MP High Court Issues Notice To Centre, Google & Others On PIL To Check Mobile Apps Before Launch To Prevent Data Breach, Financial Scams
The Madhya Pradesh High Court sought the response of Union Ministry of Electronics and Information Technology and tech giants–Google India, Apple India, Microsoft Corporation India, Xiaomi Technology India in a PIL for direction to establish a regulatory agency to scrutinize mobile apps before their launch on digital platforms.A division bench of Chief Justice Suresh Kumar Kait and...
The Madhya Pradesh High Court sought the response of Union Ministry of Electronics and Information Technology and tech giants–Google India, Apple India, Microsoft Corporation India, Xiaomi Technology India in a PIL for direction to establish a regulatory agency to scrutinize mobile apps before their launch on digital platforms.
A division bench of Chief Justice Suresh Kumar Kait and Justice Vivek Jain in its April 23 order said, "Notice issued.Shri Ishan Soni accepts notice on behalf of the respondents No.1 to 4/Union of India and seeks time to file the reply. Reply be filed within two weeks. On taking steps, let service be effected upon the respondents No.5 to 8. On receipt of the notices, the said respondents are directed to file reply within three weeks. Rejoinder, if any, be filed within two weeks thereafter".
The PIL seeks directions to the Central Government to establish a regulatory agency responsible for scrutinizing preloaded mobile and computer applications as well as new apps before their launch on digital platforms to prevent unsuspecting privacy data breach, financial scams by use fraudulent apps, unauthorized data collection and privacy breaches.
The plea states that with the rapid increase in internet-based frauds, unregulated mobile and computer applications have become a significant tool for cybercriminals. It further alleges that numerous apps hide malware within seemingly legitimate software and thus, manage to evade security checks on platforms such as Google Play and the Apple App Store. These applications often function as spyware, collecting sensitive user data, such as banking and credit card details as well as hacking of personal information including photographs and videos.
The plea further alleges that the absence of a pre-emptive regulatory mechanism allows such fraudulent apps to reach the public, leading to financial loss, identity theft, and large-scale privacy violations.
It is submitted that a government oversight mechanism ensuring pre-launch security and functional testing of mobile applications would help mitigate risks of malware, financial fraud, and data exploitation by way of unregulated app-permissions.
The plea states that the Indian Computer Emergency Response Team (CERT-In), the national nodal agency for cybersecurity under the Ministry of Electronics and Information Technology (MeitY) primarily focuses on post-incident responses rather than preventive measures. It investigates cybersecurity threats, issues advisories and blocks malicious applications, but only after they have caused harm.
Thus, the petitioner through the petition prayed before the Court to Direct the Central Government to formulate comprehensive guidelines for conducting pre-launch security audits regarding encryption standards and access control mechanisms of mobiles/computers and apps/software loaded therein to ensure apps do not pose cybersecurity threats.
The matter is listed after four weeks.
Case Title: Amitabh Gupta Vs Union Of India And Others