Technology & Science
India Orders Continuous SIM Binding & 6-Hour Web Logouts for OTT Messengers
On 1 Dec 2025, India’s DoT invoked new Cybersecurity Rules to force WhatsApp, Telegram, Signal and others to keep accounts tied to the original SIM and auto-log web sessions every six hours, giving firms 90 days to comply or face penalties.
Focusing Facts
- Directive dated 28 Nov 2025 grants platforms 90 days to deploy SIM-IMSI checks and 4 months to file a compliance report to the DoT.
- The Telecommunication Cybersecurity Amendment Rules 2025 created a new “Telecommunication Identifier User Entity (TIUE)” regime that mandates continuous SIM presence and caps web-client sessions at 6 hours.
- WhatsApp’s Indian user base exceeds 500 million, the largest single-country audience affected by the order.
Context
Governments have long tried to anchor digital identities to physical ones—China’s 2017 real-name law for WeChat and South Korea’s 2007 internet real-name system being salient precedents. India’s step continues a post-2010 trend of hard-linking services to Aadhaar, KYC SIM registration (2018), and banking apps’ SMS verification. It shows the state leaning on telecom infrastructure—one of the few levers it fully controls—to extend surveillance and fraud-tracing into global OTT platforms historically outside its jurisdiction. Whether this materially curbs crime is debated; banking and UPI apps, despite similar SIM-binding since 2016, still see rampant fraud. Over a 100-year arc, the move fits the cyclical pendulum between open communications (as with 1990s GSM boom) and regulatory clampdowns (e.g., India’s Telegraph Act controls of 1885). If upheld, it could normalize real-time government validation of private messaging, nudging the internet toward nation-specific compliance siloes rather than a borderless commons.
Perspectives
Industry-focused tech outlets
e.g., TelecomTalk, Analytics Insight — Present the SIM-binding mandate as a necessary cybersecurity upgrade that will help regulators curb fraud and trace criminals more easily. Often echo the DoT’s talking points and telecom-operator statements while glossing over the day-to-day inconvenience and privacy trade-offs users will face, signalling alignment with industry regulators whom they routinely cover.
Consumer-oriented national media
e.g., India Today, Firstpost, NDTV — Highlight that the same rule will disrupt multi-device convenience, force frequent re-logins and could frustrate hundreds of millions of ordinary WhatsApp users. Play up user inconvenience and privacy worries—points that resonate with their readership—while giving less prominence to evidence that persistent SIM checks may actually reduce cyber-fraud, reflecting a user-experience lens over a security lens.