High Court on Monday (August 24) issued notices to the Centre, Reserve Bank of India (RBI) and others on a plea, seeking action against Google Pay for allegedly violating RBI guidelines on localisation, storage and sharing of data.
The plea sought directions to Google India Digital Service Pvt Ltd to give an undertaking to not store data on its app under UPI ecosystem and further not to share the same with any third party, including its holding or parent company.
A bench of Chief Justice DN Patel and Justice Prateek Jalan on Monday seeks response of all respondents and slated the matter for further hearing on September 24.
Abhishek Sharma, the petitioner, also sought a direction to the RBI to take action and impose a penalty on Google Pay on account of its serious violations of applicable laws.
“Google India launched, `Tez`, a mobile payments service targeted at users in India which later folded into the new `Google Pay` app. `Google pay` is a third party app which facilitates payment in the UPI ecosystem and is able to do the same by partnering with various PSP/acquirer banks,” the plea said.
“Further, `Google Pay` is regulated by respondent number 2 (National Payment Corporation of India) which is responsible for granting permission to Payment Service Provider (PSP) as Banks and to Third-Party Apps (TPAs) to operate under the UPI network,” it added.
The plea sought a direction to the RBI to take appropriate punitive action against the NPCI and revoke its authorisation to operate and regulate the UPI payment system, on account of risking customer payments data its failure to audit Google India Digital Service Pvt Ltd and take any steps against it despite its acts of flagrant and serious non-compliance of applicable laws.
It also alleged that Google Pay is further violating the UPI procedural guidelines by sharing personal sensitive user data in complete breach of binding regulatory guidelines.
“That the procedural guidelines governing `Google Pay` prohibits sharing of user data by TPA and cast a specific liability on the PSP banks to ensure that no such data is shared by TPA in contravention to the applicable norms and law,” the plea said.
However, it said that Google Pay by way of “Combined Google Pay Terms” is openly sharing it with its own group companies as well as third parties and is also monetizing the same.
The plea also claimed that Google Digital Service Pvt Ltd, vide its product `Google Pay`, seeks to access the location of the users in the name of security and uses the same to gain revenue from offering highly targeted or personalized advertising opportunities to advertisers.