Tl;dr

As per an update on the parliamentary website the Committee on IT is meeting on June 10, 2020 to discuss the issue of, "Citizens data security and privacy". We are particularly hopeful that this occurs after our request on May 8, 2020 to hold urgent hearings on Aarogya Setu. To keep the committee members up to date, and to serve as a briefing document, we yesterday sent across a range of materials which not only focus on Aarogya Setu but also the massive vulnerability reported on CSC Services that exposed millions of records including Aadhaar and caste records.

Urgent hearings on data security and privacy

The Parliamentary Standing Committee is a vital body to inform the law making process on issues of digital rights. While it has been actively meeting on a range of issues the present pandemic has impacted it's work. The last meeting of the committee was on March 18, 2020 and, more disconcertingly the last time it had the occasion to discuss the issue of our data security and privacy was last year on December 13, 2019. Hence, it becomes incredibly important given the incredible pace of developments particularly the growth of government surveillance as well as increase in the collection sensitive personal data through applications such as Aarogya Setu a meeting is held soon.

We have highlighted this in our a letter we first wrote on June 10, 2020 making our case. This has been explained at length in this blogpost and also acknowledged by the Chairperson of the Committee, Dr. Shashi Tharoor.

Subsequent to this, a notice was published a few days back announcing the Committee would indeed be meeting on June 10, 2020 and would be holding a hearing with officials from the Ministry of Electronics and Information Technology. The subject for this would be citizens data security and privacy. We believe this hearing can be conducted either in person or through remote conference keeping in mind the urgency of the issue as well as accounting for the safety and wellness of the members. Stopping the functioning of parliamentary committees would impact not only the quality of law making but severely undermine the functioning of our democracy.

This concern matches a global trend. As per a comment by Chakshu Roy, head of legislative and civic engagement at PRS Legislative Research in an Op-ed in the Indian Express dated April 21, 2020, “[t]he committees of parliaments of more than 15 countries are working online”.

Keeping the Committee up to date!

Clearly a lot has happened since June 10, 2020. To keep the committee up to date and to make the most of it's hearing with officials from the Ministry of Electronics and Information Technology we sent them a bunch of recent updates. These include the following:

1. To gather a sense of the timeline of the Aarogya Setu App we have created a video explainer (till May 21) [click here].
2. A challenge to the mandatory imposition of Aarogya Setu which is presently being considered by the Hon’ble High Court of Kerala also contains an expert affidavit by Prof. Subhashis Banerjee, IIT that indicates deficiencies of utility and proportionality [click here].
3. Analysis of the “protocol” issued on Aarogya Setu [click here].
4. The lack of transparency in the vendors, contractors and, “volunteers” as per evasive RTI responses including those from NIC [click here].

We intend to follow up and will keep urging all our parliamentary institutions to take clear steps to protect your digital rights!

Important Links

1. Letter to the IT Committee on issues of data privacy and security on contact tracing applications dated June 4, 2020 [link]
2. Letter to the IT Committee on issues of data privacy and security on contact tracing applications dated May 8, 2020 [link]

#SaveOurPrivacy

#BanTheScan