‘No personal info of any users proven to be at risk’ Aarogya Setu responds to hacker’s claim of privacy issue

A statement by Aarogya Setu developers has been issued reiterating that information of users collected on the app is not at risk.

India’s contact tracing app Aarogya Setu has around 90 million users now.
India’s contact tracing app Aarogya Setu has around 90 million users now. (Aarogya Setu)

Aarogya Setu on late Tuesday issued a statement explaining how it collects and manages location and user information after French hacker Robert Baptiste, who goes by Elliot Alderson on Twitter, flagged a "security issue" in the contact-tracing application.

"No personal information of any user has been proven to be at risk," the statement read. The app makers also reiterated Aarogya Setu's privacy policies which are accessible from the app itself. The app collects user location and stores them on the server which is said to be in a "secure, encrypted, anonymised manner". The user's location is fetched when they register, self-assess and when the user submits their contact tracing data voluntarily through the app, the statement added.


The hacker also responded to Aarogya Setu's statement hinting that he will most likely reveal more details later today.


Aarogya Setu was launched back in March shortly after the lockdown started in India. It is the government's official Covid-19 contact tracing app developed by the National Informatics Centre under MeiTY. The app is so far said to have around 90 million users within a little over a month since its launch. It has also had its fair share of criticism from experts over the collection of user data and location.

ALSO READ: AarogyaSetu Mitr website launched, offers free Covid-19 consultancy, medicine deliveries and home lab test

Aarogya Setu has also been made mandatory for all government and private employees. Residents in Noida may also reportedly be booked by the police if they don't have the app installed on their phone.