Marking the date of 7th April 2023 as a milestone, Google announced an impending update to its Personal Loan policy, slated to be implemented from 31st May 2023.
A sneak peek into the Financial Services Policy ("Google Policy") shared by Google reveals that permissions for storage, images, contacts, location, numbers, and videos will be strictly prohibited.
In this intricate web, it's worth mentioning that the Digital Lending Guidelines advocate for a one-time access provision for certain mobile features like camera, location, microphone, etc., by personal loan apps, solely for the purpose of customer onboarding and KYC verification. Whether the prohibition on accessing location and images, as stated in the Google Policy, will align with these KYC requirements remains to be seen, pending the detailed release of the Google Policy.
Furthermore, it's our observation that while curbing automatic access to contacts, location, and media files is indeed in the best interest of safeguarding customer privacy, a complete restriction on accessing these mobile features may inadvertently impede the customer's right to utilize their own data and the overall loan journey experience. Customers may desire to grant selective access to certain media files, locations, and other features on a case-by-case basis, as and when needed and with proper consent. For instance, envision a scenario where a customer may want to upload or provide access to a specific screenshot to seek redressal for a grievance or facilitate a resolution. An absolute prohibition on such access, which disables customer choice altogether, can be seen as contravening the customer's right to their own data. Thus, the balance lies in finding a middle ground between the extremes of automatic access and absolute prohibition. Hence, it is hoped that the Google Policy will adopt a more customer-centric approach that safeguards customer choice while upholding privacy.
A notable aside is that the country-specific guidelines for Pakistan under the Google Policy allow only regulated entities, specifically NBFCs, to register a lending app and limit each NBFC to a single lending app. In contrast, the Google Policy for India continues to enable lending apps from both regulated and unregulated entities, with a requirement for the latter to declare that the app merely acts as a platform for facilitating money lending by the NBFC/bank to the customers. This approach aligns with the prevailing digital lending market landscape in India, where fintech companies act as the customer interface while the regulated entity operates in the background to provide financial support. However, considering the RBI's persistent concerns about the role of unregulated entities in digital lending, it's conceivable that additional guardrails may be introduced to monitor digital apps provided by unregulated entities.
For further information, the Google Policy can be accessed at this link:
https://support.google.com/googleplay/android-developer/answer/13161491?sjid=12648838417992518419-AP
