The Congress on Monday removed its official mobile phone application from Google Play Store after the Bharatiya Janata Party accused the party of sharing the data of people who visit its website with “practically anyone”.
Over the past few weeks, the safety of user data has come under the scanner following reports that British firm Cambridge Analytica used the private data of more than five crore Facebook users to influence voters during Donald Trump’s 2016 election campaign, and in several other polls around the world. Ever since, the Congress and BJP have been accusing each other of using the services of the British firm.
Malviya’s comments came after Gandhi criticised the government after a French cyber security expert alleged that the Narendra Modi Android application shared its users’ private information with companies without their consent.
Gandhi had mocked the prime minister in a tweet saying, “Hi! My name is Narendra Modi. I am India’s Prime Minister. When you sign up for my official App, I give all your data to my friends in American companies.”
On Sunday, Malviya said the data from the app is shared with a “third party service” for analytics, but it is in “no way stored or used by the third party services”.
On Monday, in a tweet worded just like Gandhi’s, he accused the Congress of sharing user information with Singapore. Malviya based his claims on new allegations against the official Congress Android application by the same French cyber expert, who goes by the name Elliot Alderson on Twitter.
BJP leader and Union Minister Smriti Irani also mocked Gandhi after the Congress took down its application.
Allegations against the INC app
Meanwhile, Alderson posted a series of tweets on Monday morning about how data shared on the Congress party’s official app is vulnerable to breaches.
He pointed out that personal data of users is encoded using Hyper Text Transfer Protocol, or HTTP, instead of the more secure HTTPs. He said the application was using a poor encryption system that makes data mining easier. And, finally, that the app’s server is in Singapore, which would make any data entered by the user subject to Singaporean laws.