On 24th march 2020, the government of India declared a nationwide lockdown for 21 days in order to prevent the spread of the novel corona virus. Our nation, along with the world came to a standstill and was in a crisis at the same time. People took to their homes, businesses were shut down, colleges and schools became inoperative, curfews and section 144 of IPC were imposed (among many other). Masks, sanitizers, gloves and avoiding going out all together became the new normal. The government took various measures to take care of the situation. To protect the health of people, governments and institutions all over the world have put in place restrictions on movement and mechanisms for health tracking and reporting. These mechanisms, including contact-tracing and self-reporting apps, some recording and transmitting personal health information, underscore the deepening importance of data protection and privacy in this crisis. One such measure taken by our govt. was launching and encouraging the citizens to use the ‘Arogya setu’ app. Arogya setu was developed by national informatics center. The stated purpose of this app is to spread awareness of COVID–19 and to connect essential COVID–19-related health services to the people of India. It is a tracking app which essentially uses the smart phone’s GPS and Bluetooth features to track the corona virus infection. Using your location information, it determines whether the location you are in belongs to one of the infected areas based on the data available.
The spread of Corona virus has led governments to take a number of measures to protect their citizens – including lockdowns, telecommuting and online education. However, the pandemic is also leading to greater state control and scrutiny over the private lives of its citizens through the use of latest digital surveillance technologies. When it comes to balancing measures that could help track and contain the virus and safeguard privacy of individuals, where is the line?
Justice Khanna said “when faced with crises, governments — acting for all the right reasons — are invariably prone to overreach. Any temporary measures they impose have a disturbing habit of entrenching themselves into the landscape and creating a ‘new normal’ well after the crisis has passed. Paying close attention to civil rights, therefore, becomes critical.” The pandemic causes an existential threat to us and the need to protect lives might be considered paramount. But this outlook will lead to violation of basic human rights of the citizens.
Even though digital solutions are helping save lives, by spreading health messages, increasing access to remote physical check-ups and health alerts. At the same time, surveillance tools that trace individuals’ location and their contacts present profound challenges to privacy, data protection rights and freedom of information.
Authorities are collaborating with telecommunication service providers to access geo-location data to track the population. In the case of Turkey, the government has launched a GPS-based centralized app, making registration of all COVID-19 affected people mandatory. A similar app in Kyrgyzstan, though it claimed to be based on voluntary consent, was later reported to be mandatory for persons put into quarantine. In Azerbaijan, people’s movements are controlled by an application that issues electronic permits to people who would like to leave their homes during quarantine and is accessible to the police, while Kazakhstan has relied on video surveillance to find violators of the quarantine regime. In Armenia, even in the absence of any publicly announced digital solution, the government has adopted a new law, permitting operators and medical personnel to share with authorities citizens’ personal data, location and contacts, including the data related to their phone calls’ time and length.
In India concerns have been raised regarding the Arogya-setu app. An ethical hacker drew the attention of the govt towards the potential security breach on May 2020, Delhi-based Software Freedom Law Centre has alleged that the app collects sensitive user data such as a user’s gender and travel history, The Internet Freedom Foundation (IFF) has also alleged that Aarogya Setu lacks transparency. Article 21 of the Indian constitution (protection of life and personal liberty) states that no person shall be deprived his or her life or personal liberty except according to procedure established by law. It also includes right to privacy. It is stated that it is a cherished constitutional right and it is important that human beings are allowed domains of freedom that are free of public scrutiny unless they act in an unlawful manner. The same article also states that right to life is a basic human right.
Even though Aarogya Setu is seemingly a “voluntary” app, it’s being made more and more “mandatory” each passing day. Failure to install it on smart phones (when out in the public) is even punishable in Noida and Greater Noida, as per a new directive by the UP police, which is a first for any such app. The Government has also directed public and private sector employees to have it installed on their smart phones. “Use of Aarogya Setu app shall be made mandatory for all employees, both private and public. It shall be the responsibility of the head of the respective organizations to ensure 100 percent coverage of this app among the employees,” according to a recent MHA directive. Needless to say that Aarogya Setu is already mandatory for Central Government employees. The authorities have relied upon the Epidemic Diseases Act, 1897, and the National Disaster Management Act, 2005, to derive legitimacy of the actions being taken by them. However, apprehension regarding the legal usage of the data collected through these methods still remains. While the Indian government authorities have declared that the data would be encrypted as a safeguard and no personal data such as name, age, sex, etc., will be released to any party, the above methods used by the state authorities seem to belie such declarations.
Now here the authorities are faced with a dilemma. They have to take measures to protect the citizens of the country from the unseen and prevent the virus from spreading. At the same time they have to take measures which don’t take away the rights from the citizens or make them feel unsafe in anyway. Now no fundamental right is absolute and is subject to reasonable restrictions. In the present pandemic, where the question of public health is overlapping with the seemingly privileged concept of privacy, the answer seems simple. However, as pressing as the need to contain the virus may be, it is necessary to ensure that the right to privacy does not get curtailed in the process, thereby setting a dangerous precedent. Recently, a petition was filed before the High Court of Madras, seeking to reveal the identity of COVID-19 affected persons, wherein the Court, without delving upon the privacy aspects, held that there would definitely be social stigma and aspersions pursuant to such revelation and the petition was accordingly dismissed. The dichotomy between public health preservation and protection of the citizens’ fundamental right to privacy is a serious concern and cannot be ignored. Tracking and surveillance in the present situation does serve a compelling state interest, however, for the purposes of constitutional sanctity, it is imperative to enforce safeguards as well.
Public health interest may be a legitimate reason to increase monitoring of individuals, but monitoring by government authorities must be approached with utmost caution. If caution is not exercised in times of urgency, we may be successful in containing the spread of the virus, but it may irreparably damage the constitutional fabric.