New Delhi: After Congress leader Rahul Gandhi had raised concerns regarding Arogya Setu mobile application and a French hacker and cybersecurity expert Elliot Alderson raising concerns in Twitter, the government on Monday responded to the hacker dismissing his claims.

On Tuesday, a French hacker and cybersecurity expert Elliot Alderson had claimed that "a security issue has been found" in the app and that "privacy of 90 million Indians is at stake".

Earlier Congress leader Rahul Gandhi had also attacked the ruling BJP government saying it is a "sophisticated surveillance system" outsourced to a private operator, raising serious data security and privacy concerns.

The app is the government's mobile application developed for contact tracing and disseminating medical advisories to users in order to stem the spread of coronavirus.

The government has completely dismissed the concerns of the hacker and said "no personal information of any user has been proven to be at risk by this ethical hacker".



"We are continuously testing and upgrading our systems. Team Aarogya Setu assures everyone that no data or security breach has been identified," the government clarified through the app’s Twitter handle.

The tweet from the government has clarified the points raised by the hacker in a detailed response.

"We discussed with the hacker and were made aware of the following... the app fetches user location on a few occasions," it said but added that this was by design and is clearly detailed in the privacy policy.

Also Watch:



It added the details of the privacy policy as, “The app fetches users’ location and stores on the server in a secure, encrypted, anonymised manner - at the time of registration, at the time of self assessment, when users submit their contact tracing data voluntary through the app or when it fetches the contact tracing data of users after they have turned COVID-19 positive”

On being questioned that users can get the Covid-19 status displayed on the home screen by changing the radius and latitude-longitude using a script it said, “All this information is already public for all locations and hence does not compromise on any personal or sensitive data,” the message added.

"We thank the ethical hacker on engaging with us. We encourage any users who identify vulnerability to inform us immediately...," it said.

Responding to Aarogya Setu's clarification, Alderson tweeted, "I will come back to you tomorrow".