Authored By: Hope Neema Namarome Barasa
Middlesex University Dubai
There has been a noticeable surge in the use of informal platforms such as WhatsApp for work related conversations. Using WhatsApp fosters a sense of ease and accessibility making people feel comfortable, even though they could be sharing sensitive information. This may be conceived as a pro to the use of messaging apps, however, therein lies significant business risks. In the event that someone’s phone is stolen or hacked, this leaves parties vulnerable to a data breach. There could also be cases where a message was conveyed in an official capacity without intent and, without the management’s supervision, but the conversation ends up having the necessary contractual elements that bind the business triggering legal obligations for the business. With businesses increasingly relying on instant messaging and informal channels, the line between casual chats and legally binding commitments has blurred. This article explores how WhatsApp messages can satisfy contract law requirements, the risks such recognition poses for data privacy and evidentiary certainty, and how businesses can safeguard themselves in this evolving digital landscape.
With the rise of the use of technology in the legal sphere, it becomes vital that the law adapts to keep up with the current state of affairs. This is evident in the growing case law and legislation governing this area. In India, the Information Technology Act explains that a contract cannot be unenforceable solely because it was made through an electronic format
which include emails and text messages.1 The courts have explained that emails and texts exchanged between parties could qualify as a binding contract without the need for a formal written document if all the contractual elements are there.2 The key contractual elements include offer, acceptance, consideration and capacity to contract.3 Most recently, the High Court in Belvedere emphasized that even WhatsApp messages exchanged between parties can be used as evidence for a binding contract.4 Furthermore, in Ambalal Sarabhai Enterprise Limited v. KS Infraspace LLP Limited, the Court defined WhatsApp messages as virtual verbal communication which practically means that the texts could be picked apart and used as evidence in a court of law and would likely carry the same legal weight as though the statements were made verbally.5 This is not only in India, but can also be seen in the Canadian case of South West Terminal v Achter Land where a thumbs up emoji sent by a farmer as a response to a contract sent to him was considered a valid acceptance of the contract.6 While the convenience of these platforms is undeniable, their very informality introduces significant legal risks, especially where courts are willing to treat such exchanges as evidence of enforceable agreements.
While courts may treat WhatsApp messages and even emojis as valid evidence of contractual intent, this raises immediate privacy concerns: communications intended to be informal may contain sensitive information that is now legally discoverable. In India, Section 65B of the Evidence Act allows electronic messages to be submitted as admissible proof.7 This means that any WhatsApp or email exchange meeting contractual elements can be disclosed in court, exposing sensitive business or client information even if the parties did not intend it to be formal.8 Using WhatsApp business, which was created specifically to help businesses with client communication, is a significant compliance risk for a business.9 WhatsApp, while offering end-to-end encryption, poses a higher risk to data breaches and data compliance when used for professional communications on personal devices, increasing the personal liability of employees.10 The responsibility for limiting data sharing and storage lies primarily with the user, not the platform, meaning individuals must carefully decide which data is necessary to share.
Additionally, lost or compromised employee devices can lead to leaks of sensitive information, and WhatsApp’s open platform makes it more susceptible to phishing attacks, as anyone with a phone number can initiate contact.11 However, even though the messages are admissible, legislation has put in measures to ensure that the messages submitted are true and unaltered.12 S65B places a mandatory burden on whoever relies on the messages as evidence to have it certified by a professional as the true and unaltered copy of the conversation between the parties before it is submitted as evidence.13 It is for these reasons that businesses must implement clear safeguards and structured communication policies. By doing so, they can ensure regulatory compliance, protect sensitive information, and mitigate the risks of unintended legal obligations arising from informal digital exchanges.
It is therefore crucial that businesses have policies and safeguards in place. One of the safeguards is educating their employees on being careful with the words they use and ensuring that the messages are clear and show intent. In the case of SBI Cards v Rohit,14 blue ticking a message has been construed to mean that a message has been read. Adding that with the South West thumbs up case, which was construed as acceptance, it creates the need for clear communication through informal platforms.15 Words like subject to contract should be considered before sending out messages. Another safeguard would be to ensure that the communications that go out to clients can be monitored and can from an approved official communications channel.16 This allows for more structured protocols and controlled access to messaging platforms consequently reducing both privacy and contractual risks. Finally, provide training to ensure employees understand and follow guidelines and detailed data policies to clarify on how long employees should keep messages and how to save records alongside other client information.17
The rise of WhatsApp and similar informal platforms presents a dual challenge for businesses: digital messages can satisfy the requirements of contract law yet simultaneously create significant data privacy and compliance risks. While the informality and ease of use of WhatsApp can facilitate quick communication, strengthen client relationships, and improve operational efficiency, these advantages come with potential legal and privacy liabilities. By understanding the legal weight of electronic communications and implementing structured safeguards through employee training, controlled communication channels and better policies, businesses can navigate this evolving landscape. Clear policies not only help protect sensitive information but also mitigate the risk of unintended legal obligations, ensuring that informal digital exchanges serve their operational purpose without exposing the organization to avoidable liabilities.
