long as users are informed and given a “take it or leave it” choice. In his view, it is unrealistic to demand full privacy while also demanding that the platform remain free, given that online advertising funds much of the modern internet.

Rights, laws and “sovereignty”

Jain pushed back on the idea that this is simply a consumer choice problem. She argued that when it comes to national laws—such as competition regulation—and the individual’s right to privacy, companies operating in India must comply with the country’s legal framework. She said the debate is not about stopping business, but about whether a dominant player is “abusing” its position through data-sharing across group companies.

Also read: Is the US paying for India’s ChatGPT use? Navarro’s claim explained

Pahwa disputed parts of that framing. He argued that India’s data protection law referenced in the discussion is not yet in force, and that the “fundamental right to privacy” is enforceable primarily against the government rather than private companies. He also urged separating privacy debates from antitrust issues, while noting that advertising and data-driven monetisation is what keeps many digital services free.

Arora brought the discussion back to everyday experiences of data misuse, pointing to spam calls and unsolicited outreach as a sign that personal data circulates beyond user control. She argued that many users—particularly outside major cities—are not aware of what they are consenting to or where their personal information goes, making public awareness and policy explicability central to any meaningful reform.

What “solutions” could look like

When the discussion turned to solutions, the panel converged on one immediate demand: greater clarity on WhatsApp’s technical claims. Pahwa reiterated that WhatsApp should enable independent audits to settle questions around encryption integrity and whether employees can access chats.

On interoperability, Pahwa noted that cross-platform messaging technology has existed for decades and referred to the XMPP protocol as an example. But he questioned whether a company can be forced to adopt a particular technology and maintained that user choice remains central—users can switch platforms, though switching is difficult at scale.

Also read: DPDP rules: User rights constrained by state exemptions, loopholes, says activist

Jain outlined a set of remedies focused on consent and competition. She argued that “consent must be a choice, not a ransom” and proposed an opt-out mechanism that allows users to reject policy terms without losing access to messaging. She also referred to competition law principles, arguing that privacy policy can be treated as an aspect of service quality, and that dominant players should not degrade that quality to entrench market power.

She suggested that WhatsApp could monetise via business APIs and other revenue streams without “harvesting” private user chat data. She also called for more granular consent—clearly stating what data is collected, for what purpose, and with whom it is shared, rather than broad references to group companies.

Arora emphasised the need to decode privacy policies into simpler language, expand public dialogue on terms like “end-to-end encryption”, and use the time before India’s data protection framework becomes operational to build awareness—through collective action involving government and stakeholders.

(The content above has been transcribed from video using a fine-tuned AI model. To ensure accuracy, quality, and editorial integrity, we employ a Human-In-The-Loop (HITL) process. While AI assists in creating the initial draft, our experienced editorial team carefully reviews, edits, and refines the content before publication. At The Federal, we combine the efficiency of AI with the expertise of human editors to deliver reliable and insightful journalism.)