Misusing customer data may land app developers in trouble
App developers in India could face severe consequences for misusing customer data after a nine-judge Supreme Court Bench ruled that the right to privacy was a fundamental right of every citizen in the country.
While these developers can continue to collect data from users as long as they have their consent, the latest judgment could set the stage for severe punishment if they are found using customer data for any purpose other than for which it was collected.
“Organisations and people who build these apps will have to ensure very stringent control around what they are using this data for. When they are taking consent from users to collect data, they might even begin disclosing the objective for collecting that data,” said Jaspreet Singh, partner-cyber security at EY.
Collection of data to deliver digital services, including using that data to deliver targeted advertising, will not constitute a breach of an individual’s privacy as long as customers agree to the company’s terms and conditions. But, if it is found there was unauthorised sale of the data to third parties and used for purposes not intended, it will land developers in trouble.
Several apps collect data from customers which is not required to offer their services, but this cannot account as breach of privacy since they ask for the user’s consent. But, going forward, India could put a stop to this arbitrary data collection through its upcoming data protection law.
“The government is aware of the fact that many applications seek unnecessary permission to have access to data, which is not related to it. The data protection law may include all such issues. The Srikrishna committee is working on a data protection framework and it is likely to submit its report by end of this year,” said an official within the Ministry of Electronics and Information Technology (MeitY) who did not want to be named.