People line up to buy Telenor SIM cards in Yangon in October 2014, just after the company launched in Myanmar (AFP)

Telenor sale challenged over data leak fears


The proposed sale of Norwegian telecoms giant Telenor’s Myanmar subsidiary could put sensitive personal data of millions of customers into the hands of the junta, according to a complaint filed on Tuesday.

Myanmar has been in chaos since a coup last year sparked huge protests and a bloody military crackdown on dissent.

Telenor announced in July that it planned to sell its subsidiary Telenor Myanmar and later cited junta demands that it install monitoring equipment on the network as a reason for leaving the country. 

A proposed sale to Lebanese financial company M1 Group and a consortium headed by a figure close to the ruling junta has been approved by the military, according to local media reports.

But a Myanmar citizen has filed a complaint with Norway’s Data Protection Authority, arguing the sale would result in a “dangerous transfer of control over sensitive user data” of more than 18 million Telenor customers.

Any sale would breach European Union privacy rules (GDPR), the complaint argues, asking the body to investigate and ensure any sale would not infringe the data rights of those affected.

The complaint claims customers’ names, addresses, phone numbers, national registration card details, messages and call histories are held by Telenor.

Activist groups say any new owner could comply with future requests from the junta to provide cellphone data.

In Oslo, the parent company Telenor, which is majority-owned by the Norwegian state, argued that the Myanmar authorities require operators to keep this data “for several years” and that deleting it would be “in breach of the telecoms licence, which is a prerequisite to run telecoms operations in the country”. 

“Violating or not complying with local regulations under the existing legal framework would have severe and completely unacceptable consequences for our employees,” Gry Rohde Nordhus, Head of Telenor communications, told AFP.

Nordhus added that since Telenor did not “exert any control on the handling of customer data by Telenor Myanmar,” GDPR did not apply to customer data there.  

The Norwegian Data Protection Authority also confirmed it had received the complaint.

“We examine all complaints that we receive as a general rule, and will therefore open a case based on the information we have received,” spokeswoman Guro Skaltveit wrote in an email to AFP. 

Telenor – part-owned by the Norwegian government – has had a commercial presence in Myanmar since 2014.

In July, 474 civil society groups in the country called Telenor’s decision to pull out irresponsible, saying it had not sufficiently considered the impact of the move on human rights.

More than 1,500 people have been killed by security forces and over 11,000 arrested since the coup, according to the Assistance Association for Political Prisoners.

More stories

Latest Issue

Stories in this issue
Myanmar enters 2021 with more friends than foes
The early delivery of vaccines is one of the many boons of the country’s geopolitics, but to really take advantage, Myanmar must bury the legacy of its isolationist past.
Will the Kayin BGF go quietly?
The Kayin State Border Guard Force has come under intense pressure from the Tatmadaw over its extensive, controversial business interests and there’s concern the ultimatum could trigger fresh hostilities in one of the country’s most war-torn areas.

Support our independent journalism and get exclusive behind-the-scenes content and analysis

Stay on top of Myanmar current affairs with our Daily Briefing and Media Monitor newsletters.

Sign up for our Frontier Fridays newsletter. It’s a free weekly round-up featuring the most important events shaping Myanmar