As reports pour in of Amazon’s customer care agents asking its users to reveal their Aadhaar number as an identity proof to track lost packages, concerns are being raised over privacy of such data. The move by Amazon, which is a private company, asking a customer to reveal the details of a government-certified document is being questioned by experts.
Experts believe using Aadhaar as identification proof by a private company is not described as one of the five use cases of the card, which include Jan Dhan accounts, pension, and social welfare schemes among others. They further believe that the use of Aadhaar as an identity proof in online retail could create privacy issues, as far as publication of this data and related customer information is concerned.
However before jumping to conclusion, it would be well to understand the issue deeply. An Amazon spokesperson clarified that only in case of lost packages or missing delivery, where a detailed check needs to be done, does the Amazon agent ask the customer to furnish an identity proof.
The spokesperson explained, “In cases needing investigation for wrong or missing delivery, we need to authenticate customer ID as the first step and ask customers to submit a government certified identification proof in those cases. Our understanding is Aadhaar is the most ubiquitous and most widely held identification and is therefore our preferred one. Customer’s identification is a part of the investigation and enables the same, but we will carry out the necessary investigation even without it, though it may sometimes limit our process checks.”
So if a customer is unable to share a government certified identification proof, as a customer centric organization Amazon will continue to process the request based on other details shared by the customer. In case a customer does not have an Aadhaar card, a PAN Card or a passport proof would also suffice.
The spokesperson further added that Amazon continues to look for the most robust practices towards customer support and this process is only done in limited cases where a detailed check is needed for a missing or wrong delivery. In such cases, customers are requested to upload a scanned copy of their identification proof on Amazon.in account which is a secure form of storing information.
Data privacy has become a hot topic of discussion in the country, especially after so many breaches have come to light especially in case of Aadhaar. The security of the Aadhaar system has been brought into question several times. In April 2017, the Aadhaar details of 1.4 Mn registered users were made public on the Jharkhand Directorate of Social Security. These details included sensitive information such as names, addresses, bank account details and Aadhaar numbers. Similarly, in August 2017, a Punjab government entity published the Aadhaar details of 20,100 citizens on its official website. These details include Aadhaar numbers, user names and their father’s name.
In the light of these incidents, it is but obvious that any and everything related to Aadhaar becomes a hot topic of discussion. This week itself, in order to secure digital transactions and address data privacy issues, the government has released a white paper on the data protection framework. As per the paper, a nuanced approach towards data protection will have to be followed in India, bearing in mind the fact that individual privacy is a fundamental right limited by reasonable restrictions. While Amazon’s intentions are just to ensure proper checks in case of missing packages, given that it is sensitive data which is being asked to upload on the private player’s website is what is raising these concerns. Hopefully, after the draft Data Protection bill is in place, these issues would be put to rest.
[The development was first reported by ET]