<https://citizenmatters.in/tracking-quarantine-tracing-cases-sharing-info-can...> In response to the Covid-19 pandemic, the governments of Kerala, Karnataka, Punjab and Tamil Nadu, the Ministry of Electronics and Information Technology (MeitY) and the National Informatics Centre (NIC) have released various mobile apps. Most of them are meant for one or more of these purposes: Ensure compliance with quarantine rules Provide information about symptoms and healthcare, and updates about the outbreak Tracing of confirmed and at-risk cases Tracing contact history with confirmed and at-risk cases A slew of mobile apps and other Internet-based interventions have been released by governments and private entities around the world. Google’s Android application store (Google Play) took down several Coronavirus infection tracker apps over the past month for violating its policy against “apps that lack reasonable sensitivity towards or capitalise on a natural disaster, atrocity, conflict, death, or other tragic event”. The Apple App Store also shuttered several such apps while citing a similar policy. Both app stores have allowed only infection tracker apps approved by governments or healthcare organisations/ companies. Key issues: Technical glitches, usability and privacy A preliminary review of the apps that I conducted based on publicly available information such as the app store listing and government orders raises two major concerns: Technical and usability issues that prevent quarantined users and the rest of the public from meaningfully using the apps Privacy of apps users as well as those identified as at-risk and/ or quarantined. (It is unclear from studying publicly available information regarding these apps if complementary and alternative means are being used to trace home-quarantined persons who do not own a smartphone or an Internet connection/ mobile Internet plan.) The current milieu encourages people to distrust and/ or discipline each other: while public services are being stretched thin while simultaneously trying to control the spread of an epidemic and manage a lockdown of the entire country, some individuals are flouting rules for quarantine and safety. While desperate times understandably call for desperate measures, many of these mobile phone-based interventions raise concerns about the privacy of users and that of persons directly affected by the novel coronavirus, overboard surveillance, and eventually, “function creep”. In the absence of a law for the protection of personal data and informational privacy, what happens of personally identifiable information (PII) collected and/ or published by these apps? Who would have access to information gathered for the purpose? For how long will it be stored and where? When will it be deleted, if at all? What safeguards exist to prevent abuse and leaks of this information? Would the use of PII be limited for the purpose of tracing, preventing and mitigating coronavirus cases? Leaks and abuse of photos and PII such as home addresses have already happened in some parts of the country. In case the app has been developed by a third-party, for example, a contractor with the government, what would be the rules applicable on the contractor for ownership and handling of PII, preventing its abuse, unauthorised access, and data breaches? Persons who violate quarantine rules face punitive actions under the Epidemic Diseases Act, 1897, a law far older than the Internet. The government orders that I could find have mandated the use of these apps. However, there is no publicly available information about what happens in case of technical failure of an app or if a person gets erroneously reported by the app as breaking the rules (in technical terms, a “false positive” report). On the other hand, technical issues with the apps and their allied systems, or trivial situations such as poor Internet connectivity could mean that persons who indeed break the rules do not get flagged (a “false negative” report). Here is the list of the apps reviewed: Aarogya Setu (National Informatics Centre) Quarantine Watch (Government of Karnataka) Corona Watch (Government of Karnataka) Corona Kavach (Ministry of Electronics and Information Technology – MeitY) COVID-19 Quarantine Monitor Tamil Nadu (Tamil Nadu Police Department) GCC- Corona Monitoring (Greater Chennai Corporation) Cobuddy – Covid-19 Tool (FaceTagR, Tamil Nadu) COVA Punjab (Government of Punjab) Mahakavach (Maharashtra State Innovation Society) COVID 19 Feedback (Ministry of Electronics and Information Technology-MeitY) GoK-Direct Kerala (Government of Kerala) KSP Clear Pass Checker (Vivish Technologies, Karnataka) Covid Care Kerala (Kannur District administration, Government of Kerala) Other apps mentioned in the news and unlisted apps [...]