Bibliography
Primary Sources
Legislation
Indian Contractual Act 1872
Indian Evidence Act 1872
Indian Information Technology Act 2000
Cases
Ambalal Sarabhai Enterprise Limited v KS Infraspace LLP Limited, Civil Appeal No 9346 of 2019
Belvedere Resources DMCC v OCL Iron and Steel Ltd & Ors (2025) DHC 5128
SBI Cards & Payments Services Pvt Ltd v Rohidas Jadhav (Bombay High Court, 11 June 2018) 2018 SCC OnLine Bom 1262
South West Terminal Ltd v Achter Land (2023) SKKB 116
Trimex International Fze Ltd, Dubai v Vedanta Aluminium Ltd, India (2010) 3 SCC 1 (SC) Secondary Sources
Maxfield L and Phillips C, ‘Why businesses need to consider what’s up with using WhatsApp in the workplace’ (Thorntons Solicitors, 30 September 2024)
Panigrahi D and Mishra S S, ‘Judging Chats: The Legal Maze Of WhatsApp Evidence In India’ (LiveLaw, 29 April 2025)
S Tharani, ‘A Critical Study on Various Aspects of E-Contracts in India’ (2021) 3 Indian Journal of Law and Legal Research 1
Subramaniam V (ed), ‘Enforceability of Electronically Executed Contracts in India’ (Ikigai Law, 1 April 2020)
Vesere A, ‘WhatsApp for Work: A GDPR Compliance Nightmare Waiting to Happen?’ (Speakap, 29 May 2025)
1Indian Information Technology Act 2000: S Tharani, ‘A Critical Study on Various Aspects of E Contracts in India’ (2021) 3 Indian Journal of Law and Legal Research1.
2 Trimex International Fze. Limited, Dubai v. Vedanta Aluminium Limited, India (2010) 3 SCC 1 (SC).
3Indian Contractual Act 1872, s 2, 11, 25.
4 Belvedere Resources DMCC v. OCL Iron and Steel Ltd & Ors (2025) DHC 5128
5 Ambalal Sarabhai Enterprise Limited v. KS Infraspace LLP Limited Civil Appeal No. 9346 of 2019; S Tharani, ‘A Critical Study on Various Aspects of E-Contracts in India’ (2021) 3 Indian Journal of Law and Legal Research1.
6 South West Terminal Ltd v Achter Land (2023) SKKB 116
7Indian Evidence Act 1872, s 65B.
8Ibid; Divyadarshan Panigrahi and Sushree Swapna Mishra, ‘Judging Chats: The Legal Maze Of WhatsApp Evidence In India’ (LiveLaw, 29 April 2025).
9 Anete Vesere, ‘WhatsApp for Work: A GDPR Compliance Nightmare Waiting to Happen?’ (Speakap, 29 May 2025).
10 Ibid.
11 Ibid.
12 Vishwanathan Subramaniam (ed), ‘Enforceability of electronically executed contracts in India’ (Ikigai Law, 1 April 2020).
13 Indian Evidence Act 1872, s 65B; Vishwanathan Subramaniam (ed), ‘Enforceability of electronically executed contracts in India’ (Ikigai Law, 1 April 2020).
14 SBI Cards & Payments Services Pvt Ltd v Rohidas Jadhav (Bombay High Court, 11 June 2018) 2018 SCC OnLine Bom 1262; Divyadarshan Panigrahi and Sushree Swapna Mishra, ‘Judging Chats: The Legal Maze Of WhatsApp Evidence In India’ (LiveLaw, 29 April 2025).
15 Loretta Maxfield and Chris Phillips, ‘Why businesses need to consider what’s up with using WhatsApp in the workplace’ (Thorntons Solicitors, 30 September 2024).
16 Anete Vesere, ‘WhatsApp for Work: A GDPR Compliance Nightmare Waiting to Happen?’ (Speakap, 29 May 2025).
17 Loretta Maxfield and Chris Phillips, ‘Why businesses need to consider what’s up with using WhatsApp in the workplace’ (Thorntons Solicitors, 30 September 2024).
