The Bombay high court on Wednesday issued notices to the Union and the Maharashtra governments and also the National Payments Corporation of India (NPCI) to respond to a PIL which claimed that the Truecaller mobile application shared the user data in breach of rules.
The bench headed by chief justice Dipankar Datta and justice Girish Kulkarni ordered the authorities to respond to the petition within three weeks.
The judges were hearing a PIL filed by advocate Shashank Posture. Appearing in person, Posture told the bench that Truecaller has been sharing user data to third parties. “The application collects the data of all its users and shares it with its partners, without the consent of the users. The app does this by dumping the liability on the users,” Posture told the judges.
The advocate further alleged that this is a ‘manipulative set up’ as the user has no choice. “The app also registers users for a Unified Payments Interface service without their consent, or without due process,” Posture said. Upon being asked, Posture said giant firms like Google India, Bharati Airtel, ICICI Bank were some o its partners who were getting benefits from this setup.
“Several loan providing companies were also beneficiaries of such data leaks,” Posture alleged. He claimed that the Union government approved Truecaller app “without proper checks and in contravention of the information security practices rules”.
“We have heard him for some time and we are of the opinion that notice is required to be issued to respondents,” the judges said, while ordering the respondent authorities to file their say in the matter within three weeks.
Meanwhile, Truecaller, in a statement, said, “Based on the articles in the media we have reviewed so far, the PIL states that Truecaller shares data to certain third parties that would benefit them for financial usage, this is false information. Pursuant to a strategic business decision last year, Truecaller discontinued offering Unified Payments Interface (UPI) payment services and has not signed up any new users on UPI since August 2019.”
“We have stringent measures in place and a strong DNA in the company to do what is best for our users, period. Truecaller data is safe, stored 100% in India (without any foreign backups or mirrors) and stored with the highest levels of protection,” Truecaller said.
Having heard the submissions, the judges said, “The case of the petitioner (Posture) is that Truecaller through its mobile application has indulged in an absolute breach of data privacy of citizens. He submits that such breach is contrary to data protection laws.”