Truecaller: An App of Privacy or Piracy?

Truecaller: An App of Privacy or Piracy?

  • Reading time:6 mins read

By Sumeet Singh Bhatia

“Privacy is not for sale, and human rights should not be compromised out of fear or greed.”

Pavel Durov

Truecaller- an app that helps in coping with spam calls and weeds out those attempting to sell you credit cards, trading accounts, and insurance. Since India has the unfortunate distinction of being Asia’s spam capital, Truecaller has also saved lives.

But not everyone agrees that Truecaller is a trustworthy organization fighting to rid India of spam calls, especially Viceroy Research. They are a research company that releases studies on publicly traded corporations. And their ultimate objective is to find dodgy companies with dubious financials in order to make money off of stock market wagers. Their most recent target is Truecaller. They have demolished the company’s business plan piece by piece in a devastating article titled “Truecaller’s True Colors.”

In India, Truecaller is no longer listed. Actually, the Nasdaq Stockholm Exchange is where it is listed. However, the corporation receives more than 70% of its revenue from India, and the report details the numerous transgressions Truecaller committed within our country. Therefore, this report does have some relevance, especially in light of the Viceroy’s earlier revelation of the €2 billion accounting problem at Wirecard.

Now that the introduction is through, let’s tackle the crucial inquiry: What does the report truly contain?

The most serious accusation is that if you live in India, Truecaller doesn’t care about your privacy. You can now counter that privacy is a myth. We freely share our data with others. What happens, though, if you didn’t specifically sign away your data? What if businesses are still able to obtain your personal information and profit from it? That is the charge made against Truecaller.

As an illustration, think about how Truecaller builds its large user database. Following download, Truecaller asks for access to the user’s phonebook. All of the user’s contacts are extracted once they browse the phonebook. Your name might be in the list of contacts even if you haven’t downloaded or signed up for Truecaller in the first place. Your information is now in their database even though you didn’t expressly consent to any of this. You were included in someone else’s contact list, which is how it all came to pass. Furthermore, the person who installed Truecaller accidentally compromised your right to privacy.

You might wonder how Google’s Play Store could enable such a flagrant privacy infringement.

It doesn’t, though, in the absence of specific consent, it prohibits an app from publishing a user’s contact information in its entirety. Therefore, Truecaller uses a few deceptive techniques.

First off, it has agreements with phone manufacturers in place that have the software pre-installed on Android phone sets. Furthermore, it encourages individuals to sign up via web browsers. It is able to get around the Play Store rules in each of these situations.

The final outcome? It only has 300 million active users per month, but it has an incredible 5.7 billion contacts in its database! 

However, it’s not the only issue. A few years ago, Europe implemented the General Data Protection Regulation (GDPR). It is a group of laws created to protect people’s privacy. For the sake of argument, let’s say a user from France signed up and permitted Truecaller access to their contact list. Truecaller would be unable to scrape the phonebook and add names and numbers to its database because the GDPR restricts such acts.

However, Truecaller made the decision to develop a workaround. In some senses, it became a “Indian” firm and transferred all of its data centers to India in order to get around GDPR. After all, India doesn’t currently have a law governing the protection of personal data. They can contend that Indian users are not covered by the GDPR. Viceroy Research, however, disagrees. They contend that despite transferring their data centers to India, the GDPR applies to all of their users, including Indian users.

Truecaller occasionally conducts business in a manner that is not Indian. Viceroy Research further asserts that Truecaller is treated as a Swedish firm for taxation purposes (because India has a higher corporate tax rate). It only gets worse. The Caravan conducted an inquiry of Truecaller’s corporate procedures a few months ago. It made note of the fact that anytime a mobile phone came pre-installed with Truecaller, a function dubbed “Enhanced Search” was automatically checked.

Your contacts are securely shared with Truecaller by enabling Enhanced Search, according to the company’s own words. Users’ names, phone numbers, email addresses, and other information were all immediately shared with Truecaller as a result. In response, Truecaller stated, that this is completely untrue and that Regardless of where the program was downloaded from, Enhanced Search is never auto-checked and is only enabled with the user’s agreement.

Although, that is untrue. Viceroy Research looked into this issue and discovered that, up until September 28th, new members in India had this functionality automatically checked on the signup screen.

Here’s another item that The Caravan discovered-your phone book is accessible to Truecaller. But it also has access to your SMS inbox. In your mailbox, you could discover notifications of bank transactions. Furthermore, it is asserted that Truecaller developed financial profiles using this data. When Caravan visited with them, one of their former employees said the following:

“The Truecaller program can create a thorough financial picture of you because it has access to your SMS function, in addition to tracking your calls, their duration, and your most and least favorite contacts, according to the former employee. They affirmed that the business’s algorithm is capable of reading text message content. The Truecaller software can identify personal, important (bank OTPs and transactions), and spam messages from its registered user’s thanks to a special feature called “SMS categorizer.” They said that this capability might enable the app to deliver loan offers to users when their bank balance falls below a certain threshold. For registered consumers, Truecaller already offers an easy short-term credit option of up to Rs 5 lakh. The business has financial ties to businesses that provide personal loans, like Whizdm Innovations.”

Now that Truecaller has refuted these charges, it would be interesting to see if the company goes above and above to reassure users given the serious accusations made in the Viceroy report.