TL;DR: India's Ministry of Electronics and IT (MeitY) told WhatsApp on July 1, 2026 to halt the rollout of its planned username feature and explain within three days why it should not face regulatory action. The ministry cited phishing and digital-arrest scams as the reason. WhatsApp had announced on June 29 that users could reserve usernames to chat without exposing their phone numbers. The New Delhi-based Internet Freedom Foundation called the move regulatory overreach with no clear legal basis, comparing it to a March 2024 advisory MeitY withdrew after two weeks under public pressure.
What MeitY Demanded
On July 1, 2026, India's Ministry of Electronics and Information Technology (MeitY) sent WhatsApp a notice ordering the platform to halt its planned username feature and explain within three days why regulatory action should not be initiated under India's IT laws [1][2].
MeitY's stated concern was that usernames could "materially increase the incidence of online fraud, phishing, digital arrest scams and impersonation attacks" by enabling bad actors to contact users without exposing phone numbers [2]. The ministry warned that usernames could facilitate impersonation of "individuals, public authorities, financial institutions, and government agencies" [2]. The legal basis cited was India's Information Technology Act 2000 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021 [1]. A senior government official told TechCrunch the IT ministry is engaging with WhatsApp over the feature [2]. MeitY did not respond to The Register's request for comment [1].
What WhatsApp Built
On June 29, 2026, WhatsApp announced users could reserve usernames to be used instead of phone numbers when the feature launches later this year [1]. WhatsApp said users want to chat "without exposing their personal phone number, whether to a classmate, neighbor, professional contact, or the group chat for their child's sports team" [1].
In early testing, TechCrunch found usernames resembling prominent politicians, celebrities, business figures, and public institutions still available to reserve. The list included "indiamodi," "shahrukh.actor," "teamamitabh," "ambanijio," and "rbi_verify," referencing Prime Minister Narendra Modi, actors Shah Rukh Khan and Amitabh Bachchan, billionaire Mukesh Ambani's telecom company Jio, and the Reserve Bank of India [2]. Separately, Binance founder Changpeng Zhao said on X that he could not reserve "cz_binance," the handle he already uses on that platform [2].
Meta told TechCrunch it reserves usernames for public figures, government entities, and "some variations" of those names so only the legitimate owner can claim them, but did not explain how it decides which lookalike usernames get proactively reserved [2].
A WhatsApp spokesperson told The Register that the feature is "not yet live and will roll out slowly later this year." When it does, first-contact messages via username will display whether the sender is a new account, a contact, shares a group, or is in a different country, so the recipient can decide whether to respond [1].
Other safeguards the spokesperson named: users still need a phone number to use WhatsApp, the platform requires the exact username to start a chat, it limits how many new people a single account can contact, blocks repeated attempts to guess someone's username, and runs systems to detect common impersonation patterns. WhatsApp has reserved high-profile usernames for legitimate organizations and blocks lookalike derivatives [1].
Why IFF Calls It Overreach
The New Delhi-based Internet Freedom Foundation shared a copy of MeitY's letter and pushed back: "Impersonation and fraud are real risks, but they are met by enforcing the criminal law against those who commit them. They are not met by MeitY deciding, in private and by letter, what features Indians may use" [2].
IFF also told The Register the department has no clear legal basis for halting the rollout, and that neither the IT Act nor the Intermediary Rules applied "in the context in which they were being invoked" [1]. The group compared the move to a March 2024 advisory when MeitY tried to stop AI companies from rolling out models before government approval. That advisory "was criticized as an overreach that sought to build a licensing mechanism with no empowering provision in the IT Act, and within a fortnight MeitY withdrew it and dropped the permission requirement" [1]. IFF added: "This notice repeats the move for a single feature and goes further, because it names one company, sets a three-day clock, and bars the launch until MeitY is satisfied" [1].
Why the Market Numbers Matter
TechCrunch puts India at more than 500 million WhatsApp users, calling it the app's largest market [2]. The Register, citing separate estimates, places the figure higher at over 850 million [1]. WhatsApp claims more than 3 billion users globally [1]. Either way, this is the single largest national market for any messaging platform, anywhere. A feature India blocks effectively does not ship to a sixth of humanity.
India has used the Intermediary Rules framework against messaging platforms before. In June 2026, India temporarily banned Telegram amid concerns that exam questions for the NEET-UG medical entrance exam were being shared on the platform [1]. The debate also echoes a Delhi High Court observation in a Telegram case, where the court said usernames instead of phone numbers could make it easier to conceal user identity and spread illicit content faster [2].
What the Security Community Said
Rachel Tobac, CEO of SocialProof Security, called usernames a net privacy gain but noted lookalike usernames still create impersonation opportunities: "Ultimately, usernames are a great idea to avoid leaking your phone number to folks you don't know, but it's important to verify identity with the username function too" [2]. She advised users to pick usernames that aren't easily guessable [2].
The Mozilla Foundation flagged tradeoffs: "Increased scams and impersonation from fake handles are potentially a big one. Checking a phone number can be a useful verification tool, but these harms are also permitted by the platform's fundamental design choices" [2]. Mozilla also noted that letting users claim existing Facebook and Instagram usernames shows how easily Meta can stitch identity together across its own apps, even as users can't take that identity to rival platforms [2].
What to Watch
The three-day clock runs from July 1. If WhatsApp does not respond or MeitY rejects the response, the next step is enforcement under the Intermediary Rules, the same framework India has used against Twitter, Telegram, and other platforms. If IFF is right that the legal basis is weak, the move will likely repeat the March 2024 pattern: a withdrawn advisory after public pressure.
For WhatsApp users in India, the practical effect is a delay. The username feature was already slated for a slow rollout later this year. Now it cannot ship to Indian accounts until MeitY is satisfied, whatever that means in practice. For anyone outside India who treats usernames as a phone-number privacy upgrade, the global rollout is still on track, but a precedent set here travels.