This Article is From May 11, 2020

Centre Issues Data Processing Rules For Aarogya Setu App Amid Privacy Concerns

The fresh guidelines allow collection of only demographic, contact, self assessment and location data of persons infected by the coronavirus or those who come in contact with the infected person.

Centre Issues Data Processing Rules For Aarogya Setu App Amid Privacy Concerns

Till date, 9.8 crore people have downloaded the Aarogya Setu app.

New Delhi:

The government has issued a set of guidelines for processing of data collected through Aarogya Setu app that bar storage of data for more than six months and specify jail term for violators of certain rules.

Amid concerns expressed about data privacy of people who use the app, the guidelines provide an option to individuals to seek deletion of their data from the record within 30 days of making such a request while a senior government official asserted that "privacy is an important aspect of Aarogya Setu".

"Lot of work has been done over data privacy. A good privacy policy has been made to ensure that personal data of people are not misused," Ministry of Electronics and IT Secretary Ajay Prakash Sawhney told reporters.

"We provide these information to check an area from becoming a hotspot. Privacy is an important aspect of Aarogya Setu," he said.

The fresh guidelines allow collection of only demographic, contact, self assessment and location data of persons infected by the coronavirus or those who come in contact with the infected person.

Mr Sawhney also heads an empowered group to deal with the coronavirus pandemic in India.

Till date, 9.8 crore people have downloaded the Aarogya Setu app, which has been made mandatory in COVID-19 containment zones. The app alerts users if they come in close contact with a person infected with coronavirus.

The latest guidelines lay down procedure on handling of data by various agencies involved in controlling spread of the pandemic.

The data can also be shared with universities for research purposes only after delinking details that can identify individuals using the app, as per the government.

"Any violation of these directions may lead to penalties as per section 51 to 60 of the Disaster Management Act, 2005 and other legal provisions as may be applicable," it said.

Penalty clauses under the Disaster Management Act also have provisions for jail term for officials.

Mr Sawhney said that the most important function is the flow of data from the app to various departments where huge emphasis has been laid on privacy of individuals.

According to him, data of a non-infected person is deleted from Aarogya Setu app in 30 days, 45 days in case of tests and 60 days if a person has undergone treatment.

"The app users are given device ID which is used for processing various information and functions. The individual''s contact is used only to alert the user," he said.

The government has also issued a toll free number ''1921'' for those who do not have smartphones.

"Less than 13,000 users of Aarogya Setu have been found to be COVID-19 positive but due to help of this (app), around 1.4 lakh were traced and alerted who have come in close contact with infected persons."

"We provide these information to check an area from becoming a hotspot. Privacy is an important aspect of Aarogya Setu," Mr Sawhney said.

Advocacy groups have alleged that the government is using Aarogya Setu for mass surveillance especially in absence of any legislation around privacy.

"The protocol has been issued to bridge the legal gap and to address privacy related concerns," a Ministry of Electronics and IT official said.

.