The parliamentary standing committee on information technology (IT), which is set to meet on June 17, is likely to discuss privacy concerns around citizen data collected by the Aarogya Setu app, company selection criteria for the Bharat Health Stack project envisioned by NITI Aayog, and transparency and accountability measures for users on the unified payments interface (UPI)-based money transfer app BHIM.
The committee, chaired by member of parliament (MP) Shashi Tharoor, has listed ‘oral evidence on citizen’s security and privacy by the representatives of the Ministry of Electronics and Information Technology (MeitY)’ as an agenda item for the meeting.
Legal services organisation Software Freedom Law Centre, India, or SFLC.IN, which works in the areas of technology, law and policy, has flagged questions for this discussion.
The Android source code for coronavirus tracking app Aarogya Setu, which MeitY released in May to bring transparency, is not verifiable from the public repository, SFLC.IN said in its submission. It also sought a timeline for the release of the server code of the app, which has witnessed over 10 crore downloads so far.
The questions set forth by SFLC.IN also probes into the role of Aarogya Setu Mitr portal, which was developed by NITI Aayog and the office of principal scientific advisor. Founders of some of companies that provide telemedicine, at-home testing and epharmacy services through the portal also helped develop the Aarogya Setu app, raising the question of whether there could be a conflict of interest, said the submission.
Additionally, NITI Aayog is also in the process of creating Bharat Health Stack, again with participation from companies in telemedicine, epharmacy and wellness. SFLC.IN has sought the selection criteria for the programme and whether citizen health data was safeguarded from these companies.
India currently lacks a data privacy law, as the Personal Data Protection Bill, 2019, is still under review by the joint parliamentary committee. The committee members include BJP MPs Meenakshi Lekhi and Tejasvi Surya, and DMK MP Kanimozhi.
The New Delhi headquartered organisation has also sought clarification on a tender floated by the central public sector enterprise Broadcast Engineering Consultants India (BECIL), which operates under the Ministry of Information and Broadcasting.
BECIL in April floated a tender to develop a Covid-19 patient tracking tool. In a corrigendum uploaded a week later, it asked for bids to provide tools to analyse cell tower dumps, gateway scans and call detail records. Such information could be misused for mass surveillance, SFLC said.