iWorld
CCI orders probe on WhatsApp’s new privacy policy
NEW DELHI: The Competition Commission of India (CCI) has launched an investigation into WhatsApp’s new privacy policy, amid the raging debate over users’ privacy on social media platforms.
The antitrust body has taken a prima facie view that the messaging app’s new policy is in contravention of India’s Competition Act. "…the Commission is of the considered opinion that WhatsApp has prima facie contravened the provisions of Section 4 of the Act through its exploitative and exclusionary conduct, in the garb of policy update,” said the order passed by the CCI, as reported by legal website LiveLaw.
The development comes days after the Centre urged the Delhi high court to restrain the Facebook-owned platform from implementing its controversial new privacy terms, stating that the terms are not in alignment with 2011 IT rules.
The controversial policy was initially expected to come into effect on 8 February but was later deferred to 15 May amid severe backlash from users. The app plans to make it mandatory for users to agree to its new data-sharing norms, a key point of which is allegedly sharing data from WhatsApp business chats with Facebook. Since there was no opt-out option, there were apprehensions about privacy which led people to migrate to alternate messaging apps, like Signal and Telegram.
On 19 January, the CCI took a suo motu cognisance of the potential impact of the policy and terms for WhatsApp’s users and the market. In its statement, WhatsApp had stated that it “remains committed to protecting people’s personal communications with end-to-end encryption and providing transparency about how these new optional business features work.”
According to media reports, CCI has pinpointed several other concerns with the new privacy policy, including aspects such as the “opacity, vagueness, open-endedness and incomplete disclosures” hiding the actual data cost that a user incurs for availing WhatsApp services.
India is also the messaging app's biggest user base, with over 400 million users across the country. Union IT minister Ravi Shankar Prasad had also asserted that any digital platform must maintain the sanctity of personal communication and not infringe upon the rights of Indians who operate it.
iWorld
Meta warns 200 users after fake Whatsapp spyware attack
Italy-targeted campaign used unofficial app to deploy surveillance spyware.
MUMBAI: It looked like a message, but it behaved like a mole. Meta has warned around 200 users most of them in Italy after uncovering a targeted spyware campaign that weaponised a fake version of WhatsApp to infiltrate devices. The attack, first reported by Agenzia Nazionale Stampa Associata, relied on classic social engineering with a modern twist: persuading users to download an unofficial WhatsApp clone embedded with surveillance software. The malicious application, believed to be developed by Italian firm SIO through its subsidiary ASIGINT, was designed to mimic the real app closely enough to bypass suspicion.
Meta’s security teams identified roughly 200 individuals who may have installed the compromised version, triggering immediate countermeasures. Affected users were logged out of their accounts and issued alerts warning of potential privacy breaches, with the company describing the incident as a “targeted social engineering attempt” aimed at gaining device-level access.
The malicious app was not distributed via official app stores but circulated through third-party channels, where it was presented as a legitimate WhatsApp alternative. Once installed, it reportedly allowed external operators to access sensitive data stored on the device turning a simple download into a potential surveillance gateway.
According to Techcrunch, Meta is now preparing legal action against the spyware developers to curb further misuse. The company, however, has not disclosed details about the specific individuals targeted or the extent of data compromised.
A Whatsapp spokesperson reiterated that user safety remains the top priority, particularly for those misled into installing the fake iOS application. Meanwhile, reports from La Repubblica suggest the spyware may be linked to “Spyrtacus”, a strain previously associated with Android-based attacks that could intercept calls, activate microphones and even access cameras.
The episode underscores a growing reality in the digital age, the threat is no longer just what you download, but where you download it from. As unofficial apps become increasingly convincing, the line between communication tool and covert surveillance is getting harder to spot and far easier to exploit.
