Aarogya Setu app gets privacy policy changes, state-wise dashboard

Aarogya Setu, which was launched earlier this month to help people self-assess their risk of being infected with Covid-19, has been given an update. 

Visually, the dashboard has been ramped up and prominent additions include images on recommendations to stay safe, how to maintain social distancing, a video message by actor Amitabh Bachchan and a quote from prime minister Narendra Modi urging citizens to download the app.

Aarogya Setu — Hindi for a bridge to health— will soon display an e-pass feature. The app currently doesn’t offer any more details about these passes. 

A box to donate directly to the PM CARES (Prime Minister's Citizen Assistance and Relief in Emergency Situations Fund) fund using unified payments interfaces such as Google Pay, Paytm and PhonePe, has also been added, along with an icon for an overview of Covid-19 cases in India. 

The app  only provides details up to the state level and there are still no features showing the user hotspots of positive cases or a heatmap that alerts the user of a high risk area. 

But the biggest changes that the app has gone through in its April 13 update concern its privacy policy, which has been updated with several new clauses.

Although the application’s previous privacy policy stated that users would be notified of revisions from time to time, no such notifications have been sent to its users. The app’s description on Google Play Store also does not reflect the heavily updated privacy policies.

Key changes to the privacy policy:

Unique ID for all: Along with saving details such as name, phone number, age, gender, profession, location and countries visited in the last 30 days, each user will now be given a unique digital id called DiD.

“The DiD will thereafter be used to identify you in all subsequent app related transactions and will be associated with any data or information uploaded from the app to the server,” the privacy policy states.

Note that the user will not be able to access their unique ID, at least for now.

Exchange of DiDs with other registered users: The Aarogya Setu app will automatically exchange DiDs, time and GPS location if one user of the app comes in close proximity to another user who has also downloaded the app.

The information that is collected from one app will be “securely stored on the mobile device of the other registered user and will not be accessible by such other users,” the policy reads.

The app will not share data with third party apps, but: Although the updated policy states that the app shall not share user data with any third party apps, the exception of this policy is towards carrying out “necessary medical and administrative interventions.” The app does not define these medical or administrative interventions. 

The app collects location data once every 15 minutes: The updated policy states that information on the user will be collected every 15 minutes. However, such information will be sent to the central government’s servers only if you:

• Test positive for Covid-19
• If your self-declared assessment test indicates you are at high risk
• If you are at moderate risk (yellow) or at high risk (orange ) of infection. Also note that the previous version only had the provision of placing users either under a low risk or a high risk category.

Government not be liable for accuracy of information, identification of positive cases or unauthorised access to data: Under the limitation of liability clause, the policy states that the government  will not be liable for the failure of the app to accurately identify persons as well as the accuracy of the information provided by the app or its services.

It also goes on to add that the government takes no liability in the case of “any unauthorised access to your information or modification thereof.” 

However, it is not clear if this clause pertains to unauthorised access to the central servers or to the user’s mobile devices which store the data.

How long will your data be stored in the servers?  The data collected on the phone, which also includes other user’s DiD data, will be stored in the mobile device for a period of 30 days after which it will be deleted from the app, provided that it has not been uploaded to the server.

However, data that has been uploaded to the servers from those who specifically did not test positive will be deleted 45 days after being uploaded.

Information collected from users who have tested Covid-19 positive will remain in the central servers for a period of 60 days.

Will the data be deleted after uninstalling the app?  No. The data that has been provided in the beginning, such as age, name, phone number, profession, location, DiD and countries visited in the last 30 days will still be stored in the server after uninstalling, provided that if it is required under any law applicable at the time of usage of the app.

How will the data be used? The data collected will be stored into anonymized (removing details by which a person can be identified) and aggregated data sets that will be used for generating reports, heat maps, or other statistical visualisations.

However, even after the first update, heat maps, statistical visualisations are not available to the end user, except a state wise breakdown of Covid-19 positive cases in the main dashboard under ‘Covid-19 updates’.

The policy also says that the information collected from other user’s devices will be stored in the server and used to calculate the user’s probability of having been infected with Covid-19.

 The app still seems to take decisions based solely on the self-assessment test and the questions, without use of any outside data analysis.

 If the user tests positive for Covid-19, the information collected will be used to map the movement of the user over the past 14 days.

Also read: Apple, Google partner for Covid-19 contact tracing technology

What about data security?  The app claims that it has been equipped with standard security features and data will be encrypted in transit as well as at rest. Information entered during registration will also be encrypted before being uploaded onto an encrypted cloud server. 

Can you access your location history, data collected from you or other users DiD information stored on your phone? No. The location details collected by the app and the user’s details recorded during coming in close proximity of another user will not be available to be accessed by the owner of the mobile with the Aarogya Setu app as the details have been stored in an encrypted format.

 Other changes in the app:

•  A new e-pass feature available on the app which is labelled as coming soon. 
• The self-assessment test now comes with a prompt to provide correct answers as medical and support staff are limited. At the end of the test, if the user is placed under the medium or high risk category, he/ she will be prompted to send test results and location history to the Health Ministry.
• Users can only accept the request to upload the information or defer the update.  There is no option for the user to instruct the app to not send data to the servers.

---