Colombia's Rappi targeted in Brazilian preliminary probe into improper use of clients’ data
10 Jan 2020 12:44 pm by Ana Paula Candil
The Brazil unit of Colombian on-demand delivery startup Rappi has been targeted in a Brazilian preliminary probe into its use of clients' data to analyze purchasing trends, according to a document seen by MLex.
In a short document dated Jan. 8, the national consumer protection agency asked Rappi Brasil Intermediacao de Negocios whether and how it obtains users' consent before using their data. Rappi has 10 days to respond.
The probe is being led by the Department of Consumer Defense and Protection (DPDC) from the National Consumer Secretariat, or Senacon — an agency of the Ministry of Justice. Senacon's DPDC opened the preliminary probe following a Jan. 6 Reuters report that "Rappi doesn't transfer individual customer data to merchants linked to its system but just looks at buying trends."
Questions from the DPDC to Rappi include whether the company obtains consumers' consent to process their data and, if so, for what purpose is the data is processed. The DPCD also asked how exactly users' consent is obtained.
The DPDC also asked Rappi to demonstrate that its user-consent process conforms with Brazil's Internet Bill and the Consumer Defense Act, and whether and for what purpose Rappi provides consumer data to any other entity.
Rappi didn't respond to MLex's request for comment.
Connecticut, New York, Florida and other US states are investigating whether Zoom, the videoconferencing platform that’s exploded in popularity during the Covid-19 pandemic, has violated any laws by failing to protect users’ privacy and secure its systems, the Connecticut attorney general announced.
02 Apr 2020 12:31 pm by Dave PereraEquifax faces a bill of slightly more than $2 billion to settle consumer complaints stemming from the credit reporting agency’s massive 2017 data breach.
01 Apr 2020 6:22 pm by Vesela GladichevaA landmark UK ruling freed Wm Morrison Supermarkets from indirect liability for a rogue employee's data leak — but still leaves the door open for future litigation targeting companies over accidental data disclosures by employees.