Yango, a ride-hailing, delivery, and e-grocery service operating in Europe, Africa, the Middle East, and South America, is at the center of a significant privacy concern. Users of Yango in these regions, especially within the European Economic Area (EEA), must be cognizant of potential risks to their personal data.
Yango’s Operations and Data Transmission
Yango provides diverse services via a mobile app, including taxi rides and grocery deliveries. Recent revelations by Norway’s Data Protection Authority (Datatilsynet) have exposed that Yango’s processing of personal information, such as location, pickup points, and destinations, may be transferred to Russia. A new Russian law, set to take effect on September 1st, could grant Russian security agencies continuous remote access to this data.
Warning Against Data Transmission
Transferring personal information outside the EEA is strictly regulated. Datatilsynet’s preliminary assessment is that Yango must ensure that European customers’ data are not sent to or made available to Russian authorities. Yango has received a preliminary notice that the agency will prohibit any transfer of personal data to Russia, a letter prepared in collaboration with the Finnish data protection agency.
Reflecting on the current security situation, Section Chief Tobias Judin noted,
“It is easy to imagine that Russia could use this data against us in unforeseen ways. Where and when we travel can reveal a lot about our private lives. The information could, for example, be used to monitor, blackmail, or smear individuals in leading societal roles.”
Yango has until August 14th to respond to the matter. Datatilsynet will make a decision before the new Russian law comes into effect.
Protecting Your Privacy
If you are a Yango user in the affected regions, it is paramount to be conscious of these potential risks to your privacy. Review Yango’s privacy policies, understand what data is being collected, and make informed decisions about your continued use of the app based on this knowledge.
Implications
This situation underscores the complex intersection between data privacy, national security, and international business operations. It also serves as a reminder of the ongoing debate regarding regulating and managing personal data across borders. In a world where personal data traverses national boundaries with ease, vigilance in understanding where this data goes and who may have access to it is a necessity.
For the full details on this matter, please refer to the original article on Datatilsynet’s website: Datatilsynet Griper Inn Mot Yango’s Overføring Av Personopplysninger Til Russland.
Featured image by Midjourney and Jonas Borchgrevink.