Publications

October 5, 2022 – On October 3, 2022 – Truecaller released a press statement in response to Viceroy’s report, Truecaller’s True Colors, on October 3, 2022. As expected, Truecaller’s statement fell squarely within the clutches of Catch-22 (the greatest catch there is). Here at Viceroy, we like to keep one in the barrel in case management decide to persist with nonsense narratives. As of latest available filings, Truecaller is subject to tax proceedings in Sweden and investigations in India. This is disclosed in Truecaller’s own prospectus. Truecaller’s prospectus highlights every single risk Viceroy have identified as a real risk to its business. Management proactively install safeguards to prevent minors from downloading its app, but refuse to acknowledge that most of its phone book, including minors, consists of non-consenting, non-user data. Management acknowledge a huge privacy breach while preaching the “privacy focused” nature of its public phone-book. This report will scrutinize Truecaller’s logical gymnastics, mutually exclusive arguments, and healthy dose authoritative bias.

Truecaller’s app facilitates strangers’ contact with minors without valid consent. PLEASE READ IMPORTANT DISCLAIMER – PAGE 3 September 29, 2022 – Viceroy research has fielded calls from concerned data protection specialists in India in relation to how Truecaller handles consent for minors. Truecaller sign-up does not request a users age (only access to all of their other personal information). Truecaller indiscriminately collects data from users under the age of 18 in India, and indeed globally. This data is uploaded onto their public phone-book. Truecaller’s enhanced search spyware indiscriminately pulls contact data of minors and uploads this data into its public phone-book. Users cannot obtain unilateral consent from their contacts, especially if those contacts are minors. Data of minors (and all users) is actively available to strangers online without their consent. Truecaller is actively in breach of global regulations. We believe Truecaller will have to obtain consent from all users, and remove non-users from its database. Until yesterday the sign-up screen for new Indian and non-EU users had the Enhanced Search feature available and auto-ticked. This feature has now been removed from sign in. We do not know where it is, nor do we know if it is automatically turned on.

September 28, 2022 – Truecaller (TRUEB:SS) is a Swedish adware & spyware app which feeds an inferior caller-identification service aimed at detecting spam. The EU’s General Data Protection Regulation (GDPR), and similar legislation across the globe, threatens Truecaller’s business, which we believe is on the brink of redundancy. It now resorts to skirting regulations and/or avoiding taxes through uncreative loopholes which we believe will be inevitably cut-off. When the taxman comes knocking, Truecaller is a loud and proud Swedish company. Truecaller bills almost exclusively from Sweden from advertising customers/agents despite substantially all operations being in India. When regulators come knocking, Truecaller is an Indian company ostensibly to avoid privacy regulations such as GDPR. Despite this GDPR specialists consulted by Viceroy confirmed that they are in breach of these regulations and are subject to GDPR regardless of their claimed domiciliation and users and non-users location. Several geographies including the EEA, Nigeria, Brazil and South Africa have prevented Truecaller from collecting user address books from apps installed through the Google and Apple app stores. Truecaller must now rely on more expensive preinstalled copies of the app to increase their footprint. Truecaller took a one-time revenue bump from Q4 2020 to Q4 2021 by pushing ads to every user on every call driving a 3-4x increase in user impressions. Impressions per user per day are now flat/decreasing q/q. Truecaller faces competition from OEMs, OTT solutions like WhatsApp and governments, with TRAI announcing their intention to create a Truecaller-like app backed by government issued identity documents. The company and app also have a long and storied history of security and user data breaches, some of which were conducted from within the app. There are also hundreds of "cracked" premium versions of the app online which communicate with Truecaller's servers without issue and come with lifetime paid membership. Truecaller’s Indian auditor was also Wirecard’s local auditor. They were banned from auditing financial institutions, a rare occurrence. Viceroy Research is short Truecaller.