SC notice to Google, Whatsapp and Amazon on data security in UPI | India News


NEW DELHI: The Supreme Court on Thursday sought responses from the Centre, RBI and National Payments Corporation of India on a PIL, which alleged breach of financial data security of Indians using ‘Unified Payments Interface‘ (UPI) services offered by big players like Amazon Pay, GooglePay and challenged permission to WhatsApp to start UPI services.
A bench of Chief Justice S A Bobde, and Justices A S Bopanna and V Ramasubramanian entertained the PIL by CPI Rajya Sabha member Binoy Vishwam alleging that they breached the RBI regulation and existing law mandating the big players to have servers located in India for storage of financial data and not transfer them outside.
Vishwam’s petition filed through advocate Sriram Parakkat said the aim of the petition is to “protect the fundamental right to privacy of millions of Indian who are using UPI ”, which is regulated by RBI and NPCI.
WhatsApp’s UPI services had earlier been questioned before the court leading to an undertaking from the sister concern of social media giant Facebook to tell the SC that it would not commence UPI operations till it got authorisation from the regulators. The issuance of notice on Vishwam’s petition evoked vociferous protest from Facebook and WhatsApp counsel Mukul Rohatgi and Kapil Sibal, who said once the court entertains the petition, the process for grant of authorisation to WhatsApp for UPI services would come to a standstill.
Appearing for Vishwan, senior advocate Shyam Divan said the cursory manner in which the NPCI says it derived comfort from the auditor’s report about WhatsApp complying with the data localisation requirement was something which required deeper examination to ensure privacy of financial data of citizens is not compromised.
Divan said WhatsApp did not have local servers in India and operates through servers of parent company Facebook. “The twin requirements – UPI data being stored in India and not exported outside India – is not met in case of WhatsApp,” he alleged.
Vishwam said, “RBI and NPCI have permitted the three members of the big four tech giants – Amazon, Google and Facebook/WhatsApp – to participate in the UPI ecosystem without much scrutiny and inspite of blatant violations of UPI guidelines and RBI regulations.”
“The said conduct of RBI and NPCI puts the sensitive financial data of Indian users at huge risks, especially when these entities have been continuously accused of abusing dominance, and compromising data, among other things. Recently, for the said allegations, CEOs of these foreing entities were directed to testify in a hearing with the Judiciary Committee of the US Congress,” he said.
Referring to April 2018 RBI Circular mandating entire data relating to payment systems to be stored in India, Vishwam said, “since the UPI providers, especially WhatsApp and GooglePay failed to follow the deadline of October 2018 (for storing data in India), the RBI in order to help WhatsApp and GooglePay, in complete disregard to the security of financial data of Indian users, toned down the April 18 Circular by issuing FAQs and permitted processing of all payment transaction abroad (including domestic transactions).”



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *