Either the Govt. of India is too naive to believe whatever telecom operators are saying about the user’s data snooping or the customers are being fooled here.
Telecom Minister Ravi Shankar Prasad has said that Airtel is injecting scripts into users’ browsers to improve customer experience and has denied all allegations of unethical data capturing and forced pop-us ads.
Independent MP from Bangalore Rajeev Chandrasekhar raised a question regarding allegations that Airtel is injecting scripts & codes into user’s browsers. We had reported this incidence in June, when Thejesh, an InfoActivist and Programmer found Java scripts originating from Airtel’s servers in his own browser.
Later, Thejesh was issued legal notice by Flash Networks, the 3rd party firm whose code was found in the browsers, originating from Airtel’s servers. Thejesh later demanded apology from Flash Networks on this issue.
In reply to this question, Telecom Minister Ravi Shankar Prasad said, “It has been done solely with the object of improving customer experience and empowering customers to manage their data usage through suitable timely prompts in terms of volume of data used. Such solutions are already deployed and continue to be deployed by operators globally to enhance information, customer service and experience. Further, Bharti Airtel Limited has denied the allegations.”
Minister further said that as part of licensing agreements, all telecom players “shall take all necessary steps to safeguard the privacy and confidentiality of any information about a third party and its business to whom it provides the Service and from whom it has acquired such information by virtue of the Service provided”
Hence, it seems that the Govt. has taken Airtel’s explanation on a face value, and believed their logic of putting unauthorized code, without users’ authentication. Additionally, considering that the script and iframes are originating at a third party’s website, Flash Networks, the issue becomes more severe.
Government Can Intercept Any Message Anywhere
Responding to the question of Govt. legislation and laws regarding collecting consumer’s private information, Minister Prasad said that under provisions of section 5(2) of Indian Telegraph Act, 1885, Indian Govt. can intercept and listen to any communication happening anywhere in the country (subjected to stipulated cases); with or without users’ consent and approval.
The reply stated that more detailed information can be gathered from the documents pertaining to Rule 419A of Indian Telegraph Rules, 1951.
However, service providers are mandated to protect any unlawful access to such intercepted communication data, and in case of any breach of trust, then that service provider would be held accountable. In case any employee(s) is found guilty of having unauthorized access to such data, then suitable legal action would be initiated against them as well.
Hence, on one hand Govt. is trusting and believing what Airtel’s justification regarding such forceful insertion of codes and scripts; on the other hand, they are assuring that every user data collected is safe in their hands.
The issue is not only about data safety here, but also about users’ privacy rights related with usage of a service. Not only Airtel, but Vodafone and MTNL were also found to insert codes and scripts directly into users’ browsers, without any clear mandate on it’s usage. In case ‘improving customer experience’ is the sole objective, then why there has been no process to take users’ consent and approval?
Lots of questions and very few answers on this issue.