How Much Encrypted The Aarogya Setu Mobile Tracing Application Is?
Government of India developed Aarogya Setu mobile tracking application to fight against COVID19 (a highly infectious disease). A French white hat hacker put the Aarogya Setu application in question by claiming to have the access of users’ data of the App and revealing that any attacker can know the location of users other than the government agencies in India.
Aarogya Setu App team also gave the clarification against such claims and assured the users that the app is completely safe to use and data is highly encrypted.
The App was launched on 02.04.2020. It has crossed over 96 million users and the fastest mobile app to cross 50 million user-base globally. However, it has crossed over 96 million users still it collected the contact tracing data of only below 13,000 users, all of whom had tested COVID19 positive which is less than 0.1% of all users as informed by the officials in the press brief today.
Why Indian Government Developed The Mobile Tracing Application?
India is a densely populated country with limited resources to use in the most efficient manner to fight against the COVID19. In such a situation, to know the precise information about “whom to test” and “where to test more” was getting critical for the government to weed out the COVID19. The app was designed to serve both the purposes.
How Aarogya Setu Functions Technically?
- The central feature of the product is location history based syndromic mapping and Bluetooth-based contact tracing. Such data which is exchanged to enable the app sums up the majority of the personal information.
- The Bluetooth interaction between two phones on which the App is installed, it is performed anonymously using a randomized and secure Device Identification Number (DID) that has been assigned to the devices at the time of registration.
- The information exchanged when two phones come in proximity only include the DID of the other user and the details of interaction (time, duration, distance and location).
- Along with the users location history which is sampled sparingly (once every 30 minutes), such information is securely encrypted using the native key chain of the phone’s operating system and is stored in the phone itself.
- Unless a user tests positive for COVID-19, this information is never accessed or pushed to the server and is permanently deleted from the phone 30 days after it is collected.
How Aarogya Setu Processes And Stores The Data?
- After registration, the App asks for user’s name (any name, not needed a legal name) and mobile number. It asks user’s age and gender (both have a direct co-relation to COVID-19 impact); profession (to ensure people who are in essential services are proactively assisted), countries visited in last 30 days and willingness to volunteer in the hour of need.
- This information, along with location at the time of registration on the App (to analyze the penetration of the App across the country) is de-identified, encrypted, linked to assigned DID (and not with the phone number) and stored on the server in an anonymous manner.
- When user takes the optional Self-Assessment Test, the App collects its response to the Test and location, links it with assigned DID, encrypts it and stores it on the server.
Stored Data And Its Duration On Server:
- All contact tracing and location information is stored on the mobile device and not uploaded to the Aarogya Setu App’s servers which is permanently deleted from the phone on a rolling 30 day cycle.
- All contact tracing and location information that might have been uploaded to the Aarogya Setu server is permanently deleted 45 days from the date of upload, if the user has not tested positive for COVID-19 within that period of time.
- If user is infected, all contact tracing and location information pertaining to the user is permanently deleted from the server 60 days after such user is declared cured from COVID-19.
Use of Data:
- Ministry of Electronics and Information Technology, Government of India (“MeitY”) and National Informatics Centre are designated as the agency responsible for collection, processing and managing response data collected by the Aarogya Setu.
- App requests users to share location. App does not use location data for contact tracing and not continuously monitor any user’s location.
- The App uses the location information on an anonymous or aggregate basis and for the specific purpose of identifying hotspots, so that proactive increased testing and sanitization of these locations can be done.
- If there is a requirement for individual medical intervention then the anonymized personal information is re-identified. The team is exploring moving from a one-time DID to dynamically generated DIDs for every user to further enhance privacy.
Information Still Need To Be Shared In Public Domain:
Amitabh Kant, CEO of Niti Aayog told to ANI in an exclusive interview that Aarogya Setu engine is designed to respect the privacy of COVID-19 positive patients. But there are still information related to the data storage which is required to share in public domain i.e. (i) What kind of encryption tools are being used to secure the data of the users and (ii) where the server is located in which the data of Aarogya Setu app is stored even in an highly encrypted manner? We would wait to gather this information and update this post accordingly.
The privacy policy and terms of service which is publicly available related to the Application: