Recently, there was a news article about a possible decision by Government regarding data privacy – the decision, which would be a boon for the public, but would also be potent enough to adversely affect the business activities of mobile companies and mobile application developers.
At a time when consumer data is most vulnerable and the concept of privacy is nothing more than a ‘concept’, there is one area where consumers give away there privacy freely, ‘with both hands’, and that is our mobile devices and the applications downloaded thereon.
As per the information available in public domain, Government’s decision would be aimed at securing the consumer data on both the above-mentioned fronts. It is pertinent to mention that, in taking this step, the Government will have considered the salient features of the proposed Personal Data Protection Act – consent and privacy. In order to gauge the complete scope of the decision, we would need to delve deeper and understand the basic functioning of the two, which is outlined in the following paragraphs.
The first issue which the Government wants to assail is that of applications which are pre-loaded in mobile devices at the time of sale. These applications are native to their operating system and are intended to introduce the customers to the unique look and feature of the same. This gesture on the part of mobile companies would have been welcomed had the customers been provided with an option of deleting those application should they not appeal to the choice and sensibility of the purchaser. Unfortunately, most of these applications are imposed as customers do not have an option to delete them from their devices and are bound to live with them. In common parlance, such applications are termed as ‘bloatware’.
When it comes to mobile devices, only 2 operating systems rule the roost – iOS for Apple and android for Google. Where functionality and features of iOS are the same across the spectrum for it being governed and operated by a single company, android, on the other hand, changes many hands before it finally reaches the customers and, it is because of this reason, that the problem of bloatware is more pronounced in android.
In this circumstance, along with privacy, the issue that gains importance is that of consent of the purchaser. This goes without saying that, apart from the applications necessary for the functioning of the device, all other pre-loaded applications are there only to demonstrate the features unique to that manufacturer. However, it cannot be expected of a customer to appreciate the same. In such circumstance, if the customer is not provided with the option to delete the unwanted application from the device, it would clearly amount to compromising the consent of the customer along with privacy, for, it is a known fact that all applications, to some extent, collect the personal data of the customer.
As stated supra, consent is one of the salient features of the PDP and mobile companies should be made to fall in line with the same.
Elephant in the room has been addressed many a times in the past. It is, now, set to be reined in for good. It is understood that, in order to function properly, there are certain parameters of the personal data which the application needs an access to. However, the applications downloaded on mobile devices, at times, seek permissions from the users which are not connected with the basic functioning of the application and, if the permission is not granted, the application would not function. This has been the biggest cause of concern among mobile users across the world as the personal data of the consumer is at risk of being compromised by the application.
This once again leads us to Apple vs Android debate because if this decision is taken by the Government, android would be at a bigger loss as opposed to iOS. Till few years back, the applications on android would force the user to grant permissions in totality before the application could be downloaded on the device. Although, it has, lately, allowed its users to deny the permissions at will, still there are some instances where the permissions sought from the users do not match the nature and functionality of the application.
This move of the Government is welcome, also, because, every now and then, operating systems conduct analysis of the applications available on their platforms and, if an application is found to be malicious, the same is blocked from use. However, before being blocked, if the application is allowed to, forcibly, collect the personal data of the users, the data has been exposed to misuse by the application developers to the prejudice of the user.
In the digital era, political dispensations across the world are conscious about protecting the personal data of the users from being misused. However, mobile applications are one field where the users are, apparently, made to ‘consent’ to give away their personal information. It is hoped that, after this decision, this menace would be checked substantially.
Although India woke up to data privacy concerns a little later in time, this field of law has been a focal point of many a government’s decision in recent past. The news of this decision gains more importance in the wake of our border flaring up and various mobile applications being banned. Even on an independent footing, the privacy of the individual data is of paramount importance as, during this pandemic, when the entire world is under lockdown, people are communicating digitally and there is an unprecedented flow of data over the internet.
The finer nuances of the decision would be known only when, and if, the same is passed by the Government but what is known in public domain is that the mobile applications could be required to collect data only to the extent required for their ‘functioning’. Further, the Government is considering to roll out a concrete policy against pre-loaded applications by mobile companies.
If this decision comes to be passed, India would be the pioneer in protecting the personal data of consumers against mobile applications and would lead the world by example. If this path is traversed by the Indian Government, it will show other jurisdictions that corporate interests cannot be allowed to trample over the interests of the public.
Siddharth Jain is Co-Founding Partner, PSL Advocates & Solicitors