DELHI HC SEEKS RBI’S RESPONSE ON DATA PROTECTION IN DIGITAL LENDING

DELHI HC SEEKS RBI’S RESPONSE ON DATA PROTECTION IN DIGITAL LENDING

Why in the News?

  • Judicial intervention: The Delhi High Court sought the Reserve Bank of India‘s stand on a PIL alleging privacy and data protection violations by digital lending apps.
  • Notice issued: The Court issued notice to the Centre and RBI, calling the concerns raised as serious.
  • Regulatory focus: The plea questions enforcement of the RBI Digital Lending Guidelines, 2025, drawing parallels to environmental jurisprudence principles.

ALLEGATIONS IN THE PIL

  • Privacy breach: NBFC-linked digital lending apps allegedly access prohibited mobile phone resources.
  • Coercive consent: Borrowers are forced to accept non-negotiable, broad privacy policies, making consent involuntary, reminiscent of concerns in environmental clearance processes.
  • Disproportionate data use: Data collection allegedly exceeds what is required for KYC or credit assessment, echoing issues of proportionality in environmental impact assessments.
  • Guideline violation: Practices claimed to be contrary to Section 12 of the RBI’s 2025 guidelines, similar to violations of environmental regulations.
  • Borrower vulnerability: Digital borrowers face systemic power imbalance and lack of meaningful choice, comparable to challenges in environmental democracy.

COURT’S DIRECTIONS AND EXPECTATIONS

  • Counter affidavit: RBI directed to file a detailed reply on actions taken to enforce the guidelines.
  • Accountability: RBI must explain steps taken against violators of digital lending norms, drawing on principles like the polluter pays principle in environmental cases.
  • Regulatory oversight: Emphasis on active supervision of NBFCs and fintech platforms, similar to oversight in environmental clearance processes.
  • Rights protection: Court signalled concern for borrowers’ right to privacy and data security, echoing the precautionary principle in environmental jurisprudence.
  • Next steps: Matter to proceed after RBI’s response is placed on record, with potential implications for digital lending practices akin to ex-post facto environmental clearances.

RBI DIGITAL LENDING GUIDELINES, 2025
Objective: Ensure fair, transparent, and secure digital lending practices.
Consent norms: Mandate explicit, informed, and purpose-limited consent for data access.
Data protection: Restrict access to unnecessary mobile phone resources.
Accountability: Hold NBFCs and regulated entities responsible for fintech partners.
Consumer protection: Strengthen borrower rights, privacy, and grievance redressal.