FG investigates truecaller over breach of privacy
The National Information Technology Agency (NITDA) has been notified on the need to draw closer attention to the potential breach of privacy rights of Nigerians by the truecaller service.
The agency, has begun investigation on truecaller due to its potential breech of privacy to Nigerians in accordance with section 6(f) of the NITDA Act 2007, which empowers it to render advisory services in all information technology matters.
Thorough investigations has revealed that the Truecaller Privacy Policy is not in compliance with international laws on data protection regulation and Nigerian Data Protection regulation (NDPR) to be precise as there are over seven million Nigerians active on the service hence increasing the need of the public awareness to guide those affected.
Under the privacy policy of the truecaller, there are several articles of the policy that does not comply with the NDPR. Amongst the articles that failed to comply with Nigerian law are as follows.
The article 1.1 of the truecaller policy states that: “Truecaller may supplement the information provided by you with information from third parties and add it to the information provided by you.
This implies that the provision contravenes article 2.1(b) of the NDPR which requires data collection and processing to be accurate and also aricle 1.3(iii) that states valid consent must be acquired.
Article 1.2 states that, “when you install Truecaller on your device, the app collects personal information from you and any other devices you may use while interacting with our services.”
Truecaller further stated that such informations may include; geo-location, your IP address, device ID, device, general settings of your device, and other information and usage activity logged by truecaller servers manufacturer and type, device settings, SIM card usage, websites visited and content viewed by you, general settings of your device, and other information and usage activity logged by truecaller servers from time to time.
NDPR however regards this above provision of truecaller privacy policy as highly invasive and intrusive of the user’s privacy.
Contrary to the expectation of users, the true caller collects far more information than it needs to provide its primary service.
