Govt hints at using Aarogya Setu as e-pass; experts doubt efficacy

The Aarogya Setu app launched by the Centre earlier this month, which has clocked over 1.5 crore downloads within two weeks of going live, might soon be made into an e-pass for movement of citizens. Government officials pointed out that a functionality for the app has been suggested wherein it can approve people, who are clear of any threat of contracting or spreading COVID-19 disease, for movement.

“There have been suggestions to build in this functionality in the Aarogya Setu App; the idea is good and technical feasibility of the same is being worked out,” a spokesperson for Ministry of Electronics and Information Technology said, adding that a final call will be taken by an empowered group constituted for logistics.

A potential move by the government to use the app for controlling the movement of citizens to contain the spread of COVID-19 in the country notwithstanding, cybersecurity and legal experts have raised a number of privacy-related concerns with the app.

The app tracks its users’ “interaction with others”, and alerts authorities if there was any suspicion of the user having been in contact with any infected person. Once installed in a smartphone, the app detects other devices with Aarogya Setu installed that come in the proximity of that phone. The app can then calculate the risk of infection based on several parameters if any of these contacts is tested positive.

Cybersecurity experts have said that while there is little clarity on how the Centre will track these interactions, the app’s efficacy also depends on how many COVID-19 positive users had downloaded it. “For the app to work efficiently, three conditions are to be fulfilled. The first one is that a good number of tests have been performed across the country. And these patients ought to have a smartphone with the app, only then can a cluster be formed for bigger inter-mobile communication,” a Chennai-based independent cybersecurity expert said.

Another factor that might hinder the working of the app is that it requires Bluetooth and GPS to be always functional. “There is a technical concern too, called ‘signal interference’. Bluetooth operates on the 2.4 GHz band. When you have too many Bluetooth enabled devices working in close proximity with devices such as WiFi routers, which also work on the same frequency, it might cause interference. This, in turn, will again hamper the efficiency of the app,” the expert said, asking not to be named.

Ever since its launch, Aarogya Setu has raised privacy concerns, which had led to as many as nine organisations and at least 11 individuals writing to the Centre flagging the usage of and “processing of personal data of individuals”.

On similar lines, lawyers and legal experts have raised concerns of proportionality, asking whether compelling the app on citizens is proportional to benefits it provides. The Software Freedom Law Centre (SFLC), which was among the signatories in the letter sent to the Centre, said that it had analysed the app and found many problematic issues. Among them, the group said in a publication, was a clause in the app’s privacy policy which allowed the government to “to share personal information uploaded to the cloud with such other necessary and relevant persons in order to carry out necessary medical and administrative interventions”.

“This is problematic as the clause is broadly worded, allowing the data to be shared with practically anyone that the government wants. India does not have a law dealing with personal data protection which should be limiting data collection and processing,” the SFLC publication said.

Another area of concern, experts pointed out, was the limited liability clause of the app, which says that the government would not be responsible if inaccurate information was fed. “While it exempts the government from being blamed if the information is not correct, it also means that no liability can be fixed on the government even if the personal information of the users so collected and stored is leaked in the future,” another expert said.

indian express