By K Raveendran
It took fewer days for the Modi government’s Arogya Setu to change from ‘voluntary’ to ‘mandatory’ than the number of days taken for the doubling of Covid-19 cases, at least in states like Kerala and Telangana, requiring 37 and 58 days respectively. The Covid app was launched on April 2, but by a notification on May 4, the Union home ministry made its installation and use mandatory. The UP government has gone one step ahead by making absence of Arogya Setu on smartphones a punishable offence.
In addition to government employees, certain private companies in the gig economy have also made Aarogya Setu mandatory for their workers. As lockdown restrictions are eased and business operations resume, it is feared that other employers in the gig economy as well as the traditional economy may make use of the app compulsory.
Privacy activists have challenged the government move. There is widespread feeling that the government has used the spread of coronavirus as an excuse to push its health app, which activists feel asks for more information than what is necessary to keep users engaged with measures to prevent the spread of the virus.
The activists have approached the court with their grievance and written to Prime Minister Narendra Modi about the “damaging impact of the Aarogya Setu app and COVID-19 lockdown on the privacy, autonomy and dignity of workers”.
It was amidst such fears that French hacker Robert Baptiste claimed that the app suffered security issues which compromised information about the users. The hacker then gave out information about specific functionaries in the government, which he claimed was breached through security gaps in the app. He even endorsed Rahul Gandhi’s description of the app as a ‘sophisticated surveillance system’.
In all probability, these fears are fully justified, but these may become integral to the emerging post-Covid scenario in which concern for viruses and their prevention wold be the new normal. Social distancing and personal protection against virus threats may become part of people’s lifestyle.
Apps have already become part of the defence mechanism put in place by various countries to prevent the spread of coronavirus. There are broad commonalities in all of them, with the compromise of personal privacy depending on the sophistication of various societies. Most of the apps in effect do contact tracing, a key objective of governments’ plan of containment against Covid-19.
South Korea, for instance, reportedly has an app that sounds an alarm and alerts officials if people stray from their quarantine. Taiwan is said to be tracking quarantined people’s phones using data from cell-phones. Anyone detected breaching the granted space leads to officials being alerted and strict action follows, including fines for breaking quarantine, followed by imprisonment. Both countries have achieved high success rate in containing the spread of the disease.
Similarly, Chinese provincial governments are reportedly using a Health Check app run through popular payment platforms, which collect location data of the users and the app then passes on the information to third parties, which process the data and reports the results back to authorities. Issues like privacy may be alien to provincial Chinese societies, so there are no fears of breaches.
While the intentions behind such efforts can be described as honest, there are possibilities of gross misuse, especially when it comes to location tracking, which is the highest level of privacy breach. With the present generation of apps, like Arogya Setu, requires the user to input personal information, which in a way provides an option whether to input information that one might consider confidential. But future generations of phone devices might collect sensitive information on their own and could transmit back to designated authorities. That is an appalling prospect for privacy activists.
In a way, privacy is already a well-maintained myth. Companies like Google and Facebook have access to sensitive information about their users, but there is a saving grace that both companies have strong commitment in terms of the integrity of personal data and protection of privacy. And yet, the day is not far off when such data will land up with governments, especially when it is for noble causes such as containment of a pandemic. But most governments, including the one in India, are not known to be great believers in the integrity of personal data, despite the fact that there are constitutional and statutory safeguards against abuses.
Overall, the post-Covid global scenario does not appear to be all that promising when it comes to protection of personal data and individual’s privacy. (IPA Service)