Aarogya Setu App Crosses 10-Crore Mark Of Users. Here’s What You Should Know About Data Processing Rule?

New Delhi, May 14: Aarogya Setu app, which became popular as the Covid-19 situation turned grim leaving nearly 2,450 people dead,  has registered a record 10-crore users. The app has turned out to be the most downloaded free app on both Android and iOS. Niti Aayog CEO Amitabh Kant has announced the number of registrations received on the app on his Twitter timeline. The app was the government’s initiative to monitor the movement of Covid-19 affected people and tracking the possible hotspots across the country. The app which primarily launched as a voluntary app to be installed by people as per their wish but the government has made it mandatory in a situation such as rail travel including some regions which are hotspots. The government's move to make it mandatory in certain situations has attracted criticism raising questions about the app's impact on users’ privacy. However, the government has clarified that the user’s data will be deleted within 180 days and the data stored in the app will be safe and will not be tampered with. In view of the criticism over data security from different quarters, the ministry of electronics & information technology issued a data-sharing and knowledge-sharing protocol for the app, laying down guidelines for sharing such data with government agencies and third parties. Before this, the only legal shield around the mechanism was the app’s privacy policy. Who can access Aarogya Setu data? According to the guidelines released, the response data containing personal data may be shared by the app’s developer — National Informatics Centre (NIC) — with the Health Ministry, Health Departments of state/Union Territory governments/ local governments, National Disaster Management Authority, state disaster management authorities, other ministries and departments of the central and state governments, and other public health institutions of the central, state and local governments, “where such sharing is strictly necessary to directly formulate or implement an appropriate health response”. What are the measures taken to ensure data safety? The response data shared with ministries, government departments and other administrative agencies has to be in de-identified form. De-identified form implies that, except for demographic data, the response data should not include information that may make it possible to identify the individual personally; it must be given to a randomly generated ID. Is there any penalty for violating the guidelines? “Any violation of these directions may lead to penalties as per section 51 to 60 of the Disaster Management Act, 2005 and other legal provisions as may be applicable,” the protocol said. The penalty clauses under the disaster management act have provisions for jail term for officials.  WATCH: Another Mumbai policeman succumbs to Coronavirus; death toll 9