Reliance JioMart is now available for delivery service across 200 cities in the country. This is another online grocery delivery platform that seeks to serve consumers as they avoid stepping out for shopping amid COVID-19. We have covered all the details about the service and how it operates over here. But today we’re looking at the privacy concerns of the platform raised by an industry expert, which is seemingly directed at use of data from the consumers.
The company’s privacy policies over here, is a clear indication that user’s will be signing up on this platform with their consent, but the practises likely to be adopted have raised a few eyebrows. “Notwithstanding the above, the user acknowledges the company’s right to share some of the aggregate findings, including the personal information provided by the users in an unidentifiable form, and not the specific data with advertisers, sponsors, investors, strategic partners, and others in order to help grow the business.”
This statement itself is rather worrying, because consent of the user is being defined as an access point for the company.
JioMart: Data Security Concern
For instance, look at this point mentioned in the privacy section. “When a user visits or uses the platforms, the company may access, collect, monitor and/or remotely store data in relation to the user’s location, which may also include global positioning system coordinates or similar information regarding the location of the device using which the user has visited or used the platforms.” These are obvious red flags for anyone with understanding of data privacy on the internet, but with lack of such regulations in India, JioMart seems to be making merry with disregard for any possible violations.
Speaking of which, if in any case, the platform has a security breach, look at who’s taking the responsibility for such incidents. “It is expressly stated that the company shall not be responsible for any breach of security or for any action of any third parties that receive users’ personal data or events that are beyond the reasonable control of the Company including, acts of government, computer hacking, unauthorized access to computer data and storage device, computer crashes, breach of security and encryption, etc.” So at one point they claim security protocols have been followed, but still they are unwilling to be held responsible for any mishap. Does this ring a bell about a popular social networking site for anyone?
While some aspects of its data collection is anonymised, JioMart does mention that some parts of the identifiable data could be shared with other parties. This primarily includes “parent company, group companies, subsidiaries, associates, affiliates, suppliers, vendors, sister concerns, service providers and service partners.”
Signing up for a big price?
Data privacy is considered an afterthought by most companies operating in India. It helps that besides the archaic set of Information Technology policies, the new-age companies are free to operate without having to worry about stringent data regulation norms like theGeneral Data Protection Regulation (GDPR) in Europe. With millions of Indian users on the internet, and now signing up for online platforms for various services, they automatically become hotbed for cyber-attacks which invariably leads to data breaches. And not having these companies liable for their collection practices or any other incident is a recipe for disaster in itself.