You are here: Home » Economy & Policy » News
Business Standard

Right to Privacy: Misusing customer data may land app developers in trouble

Judgment could set the stage for severe punishment if developers are found misusing customer data

Alnoor Peermohamed & Kiran Rathee  |  Bengaluru/New Delhi 

App developers in India

App developers in India could face severe consequences for after a nine-judge Supreme Court Bench ruled that the was a fundamental right of every citizen in the country.

While these developers can continue to collect data from users as long as they have their consent, the latest judgment could set the stage for severe punishment if they are found using customer data for any purpose other than for which it was collected.

“Organisations and people who build these apps will have to ensure very stringent control around what they are using this data for. When they are taking consent from users to collect data, they might even begin disclosing the objective for collecting that data,” said Jaspreet Singh, partner-cyber security at EY.

Collection of data to deliver digital services, including using that data to deliver targeted advertising, will not constitute a breach of an individual’s privacy as long as customers agree to the company’s terms and conditions. But, if it is found there was unauthorised sale of the data to third parties and used for purposes not intended, it will land developers in trouble.

Several apps collect data from customers which is not required to offer their services, but this cannot account as breach of privacy since they ask for the user’s consent. But, going forward, India could put a stop to this arbitrary data collection through its upcoming data protection law.

“The government is aware of the fact that many applications seek unnecessary permission to have access to data, which is not related to it. The data protection law may include all such issues. The Srikrishna committee is working on a data protection framework and it is likely to submit its report by end of this year,” said an official within the Ministry of Electronics and Information Technology (MeitY) who did not want to be named.

App developers are often accused of complicating their “terms of use” to confuse the general user into giving them permission to access data they might not require. But, the combination of Section 43A of the IT laws which speak about data privacy, coupled with Thursday’s judgment could force developers to disclose their terms more clearly.

“We already have Section 43A which already talks about data privacy and if we couple that with the latest judgment, it becomes a very stringent law today itself. The only thing that’s been lacking is the enforcement and with Thursday’s ruling, I’m sure the enforcement would be far more,” Singh said.

As for data collected by global organisations such as Google, Facebook, Amazon, etc. which is stored on servers located outside the country, the current laws get a bit hazy about what is and what isn’t allowed. There are no laws governing what can be considered as misuse of customer data stored outside the country.

With India’s fast-growing digital footprint, not addressing this could be a major issue. But, experts are unanimous in agreeing that India will soon draft rules that will curtail the kind of user data that can be taken out of the country.

Last week, MeitY instructed 30 smartphone manufacturers to provide details on the security procedures they had in place, following reports of data leakage and data theft. A majority of the manufacturers were Chinese, and the request came at a time when tensions between India and China are high.

Under the scanner
  • The latest judgment could set the stage for severe punishment if developers are found misusing customer data
  • Collection of data with customer’s consent to deliver digital services will not constitute a breach of an individual’s privacy 
  • Developers will land in trouble if it is found that there was unauthorised sale of data to third parties and it was used for purposes not intended

First Published: Sat, August 26 2017. 01:48 IST