Blog Image

Socio Legal Impacts of Increased Covid Surveillance

Socio Legal Impacts of Increased Covid Surveillance
- Kanika Jain

INTRODUCTION 

COVID-19 cases have been constantly increasing in India since March 2020. In light of the same, the Central Government and relevant State Governments have developed and indulged in various surveillance methods. These methods include the development of the Aarogya Setu application, tracking potentially positive cases of Covid-19 and use of devices like CCTV cameras installed by the government and private persons to track human contact. 

This article discusses the impact and allegations against the primary digital surveillance mechanism, the Aarogya Setu application. It further discusses the social and legal impacts of the government order making the installation of the application mandatory for certain classes of people. Lastly, the article discusses the mechanism of contact tracing used by the governments and the impact of the same.

AAROGYA SETU APPLICATION

The Central Government has developed the Aarogya Setu app, which is a countrywide attempt at contact tracing. The app has been downloaded by over 10 million Indians from the Google Playstore. It tracks smartphone data with least insight into the nature of data it is collecting or how it will be used.Sources have reported that the Government may be building a mechanism for e-payment and telemedicine into the app. Thus, it is only reasonable to infer that this surveillance may have a lasting fixture in India’s digital scenario.

The app tracks all movements of the user through his smartphone. It gives a report about the proximity to other users of the app. The user of the app must give it permission to access the smartphone’s GPS and Bluetooth technology. It generates status report on the user and his proximity to other people who have downloaded the app.

Defensive Lab Agency is a Paris based cybersecurity consultancy which published an analysis report on the Aarogya Setu app. The analysis highlights that in addition to the contact tracing function and the user tracking function, the app may also be utilized to create a built-in sensor system like a microphone. The app is said to have the potential to access a smartphone’s data and contacts.

Further, the Indian government held a meeting with industry leaders to discuss the feasibility of a “citizen app technology platform” to include an “e-pass” model within the Aarogya Setu app. This is anticipated to allow workers in the informal sector to travel. 

On 11 May 2020, the Madhya Pradesh government accidentally revealed personal information of nearly 5,400 people quarantined, on a public online dashboard. The said dashboard also included their GPS coordinates at that time. The information was subsequently taken down and officials communicated that the same was a mistake.[1]

OTHER CONTACT TRACKING METHODS

Indian authorities have expanded tracking of citizens who may test positive through digital and analogous means. The government is using location data and CCTV footage to trace citizens in most parts of the country, according to Reuters. Before the country went into a complete lockdown and the airline industry was still functioning, several states resorted to stamping the hands of passengers arriving in airports with irremovable ink. The stamp also included the date until which the person must be quarantined.

The authorities have not just resorted to personal tracking but are also taking information about the passengers from railroad companies and airlines.
Due to the uncertain nature of the disease and social distancing norms, touch-based authentication methods like fingerprint scanners are considered risky. Such methods require people to touch the particular common surface. Therefore,the government is resorting to facial recognition which is getting an increase in adoption across India. Secureye, is an Indian telecom company. It has also decided to replace 650 fingerprint-based security checkpoints in hotels and offices with facial recognition.

The Chhattisgarh Government and many other state governments have released an application to authorize travel in the region. The application gives the user an e-pass to allow him to travel. The application requires a picture, Identification proof, and business proof. It further requires the details of the trip including the location and duration of the trip.

ANALYSIS

From the above discussion, it may be inferred that India is on a path to develop a rambling surveillance state. This brings the Indian surveillance mechanism closer to the lines of China’s surveillance model. The contact tracing methods developed for the pandemic have accelerated the process of deploying strict surveillance technology in India.

However, there is no data protection Act in force in India that governs the privacy infringement allegations legally as of now. Therefore, Article 21 of the Indian Constitution comes into play. The ambit of the Article has been given the widest possible interpretation by the Courts.

The Right to Privacy

Article 21 of the Indian Constitution states that, “No person shall be deprived of his life or personal liberty except according to a procedure established by law.” The Article does not specifically elucidate upon the Right to Privacy, but by virtue of the Puttuswamy judgement [1] by the Hon’ble Supreme Court, it is considered to be protected by the same. The judgement lays down a‘Proportionality Test’ to determine whether there has been a breach of the Right to Privacy. There are essentially five prerequisites that the Court looks into to satisfy the proportionality test for an app such as Aarogya Setu:

i. The app must have a legislative basis;
ii. It must have a legitimate aim;
iii. It must be a rational technique to achieve the goal;
iv. No other less restrictive alternative which can be used to achieve the goal should be present;
v. Lastly, the benefits of the app must outweigh the harm caused to the individual.
In strict sense, the Aarogya Setu app does not satisfy the proportionality test. There is no legislative backing of the development of the app and subsequent order making in mandatory to install. Even though the app has a legitimate aim, it does not however qualify as a rational technique to achieve the goal. It asks for unnecessary permissions and has the ability to collect more data than reasonably required to combat the pandemic.

While considering the fourth factor, we must discuss whether there are less restricting options available to the impugned application. The answer to this question is yes. For instance, we can consider the application developed by the Singapore government called Trace Together. This app uses only Bluetooth and doesn’t make sharing of much personal details mandatory. It does not track GPS pings of the users. Lastly, it offers the user a right to demand that the entire data about him be wiped off from all government servers.

Therefore, we can reasonably infer that such surveillance can be done through a better model instead of the privacy infringing Aarogya Setu app. Another ground of difference between the Indian app and the Singapore app is that the code for Aarogya Setu is not open sourced. Therefore, the public has no option to verify that the code does not collect unnecessary data. On the contrary, TraceTogether uses an open sourced code.

Lastly, the benefits on an app must outweigh the violation of rights. In author’s opinion, the benefits do not even compare to the amount of data collected by the government. An adequate surveillance programme can be undertaken even without collecting the quantum of data that the government is currently collecting. 

CONCLUSION

The development of the Aarogya Setu app and subsequent orders making its installation mandatory, coupled with other surveillance mechanism like CCTV cameras etc. may restrict the enjoyment of the right to privacy of the citizens. But more importantly, such measures are necessary to ensure social distancing and quarantine norms. Further, the are imperative to establish a chain of human interaction to enlist potential cases of Covid-19. However, as mentioned before, there are less restrictive ways for conducting such surveillance and the government must switch to the same in order to safeguard the right to privacy of the citizens.

REFERENCES

[1] Ranjan, ‘Madhya Pradesh app to track patients leaks personal data, taken offline’ (Hindustan Times, 11 May 2020) <https://www.hindustantimes.com/india-news/mp-app-to-track-patients-leaks-personal-data-taken-offline/story-WO7ATpaxOMDTsmUxSKduUO.html> accessed 29 May 2020.
[2]Justice K.S. Puttaswamy v. Union of India, (2017) 10 SCC 1.