India’s Supreme Court issued a stinging warning to WhatsApp and its parent Meta, signaling that the judiciary will not tolerate any erosion of user privacy. The bench pressed the company to explain how personal information and metadata are monetized, and questioned whether users have any real choice in a market where WhatsApp is the default messaging tool.
In a pointed exchange, the court indicated it would not permit the sharing of user information while the appeal over a regulatory penalty is heard, underscoring that consent cannot be meaningful if people must accept broad data-sharing terms to stay connected with family, employers, and small businesses.
What the Supreme Court Said on WhatsApp Privacy
The bench, led by Justice Surya Kant and joined by Justice Joymalya Bagchi, focused less on encrypted message content and more on the behavioral and device-level signals that surround it. The judges asked how such data—contact graphs, usage patterns, device identifiers, and interaction timestamps—could be commercialized across advertising systems and AI models.
The court also stressed that ordinary users, including street vendors and domestic workers, cannot be expected to parse dense privacy policies or anticipate long-tail uses of their data. In practical terms, the judges suggested, “take it or leave it” terms are no choice at all when the service has become essential infrastructure for communication.
A Penalty and a Pivotal Appeal in the WhatsApp Case
The case stems from a WhatsApp privacy policy update that required users to accept expanded data-sharing with Meta to continue using the service. India’s competition watchdog, the Competition Commission of India, later imposed a ₹2.13 billion penalty—roughly $23.6 million—finding that WhatsApp’s dominant position amplified the coercive effect of the policy.
Meta and WhatsApp have appealed, telling the court the penalty has already been paid. The Supreme Court has sought detailed explanations of data practices and, at the regulator’s request, has added the Ministry of Electronics and Information Technology to the proceedings—broadening the case beyond competition issues into the realm of data governance.
Meta’s Defense and the Metadata Question in Focus
Meta’s lawyers maintain that messages are protected by end-to-end encryption and that neither WhatsApp nor Meta can read chat content. They argue that the policy does not weaken user protections or permit message content to be used for ads. The court’s concern, however, revolves around everything else: who you message, how often, from where, and on what device—signals that can fuel targeting, profiling, and lookalike models even without reading a single message.
Global enforcement trends bolster the court’s skepticism. European regulators previously fined WhatsApp over transparency failures around data sharing, and privacy authorities have repeatedly warned that “anonymized” datasets can be re-identified when combined with other signals. The economic value of behavioral data is well established in digital advertising; the question is whether that value can be extracted without infringing a fundamental right.
Privacy as a Fundamental Right in India’s Courts
India’s constitutional jurisprudence places privacy among core fundamental rights, which raises the bar for any private or state actor seeking to process personal data at scale. The country’s Digital Personal Data Protection Act and updated IT rules further emphasize consent, purpose limitation, and accountability—principles that stand in tension with blanket, bundled permissions and opaque cross-platform data flows.
The government’s recent push to curb online fraud—such as SIM-binding and verified device initiatives—adds another layer of complexity. While these measures can improve trust, they may also expand the universe of identifiers that platforms can access, making strict guardrails and clear minimization policies even more critical.
What This Means For Users And The Industry
With more than 500 million users in India, WhatsApp’s choices ripple across the economy. Small merchants rely on it for orders, payments, and customer service; schools and neighborhood groups use it for coordination; employers deploy it for shift management. If the court compels stronger consent flows, meaningful opt-outs, and stricter limits on metadata processing, it could set a precedent that reshapes how dominant platforms design defaults.
The implications are broader than ads. Policies on data retention and cross-use can affect the training of large AI systems, recommendation engines for business messaging, and fraud detection tools. The court’s insistence on guardrails could force companies to justify each category of data collection with clarity, not convenience.
For now, the message from the top court is unmistakable: privacy is not a toggle in an app’s settings. As the hearing resumes, WhatsApp and Meta face a high-stakes test of whether their data practices can align with both competition law and constitutional privacy standards—without asking India’s users to accept a false choice between connectivity and control.