Arogya Setu App
By Anurag Kushwaha
Aarogya Setu app was released on April 2, 2020 and has now crossed more than 10 crores users across India. It was developed under National Informatics Centre and MyGov by the Government of India as a measure to track and identify the suspected and positive coronavirus patients and alert the user of the application if they are in a high-risk zone or someone around them is positive for the novel coronavirus or not. With the help of a self-assessment survey, some questions are asked to the user while the Bluetooth and location, GPS services of the smartphone are required to be turned on, with which it works. The highlighting question that has been raised by several tech experts and leaders is whether the Aarogya Setu app is safe or unsafe.
The Features of Aarogya Setu App:
- It provides an option of self-assessment survey which a user can routinely conduct and know about whether the risk of infection is high/low in the person’s vicinity.
- It also provides common tips and information about the ICMR (Indian Council of Medical Research) approved labs according the state and area of the user.
- The app aims at publishing content for spreading awareness and verified information about the coronavirus, including live updates and statistics.
- It has a section that shows whether or not the user has an e-pass, if available.
- The information retrieved from the survey is supposedly saved on phone and shared to the government if the user’s sample has been taken or is tested positive. The information is further used by National Informatics Centre and the Government of India in preparing strategies and policies for fighting the virus and approving optimal medical treatment.
Apart from what the app and government claim, the major issue regarding privacy of users is still pertaining and is unanswered. Many people and leaders have moved to courts to seek a judicial help in inquiring from the government how the data of a user is collected and used.
The government had only directed its employees earlier for strictly downloading the app on their phones but later extended the direction to private sector and the general public, after which it was criticised heavily. As of now, the Ministry of Home Affairs has changed its statement by only directing it as a best effort basis that can be ensured to track the users and help them know how safe they are, while helping them protect themselves from the coronavirus. It promoted installation of the app by employees having compatible smartphones and softened its approach as before it was mandatory. The support for the Aarogya Setu app’s purpose has been brought up by extending the services to mobile phones and landlines apart from smartphones with the help of an Interactive Voice Response System (IVRS). A user without a smartphone can give a missed call on 1921 and they will receive a call back from the authorities that will conduct the survey procedure and inform whether the user is in a safe zone or not and how prone is he/she from the risk of infection.
Is Aarogya Setu App Safe or Not?
The implementation of the app is quite varied in the country, in Noida there are stricter provisions regarding the use of Aarogya Setu app while the food delivery companies and several other industries are mandating the use of Aarogya Setu app and informing the same through their respective applications/websites. But the reasons why it is presently a debated topic is primarily because of the privacy concerns as can be understood with the help of following points:
- The constant use of Bluetooth and location services is giving an unbridled entrance to the hackers into the devices of users. Cybercrimes like hacking or identity theft along with phishing can be easily carried out.
- The Indian Computer Emergency Response Team (CERTin) has recently noted that phishing attacks through the app are increasing as people are receiving alluring fake domains and links to click on and unintentionally downloading a spyware/malware to eventually cause harm to their data and privacy.
- There is still a lack of clarity on how the government is using the data of users, while it is claimed by Abhishek Singh, the CEO of MyGov that the app allots an anonymous ID to each user which is used for interaction with the government and the details are only received once sampling is done or the user is tested positive for coronavirus. However, Kerala High Court has asked the government to clarify the issue and release the information of how it is using the data officially.
Hence, the rising cybercrimes through the Aarogya Setu app cannot be denied as the users are even receiving fraudulent messages from the imposters who intend to break into the device or commit a fraud/data theft. The government urgently needs to assess the role of information collected from the public through the app and ensure the protection of data of users. There is a strong need of a Personal Data Protection Law in India and as the bill regarding it is still not passed to be enacted, the government is at a standstill, surrounded by questions of invasion of privacy and the rights associated to it of the citizens.