Published 19:47 IST, December 14th 2020
WhatsApp denies in SC allegations of data hacking by spyware Pegasus
WhatsApp on Monday denied in the Supreme Court the allegations that its data can be hacked by Israeli sypware Pegasus, which had led to a controversy last year
Advertisement
WhatsApp on Monday denied in Supreme Court allegations that its data can be hacked by Israeli syre Pegasus, which h led to a controversy last year over breach of privacy following claims that Indian journalists and human rights activists were among those globally spied upon by unnamed entities.
issue cropped up before a bench heed by Chief Justice S A Bobde which was hearing a plea filed by Rajya Sabha MP Biy Viswam seeking direction to Reserve Bank of India (RBI) for framing regulation to ensure that data collected on UPI platforms is t exploited or used in any manner or than for processing payments.
Advertisement
An allegation is that WhatsApp data can be hacked by a software called Pegasus, bench, also comprising Justices A S Bopanna and V Ramasubramanian, told senior vocate Kapil Sibal, who was appearing for WhatsApp. Sibal said se are all allegations. ne of m are correct.
Advertisement
WhatsApp h said last year that it was suing an Israeli surveillance firm that is reportedly behind techlogy that helped unnamed entities' spies to hack into phones of roughly 1,400 users. During hearing conducted through video-conferencing on Monday, senior vocate Krishnan Venugopal, appearing for Viswam, told bench that RBI has filed an affidavit in matter and National Payments Corporation of India (NPCI) should also make its stand clear in matter.
ditional safeguards should be re. WhatsApp's security is t up to mark and third point is of data localisation. Data is being shared by companies like Facebook, WhatsApp and Amazon. This is a breach of privacy. All data are being shared in violation of NPCI rms, Venugopal said. He referred to Pegasus controversy and said that WhatsApp's data can be hacked by spyware.
Advertisement
counsel appearing for NPCI said that he would file an affidavit in matter. bench has posted matter for furr hearing in fourth week of January. On October 15, apex court h sought responses from Centre, RBI, NPCI and ors including Google Inc, Facebook Inc, WhatsApp and Amazon Inc on plea.
Advertisement
Viswam, Communist Party of India (CPI) leer, has sought a direction to RBI and NPCI to ensure that data collected on Unified Payments Interface (UPI) platforms is t shared with ir parent company or any or third party under any circumstances.
In India, UPI payments system is being regulated and supervised by Respondent . 1 (RBI) and Respondent . 2 (NPCI), however, RBI and NPCI inste of fulfilling ir statutory obligations and protecting and securing sensitive data of users are compromising interest of Indian users by allowing n-compliant foreign entities to operate its payment services in India, plea has alleged.
Advertisement
RBI and NPCI have permitted three members of Big Four Tech Giants' i.e. Amazon, Google and Facebook/WhatsApp (Beta phase) to participate in UPI ecosystem without much scrutiny and in spite of blatant violations of UPI guidelines and RBI regulations, it has claimed. plea has alleged that this conduct of RBI and NPCI put sensitive financial data of Indian users at huge risks, especially when se entities have been continuously accused of abusing dominance and compromising data, among or things.
It has furr sought a direction that RBI and NPCI should ensure that WhatsApp is t permitted to launch full scale operations of WhatsApp Pay' in India without fulfilling all legal compliances to satisfaction of court regarding requisite regulatory compliances. It said that in April 2018, RBI, with a view to secure data of Indian users, h issued a circular directing all system providers to ensure that entire data relating to payment systems operated by m are stored in systems only in India and y were asked to ensure compliance by October 15, 2018.
plea claimed that later, RBI toned down April 2018 circular by issuing Frequently Asked Questions (FAQs) and permitted processing of all payment transaction abro, including domestic transactions. In said FAQ it was clarified that in cases of data processing done abro, data should be deleted from systems abro and brought back to India within 24 hours, plea said. It has sought apex court's direction to declare FAQ dated June 26, 2019 issued by RBI as ultra vires to circular dated April 6, 2018.
It alleged that Google and Facebook alrey have access to immense personal data of millions of Indian users and if y are permitted to collect unrestricted financial data of Indian users while operating at UPI platform, same would give m draconian control over sensitive Indian data.
19:47 IST, December 14th 2020