Narenda Modi Android App Allegedly Collecting User’s Personal Information and Sharing with third parties

The Narenda Modi Android App Allegedly Collecting User's Personal Information and Sharing with third parties

According to a French security expert Elliot Alderson, the Narendra Modi Android App is collecting user’s device information and personal data without consent, and sharing the personal data with thrid-party companies.

As per Elliot Alderson, When you create an account in Indian Prime Minister Narendra Modi’s Android app, It keeps storing user’s device information including OS, network type, Carrier. This gives goosebumps, when the Elliot adds that Narendra Modi app allegedly collecting sensitive personal data of users such as email, photo, gender, name.

Not only this, the app is sending those personal data to a third-party domain called . This domain is hosted by GoDaddy and it belongs to an America based company called CleverTap. And this domain is classified as a phishing link by a company called G-Data.

Though the WHOIS information of this domain is hidden from public access, the security expert was able to find some information by reversing their SDK, the JAR file provided on Github. That confirms  that the domain is the property of CleverTap. As per the company description, CleverTap is the next generation app engagement platform that enables marketers to identify, engage and retain users and provides developers.

The FAQ section of the app states that users’s personal information and contact details shall remain confidential and shall not be used any purpose than our communication with user. Also it states that in any condition, the information shall not be provided to third-parties. But as you can read, all things have gone way too far. This Narendra Modi app is violating the General Data Protection Law of Europe as the app is available in Europe too and it’s also against Google’s policy. Still Government agencies are promoting this app and prompting users to use this application. Sharing data without consent breaking the privacy guideline clearway points that India’s privacy policy laws are lacking where the sufferers are the general users.

What do you think ? let us know your point of view regarding this with us.