SIC opens investigation against Avianca for alleged violation of the personal data protection regime
The Superintendence of Industry and Commerce, in its role as the National Authority of Personal Data Protection, opened an investigation against the company AVIANCA, owner of the Android application "AVIANCA", after evidencing, preliminarily, that through such application personal data is collected using mechanisms considered illegitimate since, without the express, prior and informed authorization of the users of the application, and without informing the specific purposes, such information should not be collected and processed.
The SIC determined that the Android application "AVIANCA” uses technologies to profile citizens, including real-time geolocation, and the inadvertent activation of device permissions that allows AVIANCA to access the device's contact agenda, camera, GPS, reading and writing of the device's external memory, among others features that are considered dangerous, and also violates the duties contained in Law 1581 of 2012.
The opening of the investigation is based on the technical forensic report made ex officio by the SIC on the Avianca application in its version 7.0.15 for Google's Android operating system.
If a violation of the Personal Data Protection Regime is proven, the aforementioned company could be sanctioned with fines up to 2,000 S.M.L.V. and/or the suspension of personal data processing activities or the immediate and definitive closure of the operation involving the processing of sensitive data.