Also, read: TikTok ban lifted by Madras High Court
This means that the Indian Ministry of Electronic and Information Technology under which the cyber law and E-security of citizens comprise, does not have any information or idea on the transfer of personal data taking place outside Indian jurisdiction.
The ministry said in a reply to the Right to Information dated April 22, 2019, it does not have any records and the matter was of no concern to it.
RTI filed by Robin Zaccheus, explains the sequence of events that made him seek information from the ministry: "“The son of CRPF martyred soldier Pradeep Kumar, Siddharth Kumar, shared that minutes before the Pulwama attack he spoke to his father over the phone while he was moving from Jammu to Srinagar in a CRPF convoy and his last words were that he was heading to Srinagar base camp and would reach in an hour or so. The rest is known to all.
“This triggered a question in my mind in the quest to understand the possibilities of where we (mobile phone users) could have gone wrong from security and privacy perspective of the soldier’s movements”
Robin Zaccheus says he knew that Google and other Chinese companies present in India were transferring data out of the country jurisdiction and no one looked into this matter critically. “The information like Web and APP Activity, Track Location History, Record Voice and Audio Activity and Tracking of YouTube search history is by default in the Google app,” he says.
Another independent security researcher, Aneesh Sharma says "there will always be the threat of data misuse and also being targets for advertising companies. Countless users receive emails and texts from companies they have never given personal information to and we wonder how they are able to contact us. It is because users’ personal data is being shared or sold globally. Users are advised to read the privacy policies of mobile manufacturers.”
Also, read: Xiaomi Redmi Y3 and Redmi 7, launched in India