Membership is FREE!   Professional Designations for Business & Technology Professionals

Privacy

‘We don’t collect subscribers’ genetic, religious, health and sexual data,’ Airtel clarifies

2 Mins read

Airtel has said that it does not collect any sensitive data related to subscribers’ genetic data, religious or political beliefs, and health or sexual orientation. The telco instead attributed the inclusion of such data in its privacy policy to a “clerical error”. The second largest ISP in the country (by number of subscribers) had “inadvertently put” the broad definitions of personal data from the Information Technology Act on to its website, the company said in a statement to MediaNama.

What happened? On October 16, eagle-eyed Twitter users noticed that Airtel’s privacy policy for its website and services stated that Airtel and its authorised third parties could collect, store and process the following types of sensitive personal information: “Genetic Data, Biometric Data, Racial or Ethnic Origin, Political opinion, Religious & Philosophical belief, Trade union membership, Data concerning Health, Data concerning natural personal’s sex life or sexual orientation, password, financial information (details of Bank account, credit card, debit card, or other payment instrument details), physiological information”. This caused a furore on Twitter after which Airtel sought to rein in the damage and thus released an updated Policy on October 17.

Multiple Twitter users pointed out that the Privacy Policy had been updated on October 8, 2020. However, as per archived pages of the Policy, the contentious section has been a part of the policy since at least August 13, 2019; it only got public attention now.

Statement from Airtel:

We have come across some reports regarding our privacy policy as stated on our web site.

“We would like to state that privacy of our customers is of paramount importance to us.

“The generic content of the definitions of what constitutes personal data as laid down by the IT Act are expansive, which had been inadvertently put on to our website. This was a clerical error.

“We thank those who brought this error to our attention.

“We emphatically confirm that we do not collect any personal information relating to genetic data, religious or political beliefs, health or sexual orientation etc.

“The policy which we have always used to collect data has been duly updated for the benefit of our customers and can be accessed here – https://www.airtel.in/privacy-policy/.”

What caused the furore?

The categories of data listed include very sensitive information about people. Consider this: a person from a minority group visits their place of worship every day. Their location is tracked using mobile towers. This location, which is inextricably linked to the person’s mobile number, is used to deduce the person’s religious identity.

Or a person belonging to a sexual minority searches for potential partners online, or uses a particular app to do so. The telco links it to other details about the subscriber.

Or a person visits a hospital twice a month for a treatment. The telco has the location data and deduces that this person is chronically ill. The two largest service providers in the country — Jio and Airtel — already have payments banks. It is not beyond the realm of imagination to think that they may venture into insurance and allied services. If telcos, that may provide insurance or credit cards, have access to subscribers’ health data, or can make accurate assumptions about it, they could potentially overcharge people for insurance.

If a telco creates such digital dossiers on people, it can be mandated to share such information with the government under its licence agreement. This information can be used to target, with alarming accuracy, members of religious or sexual minorities.

What kind of data is Airtel required to collect?…

REad The Full Article

Related posts
Privacy

Statement from the Privacy Commissioner of Canada following the tabling of Bill C-11

2 Mins read
Original post – GATINEAU, QC, November 19, 2020 – Privacy Commissioner of Canada Daniel Therrien today issued the following statement regarding the tabling…
Privacy

CASL Review: The 13 Recommendations of the ETHI Committee

11 Mins read
The ETHI Committee conducted a CASL Review between July 1, 2017 and Dec. 2017 as required by the law itself. “As a…
Privacy

A new privacy bill for our age

2 Mins read
Bill C-11 aims to give more meaningful information about the collection, use and disclosure of data, while giving organizations tools to be…
Join BIZTEK

Yes, I have read and live by this Code of Ethics - https://biztek.org/code-of-ethics/. We are BIZTEK, located in Mississauga, Ontario. Business Certification is an important part of doing business in Canada. Join us to set new standards and professionalism to the technology sector. We will email you regarding issues that affect business and technology professionals in Canada. Contact us at info@biztek.org or call us at 647 499 2744. You can unsubscribe at any time.