PIL In SC Seeks Protection From Misuse Of Data Collected On UPI Platform; Alleges Whatsapp, Google, Amazon Allowed To Operate Without Scrutiny
Rajya Sabha MP, Binoy Viswam has moved Supreme Court with a PIL seeking protection of financial data of Indian citizens stored on Unified Payments Interface (UPI) platforms. Invoking the Right to Privacy of all Indians using this platform, it is asserted that Reserve Bank of India (RBI) and National Payments Corporations of India (NPCI) are statutorily obligated to protect...
Rajya Sabha MP, Binoy Viswam has moved Supreme Court with a PIL seeking protection of financial data of Indian citizens stored on Unified Payments Interface (UPI) platforms.
Invoking the Right to Privacy of all Indians using this platform, it is asserted that Reserve Bank of India (RBI) and National Payments Corporations of India (NPCI) are statutorily obligated to protect sensitive information of these users. However, on the contrary, it is alleged that foreign corporations which have not complied with Indian standards have been allowed to operate payment services by RBI and NPCI. Thus, it is submitted that instead of securing the data of Indian users and protecting their right to privacy, the RBI and NPCI have compromised its citizens and put sensitive financial data of users at great risk.
In this light, it is prayed that the Central Bank be directed to formulate Regulations to ensure that data from UPI platforms is not exploited or misused in any way.
In furtherance of his concern, the Communist Party (CPI) leader avers that giant corporations such as Whatsapp, Amazon and Google were barely scrutinised before being permitted to participate in the UPI ecosystem despite being in violation of UPI Guidelines as well as RBI Regulations. Given that such giant corporations have a history of abusing their dominating position and compromising data collected on their platforms, it is further prayed that RBI and NPCI be directed to ensure data collected by such entities during payment facilitation is not shared with either their parent companies or any other third party.
Viswam emphasizes that allowing these giants, who are known to misuse data and go against their word, without proper scrutiny and without affixing responsibility, to operate on the UPI platform is contrary to public interest. Substantiating this argument, it is pointed out that India recently banned a number of Chinese Applications due to their potential risk of data theft and security breaches.
Not only did the RBI and NPCI fail to actively look in to these companies before allowing them to operate on UPI, the petitioner contends that RBI issued certain FAQs with regard to a circular from April 2018 in order to help these entities comply with certain conditions which needed to be complied with for the operation of UPI services. Specifically mentioning Google and Whatsapp, Viswam elaborates that the FAQs relaxed certain requirements which needed to be complied with in accordance with the April 2018 Circular.
Claiming that these FAQs are ultra vires the Circular of April 2018, it is urged that participants must follow the requirements of the said circular in letter and spirit.
The petition, filed by advocate Sriram Parakkat, goes on to point out that Whatsapp's admitted position, as on June 5, is that it had not complied with data localization norms and yet RBI and NPCI did not take action against the company.
Therefore, specifically with regard to the Messaging application, it is additionally prayed that its payment services be disallowed a full-scale launch until all requirements and norms are complied with.