Concerns have been raised about the widespread trade in big data through the health apps developed by governments and big firms, or checking the spread of infection during Covid. We had highlighted warnings about it on 18 April. The controversy surrounding 'Aarogya Setu' only proves tht that warningis becoming a reality at an alarming scale in India too.
An ethical hacker from France known by the pseudonym 'Eliott Aldersen' has now strengthened the apprehensions that the health and private data about nine crore Indian citizens who downloaded the app may become a product for sale in the data market. He has also proved that health data stored in Aarogya Setu can easily be hacked by releasing details of Covid-affected employees in the Prime Minister's Office, Ministry of Home Affairs and military headquarters. On the whole, the data leak underlines the warnings from the cyberworld, and the allegations by political leaders including Rahul Gandhi, that the Aarogya Setu is an instrument of leaking the privacy of individuals and a tool for the Central government to chase and keep surveillance over citizens.
The Aarogya Setu app was developed and released by the National Informatics Centre, under the Ministry of Information Technology, modelled on those of different countries used to check the spread of Covid. However, for the development of the app, the model used by India was not of European countries who lay great stress on privacy protection but Israel which is known for close surveillance of citizens by its interior ministry. Through tracking, observing and following the contacts of the ones who download the app (contact tracing), data about Covid-infected will be gathered in the database of the union health ministry and get transferred to the app. Thus, when the Covid-infected individual gets close to a user, the other person gets an alert via GPS and bluetooth technology. Even if based on the argument of prevention of disease spread, the surveillance mechanism that gathers every movement of the users constantly using GPS, is a violation of the Supreme court judgement that upheld privacy as a fundamental right. The fact that as of now, there are no comprehensive and robust data protection laws inIndia, will only make the situation graver.
In fact the technical robustness of the Aarogya Setu - that the health department has released and made mandatory for Covid prevention - has alsoo been challenged. Doubts have got thickened over questions whether the private data of patients are safe and whether the app would become a means of data sale. It has been proved that in the racial attacks in north-eastern Delhi that broke out in end February, the data of vehicle owners was skillfully used. In a way, the Covid phase is making the people subservient to the government's hidden agenda for upcoming era of techno-totalitarian state. IT is time to stop raising absurd qestions whether in exordinary times life or personal data is more important, and to raise serious questions regarding civil rights. Or else, what is left post-Covid will be a life of data prisoner.