Google Pay violation: HC seeks reply from govt., RBI

Plea claimed the company was storing sensitive data flouting Central bank rules

Published - August 25, 2020 12:20 am IST - New Delhi

NEW DELHI, 24/01/2018: A view of Delhi High Court, in New Delhi on January 24, 2018.  
Photo: Sushil Kumar Verma

NEW DELHI, 24/01/2018: A view of Delhi High Court, in New Delhi on January 24, 2018. Photo: Sushil Kumar Verma

The Delhi High Court on Monday sought response of the Centre and the Reserve Bank of India (RBI) on a plea seeking action against ‘Google Pay’ for allegedly violating the central bank’s guidelines related to data localisation, storage and sharing norms.

Penalty imposition

A Bench of Chief Justice D.N. Patel and Justice Prateek Jalan also issued notice to Google India Digital Service Pvt Ltd on the petition of advocate Abhishek Sharma seeking to impose penalty on the company for alleged violations of laws. The court has posted the case for further hearing on September 24.

The petition sought direction to Google India Digital Service to give an undertaking to not store data on its app under UPI ecosystem and further not to share it with any third party, including its holding or parent company.

It also sought direction to the company not to share any data from UPI switch with any other party.

Third-party app

The plea stated that Google India launched, ‘Tez’, a mobile payments service targeted at users in India which later folded into the new ‘Google Pay’ app. It said ‘Google Pay’ is a third-party app which facilitates payment in the UPI ecosystem and is able to do the same by partnering with various PSP/acquirer banks.

“Further, ‘Google Pay’ is regulated by respondent number 2 [National Payment Corporation of India] which is responsible for granting permission to Payment Service Provider [PSP] as banks and to third-party apps to operate under the UPI network,” it said.

The plea claimed that the company was storing personal sensitive data in contravention of UPI procedural guidelines of October 2019, which allows such data to be stored only by PSP bank systems and not by any third-party application.

The plea sought direction to the RBI to take appropriate punitive action against the NPCI and revoke its authorisation to operate and regulate the UPI payment system, on account of risking customer payments data, its failure to audit Google India Digital Service Pvt Ltd and take any steps against it despite its acts of flagrant and serious non-compliance of applicable laws.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.