Home / Tech / News / Govt has shared data from Covid-19 exposure events of less than 13,000 Aarogya Setu users
tech

Govt has shared data from Covid-19 exposure events of less than 13,000 Aarogya Setu users

For those who are not at risk, their data is deleted every 30 days and data for those who are currently being tested is deleted after 45 days.

Sawhney said that the 13,000 were users who were found to be Covid-19 positive or were at risk of the disease according to the information on the Aarogya Setu app.
Sawhney said that the 13,000 were users who were found to be Covid-19 positive or were at risk of the disease according to the information on the Aarogya Setu app. (REUTERS)

The government announced today that less than 13,000 users' data from the Aarogya Setu app has been moved to government servers so far. This was confirmed by Ajay Prakash Sawhney, Secretary, Ministry of Electronics and Information Technology (MeitY) during the health ministry's daily briefing about Covid-19.

Sawhney said that the 13,000 were users who were found to be Covid-19 positive or were at risk of the disease according to the information on the Aarogya Setu app. And while only 13,000 were found to be Covid-19 positive or at risk, this information allowed the government to alert nearly one lakh users.

The Aarogya Setu app currently has over 9.8 crore users.

The data Sawhney referred to is about exposure events. Aarogya Setu's privacy policy states that when two users come in close proximity, their unique IDs get stored on both their phones along with the time and the GPS location. This information is uploaded to the app's servers, which are controlled by the government, if a user tests positive.

Besides this information, there is information the app uploads to the servers irrespective of whether you test positive or not. Aarogya Setu uploads personal information recorded by the user when one signs up. The app's privacy policy clearly states that names, phone numbers, age, sex, profession, and countries visited in the last 30 days is uploaded to the server when a person logs into the app.

However, this information is hashed using a unique digital id, which the government calls DiD. This DiD is what is shared between phones while determining exposure events.

Sawhney explained that when two Aarogya Setu users come in close proximity, the app transfers data like GPS location, identity etc. to central servers if a person tests positive. For those who are not at risk, their data is deleted every 30 days and data for those who are currently being tested is deleted after 45 days.

If a user tests positive, then their data is kept up to 60 days after they are cured.

Based on the app's privacy policy, this data that is stored covers self assessments, exposure events and location coordinates. The first clause, which sends names, phone numbers etc. to the servers on sign ups isn't covered by this particular part of the policy.

Sawhney reiterated today that the data acquired from the app is used only for health-related purposes. He also confirmed that while the app is only available on Android and iOS phones right now, it will be coming to JioPhones soon.

Follow HT Tech for the latest tech news and reviews, also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.