- Apprentice Lawyer
- Legal Jobs
The plea claims that RBI and NPCI are compromising the interests of the people "by allowing the non-compliant foreign entities to operate its payment service in India."
Rajya Sabha MP Binoy Viswam of the Communist Party of India (CPI) has filed a petition before the Supreme Court seeking directions to ensure that the data of Indian citizens collected on Unified Payments Interface (UPI) platforms is not misused by corporations.
The petition filed before the Apex Court prays for the Court to direct the Reserve Bank of India (RBI) to formulate regulations to ensure that this data is not misused and the right to privacy of the citizens in this regard is not violated.
Referring to giant corporations such as Google, Amazon and WhatsApp, the petitioner prays that RBI and National Payments Corporation of India (NPCI) ensure that the data collected by these entities for the purpose of facilitating payments is not shared with their parent companies or any other third parties.
It is claimed by the petitioner that while the RBI and NPCI are required to and obligated to protect the data of Indian citizens, these bodies are, on the contrary, compromising the interests of the people "by allowing the non-compliant foreign entities to operate its payment service in India."
Millions of Indians use UPI platforms for making payments and with the RBI and NPCI allowing the "Big Four Tech Giants" to participate in this UPI ecosystem without much scrutiniy, sensitive financial data of the Indian citizens is at risk of being misused, the petition says.
Given that these entities are based in the US, data of Indians faces the risk of being taken abroad in the absence of adequate scrutiny and checks put in place, the plea further avers. It is added that the RBI and NPCI have permitted operation of these payments services "contrary to public interest" instead of actively looking into allegations of misuse of data levelled against these corporations by the US Congress. The plea reads,
"These allegations become particularly worrisome at a time when India has banned a host of Chinese Applications on the ground that those Applications were or could be used for data theft, and could be portals for several security breaches."
The MP has also assailed the FAQs issued by the RBI in April 2018 with regard to compliances needed for operation of UPI services, alleging that the RBI toned down the requirements that were earlier mandated to accommodate non-compliant entities such as WhatsApp and Google.
The RBI's April 2018 circular on this subject required for all the data on UPI platforms to be saved on Indian systems and for this directive to be complied with by October 2018. However, Google and WhatsApp failed to comply with the deadline and the RBI issued FAQs corresponding to the April 2018 circular which effectively toned down the requirements in the circular, this petition claims.
These FAQs have been challenged as being ultra vires the original circular itself. Viswam argues that all participants ought to follow the deadline that was set out in the April 2018 circular in letter and spirit.
Singling out WhatsApp in particular, the petitioner highlights that it was the messaging app's admitted position as on June 5 this year that it was yet to comply with data localization norms. The RBI and NPCI still failed to take any action against WhatsApp, the petition adds.
In light of this, the petitioner has also prayed before the Court that the RBI and NPCI be directed to not allow WhatsApp to roll out its payment service, which is currently in beta stage, in full scale till all the requirements and norms are complied with.
It is pertinent to note that two separate petitions highlighting WhatsApp's non-compliance with data localisation norms are already pending before the Supreme Court.
The petition is filed through Advocate Sriram Parakkat.