A bitter war of words has broken out between the Congress and the BJP after Congress president Rahul Gandhi accused Prime Minister Narendra Modi of “giving away” personal data of all those who downloaded his Narendra Modi (NaMO) mobile app to a third party.
The BJP hit back and termed it “Rahul’s lies”. In a series of tweets, the party not only denied any security breach but also explained how the app was an interactive platform and invited Mr. Gandhi to download it to learn some yoga for fitness.
Taking a dig at Mr. Modi, Mr. Gandhi on Sunday tweeted, “Hi! My name is Narendra Modi. I am India’s Prime Minister. When you sign up for my official App, I give all your data to my friends in American companies.”
French hacker’s claims
The Congress leader, in his tweet, tagged a news report that talked about a French hacking expert, Elliot Alderson, claiming to have breached the security of the app and found out that personal data such as e-mails, photos, gender and names of the users were being compromised. Chiding the media, Mr. Gandhi said, “Ps. Thanks mainstream media, you’re doing a great job of burying this critical story, as always.”
The BJP responded in a flurry of tweets rubbishing Mr. Gandhi’s allegations.
“Narendra Modi app is a unique app, which unlike most apps, gives access to users in ‘guest mode’ without even any permission or data. The permissions required are all contextual and cause-specific. Contrary to Rahul’s lies, fact is that data is being used for only analytics using third party service, similar to Google Analytics. Analytics on the user data is done for offering users the most contextual content,” said the BJP’s official Twitter handle.
“This ensures that a user gets the best experience by showing content in his language and interests. A person who looks up agri-related info will get agri-related content easily. A person from T.N. will get updates in Tamil and get an update about an important initiative about T.N.”
The party said concerns about personal data were unfounded. “The data exposed by the French Twitter user is the data entered by the user on his own device. This is not a security breach. The person does not have access to any data apart from his own data.”
The party said permission required from a user was contextual and cause-specific. “Each function asks for the specific permission when access is required. The app does not ask for blanket permissions when the app is started,”said a functionary.
