Telangana government apps fail on privacy front
Hyderabad: Indigenous apps developed by state government arms including T-wallet, RTA m-wallet, TS-Weather, TS-Liquor, T-Ration collect sensitive information, and some of which handle financial transactions, fail to comply with Google’s privacy policy.
Users are kept in the dark about the data being collected, as there is no privacy policy or terms and conditions section in the apps. The policy helps users hold the app accountable if there is any wrongdoing.
According to the Google policy, app developers must post a privacy policy and from within the app.
This policy is applicable if the app handles sensitive user data including personally identifiable information, financial and payment information, authentication information, phonebook or contact data, microphone and camera sensor data, and sensitive device data.
Several of these apps seek a host of permissions, often during their installation. Users instinctively agree, and give away sensitive permission.
A policy analyst said, “The terms and conditions and privacy policy are documents or agreement which help users reach out to court. For financial transactions in case of wallets the permissions given by RBI will be valid, even if they are not visible to users. Not many apps are following the practice as there are no defined standards or scrutiny apart from Google’s policy.”
This newspaper had earlier pointed out that the MyGHMC app was seeking permissions without providing details of the information.
The Centre for Good Governance said, “After taking required confirmation from GHMC, we will definitely place the terms and conditions and privacy policy in the application.”
There are apps like T-Saavari, T-App-folio which by the rule book. A developer of one of the apps said, “We did not list the privacy policy but we can make it available for users. All the data is secure as each app undergoes security audit by a third party.”
H3