India now has nearly 40 Covid-19 apps, including Aarogya Setu. Launched by state governments, police authorities and municipal corporations, the purpose of these apps range from contact tracing to providing health information and issuing e-passes. Apart from concerns about privacy and surveillance, citizens moving from one state or jurisdiction to another will now be required to download multiple apps.
ThePrint asks: 40 Covid apps across India: Lack of coordination or needed for micro-management?
Multiplicity of apps not a challenge if they all follow a standard template set by the Centre
Srinath Reddy
President, Public Heath Foundation of India
Any app, which gathers health information that can be analysed by policymakers and provide guidance to individual users, must meet the criteria of user-friendliness, relevant data acquisition, and prompt channeling of that data for policy and programme response. There must also be an assurance that it will protect the privacy of an individual. It is the duty of central and state governments to ensure these criteria are satisfied by current and future apps for Covid tracing.
Healthcare is a state subject, and the responsibility for effectively controlling the spread of Covid-19 has moved on to state governments. It is appropriate that they develop and use applications relevant to the local context of geography, language and culture. This also enables ready access to data for faster decision-making. Multiplicity of apps is not a challenge by itself if the data collection can follow a ‘minimum standards template‘ (MST) developed by the central government. Arogya Setu app can still be utilised but it needs a ‘lite’ version of essentials based on the MST, whose source code can be shared. The template can be based on draft guidelines developed for electronic health records (EHR).
Based on the template, states and other agencies can develop interoperable apps, add custom features for value addition, which can have better reach and greater usability.
Govt must first publicly share what purpose such apps have served so far and then devise a common app
Shailaja Chandra
Former secretary, Ministry of Health & and Family Welfare
The government should be bound to demonstrate what use information obtained from these apps has been put to, and whether they have helped hospitals, individuals or is it mere data collection. It also needs to be made clear which apps are optional or mandatory for the public. If mandatory, it must be bound by certain rules falling in the ambit of a law. If not, it is not in the state or authority’s power to insist on apps being used.
A court should mandate issuing guidelines for such apps with only one purpose — contact-tracing of a person infected with Covid-19 and for checking infection and close contacts of a suspect case. A committee from the Centre or states should prepare a common app that can be used by all states, otherwise there will be chaos.
But first, the purpose that these apps have served so far should be made public. Courts should also take cognisance of demands from government bodies and authorities, which are pushing for apps without indicating the legal framework under which they belong.
Too many Covid apps a worrying trend in the absence of a privacy law
Prasanto K. Roy
Tech writer and policy consultant
Too many government apps doing the same thing is an old problem in India and spans three decades and hundreds of e-governance software projects and pilots. One state may have an award-winning pilot project for addressing public grievances or pensions, but another state, or even a district administration next door, will build it from scratch after some time—usually with a fresh tender.
Wastage of public funds is rarely a concern for governments. But years are wasted in getting critical projects up and running. Why can’t a city police app be built, refined, and then open-sourced for other Indian cities’ police forces to re-brand and adopt?
In the absence of a privacy law in India, this is particularly worrying in the Covid context, where citizen health records along with location and other personal data is being collected by dozens of different apps. Global attention has forced the (reported, but unconfirmed) open-sourcing of Aarogya Setu, but it is a bigger challenge for activists to scrutinise 30 or 40 different apps in different states.
We may be living with Covid19 for years ahead. When life and business resume, it’s going to be next to impossible to keep track of a dozen apps, based on where all we are travelling, and for migrants to grapple with different languages and user interfaces. Not to mention the privacy issues – what all should a state I’m visiting be able to see of my movements in other states, or my personal data?
It’s imperative for the Ministry of Electronics and Information Technology or National Informatics Centre to make a list of Covid-related government apps and issue a framework, with recommended privacy policy and terms and conditions. They should also consider identifying apps that do things that Aarogya Setu does not do, for a centralised development.
Multiple apps for contact tracing and quarantine management is counterproductive
Rohan Seth
Policy analyst, The Takshashila Institution
Given the urgency of the coronavirus pandemic and recent attention given to contact tracing apps, it is not surprising that states, cities, and individual law enforcement departments have tried to come up with their own app-based solutions. Limited state capacity has made nationwide coordination an added challenge during the pandemic.
This has negative implications for data protection in India today. Most of these apps are collecting health data, which is personal and sensitive. While Aarogya Setu’s privacy policy looks at issues such as data minimisation, sharing, and data retention, it is unlikely all other apps will follow the same standards.
Given that a data protection law still does not exist in India, slip-ups in data protection practices are a price we have to pay with limited or no consequences.
Creating multiple apps for contact tracing and quarantine management may end up being counterproductive. Not just because of the higher risk of data breaches, but also because adoption rates depend on awareness as well as the availability of smartphones. Population reach for tech solutions is something we covered at Takshashila in our recent research.
The crisis of having multiple apps is reflective of India’s current landscape, and a symptom of not having a data protection law coupled with limited state capacity.
In addition, apps do not generally adhere to jurisdictions in their functioning. Instead, they are made available on the Play/App Store, ready to be downloaded. So lockdown restrictions, whether they are eased or not, will not play much of a role. You can be in Kerala and download Delhi’s Covid app for hosptial bed information.
Also read: Will the Facebook ‘Supreme Court’ make FB and Instagram a safer place?
By Pia Krishnankutty, journalist at ThePrint