Data complaint filed against plan to sell Telenor Myanmar
A Telenor Myanmar customer has complained to Norway's data protection authority that a planned sale of the business risks a potentially dangerous breach of privacy
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.A customer of Telenor's Myanmar telecommunications business has filed a complaint with Norway’s data protection authority, saying the company's plan to sell the business risks a potentially dangerous breach of privacy, the law firm representing the person said.
After the military ousted Myanmar’s elected government last year, Norway-based Telenor Group announced it would sell its business there to the M1 Group, a Lebanese-based investment firm. It also wrote off the value of the business. Final details of the sale remain unclear.
The complaint filed Monday on behalf of a Myanmar resident, whose name was withheld to protect them from reprisals, contends that such a sale could result in “the dangerous transfer of control over sensitive user data," according to a copy provided by the law firm, SANDS Advokatfirma DA.
The complaint to the Norwegian Data Protection Authority asks it to investigate and ensure the sale will not infringe on the data rights of those affected.
The Feb. 1, 2021, military takeover has provoked a wide public disobedience movement and peaceful protests that security forces have quashed with increasing violence. More than 1,500 civilians have died, according to the Assistance Association for Political Prisoners.
In January, Telenor announced the sale of its fintech company Wave Money to its main partner in the venture, Yoma Strategic Holdings. The sale of Telenor Myanmar is expected to be finalized soon, with M1 acquiring a local partner. Critics of the military leadership say they fear the local partner would be unlikely to resist army requests for information on people suspected of opposing the coup.
The case involves issues of cross-border protection of privacy that have bedeviled other technology and telecoms companies. Telenor Myanmar is subject to Myanmar laws requiring data to be stored for at least five years. But as a member of the European Economic Area Norway has pledged compliance with more stringent European standards for protection of privacy.
Telenor, a major provider of mobile telecoms in Myanmar after having helped build the system nearly from scratch, has said the deteriorating conditions there have made it impossible to abide by international human rights standards, citing that as a reason for selling off the business.
Telenor did not respond to requests for comment and for an update on the status of its plan to sell the company.
On its website, the company says its foreign subsidiaries are required to follow local laws, not European standards. But it also says it has set “minimum requirements” for handling data.
The complaint filed Monday says data held by Telenor include the name, address, phone number, ID number, messages and call records of its customers. The company that buys Telenor Myanmar’s telecoms business would not be subject to the same level of privacy protections as Telenor, the complaint says.
That includes providing internal controls to ensure compliance with private protection rules, transparency about how data is handled, training for employees and measures to address breaches of privacy, it says.
The complaint follows a request made in July for mediation with Telenor over data protection concerns. It was filed by the Netherlands-based Centre for Research on Multinational Corporations, or SOMO, on behalf of 474 Myanmar-based civil society groups. According to SOMO, Norway's “Contact Point" for enforcing data protections accepted the request but the issue was not resolved.