The Delhi High Court on Monday issued notice to the centre, the Reserve Bank of India (RBI) and others on a plea seeking action against Google Pay for allegedly violating the central bank’s guidelines related to data localisation, storage and sharing norms. The plea sought directions to Google India Digital Service to give an undertaking to not store data on its app under UPI ecosystem and further not to share the same with any third party, including its holding or parent company.
“Google India launched, ”Tez”, a mobile payments service targeted at users in India which later folded into the new ”Google Pay” app. ”Google pay” is a third party app which facilitates payment in the UPI ecosystem and is able to do the same by partnering with various PSP/acquirer banks,” the plea said.
“Further, ”Google Pay” is regulated by respondent number 2 (National Payment Corporation of India) which is responsible for granting permission to Payment Service Provider (PSP) as Banks and to Third-Party Apps (TPAs) to operate under the UPI network,” it added.
Abhishek Sharma, the petitioner, also sought a direction to the RBI to take action and impose a penalty on Google Pay on account of its serious violations of applicable laws.
A bench of Chief Justice DN Patel and Justice Prateek Jalan on Monday seeks response of all respondents and slated the matter for further hearing on September 24.
Meanwhile in June, in a similar case, the RBI had told Delhi High Court that Google Pay is a third party app provider (TPAP) and does not operate any payment systems. RBI had also told the court that since Google Pay does not operate any payment system, it does not find a place in the list of authorised payment system operators published by the National Payments Corporation of India (NPCI).
The latest plea also alleged that Google Pay is further violating the UPI procedural guidelines by sharing personal sensitive user data in complete breach of binding regulatory guidelines.
“That the procedural guidelines governing ”Google Pay” prohibits sharing of user data by TPA and cast a specific liability on the PSP banks to ensure that no such data is shared by TPA in contravention to the applicable norms and law,” the plea said.
However, it said that Google Pay by way of “Combined Google Pay Terms” is openly sharing it with its own group companies as well as third parties and is also monetizing the same.
The plea also claimed that Google Digital Service Pvt Ltd, vide its product ”Google Pay”, seeks to access the location of the users in the name of security and uses the same to gain revenue from offering highly targeted or personalized advertising opportunities to advertisers.