November 14, 2018

Privacy Matters: Telecom corporations and digital service providers unresponsive to questions regarding the handling of ‘consumer data’

Media Matters for Democracy wrote letters to 8 leading telecom corporations and digital service providers asking questions regarding their privacy policies, more particularly the handling, storage and sharing of consumers’ data. six out of eight did not respond. 

It seems that sharing information about policies and practices regarding the handling of consumer data is a no-go area for the corporations in Pakistan, as 6 out of 8 whom MMFD’s team reached out didn’t respond. Others who did respond refused to answer the specific questions.

This survey was conducted as a part of MMFD’s upcoming research on privacy policies and practices of the telecom corporations and the digital service providers in Pakistan. It’s important to note here that all telecom corporations and digital service providers store large datasets of consumer data as part of their work, including but limited to names, addresses, CNIC numbers, call records, credit card details etc.

The fact that some of this data makes it out of the corporations, and is sold online for a small fee raises questions about the privacy policies and practices of the corporation. The situation gets even more problematic considering that Pakistan doesn’t currently have a data protection and privacy policy framework.

Media Matters for Democracy, after an analysis of the privacy policies of the telecom corporations and digital service providers such as the ride-hailing service Careem, and PakWheels, a web-portal for buying and selling of cars, reached out to them with a list of questions seeking to clarify vague and undefined terms, such as ‘third-party’, in their privacy policies.

 “Questions sought more information regarding the corporates’ handling of consumer data, and more importantly about the ‘thrid-parties’ with whom the consumer data is shared, and under what conditions and using what parameters. As consumers, we hoped to know more about the measures in place to ensure the safety of consumer data that these corporates are collecting and storing. We also wanted to know if thes corporates take responsibility of the safety of consumer data after it is shared with the third-parties”, says Asad Baig, the founder of Media Matters for Democracy.

Telecom corporations namely Telenor, Ufone, Jazz, Zong and digital service providers Careem, Daraz, PakWheels.com and Zameen.com were reached out over the emails. Out of the eight entities, six did not respond to the emails.

Zong and Telenor responded to the queries, however, Zong refused to share any information owing to the “confidential” nature of the information. Telenor also did not respond to specific questions.

Digital Rights advocates have been calling upon the corporations and digital service providers to be more transparent in their data protection and consumer data privacy practices. Given the fact that the information systems of corporations including Telenor, Careem, Zameen.com and Pakwheels.com had been compromised in the past – some even without the knowledge of the consumers – Digital Rights advocates are calling for the implementation of a consumer-friendly data privacy and protection framework, so as to make the corporations more transparent in their consumer data protection and sharing practices, and accountable for their failure to do so.

Meanwhile, the Ministry of IT and Telecom [MOITT] has already uploaded the draft of the ‘data protection bill’ and soliciting responses from various stakeholders for improvement.

No comments

leave a comment