This article has been written by Divyansh Nayar, a 5th year B.A. LL.B. student at National Law University, Odisha.


Insider Trading spanning into the modern times have gained new contours. With perpetrators using technological advancements in their favour, the question remains whether the scope of SEBI (Prohibition of Insider Trading Regulations), 2015 can be widened as a counter measure. Over the years, SEBI has actively brought market operators, company executives, advisors and analysists under the scanner in order to curb insider trading. However, tackling unpublished price sensitive information through modern-day technology has been a hurdle for securities regulator. 

Dissemination of unpublished price sensitive information (“UPSI”) through digital platforms has huge potential towards market disruption especially when the information is flowing on an “end-to-end encrypted” basis.  Across the world, securities regulators are trying to address the issue of market manipulation due to dissemination of unpublished price sensitive information through WhatsApp and other encrypted apps. Over the years, perpetrators with the help of technological advancements in WhatsApp such as encryption, timed chats and self-destructive messages have been successful in undertaking insider trading. 

SEBI through its order dated 29th May 2020 in the “WhatsApp Leak Case” have addressed some of these key issues related to dissemination of UPSI through WhatsApp and other encrypted apps and have taken steps to broaden the ambit of the concepts of “UPSI”, “Insider” and “Insider Trading”. 


In November 2017, it came to the knowledge of SEBI that unpublished price sensitive information was being circulated in WhatsApp groups regarding earning estimates of 12  companies and the information was regarding their official announcements to the stock exchanges. SEBI initiated an inquiry into the said matter and approximately 190 devices were seized through which the WhatsApp chats were being circulated. On examination of these devices it was found that the financial information that got leaked with respect to 12 companies matched the numbers that were officially provided to the stock exchanges. 

Investigation was conducted by SEBI to access whether there has been violation of the provisions of SEBI Act, 1992 and the SEBI (Prohibition of Insider Trading) Regulations, 2015 by Asian Limited, Wipro Limited and Mindtree Limited. It was found out that sensitive data regarding 3rd quarter earnings of three listed entities was leaked before the official disclosure. 

Heard on the Street  v/s  Unpublished Price Sensitive Information

“Heard on the street” is an established practice in the brokerage circle wherein speculative data is published with the help of reports released prior to the official announcement. Heard on the street does not constitute to be unpublished price sensitive information, but there is a thin line between the two terms i.e. “HOS” must be put in the public domain on “non-discriminatory” basis. In the present scenario the information that was being circulated through WhatsApp was end-to-end encrypted, therefore this would not constitute as a heard on the street data.  

It was further contented that similar data was published by Bloomberg which is a media conglomerate providing financial data. SEBI did recognize the fact that the information available on Bloomberg was for the public at large and it was published on non-discriminatory basis, however SEBI referred to the importance of “initial sourcing” of the financial information when it is being circulated. The intention of the regulator is to keep the public informed about all the relevant sources and at the same time streamline the research procedure wherein all the reliable sources are the basis of data analyses and not the information which has a questionable origin. 

SEBI noted that in the present case, the information that was being circulated on WhatsApp groups was not attributed to its initial source. Further, the analysis that is being made by a third-party should be through a well laid-down process and must be demonstrable in nature. In the present case the financial data that was circulated on WhatsApp was not corroborated before being shared. Therefore, it was classified as “unpublished price sensitive information” and not as “heard on the street” data.

Unidentified source of information leak 

As per Regulation 2(1)(n), “unpublished price sensitive information” is any information which is not generally available but which is likely to materially affect the price of the securities when made publicly available. For an information to be classified as “UPSI” it is not necessary that the original tipper gets identified. The people who transferred the information claimed that they were conduits of information, but SEBI clearly said that identification of “original source of the information” is not a criterion to classify an information as “UPSI”. The information that was being circulated clearly had the potential to “materially affect the price of the securities” therefore it was classified as UPSI. 

Further, as per Regulation 2(1)(g) an “insider” is someone who is either a “connected person” or “someone who is in possession of unpublished price sensitive information, regardless of how one came into possession of such information.” Therefore, all the individuals who forwarded the message on WhatsApp are considered to be “insiders” as they were in possession and had access to UPSI. On top of that SEBI clarified that these individuals cannot be termed as “innocent tippers” because of their prior knowledge in the field of securities market and they cannot plead ignorance with respect to the sensitive information that they were possessing and passing on to others. 

Individuals right to privacy v/s  Public Interest

Evidence collection mechanism in the conventional manner took a hit back in the present case as it became very difficult for SEBI to track down the original source of the leak. Even for WhatsApp as an organization it was not possible to provide information regarding those forwarded messages to SEBI, as encryption on those messages ensured that it cannot be read by the company itself, let alone SEBI. Therefore, the original source of leak of the information could not be traced but all the individuals who forwarded the sensitive information were held liable. 

The issue regarding right to privacy with regards to white collar crimes has not been dealt in detail in India but the Hon’ble Supreme Court in the case of K.S. Puttaswamy v. Union of India affirmed that “Right to Privacy” stems from the fundamental “Right to Life” under Article 21 of the Indian constitution. Seizure of personal devices and access to personal information by the SEBI raised a lot of questions with regards to the approach of the government agencies for extracting data which was being transferred on end-to-end encryption basis. The delicate balance between individuals right to privacy and interests of the securities regulator needs to be worked upon by the legislature in order to streamline the evidence collection procedure keeping in mind the advancement of technology. 

Key takeaways: 

  • The ambit of the term “Public Domain” has been widened as the order stated that information published on print as well as electronic media (such as Bloomberg) will be considered to be in public domain. 
  • If a third party is circulating reports including estimates and analyses then adequate “Sourcing” is must i.e. the information on the basis of which analyses is being made must be available in the public domain. 
  • “Non-discriminatory access” of the information to the public is essential, otherwise it can be classified as “UPSI”. If a set of information is to be termed as “Heard on the Street”, it must have non-discriminatory access. 
  • “Communication- chain” is an important instrument to identify the perpetrators i.e. identification of the original tipper is not an essential condition for others in the chain to be termed as “insiders” under the SEBI (Prohibition of Insider Trading Regulations), 2015. 
  • “Hindrance in the investigation” was mainly caused due to the conflict between individuals’ privacy on one hand and public interest on the other. This kind of market manipulation can be brought down by bringing in use of advanced technology by the regulator at their end. 


SEBI in the present case clarified that insider trading regulations are not only applicable to those who are involved in the act of trading while in possession of UPSI, but even if someone is involved in the act of communication of such sensitive information he would be held liable. This order by SEBI has set a challenging precedent as this might have unintended consequences such as prohibition of freedom of speech and expression. 

Bridging the gap between right to privacy of an individual and public interest is the only way forward through which the investigation mechanism can be enhanced and be made more technology-driven. However, policy changes at the end of SEBI would not be sufficient to tackle the issue of circulation of UPSI. Companies, banks and other financial institutions also have the responsibility to develop a code of conduct for their employees. Through a structured and uniform code of conduct, use of messaging services with end-to-end encryption could be reduced which would help the regulator to trace the original source of leak in such future incidents. Therefore, a collective effort by SEBI, companies, banks and other financial institutions is the way forward to ensure that interests of the investors are protected and more importantly the integrity of the securities market is maintained.