Kerala High Court raps state govt on IT deal with US firm for processing COVID-19 patients' data
Considering a plea seeking quashing of the stategovernment's contract with the US-based IT firm Sprinklr, theHigh Court sought to know as to why foreign jurisdiction wasincluded as a clause in the deal for adjudication of possibledisputes.
Expressing concern over the confidentiality of thecitizen's data processed by a third party, a division benchcomprising Justices Devan Ramachandran and T R Ravi alsosought to know why the sanction of the law department was nottaken before finalising the agreement.The court hailed the state government's fightagainst the pandemic but said it was concerned about the dataconfidentiality.
Noting that a citizen is not privy to the dealsigned between the state government and the foreign company,the court observed that the state government will be held asresponsible, if the firm misused the data.The court also asked why the contract was notreferred to the law department before signing it.
When state government counsel said the datacollected did not constitute sensitive personal information,the bench said data confidentiality in the present world isthe most important.The state government said the agreement with theSprinklr has safeguards for data protection in accordancewith the standard practices of software as a service models. In his plea, petitioner Balu Gopalakrishnansaid he was concerned about the manner in which the dataregarding the COVID19 patients in the state are collected,stored, analysed and retrieved.
The state government had entered into acontract with the IT company based out of the US, owned by anon resident Keralite, wherein the data of suspected andactual patients of the COVID-19 virus will be collectedusing government machinery and is uploaded to the foreignfirm's web server on a daily basis.
The IT company in turn will provide actual datato the State machinery after analysis, for betterunderstanding and treatment of the pandemic.The petitioner said only concern is whetherthe data stored in the web server of company is safe andwhether it can be used by the company for monetary gains.
"Even if there is a non-disclosure agreementbetween the parties, how can a violation of the agreement bepenaly enforced upon a foreign company and whether it will beeffective.
The IT department of the state cannot feignignorance of the perils of data theft and answer questionsflimsily and callously," the petitoner said.More than 1.5 lakh sensitive medical informationof the COVID-19 patients are uploaded on a daily basis, tilltoday, the petitioner alleged.
(This story has not been edited by Business Insider and is auto-generated from a syndicated feed we subscribe to.)
- 5-star rating refrigerator (fridge) in India
- Best soundbar with Dolby Atmos in India 2021
- Best soundbars with a wireless subwoofer
- Myntra signs up Hrithik Roshan, Vijay Deverakonda and Dulquer Salmaan as its newest brand ambassadors
- Google is now using Chrome as an added security layer for account sign-ins