In a welcome development, government has made the Aarogya Setu app open source, allowing the community of developers access to the source code. Alongside, the Centre has also launched a ‘Bug Bounty’ programme to partner with Indian researchers and developers to test and improve the contact tracing app. This comes against the backdrop of concerns regarding user privacy and data security that Aarogya Setu had engendered. Since the app uses Bluetooth and location data to find out whether a user has come in contact with a Covid-19 positive person, there were fears that the data could be mishandled.
But open sourcing the app allows developers to study the source code, point out bugs, suggest code improvements and even see the kind of data that the app takes from users. Overall, this will build trust in the app and help quell doubts about data pilferage and misuse. There’s no denying that in the wake of the Covid-19 pandemic, contact tracing apps are here to stay. After all, the coronavirus will be with us for sometime and other pandemics may be in the offing. But concerns about these apps bringing on a surveillance state are also legitimate. Thus, in order to safeguard privacy and democratic values, such apps need to be built through open participation with the public.
Technology can be a tremendous power for good. But it has to be based on trust and transparency. This is where we may see a partition of the tech world in the near future with China pushing an autocratic model where data is totally for use by governments, and trust based systems with public participation are championed by democracies. Upholding democratic values and protecting the individual ought to be the baseline in the tech world. This is where a strong personal data protection architecture is imperative. Besides, trust and public participation are also key to innovation. Aarogya Setu has taken a step in the right direction.