American Express (Amex) has put on hold its plan to share customer data with National E-Governance Services Limited (NeSL), the company said in an email sent to one of its customers.
Earlier on March 1, Amex emailed its credit-card holders that it will be sharing financial information about their card accounts with NeSL starting April 2022. Amex cited a 2017 RBI circular as the reason for this decision, but cardholders and other experts raised concerns about the legality of this data-sharing mandate by RBI, as well as the privacy implications of such data sharing and the precedence it sets for future sharing of financial information of Indian citizens.
Reacting to Amex’s decision to backtrack, Srikanth Lakshmanan of Cashless Consumer Collective, tweeted:
“Small victories for keeping our eyes open. We need more watchful eyes to #SaveOurPrivacy”
Lakshmanan had earlier criticised Amex’s decision to share data with NeSL for going against the Credit Information Companies (Regulation) Act, 2005, and for taking place without any law backing it.
Why has Amex put the data sharing on hold?
In the email dated April 2 and sent to Amex cardholder Vasundhar, Amex said:
“As per matter highlighted we previously advised you that we would begin reporting your Card account information to NeSL in April 2022. This has been postponed while we are in discussion with RBI on the same. We would like to apprise that our actions are strictly based on regulatory directions received by the Bank. The security of your data is of utmost importance to American Express and we ensure that the data is not shared with any unauthorized entity. We trust this clarifies your concerns.” (emphasis ours)
Multiple Amex customers who spoke with MediaNama earlier in March had raised concerns about the proposed data sharing. Vinayak Hedge, an Amex cardholder who first flagged the issue on Twitter, said that the sharing appears “to be a wrong interpretation of the law and/or bureaucratic overreach. Sharing personal credit card spend information with govt agencies without consent.” Speaking with MediaNama, Hegde laid out the following key concerns:
- No-opt out from this sharing
- Not obvious how much data will be shared
- No idea how the data is kept by NeSL and if there is any purpose limitation
- No clarity on the purpose of sharing of data of individuals under laws meant for corporate insolvency
“I just bought a credit card and there was nowhere in the contract that this data will be reported. My only option now is to cancel. But then I have subscriptions and other things on that card and it’s a headache to get new cards. It also affects your CIBIL score, a three-digit numeric summary of your credit history. So again, there is some amount of lock-in, for lack of better word. Not exactly lock-in, but something similar. There is some friction.” – Vinayak Hedge
It appears that concerns such as those posed by Hegde might have led Amex to change its mind. Amex is, however, yet to notify all its customers of this development.
MediaNama has reached out to Amex seeking a more detailed explanation for its decision, as well as its discussions with RBI, and will update this post once we receive it.
- RBI Blocks American Express And Diners Club From On-Boarding New Customers
- NeSL Receives Final Approval To Become India’s First Information Utility
- Exclusive: Visa, MobiKwik And 17 Other Payment Operators Did Not Submit RBI-Mandated Audit Report
- RBI Allows Diners Club To Start Reissuing Credit Cards In India, Mastercard And Amex Continue To Be Barred
Have something to add? Post your comment and gift someone a MediaNama subscription.