Impact of the NaMo app is much more than that of the INC app: Experts

The Bharatiya Janata Party (BJP) and Congress spent the whole of Monday exchanging barbs over whose app accumulated more public data and stowed it away either at US- or Singapore-based data centres. 

Technology experts believe that while the data accumulated by the INC App, run by the Congress, might have accumulated some data on its users, the damage done by NaMo app might be far more, considering the sheer number of downloads (five million to date), as well as the past history of risk owing to its in-app security features or the lack of them. Problems in the in-app security in the NaMo app were in fact flagged back in 2015. Also, allegedly not asking for the user’s consent before changing the terms and conditions was another thing industry experts believed was a dangerous trend.

Problems with NaMo app

As allegations of details of NaMo app users being stored with a US-based company cropped up, sources close to the information technology (IT) cell of the BJP said every single byte was kept at data centres in India. “It is an app for Indians, created by a national party. Those who are taking uneducated guesses should know that none of the data is being kept abroad,” a person with the party’s IT cell said.

However, industry experts are worried about bigger problems with the app, which the people behind it were informed about as early as 2015. From major gaps in the security of the app that could lead to a hacker getting hold of passwords users, to modifying the mandatory privacy policy without informing anyone, experts raised a lot of concerns about the NaMo app.

“It earlier said that your information would not be shared with any third party; now it says information may be shared with third parties. This change happened after the tweets came out. No one was informed of these changes. Also, there was no apology for the data breach that happened either,” said Pranesh Prakash, policy director at think tank The Centre for Internet & Society (CIS). The data being collected by the app as of a few days ago and the privacy policy that it was linked to was not in confluence with one another. Rather than changing how the data is handled, they changed the privacy policy, without notifying users, security experts said. In 2015, security experts had informed people behind the NaMo app about the data being susceptible. While the breach was fixed, experts said none of the users were asked to change their passwords, The Ken reported in December 2016.

War of words, between BJP and Congress

The BJP on Monday described Rahul Gandhi’s accusation of “data theft” against Prime Minister Narendra Modi as “a classic case of technological illiteracy” and said the Congress president was rattled after his plan to influence the next Lok Sabha election with the help of Cambridge Analytica was “exposed”.

A host of BJP leaders reacted with sarcasm and strong criticism following the Gandhi’s attack on Modi, with Union minister Smriti Irani mocking him, saying that even ‘Chhota Bheem’, a cartoon character, knows that commonly asked permission on apps was not “tantamount to snooping”.  At a press conference, BJP spokesperson Sambit Patra lashed out at Gandhi, saying such kind of technological illiteracy had rarely been seen in Indian politics.  He said Gandhi could tweet tomorrow that Modi and the BJP were connected to electronic voting machines through the NaMo app and they have been winning election after election because they have hacked it. The Congress on Monday questioned how safe people's money and their personal information were under the BJP-led government in the wake of a string of bank frauds and allegations related to data theft. “It is an attempt like Bigg Boss of spying on Indians. Modiji is attacking the privacy. It is a data leak government,” senior Congress leader Abhishek Manu Singhvi told reporters.