A French security analyst, Elliot Alderson, has alleged that Narendra Modi App is stealing users’ information from their device. “When you create a profile on the official App in your Android phone, all your device info, for example, OS, network type, as well as personal data such as email, photo, gender, name etc are sent without your consent to a third-party US-based company, Clever Tap,” says the researcher on Twitter.
When you create a profile in the official @narendramodi #Android app, all your device info (OS, network type, Carrier …) and personal data (email, photo, gender, name, …) are send without your consent to a third-party domain called https://t.co/N3zA3QeNZO. pic.twitter.com/Vey3OP6hcf
— Elliot Alderson (@fs0c131y) March 23, 2018
Explaining the process further, Alderson says that using an analytics solution is standard in the mobile development world. However, shared personal data without the user consent is illegal. Users have to accept the data collection and must be able to opt out of it. This is the law. “Moreover, collect personal data of user without their consent is against the TOS (Terms of Service) of Google Play Store,” he wrote in one of his many posts providing in-depth detail of data vulnerability.
He also said that Narendra Modi ‘App team’ reached out to him via text messages through a freshly made Twitter account and tried to discuss the data security with Alderson.
“One minute after my post on @narendramodi’s #android app, the “App team” created a new Twitter profile to discuss with me. We had a nice discussion. In order to be fair, here their first answer,” the French researcher posted.
The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).
One minute after my post on @narendramodi's #android app, the "App team" created a new Twitter profile to discuss with me. We had a nice discussion. In order to be fair, here their first answer. pic.twitter.com/4JbdoSefpt
— Elliot Alderson (@fs0c131y) March 24, 2018
Elliot Alderson is the same researcher who had earlier this year claimed that mobile phone company OnePlus was sending clipboard data back to a Chinese server, that is stealing the data of users. He was also responsible for removal of the Paytm’s ‘condition’ that asked users to give ‘root access’ to their device. In March this year, he had found flaws in Aadhar data security and posted on Twitter, “Hi @UIDAI and @ceo_uidai, let me show you one of the “unscrupulous elements”. This governmental website is leaking 4769 files. In this open directory, you can find biometric data, #Aadhaar card scans and more.”
If talking about even the more recent one, Facebook has been highlighted for mishandling the data of 50 million users.