On behalf of the Indian government, in late April, the public-sector company Broadcast Engineering Consultants India Limited floated a tender for procuring devices to fight the COVID-19 outbreak. The devices included COVID-19 patient-tracking wristbands, fever-scanning tools and hand-held thermal imaging systems. The expectations from these devices, as per a report in the Indian Express, bordered on the magical: “detect, prevent and investigate threats to national security using call data records, internet protocol detail record, tower and mobile phone forensics data”; “geofence an area of interest, such as meeting place, airport, mosque, railway station, bus stand”; “advanced analytics and intelligence software that uses telecom & internet data to identify suspect locations, associations & behaviour”; monitor “everyday behaviour of the person, including where s/he orders food from and the places s/he regularly visits, the multiple routes s/he could take”; “should be able to easily identify close contacts, frequent contacts as well as occasional contacts such as Uber drivers etc, and be able to collect information like where the suspect has spent most of his/her time and who all he or she has met.” To say that the company’s aims with these devices would infringe on the privacy of those being subjected to such surveillance would be an understatement.
The tender came at a time when the government was already facing criticism over the Aarogya Setu app, sponsored and heavily promoted by the central government. The app determines whether users are at the risk of a COVID-19 infection, through accessing the locations they have visited, whether they had “contact” with someone who carried the infection, and self-assessment of symptoms. Initially, the government made use of the app mandatory for all public and private employees, and for those living in containment zones. It also proposed that all new smartphones come with this app pre-installed. Since then, there have been cases of housing societies insisting that in order to access the common area of the housing complex, residents will have to install the app. The Central Industrial Security Force has proposed making the app mandatory for allowing access to public places such as the Delhi metro. The states of Karnataka and Haryana have declared that those entering their territories should have the app installed. In Noida, a government order said that criminal penalties will apply if the app is not used during lockdowns. Downloading the app might even be made mandatory for air and train travel. However, in the guidelines for the lockdown from 17 to 31 May, the ministry of home affairs somewhat diluted its stand. Instead of making the app mandatory for all employees, it said that “employers on best effort basis should ensure that Aarogya Setu is installed by all employees having compatible mobile phones.”
Despite this minor relaxation, it will not be surprising to see this app go the Aadhaar way, in that it will effectively become “compulsory” for everyone, giving rise to issues of exclusion and denial of a service if the app is not installed, and misidentification, where an uninfected person might be shown as high risk. The mandatory use of this app has been challenged in Kerala High Court because it “takes away the right of a person to decide and control the use of information pertaining to him” and thus violates the 2017 Supreme Court judgment in Justice KS Puttaswamy (Retd) vs Union of India. The eminent jurist Justice BN Srikrishna, who led the committee that drafted India’s data protection Bill, has called making the use of the Aarogya Setu mandatory app illegal.