The problem with Aarogya Setu

Business Standard     1st June 2020     Save    
QEP Pocket Notes

Context: The app gathers a lot of data, which is unnecessary for the task it supposedly performs 

Iniquitous Arogya Setu (AS) App:

  • Denounced as Orwellian software: it gathers a lot of data for the task it is supposed to perform i.e. contact tracing.
  • Smartphone dependence: Roughly 500 million Indian mobile subscribers don’t have smartphones.
  • Absence of private law: no legal redress for being placed under surveillance.
  • Opaque data sharing protocols: Personal data including medical information and location stored for minimum 30 days and can be shared with any government organisation or private entity if the situation demands.
  • Not truly open-source: as researcher believe that the code put as open-source is not the actual code the app is running.
  • Open source allows code to be studied by independent researchers. Bugs can be quickly discovered and patched.
  • Use of Location data: whereabouts and movements of users is known 24x7.

      Way Forward:

        • Using Ephemeral IDs: to track users’ location which can be used to pick up corona-positive patients without identity or location disclosure. It is currently been used by Google and Apple.
        • Anonymize Data: so that storing data cannot be used by unauthorised agencies since it include medical and location information.
        • Digital Privacy Law: to provide right to privacy designated as a fundamental right by supreme court and check on unnecessary government surveillance. 
      QEP Pocket Notes