The government conveyed its reservations to the Facebook–backed company at a meeting, held in July, between IT secretary Ajay Prakash Sawhney and top WhatsApp executives, including COO Matthew Idema, according to ET. Last week, we reported that the government told WhatsApp that it should prioritize on curbing fake news on its platform, over the plans to launch its payments services in the country. This development also happened at the aforementioned meeting between WhatsApp executives and officials from MeitY
No physical presence, ‘doesn’t give us the confidence’: MeitY
According to ET’s report, the government is skeptical of allowing WhatsApp to launch its payment service given the fact that the company has no prior experience in this domain, anywhere in the world. Couple that with no physical presence in the country and a potential user base of over 220 million people, the company ‘doesn’t give us the confidence’, ET quoted an anonymous senior MeitY official as saying.
Moreover, MeitY officials went as far to say that without any physical presence, WhatsApp will not take any responsibility in case of disputes over payments. “WhatsApp will simply say my commercial dealing is with a bank, they are using my app, and we are not in your jurisdiction at all,” one of the officials told ET. However, they clarified that while the government is not against WhatsApp offering payment services, it wants to have no loopholes present given that millions of people will potentially be using these services. As such, the RBI will be roped in to offer a better understanding of the contracts between banks and WhatsApp.
According to the official quoted by ET, the central bank has clear guidelines which mandate all payment companies operating in India to have a physical presence, either a branch or a fully-owned subsidiary. He goes on to point that Google, WhatsApp and Truecaller are all guilty of violating these guidelines and as such, spoke of the necessity to clarify the same with the RBI. The government also expressed its reservations over WhatsApp’s payments service earlier — that its pilot was not following the two-factor authentication and that the service shares data with parent company Facebook, and about its data storage policies. MeitY sent the letters containing their reservations to the National Payments Corporation of India (NPCI), with a copy to the RBI.
Note– Truecaller has reached out to Medianama to deny the allegations made by MeitY officials. “We would like to clarify that we have an office in India and we strictly comply with Indian laws. Infact 50% of our worldwide employee base is in India (Delhi, Mumbai and Bangalore),” Truecaller said in a statement to Medianama.
WhatsApp, however, has ‘prioritised’ the task of setting up an Indian team and is actively seeking for two ‘leadership positions — India Head and Head of Policy’, ET said citing a statement by WhatsApp. During the meeting, the issue of fake news and rumours circulating on the messaging platform was also discussed.
WhatsApp Payments in India — the story so far
According to reports, the company began testing its payments feature in February, with around 1 million beta testers. However, the service, which was originally scheduled to launch in March, has been delayed multiple times owing to privacy concerns about parent company, Facebook, following the Cambridge Analytica episode. Later, WhatsApp announced that although its payments feature is built on Facebook’s payments infrastructure, the parent company will not store any data pertaining to payments.
Another issue that has been and remains a significant concern for WhatsApp is the RBI’s directive on data storage, which mandates that all user payment data should be stored in the country. While reports indicated that India’s finance ministry had proposed to ease RBI’s guidelines on storage of payment system data, Paytm, India’s largest digital payments company has been lobbying for local storage of user data; just two days ago, Paytm along with other domestic e-commerce/payment firms said six months is ‘practical’ enough for companies to adhere to the RBI’s guidelines. However, there is uncertainty over the implementation of the central bank’s directive as, the Data Protection Bill, 2018, a draft of which was submitted to the government last week, overrides all sectoral regulators and therefore all their directives. The bill states that all data fiduciaries need to store a copy of users’ personal data in India and worryingly, the bill also requires mandatory storage of ‘critical personal data’ within India only. The bill, however, failed to state explicitly the definition of ‘critical data’.