Aarogya Setu data sharing: All you need to know about the new protocol
Aarogya Setu has made a lot of headlines lately, not just because of the massive user base it has achieved within weeks but for how it handles your data as well. Addressing those privacy-based questions, the govt yesterday (Monday) issued a notification, revealing where the information is shared and when is it deleted from their servers. While a lot has been said about it, here are some pointers that sum up the entire ‘Aarogya Setu Data Access and Knowledge Sharing Protocol, 2020’ for you.
-The ‘Aarogya Setu Data Access and Knowledge Sharing Protocol, 2020’ is meant to use the data only for Covid-19 related health records and nothing else. The data is strictly to keep check on areas and people affected.
-The data captured by the Aarogya Setu app can be retained for 180 days at the maximum. For now, the data is stored for 45 days for uninfected people and 60 days for infected persons.
-You can request for a demographic data to be deleted. This includes name, mobile number, age, gender, profession and travel history. “Demographic data of an individual that has been collected by NIC shall be retained for as long as this protocol remains in force or if the individual requests that it be deleted, for a maximum of 30 days from such request, whichever is earlier,” says the MeiTY document.
-The Centre also specified that only the data of those who are infected, are at high risk of being infected or who have come in contact with infected people are most likely to be collected.
-The collected data can be shared with any government department or ministry, which can also pass it on to third parties for the purpose of government’s health responses.
-This ‘Aarogya Setu Data Access and Knowledge Sharing Protocol, 2020’ will stay active for six months.
-Violations of the data security protocols by any entity will be punishable under section 51 to 60 of the Disaster Management Act, 2005, which invites jail term for up to two years.
-The protocols also allow research institutes to study the data collected by the app after it has undergone hard anonymisation – a process to scrub it of personally identifiable information.