In a blatant violation of privacy, HDFC bank has put across a rather weird condition for granting its customers credit cards.
If you are applying for a credit card, the online verification process would require you to give the bank permission to view
- Your email messages
- Settings and permission to view all your contacts
- Basic info like age range and language and other email addresses
The violation came to the fore when a user shared the information on Twitter and called out the bank for disrespecting his privacy, a report first shared by Medianama
Applied for @HDFC_Bank credit card. It sent me a link to “verify” my email address. The verification site needs this access. Yeah right! pic.twitter.com/JeOApLgyek
— N (@coderzombie) January 9, 2017
If it is indeed sent by @HDFC_Bank, how is this even legal? I am not going to allow it. @RBI @nixxin
— N (@coderzombie) January 9, 2017
As it is evident from the tweet, HDFC used a third-party company called Verifi.Me, whose website describes it as a verification service that lets users “prove their identities and fast-track their applications”.
Basically, the company collects a lot of information from a user’s personal email and social media accounts, which can then be accessed by its employees.
As soon as the tweet went viral, many users joined in rebuking the bank for its negligent policy regarding its customers’ privacy
@coderzombie @HDFC_Bank what’s with Read Emails?? That’s unwarranted. The rest of them are okay?
— Ralgha nar Hhallas (@WataShiva) January 10, 2017
@HDFCBank_Cares @HDFC_Bank This is an infringement of an individuals privacy No sane person cn give access 2this personal data #Verifi (3/3)
— aviraj gunjal (@avirajgunjal) July 30, 2016
@coderzombie @HDFC_Bank I had applied too and had a similar link sent. https://t.co/TTZzroUGWl
— Yermal (@yermalr) January 10, 2017
@coderzombie woah. Viewing emails and settings is unacceptable @HDFC_Bank
— Destroy RTE AADHAR (@InternetChandu) January 9, 2017
The same Twitter user also raised a pertinent question about the sorry state of affairs regarding privacy and security laws in India.
It’s not @HDFC_Bank‘s fault either. When the government doesn’t care enough about privacy to create laws, why would a private organization?
— N (@coderzombie) January 10, 2017
Will the government listen?
