Apple and Google offer Indian authorities their new COVID-19 contact tracing platform

Apple and Google
  • The platform, called Exposure Notification system, will allow public health authorities to build COVID-19 contact tracing apps without violating user privacy.
  • So far, 23 countries have requested access to this system. Apple and Google hope that more countries will join soon.
  • In India, privacy activists have raised concerns about privacy breaches in the Aarogya Setu app. Adoption of this API could help address those concerns.
Apple and Google have come together to launch COVID-19 contact tracing platform called Exposure Notification API. This will allow public health authorities around the world to launch COVID-19 contact tracing apps, allowing them to trace infected people while ensuring their privacy is not compromised.

“Starting today, our Exposure Notifications technology is available to public health agencies on both iOS and Android. What we’ve built is not an app—rather public health agencies will incorporate the API into their own apps that people install,” Apple and Google said in a joint statement.

Public health authorities can use this system and build apps for their local population. So far, authorities in 23 countries have requested access to this application programming interface (API).

“Each user gets to decide whether or not to opt-in to Exposure Notifications; the system does not collect or use location from the device; and if a person is diagnosed with COVID-19, it is up to them whether or not to report that in the public health app,” the two companies further added, addressing privacy concerns that some people may have.
India’s stance on this API could help it address the concerns of privacy activists

Privacy activists have voiced their concern about the Indian government’s data collection practices in the Aarogya Setu app.

“You want this surveillance to follow civilians without being monitored by the Parliament. You are shifting surveillance from counterterrorism to civilians. This shift must be routinely monitored, audited and supervised by the other institutions in the democratic regime,” Yuval Wollman, President, CyberProof, told Business Insider.

The Indian government has mandated the use of Aarogya Setu for all employees, whether in the public or the private sector. In addition to this, travellers, delivery executives, people living in containment zones and more have been asked to download and use Aarogya Setu compulsorily.
If the Indian government shifts away from collecting data via its app, and relies on Apple and Google’s Exposure Notification system, it could address the concerns raised by privacy activists.

Privacy activists point out privacy breaches in the app
Earlier this month, French ethical hacker who goes by the name Elliot Alderson alleged a privacy breach in the app. He posted his findings online and said that the Aarogya Setu app can be used to find out who is sick in a particular area.

Apart from this, the app could also be tricked into allowing access to internal files on the user’s phone. This issue was fixed subsequently by the app’s developers.


These are the privacy issues in Aarogya Setu, India's Covid-19 tracker app, alleged by French hacker Elliot Alderson

Aarogya Setu denies privacy breach, contradicts ethical hacker’s claims

How to download and use Aarogya Setu Coronavirus tracking app