Singapore investigating claims Muslim app developer sold user data to US military

Singapore is investigating claims that local-based cell app, Muslim Professional, has bought “granular location information” to the USA army. Clocking greater than 98.five million downloads international, the preferred prayer monitoring app has denied the allegations, announcing it stocks handiest anonymised information with its companions.

The Private Information Coverage Fee (PDPC) showed it was once making an investment the allegations and had requested for more info from the developer of Muslim Professional, Bitsmedia. The regulator advised native media: “We remind customers to additionally have in mind of the kind of permissions and private information they supply and the way it can be used. If doubtful, customers must now not obtain or use any utility.”

Based in 2009, the Singapore-based Bitsmedia has places of work in Malaysia and Indonesia. Its Muslim Professional app tracks prayer occasions and presentations the course to Mecca, among different options, and has been downloaded through customers throughout 200 international locations, consistent with its web page. 

Previous this week, the app was once reported to have bought granular location information to X-Mode, a US third-party information aggregator that sells its services and products to shoppers, which had integrated US defence contractors. US-Canadian information outlet Vice Media broke the inside track in its document, mentioning that Muslim Professional was once among different cell apps that had bought information to the USA army and that had integrated timestamps, telephone type main points, and the title of the Wi-Fi community to which the telephone was once hooked up. 

Bitsmedia has denied the allegations, publishing two statements on Tuesday and Thursday and disregarding the document as “fallacious and unfaithful”. 

Noting that it was once in compliance with international information privateness rules and rules such because the EU’s GDPR (Normal Information Coverage Legislation) and California Client Privateness Act (CCPA), Bitsmedia stated it “acquire, procedure, and use data” that its customers made to be had to the developer when gaining access to its app to “reinforce our provider” and facilitate “analysis and building”  (R&D) paintings for its app. 

It stated this may come with analysing information to raised perceive consumer behaviours, so it would “reinforce the total capability” of its provider. It added that location information was once used for prayer occasions calculation and facilitated making plans and designing options, in addition to for making improvements to the total consumer enjoy.

Whilst it had refuted Vice Media’s claims, Bitsmedia stated it had terminated all relationships with its information companions, together with X-Mode, “efficient right away”.

It stated it collaborated with “decided on era companions” to reinforce the standard of its app and shared information with its companions for “not unusual functions equivalent to promoting”, which it famous was once its primary income. It stated it did so “in complete compliance” with all related rules and carried out “strict information governance coverage” to safeguard its customers’ information. 

In keeping with the app developer, it labored with 1/3 events equivalent to social media networks and information analytics firms, and shared information with the consent of its customers.

Must or not it’s discovered to have breached Singapore’s Private Information Coverage Act (PDPA), Bitsmedia may just face monetary consequences of as much as 10% of its annual turnover or SG$1 million ($735,490), whichever was once upper. 

Singapore simply this month up to date the information coverage regulation to permit native companies to make use of client information with out prior consent for some functions, equivalent to industry development and analysis. The amendments additionally allowed for harsher monetary consequences to be meted out for information breaches, above the former cap of SG$1 million. 

In his speech discussing the amendments, Singapore’s Communications and Knowledge Minister S. Iswaran stated information was once a key financial asset within the virtual economic system because it supplies precious insights that tell companies and generate efficiencies. It additionally would empower innovation and fortify merchandise, and be a vital useful resource for rising applied sciences equivalent to synthetic intelligence (AI) that hang transformative possible, Iswaran stated. 

Among the important thing adjustments within the PDPA is the “exceptions to the consent” requirement, which now permits companies to make use of, acquire, and divulge information for “legit functions”, industry development, and a much wider scope of study and building. Along with present consent exceptions that come with for the needs of investigations and responding to emergencies, those additionally now come with efforts to struggle fraud, fortify services, and perform marketplace analysis to know possible client segments. 

As well as, additional amendments outlined underneath “deemed consent” to PDPA will now allow organisations to proportion information with exterior contractors for the aim of enjoyable buyer contracts. This caters to “trendy industrial preparations” and crucial functions together with safety.

Companies will even have the ability to use information with out consent to facilitate R&D that may now not but be marked for productisation. All different functions outdoor of “deemed” and “exceptions” to consent, equivalent to direct advertising messages, will nonetheless require prior consent from customers. 

The PDPC final 12 months investigated 185 instances involving information breaches and issued 58 choices. It ordered 39 organisations to pay SG$1.7 million in consequences, together with the perfect fines of SG$750,000 and SG$250,000, that have been meted out to Built-in Well being Knowledge Methods and Singapore Well being Services and products, respectively. 


Leave a Reply

Your email address will not be published. Required fields are marked *