Any user whose demographic data is stored with the government through the Aarogya Setu app can now request for its deletion, the Centre said on Monday as it issued a set of protocols to regulate the definition, collection, processing and storage of data by the contact-tracing app. Data about the user’s name, mobile number, age, gender, profession and travel history come under this ambit.

The ‘Aarogya Setu Emergency Data Access and Knowledge Sharing Protocol, 2020’, which will be applicable for the next six months, also increases the period of retention of such data from the earlier 60 days as specified in the app’s privacy policy to 180 days.

The move comes as the government has faced criticism of the violation of privacy by digital rights activists as the app has evolved from a contract-tracing app when it was launched in April to take on a larger role of providing e-passes, telemedicine, as well as e-pharma facilities; critics have raised concerns over the government making it mandatory for a host of activities, especially in the movement of individuals.

Last week, a French hacker pointed at vulnerabilities on the app by showing that details of millions of Indians using it could be accessed within a 100-km radius. The app only provides data for a radius of 10 kilometres only for phones in India.

IT ministry officials said that the protocol was necessitated by the increased criticism. The rationale for the protocol, the government said, was to ensure the effective implementation of the government’s health response to Covid-19.

“There is a need to ensure efficient data and information sharing among the different Departments and Ministries of the Government of India as well as those in the State/Union Territory Governments,” the protocol said.

 

Follow Us