Through sharing User data with 3rd parties without any notification or permission from end-users, SafeBoda gradually operates on the opposite side of Section 7 of the Data Protection and Privacy Act of Uganda.
Notably, SafeBoda uses a Facebook-owned System developed kit (SDK) which allows the Social media giant to routinely collect information about clients using the SafeBoda App.
Luckily, SafeBoda managed to fix the flaw by removing Facebook trackers from its App source code, But then introduced even more data sharing trackers in replacement.
Two trackers, Clever Trap and Amplitude still solicit user data from the SafeBoda App without user consent once the App processes are launched.
Basing on these two trackers, and the historical use of Facebook trackers, Unwanted Witness Uganda shared its backdoor concerns with the SafeBoda team and received a response on why the Boda hailing Wing continues to use the Clever Tap in particular.
Clever Tap is a US-based mobile marketing company headquartered in Mountain View California and provides mobile App analytics together with user engagement products to over 800 companies worldwide.
Given the fact that CleverTap is not only an external tracker, but also has data-sharing allegations tamed to its brand name. Unwanted Witness went ahead to publish a list of recommendations SafeBoda can consider to stop user data sharing through App trackers:
- Safeboda was advised to offer users a genuine choice to consent to the processing of their data for marketing and analytics purposes, including via third parties like CleverTapthat may act as processors. Bundling consent negates users’ choice.
But if the Boda hailing firm has been sharing user data to external services as revealed, the company will have to route through legal battles in countries where it operates, and Uganda as it’s base zone.