Hit wicket: Sachin Tendulkar just set off a privacy disaster on Twitter

Jayadevan PK July 10, 2017

Update: After the publication of this article and backlash on social media, Sachin Tendulkar has deleted the Tweet.

As part of a promotional campaign, Sachin Tendulkar tweeted on Monday: “Have friends with many excuses to not get fit? Tag them using #NoExcuses with their cities & mobile no & I may call to give them a pep talk!”

Replying to his tweet, many people started started sharing the mobile numbers of their friends on the thread.

The problem is that these numbers are being shared on a public platform and anyone can mine them. Australian security expert Troy Hunt called this out saying: How do you mine troves of phone numbers from Indians? Get a famous cricketer to politely ask people to dox their friends! #NoExcuses

With over 17 million followers, Tendulkar is one the most-followed sports stars on Twitter. Clearly, not many understand the implications of sharing their phone numbers on a public platform.

The perils of doing this are obvious — user details shared on Twitter are public forever, and can easily be scraped from a hashtag or thread, and sold on the darkweb to spammers, and identity thieves.

“Phone numbers are personal data, which is frequently used for identity verification. It’s also used for tracking, spam and other purposes, which means it’s unwise to broadcast en masse,” said Troy Hunt on Twitter DM to FactorDaily. “In this situation, Sachin is asking people to share other people’s numbers publicly without their consent, which is a violation of their privacy,” he added.

Phone numbers are personal data which is frequently used for identity verification. It’s also used for tracking, spam and other purposes which mean it’s unwise to broadcast en masse” — Troy Hunt, Australian security expert

In today’s age, is it too much to expect our sporting greats to be savvy about maintaining digital hygiene and not exposing personal data to the public?

We’ve reached out to IDBI Federal Life Insurance for a comment on this unfortunate lapse of judgement when conceiving of this marketing campaign, and will update this story when we hear from them.

Take for example, this fake Whatsapp website that harvests names and phone numbers under the promise of using ‘Free WhatsApp using the internet’. Aditya Kshirsagar, communications manager at NFN Labs published a post highlighting the phishing scam in May this year. No takedowns have been made on the domain, despite attempts by us to notify Facebook about it.

As we’d pointed out in this opinion piece earlier, data protection laws are non-existent in India and there are entities out there which make it their business to mine phone numbers and sell it to marketers.

Lead image: SportzWiki