SIM Binding: A recent directive from the DoT has created a stir in the digital world. Following this order, online messaging apps like WhatsApp, Telegram, and Signal will no longer be able to run on any device without an active SIM.

SIM Binding: A recent directive from the Department of Telecommunications (DoT) has created a stir in the digital world. Following this order, online messaging apps like WhatsApp, Telegram, and Signal will no longer be able to run on any device without an active SIM. Experts believe this move could mark the beginning of broader regulation of OTT platforms.

Tech companies had previously expressed concerns that the new Telecom Act 2023 could also cover OTT apps, despite the fact that it was previously stated that OTT apps would not be covered by this law. But the new order appears to confirm those concerns.

d

Legal experts' warnings and questions on the limits of authority

According to a report in the Indian Express, many legal experts view this as an overreach of the DoT's jurisdiction. According to Supreme Court lawyer Vrinda Bhandari, this decision amounts to direct regulation of messaging apps, whereas jurisdiction over such apps has traditionally been vested in the Ministry of Information and Broadcasting (MeitY).

Another expert, Aishwarya Kaushik, believes that bringing any service that uses mobile numbers into DoT's cybersecurity framework is a major overreach. She argues that DoT's authority should be limited to genuine telecom identity protection.

Users will have to re-login every six hours.

The DoT has issued notices to WhatsApp, Telegram, Snapchat, Signal, and other apps, instructing them to ensure that users' SIM cards are constantly linked to their accounts. This means that these apps will not be usable on devices without a SIM card.

Web versions like WhatsApp Web will auto-log out every six hours, requiring a QR code to be re-linked each time. This move is being touted as a measure to prevent digital fraud, but digital rights experts see a significant threat to user privacy.

The risk to users will increase, and technical challenges will also be serious.

Experts say that persistent SIM-binding could create the impression that any digital fraud or misconduct was committed by the SIM card holder. This would add an additional legal burden to users.

Furthermore, implementing SIM-binding isn't technically easy for messaging apps. According to Gartner analyst Apeksha Kaushik, while this approach will help prevent fraud, it could also cause problems for end users if implemented incorrectly.

Legal basis of the directive and the new cyber regulations

Following the enactment of the Telecom Act 2023, the DoT issued several new rules covering aspects such as internet shutdowns, cybersecurity, and legal oversight. The Telecommunications (Telecom Cyber ​​Security) Amendment Rules, issued in 2025, paved the way for mobile number validation platforms, requiring apps to implement SIM-binding. However, the rules do not explicitly mandate a strict requirement such as "continuous SIM-binding."

Banking Apps vs. Messaging Apps

Many banking apps in India, including SBI's, offer SIM-binding-style security features, but they use device-binding, not true SIM-binding. Experts say the DoT's new order will create a de facto whitelist for messaging apps. Only apps that meet these criteria will be able to operate in India.

Telecom companies are happy, tech companies are angry

Telecom companies have welcomed the order. COAI called it a "world-first robust initiative" to prevent cyber fraud. However, the Broadband India Forum, which represents companies like Google and Meta, is expressing serious concerns about the directive.

They call for an extension of the implementation timeline, an open public consultation process, and a new framework to be developed in collaboration with tech companies and security experts. They believe the order increases unnecessary controls and could harm user convenience and privacy.