By Deepanshu Kaushik
Aarogya Setu, a mobile application, was introduced by the Government of India to connect the people of the country with essential health services in the collec- tive fight against pandemic (COVID-19) outbreak.
Quoting the Office Order of Delhi High Court dated 13.04.2020, “The mobile application is aimed at augmenting the initiatives of the Government of India, particularly the Department of Health, in proactively reaching out to and in- forming the users of the application regarding risks, best practices and relevant advisories about the containment of COVID-19. It also helps significantly in contact-tracing and curbing the spread of Covid-19.”
Subsequently on April 29, the Centre had directed that “All the officers, staff (including outsourced staff) working in Central Government should download ‘Aarogya setu’ App on their mobile phones, immediately.”
Further, Clause 15 of Annexure 1 of the lockdown guidelines issued by the Ministry of Home Affairs on May 1 stated that under the National Disaster Management Act, “Use of Aarogya Setu app shall be made mandatory for all employees, both private and public. It shall be the responsibility of the Head of the respective Organizations to ensure 100% of this app among all employees”.
However, this metamorphosis from “voluntary” to “voluntary-mandatory” to “effectively mandatory” and hence, an arbitrary imposition of Aarogya Setu through executive decree, however, suffers from serious legal problems and thus, invited serious criticism from the le- gal fraternity and general masses as well.
These National Directives were challenged in a Writ Petition filed by John Daniel, General Secretary of Thrissur District Congress Committee, in the High Court of Kerala as violative of right to privacy and personal autonomy, as explained by the Supreme Court in the KS Put- taswamy decision. Similarly, Former Supreme Court Judge BN Srikrishna, who chaired the committee that came out with the first draft of the Personal Data Protection Bill, termed the government’s push mandating the use of Aarogya Setu app “utterly illegal” on the ground that it was not backed by any law.
Clause 15 of the National Directives in Exhibit P2 Order mandating the use of the application, Arogya Setu takes away the right of a person to decide and control the use of information about him. He is forced to give away data to a system that he may or may not approve of, thereby attacking his right of informational autonomy. Autonomy guaranteed by the Constitution of India also grants an individual freedom not to take part in activities he does not approve of.
Moreover, the Government order has vaguely used the term workplace which needs to be interpreted in terms of the Kerala High Court judgment in Essar Telecom Infrastructure Pvt. Ltd v State of Kerala where it was held that “Going by the concept of worker, either he must be employed in a manufacturing process or in cleaning any machinery or premises used for a manufacturing process or any work which is incidental or connected with the manufacturing process.”
Thirdly, Section 58 of the Disaster Management Act 2005 imposes penal action upon employers of enterprises if their employees do not comply with the directive of usage of Arogya Setu. This is arbitrary to the extent that no penal action can be imposed on anyone having no Mens Rea. An employer who has only a work relationship with an employee cannot compel the employee to install a mobile application and use it diligently and to provide his personal information to the domain.
At the heart of the viability of the Aarogya Setu app is its accessibility. Unlike other countries, the Aarogya Setu app also operates in a country where smartphone penetration is extremely low. According to a 2019 report by Pew Research Centre, smartphone penetration stands at a dismal 24% in India. In addition to this, issues of poor data connectivity and frequent electricity outages, particularly in the more remote regions of rural India continue to extremely low. According to a 2019 report by Pew Research Centre, smartphone penetration stands at a dismal 24% in India. In addition to this, issues of poor data connectivity and frequent electricity outages, particularly in the more remote regions of rural India continue to plague extensive usage of smartphones.
There are also no clearly defined legal mechanisms to protect citizen’s right to privacy and personal data in India and no legislation that can hold the government accountable for using our data. The Personal Data Protection Bill, which intends to safeguard the privacy rights of citizens was introduced by the Indian government in 2019. However, it still needs to be assessed by the Joint Parliamentary Committee.
There is also a serious absence of anchoring legislation, i.e., lack of a legislative framework to safeguard the interest of its users which points out the larger question of consent being obtained forcefully in the present case. Moreover as per the Aadhaar Case judgment the government does not have any legal backing to issue a direction to use Aarogya Setu App compulsorily as it has been stated in the judgment that “without the explicit backing of law right to privacy enshrined under Article 21 of the Constitution of India cannot be restricted especially when the right to consent is taken away.”
In light of the aforementioned serious procedural violations and flaws, blithely mandating Aarogya Setu in one sentence through an executive decree tears the constitutional architecture to shreds. The present case is a classic example of rule by executive, instead of the rule by and of law.
Questions Left Unanswered
The government directive mandating Aarogya Setu for all public and private employees suffers from serious legal flaws. In light of the recent developments, the words of the UN Privacy Chief Joseph Cannataci again hold importance, “Dictatorships and authoritarian societies often start in the face of a threat. That is why it is important to be vigilant today and not give away all our freedoms.”
In the present case, if there is a breach of data here, who is answerable, what action has to be taken and (who is) accountable for the data breach. While the app may help us fight Covid- 19, it also has the very real potential to produce anti-democratic, exclusionary, discriminatory practices and structures at a larger scale.
In these challenging times, even the impression that the basic principles and rights, as mentioned by the author, are being compromised by an executive decree, can seriously damage the public trust and confidence on which rests the reputation of the democratic governments. Once that is lost, there will be no value in the system left.