Following the hearing of public interest litigation (PIL) at the Bombay High Court alleging that Truecaller breached data privacy law of users, the company, on Thursday, said that it is yet to receive formal communication on the PIL and denied charges of sharing user data with third-party companies.

“We have seen news reports about a PILfiled in the Hon’'ble Bombay High Court regarding data leaks. From the news reports it appears that the PIL mentions Truecaller, ICICI Bank as well as the National Payments Corporation of India (NPCI). We have not received any formal communication regarding the PIL so far. Once we receive more details, we will be in a position to comment further,” said Truecaller’s official spokesperson.

“Based on the press articles we have reviewed so far, the PIL states that Truecaller shares data to certain third parties that would benefit them for financial usage, this is false information. Important to note, pursuant to a strategic business decision last year, Truecaller discontinued offering Unified Payments Interface (UPI) payment services and has not signed up any new users on UPI since August 2019,” the spokesperson added.

A Bench headed by Chief Justice Dipankar Datta and Justice GS Kulkarni heard the PIL filed by Shashank Posture on Wednesday. Posture presented the case himself. The High Court found the case fit for issuing notices.

“The case of the petitioner is that Truecaller through its mobile application has indulged in an absolute breach of data privacy of citizens. He submits that such breach is contrary to data protection laws,” said the court.

The court has given three weeks’ time for the respondent parties to reply to the notice. “We have heard the petitioner for some time and we are of the opinion that a notice is required to be issued to respondents,” it said.

The Truecaller spokesperson said: “Truecaller is a privacy-focused service, built on trust. We are compliant with data privacy laws and stand ready to comply with other data protection laws anywhere in the world. In addition, Truecaller practices data minimisation – taking only the data required for our service to work and nothing else. In response, we would like to assure all Truecaller users that their data is safe. Truecaller does not sell or share user data. We deeply care about our users and their data, and would like to assure them that we securely handle their data and process it as per our privacy policy.”

Petitioner’s allegations

“The Truecaller app collects data of all users. It shares such data with some of its partners without the consent of users, and dumps the liability on the user,” Posture told the court, adding: “This is a manipulative setup because the user has no choice. The app also registers users for a Unified Payments Interface service without their consent, or without due process.”

On being asked to name the parties benefitting from these deals, the petitioner mentioned the names of Google India, Bharati Airtel and ICICI Bank. He added that several other lending companies, too, were benefiting from the data sharing done by the app.

Posture also alleged that the government authorities had approved Truecaller app “without proper checks and in contravention of the information security practices rules”.

The next hearing of the case is scheduled on July 29.

Related Topics
comment COMMENT NOW