Centre for Internet & Society

With hotel-booking app routinely sharing real-time guest data with police and government, lives of those fleeing persecution is in danger, privacy advocates fear.

The article by Tini Sara Anien was published in Deccan Herald on January 17, 2019. Aayush Rathi was quoted.


Oyo Rooms, the online hotel room booking service, has been receiving brickbats since it disclosed this week that it was sharing real-time data of guests with the police and the government.

Internet and legal experts in Bengaluru say it is a breach of informational privacy, granted as a fundamental right by the Constitution. Couples running away from hostile families and individuals escaping religious and political persecution are at huge risk if their whereabouts are shared, they say.

Aayush Rathi, policy officer with Centre for Internet and Society, finds the sharing of live guest data disturbing.

“Hotels have always maintained records. Earlier, when information from hotels was needed, a specific query had to be raised by law enforcement, pursuant to an ongoing case. The registry represents a significant departure by facilitating the collection of this data by law enforcement without cause,” he says.

He also rues the lack of transparency about what the government will do with such data.

“The government is already collecting a lot of data and has little direction on what to do with it. There is no clarity on how this information will be used and protected. The government might say it is necessary for security, a very broad umbrella term, but in the absence of regulations, the data can be used for purposes little to do with security,” says Rathi.

The service had initially marketed itself as a couple-friendly service, while across the country, unmarried, inter-faith couples face various challenges finding a room. “This targeting could get even more enhanced,” he fears.

Recently, passport details were leaked from a popular hotel chain. The leaked data from hotel bookings can be used for multifarious purposes, ranging from selling to potential advertisers to identity theft,” Rathi says.

Lawyer-researcher Nayantara Ranganathan, from the Internet Democracy Project, says the argument that sharing data improves privacy is “absolutely disingenuous.”

“Sharing all guest records in real-time to state governments and law enforcement is shocking and most definitely a breach of privacy,” she says.

With the state getting access to such information with the promise of preventive policing, there is no telling how data is going to be used, she says.

She finds it bizarre that a private company is proactively sharing data, especially at a time when companies are “waking up to the fact that their consumers value their privacy.”

Why it endangers lives

Vinay Sreenivasa, lawyer and member of Alternative Law Forum, says providing access to such information is ‘criminal.’ “A couple could be running away from moral policing after an inter-caste marriage and people might be tracking them, or someone might be going through a divorce and just need some privacy. There could be several reasons why one seeks a room and such data could put lives at risk,” he says.

The Supreme Court has clearly stated one’s data is one’s own and consent has to be taken when any personal information is used. The government has no business accessing such information, he says.