WhatsApp admits it could've handled data breach better
WhatsApp told the govt that it could have communicated the issue better, deprting from its earlier stance.
“Some statements have appeared, based on reports in media, regarding this. These attempts to malign the government of India for the reported breach are completely misleading,” he said, when asked whether the government had taken cognizance of reports alleging it had purchased the Israeli NSO Group-owned Pegasus spyware, reportedly behind the attack on WhatsApp. ET was the first to report on November 6 that WhatsApp delayed communicating to India the vulnerability that affected 121 people in the country. The government said a spyware possibly affected around 1,400 users globally, including Indians, according to the ministry's response.
“The government is committed to protect the fundamental rights of citizens, including the right to privacy. The government operates strictly as per provisions of law and laid down protocols,” Prasad said in a written response to a question by Asaduddin Owaisi. WhatsApp told the government that it could have communicated the issue better to the Indian authorities, it said in a statement, in a departure from its earlier stance on the issue. On September 5, 2019 WhatsApp wrote to CERT-In mentioning an update to the security incident reported in May, and that while the full extent of this attack may never be known, WhatsApp continued to review the available information, according to the response.
Separately, the government said it was “working on the Personal Data Protection Bill to safeguard the privacy of citizens, and it is proposed to table it in Parliament,” Prasad said, without mentioning a timeline. It informed Parliament that there was no proposal to link Aadhaar with social media accounts of individuals, and said that Section 69A of the Information Technology Act, 2000, empowers the government to block data under certain conditions, such as public order and security of the state.