Law4u - Made in India
Home
Lawyer Signup Download Apps

How to file complaints against unauthorized online data sharing by companies?

Consumer Court Law Guides

Answer By law4u team

The internet has made data sharing easier, but it has also raised serious concerns about privacy and data misuse. Companies often collect personal data from users for marketing, product improvement, or other purposes. However, when this data is shared or sold without consent or used in ways that violate privacy laws, consumers can suffer significant harm. Privacy regulations such as the General Data Protection Regulation (GDPR) in the EU and the Personal Data Protection Bill (PDPB) in India have established strict rules for data consent and data protection, offering consumers a legal recourse when their data is misused or shared unlawfully.

Steps to File Complaints Against Unauthorized Online Data Sharing by Companies

Identify the Violation

Unauthorized Sharing of Data: Confirm that your data has been shared or sold without your consent. This could include data being used for targeted advertising, third-party selling, or breaches where your personal information is exposed.

Review Privacy Policies: Ensure the company’s privacy policy explicitly prohibits sharing your data with third parties or gives you the right to opt out. If this has been violated, it strengthens your complaint.

Contact the Company’s Data Protection Officer (DPO) or Support Team

  • Step 1: Contact the company directly. Many organizations have a Data Protection Officer (DPO) or privacy support team responsible for handling complaints related to data misuse. This information is typically found on the company’s website under Privacy Policy or Terms and Conditions.
  • Step 2: Provide clear evidence of the unauthorized data sharing (e.g., screenshots, emails, records of terms and conditions that were not followed).
  • Step 3: Demand an explanation, request that the company stops sharing your data, and ask for the removal of your personal information from their databases if applicable.

Report the Complaint to Data Protection Authorities

If the company fails to resolve the issue or if you believe the violation is serious, report the incident to the appropriate data protection authority.

  • India (PDPB 2019): Under India’s Personal Data Protection Bill (PDPB), consumers can report violations to the Data Protection Authority (DPA), which is expected to be established once the bill is enacted. In the interim, the National Cyber Crime Reporting Portal can be used for cybercrimes related to data breaches.
  • European Union (GDPR): Under the General Data Protection Regulation (GDPR), consumers have the right to file complaints with the Data Protection Authorities (DPA) of the respective country in the EU. The DPA will investigate your complaint and can issue fines or penalties against the company for violating privacy laws.
  • USA: In the US, privacy issues can be reported to the Federal Trade Commission (FTC) or state-level consumer protection agencies. However, the California Consumer Privacy Act (CCPA) provides more robust privacy protections, allowing complaints to be filed with the California Attorney General’s office.

File a Complaint with the Consumer Forum

If the company’s actions have caused financial loss, emotional distress, or reputational harm due to the unauthorized sharing of data, consumers can approach the consumer forums in India (District, State, or National Consumer Forums) or similar bodies in other countries.

  • India (Consumer Protection Act 2019): Under the Consumer Protection Act, 2019, consumers can file complaints against unfair trade practices such as unauthorized data sharing and breaches of privacy. The forum can offer remedies like compensation for damages, and order the company to cease the unfair practice.

Example: If a company shares personal data with third-party advertisers without consent, consumers can seek compensation for mental distress or financial loss resulting from spam or phishing attacks.

Contact Regulatory or Industry Bodies

If the company is regulated by an industry body (such as the Telecom Regulatory Authority of India (TRAI) for telecom services or Financial Regulators for banking services), you can file a complaint with these bodies for a breach of consumer data.

For financial services, banks and insurance companies are subject to additional scrutiny under financial privacy laws.

Take Legal Action

If the violation is severe (e.g., personal data sold to third parties leading to identity theft or fraud), consumers can take legal action in civil court or file a criminal case for violations of privacy laws.

  • Data Protection Laws (e.g., PDPB, GDPR) allow consumers to seek compensation and damages from companies for mishandling personal data.
  • If data exposure leads to financial losses (e.g., fraud, identity theft), consumers can pursue claims for reimbursement.

Legal Protections Under Data Protection Laws

General Data Protection Regulation (GDPR) - EU

The GDPR provides strong protections for consumer data in the EU:

  • Consumers must give explicit consent for their data to be processed or shared.
  • Companies must ensure data security, and consumers can request that their data be deleted or returned.
  • Consumers have the right to file complaints with the Data Protection Authority (DPA) and claim compensation for damages.

Personal Data Protection Bill (PDPB) - India

The PDPB (once passed into law) will provide consumers in India with rights similar to the GDPR, including:

  • The right to consent before personal data is shared.
  • The right to request data deletion and correction.
  • The right to complain to the Data Protection Authority for violations.

