Is Google Pay Violating Data Privacy Norms as Paytm Alleges?

Google Pay sharing sensitive customer data with third-party service providers says Paytm.

Cyrus John
Tech News
Published:
Google has been accused of sharing consumer data with third-party service providers.
i
Google has been accused of sharing consumer data with third-party service providers.
(Photo: The Quint/Canva)

advertisement

Starting a digital payments service in Indian comes with its fair share of caveats and controversies.

Google’s payment platform in India, Google Pay has been accused by rival service Paytm of sharing consumer data with group companies and third-party service providers. The complaint has been sent to the with National Payments Corporation of India (NPCI) in the form of a letter. But is it really?

In an exclusive report by moneycontrol.com, Paytm alleges that Google's privacy policy allows the company to collect, store, use and disclose its users’ personal data for advertising and promotional purposes. Paytm has urged NPCI to look into the matter and “revisit the Payment policy of Google Pay for India”.

Both NPCI and Paytm representatives have verified the authenticity of the letter.

“As per their policy, the company has stated that it is using payments data of Indian users for their advertisements business and is sharing it with group companies and unnamed third parties also. This is a clear disregard for a consumer’s need for privacy,” says the letter written by Paytm to  NPCI.

What Paytm Says

This isn’t the first time that Paytm is crying foul about a rival payment service.

Couple of months ago, WhatsApp too was dragged into an ugly debate involving its payments services and that it was sharing sensitive consumer data. The messaging platform has stalled the launch of its payments platform owing to a push for data localisation.

In the letter to the NPCI about Google Pay, Paytm raises concerns over three primary issues:

  1. Google Pay’s privacy policy states that it collects, stores, uses and discloses its users’ personal data for advertising and promotional purposes. It can use its customer’s name and image in the promotional material with no additional consent from the user.
  2. Google Pay collection discloses users’ personal data with Google, group companies, payments participants & unnamed third-parties.
  3. Google Pay accesses its users’ navigation, logs & correspondence data. It also reserves a right to collect, store, use and read its users communications.

Paytm also referred to Google as an “unregulated platform” citing Google could use the consumers’ data for monetary gains and also affecting the privacy of Indian users & the security of the country.

Perhaps the biggest concern for Paytm is the unfair advantage that Google Pay has over its rivals, which is why it is pushing the matter and requesting NPCI to look into the matter.

Paytm’s concerns are justified as some of Google’s privacy policies are alarming when you consider the company is handling sensitive user data.

To know more about what this means for you, here’s a look at some of Google Pay’s privacy policies:

Google may share your payments related information, including UPI Transaction Data, with Merchants, Banks, Third Party Providers and service providers as required for the purpose of operations, settlement payment processing, and promoting Google Pay Services.
If you are a Recipient, you agree and specifically consent that Google may store your information including bank account number on Google Pay for the purpose of sending you payments.

Perhaps the one point that users should be most concerned about is:

This information/data will help us analyze the merchants, markets, technology, operating systems, browsers, devices, locations from/for which our Google Pay Services are used.

To have an in-depth look at Google terms of services, you can read the full list here.

ADVERTISEMENT
ADVERTISEMENT

What’s Google’s Stand?

Google has come out with its own rebuttal addressing some of the serious allegations against it. In a statement to Medianama, the company has said that it has all the checks in place to ensure the customer data is protected.

Google Pay users have a direct relationship with Google – as per Google Pay terms of service a Google Account is opened with Google LLC. A common Google Account allows for checks and controls required for managing risk, fraud, spam, and for enhancing security measures, that are applied across Google products. It runs as a common thread across Google products allowing for seamlessness of service that a user can avail of and benefit from.
Google in a statement to Medianama

A Google spokesperson also went on to add that the company isn’t using any user data for monetary benefits.

Google does not use any individual UPI transactions data for any monetisation purpose e.g. for advertisements
Google spokesperson to Moneycontrol.com

Google is a third-party service provider hence it is not directly controlled by Reserve Bank of India. On the flipside other digital wallets and payment banks are under the strict vigilance and control of the Reserve Bank of India under its payment policies. Would you say Google has an upper hand here? Some would. But Paytm does have a point too.

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: undefined

ADVERTISEMENT
SCROLL FOR NEXT