Govt. Says Airtel Injected Scripts In Browsers To Improve ‘Customer Experience’; Assures No Misuse of Users’ Data


Browser Code injection

Either the Govt. of India is too naive to believe whatever telecom operators are saying about the user’s data snooping or the customers are being fooled here.

Telecom Minister Ravi Shankar Prasad has said that Airtel is injecting scripts into users’ browsers to improve customer experience and has denied all allegations of unethical data capturing and forced pop-us ads.

Independent MP from Bangalore Rajeev Chandrasekhar raised a question regarding allegations that Airtel is injecting scripts & codes into user’s browsers. We had reported this incidence in June, when Thejesh, an InfoActivist and Programmer found Java scripts originating from Airtel’s servers in his own browser.

Later, Thejesh was issued legal notice by Flash Networks, the 3rd party firm whose code was found in the browsers, originating from Airtel’s servers. Thejesh later demanded apology from Flash Networks on this issue.

In reply to this question, Telecom Minister Ravi Shankar Prasad said, “It has been done solely with the object of improving customer experience and empowering customers to manage their data usage through suitable timely prompts in terms of volume of data used. Such solutions are already deployed and continue to be deployed by operators globally to enhance information, customer service and experience. Further, Bharti Airtel Limited has denied the allegations.”

Minister further said that as part of licensing agreements, all telecom players “shall take all necessary steps to safeguard the privacy and confidentiality of any information about a third party and its business to whom it provides the Service and from whom it has acquired such information by virtue of the Service provided”

Hence, it seems that the Govt. has taken Airtel’s explanation on a face value, and believed their logic of putting unauthorized code, without users’ authentication. Additionally, considering that the script and iframes are originating at a third party’s website, Flash Networks, the issue becomes more severe.

Government Can Intercept Any Message Anywhere

Responding to the question of Govt. legislation and laws regarding collecting consumer’s private information, Minister Prasad said that under provisions of section 5(2) of Indian Telegraph Act, 1885, Indian Govt. can intercept and listen to any communication happening anywhere in the country (subjected to stipulated cases); with or without users’ consent and approval.

The reply stated that more detailed information can be gathered from the documents pertaining to Rule 419A of Indian Telegraph Rules, 1951.

However, service providers are mandated to protect any unlawful access to such intercepted communication data, and in case of any breach of trust, then that service provider would be held accountable. In case any employee(s) is found guilty of having unauthorized access to such data, then suitable legal action would be initiated against them as well.

Hence, on one hand Govt. is trusting and believing what Airtel’s justification regarding such forceful insertion of codes and scripts; on the other hand, they are assuring that every user data collected is safe in their hands.

The issue is not only about data safety here, but also about users’ privacy rights related with usage of a service. Not only Airtel, but Vodafone and MTNL were also found to insert codes and scripts directly into users’ browsers, without any clear mandate on it’s usage. In case ‘improving customer experience’ is the sole objective, then why there has been no process to take users’ consent and approval?

Lots of questions and very few answers on this issue.

We will keep you updated as more information comes in.


1 Comment
  1. Aditya says

    Is this really governments role? How can the government can assure us airtel won’t use it for anything else? The users are witness the popup ads, just because airtel denies them doesn’t mean they don’t exist. Infact it makes it a bigger issue as then the pop ups are a result of man in the middle attack, which can be a result of this data snooping through injecting scripts.

    Governments definition of experts is basically ass kissing idiots.

Leave A Reply

Your email address will not be published.

who's online