California Consumer Privacy Act (CCPA) - USA

The CCPA grants California residents the right to:

  • Know what personal data is being collected.
  • Opt-out of data sharing or selling to third parties.
  • Request deletion of personal data and seek compensation for violations.

Example

Scenario

  • A consumer notices that a health app has shared their personal health data (e.g., exercise history, sleep patterns) with a third-party advertiser without their consent.

Steps the Consumer Should Take:

  • Contact the Company: The consumer contacts the app provider, requesting information about the unauthorized sharing and asks for their data to be removed from the third-party advertiser’s database.
  • File a Complaint with the DPA: If the app provider doesn’t respond, the consumer can file a complaint with the Data Protection Authority in their jurisdiction (e.g., GDPR authority in the EU or PDPB authority in India).
  • Legal Action: If the breach leads to identity theft or financial loss, the consumer can pursue compensation under data protection laws and may take legal action against the company for violating privacy.

Consumer Safety Tips

  • Review Privacy Policies: Always read the privacy policy of any online service to understand how your data will be used.
  • Limit Data Sharing: Only share the minimum amount of personal information necessary for a service.
  • Use Privacy Settings: Adjust the privacy settings in apps and websites to restrict how your data is shared.
  • Use Secure Payment Methods: When making online purchases, ensure secure payment methods and avoid giving unnecessary personal information.

By following these steps, consumers can protect their personal data, seek compensation for privacy violations, and hold companies accountable for unauthorized data sharing.

Our Verified Advocates

Get expert legal advice instantly.

Advocate Harpal Singh

Advocate Harpal Singh

Breach of Contract, Cheque Bounce, Civil, Consumer Court, Divorce, Family, Landlord & Tenant, Property, R.T.I, RERA

Get Advice
Advocate Mohammed Saif Kalam

Advocate Mohammed Saif Kalam

Cheque Bounce, Child Custody, Divorce, Domestic Violence, Family, Medical Negligence, Motor Accident, Muslim Law, Criminal

Get Advice
Advocate Ajay Singh Sikarwar

Advocate Ajay Singh Sikarwar

Cheque Bounce, Civil, Criminal, Family, Motor Accident

Get Advice
Advocate Rajeev Srivastava

Advocate Rajeev Srivastava

Cheque Bounce, Criminal, Divorce, Motor Accident, RERA

Get Advice
Advocate Lokenath Shaw

Advocate Lokenath Shaw

GST, Tax, Revenue, Trademark & Copyright, Banking & Finance, Corporate

Get Advice
Advocate A Ramaprasad

Advocate A Ramaprasad

Civil, Cheque Bounce, Family, Wills Trusts, Landlord & Tenant

Get Advice
Advocate Harshit Srivastava

Advocate Harshit Srivastava

Anticipatory Bail, Arbitration, Armed Forces Tribunal, Banking & Finance, Breach of Contract, Cheque Bounce, Child Custody, Civil, Consumer Court, Corporate, Court Marriage, Criminal, Cyber Crime, Divorce, Documentation, GST, Domestic Violence, Family, High Court, Labour & Service, Landlord & Tenant, Media and Entertainment, Muslim Law, Patent, Property, R.T.I, Recovery, RERA, Succession Certificate, Supreme Court, Tax, Trademark & Copyright, Wills Trusts, Revenue, Motor Accident

Get Advice
Advocate Dhiraj S Pawar

Advocate Dhiraj S Pawar

Anticipatory Bail, Banking & Finance, Breach of Contract, Cheque Bounce, Civil, Consumer Court, Criminal, Divorce, Documentation, Domestic Violence, Family, High Court, Insurance, Landlord & Tenant, NCLT, Property, R.T.I, RERA, Succession Certificate, Trademark & Copyright, Wills Trusts, Revenue

Get Advice

Consumer Court Law Guides Related Questions

Discover clear and detailed answers to common questions about Consumer Court Law Guides. Learn about procedures and more in straightforward language.

18-Jun-2026 | Consumer Court Law Guides

Can a consumer file a complaint for fraudulent cashback schemes on e-commerce apps?
Read Now By Law4u
18-Jun-2026 | Consumer Court Law Guides

How to deal with unauthorized online auto-renewals of subscriptions?
Read Now By Law4u
18-Jun-2026 | Consumer Court Law Guides

What compensation can be claimed for defective electronics bought online?
Read Now By Law4u
18-Jun-2026 | Consumer Court Law Guides

How to file complaints against misleading online course advertisements?
Read Now By Law4u
18-Jun-2026 | Consumer Court Law Guides

How to complain against price manipulation during online sales events?
Read Now By Law4u
18-Jun-2026 | Consumer Court Law Guides

What penalties can be imposed on e-commerce platforms for violating consumer laws?
Read Now By Law4u
See More Questions