Bhubaneswar: The Odisha government’s mobile application to tackle COVID-19-related issues lacks specific privacy policies, a new pan-India survey has found.
According to the survey conducted by the Bengaluru-based research think tank, Centre for Internet and Society (CIS), COVID-19 Odisha App, which offers contact tracing and identification of hotspots, doesn’t provide any information on how long the data will be stored and when it will be deleted. Besides, there is no information on the anonymity of the data collected.
This apart, the app doesn’t have a sunset clause — an automatic repeal of the entire or sections of the law once a specific date is reached — which means that there is no clarity regarding the app’s functionality once the pandemic is over.
The survey was conceptualised, researched and co-authored by CIS’ Senior Policy Officer Pallavi Bedi along with CIS Executive Director Amber Sinha.
Speaking to Odisha Bytes, Bedi said, “The app does not have a specific privacy policy. The link on Google Play page directs the user to the general privacy policy of the Odisha government. There is also no information on the security measures deployed for securing the data.”
Bedi added, “The stated objective of the app is for risk management. However, as the login is limited to individuals in quarantine, it is difficult to ascertain whether the data is being used for any other purpose other than the intended use. It is also not possible to ascertain whether more information than what is required for the stated purpose is being collected or not. There is no information available about a grievance redressal mechanism.”
Similar concerns were posted by users on Google Play Store.
“COVID-19 Odisha App is having many issues and is not a user friendly to full-fill basic registration process. OTP process is very slow and validation gets invalid when it is delivered,” one Pradipta Kumar Sahoo wrote.
Another user named Siben Nayak also shared his disappointment: “Pathetic application. Can’t even register, forget about using it. Whatever you try, just can’t get past the registration error that doesn’t allow you to register as a patient.”
However, such grievances are not unique to this particular app. According to Bedi, lack of clarity, transparency and privacy on numerous levels across the COVID-19 apps launched by various state governments indicate that the practices governing these apps are far from ideal and require significant improvements.
The survey analysed 17 apps launched across the country — Covid Care Arunachal Pradesh, Kavach Chhattisgarh, Covid-19 West Bengal, Quarantine Watch Karnataka, Corona Watch Karnataka, Test Yourself Goa, Covid-19 Quarantine Monitor Tamil Nadu, Test Yourself Puducherry, Cova Punjab, CG Covid-19 ePass Chhattisgarh, UP Government SelfQuarantine App, Mahakavach Maharashtra, MP Covid Response App, Haryana Sahayak, COVID-19 Odisha and GoK Direct Kerala.
CIS informed that the survey was an “empirical research based on publicly available data” on the 17 apps and information available about them on Google Play Store. Data for the study was collected between May 26 and July 3.
The survey also stated that though the Aarogya Setu app launched by the Central government has been criticised for loopholes in its privacy policy, there are many state government apps that pose similar concerns but have “largely escaped attention and public scrutiny”.
Also Read: Odisha Fights COVID-19: BMC Launches ‘Sachetak’ App For Senior Citizens
Also Read: Odisha Fights COVID-19: Bhubaneswar Youngsters Create App For Sharing Resources, Services