+ A
A -
New Delhi There has been no security breach in a COVID-19-tracking app that the Indian government has made a mandatory download for anyone stepping out of their homes to go to work, officials said on Wednesday.
“No personal information of any user has been proven to be at risk,” according to a statement from the creators of the app, named Aarogya Setu.
They were responding to concerns raised by a French hacker, Robert Baptiste, who goes by the name Elliot Alderson on Twitter and tries to alert groups to potential problems.
The app launched by the Indian government on April 2 evaluates users’ risk of infection based on their medical and travel history and their location.
The app uses GPS and Bluetooth services to trace a users’ contacts.
Aarogya is disease-free in Hindi and setu means bridge. There have been an estimated 90 million downloads so far.
The federal Home Ministry on May 1 said the app was compulsory for all public and private sector workers. It has also been made mandatory for delivery personnel and couriers.
Delhi-based digital rights organization Internet Freedom Foundation has said the app runs risks of institutionalizing mass surveillance in the absence of any robust data protection law in India.
Aarogya Setu said it had contacted the hacker after he posted: “A security issue has been found in your app. The privacy of 90 million Indians is at stake.”
It said the app collects user location and stores them on a server in a “secure, encrypted, anonymised manner.”
Alderson indicated on Twitter that he was not convinced by the response. “I will come back to you tomorrow,” he posted. (DPA)
“No personal information of any user has been proven to be at risk,” according to a statement from the creators of the app, named Aarogya Setu.
They were responding to concerns raised by a French hacker, Robert Baptiste, who goes by the name Elliot Alderson on Twitter and tries to alert groups to potential problems.
The app launched by the Indian government on April 2 evaluates users’ risk of infection based on their medical and travel history and their location.
The app uses GPS and Bluetooth services to trace a users’ contacts.
Aarogya is disease-free in Hindi and setu means bridge. There have been an estimated 90 million downloads so far.
The federal Home Ministry on May 1 said the app was compulsory for all public and private sector workers. It has also been made mandatory for delivery personnel and couriers.
Delhi-based digital rights organization Internet Freedom Foundation has said the app runs risks of institutionalizing mass surveillance in the absence of any robust data protection law in India.
Aarogya Setu said it had contacted the hacker after he posted: “A security issue has been found in your app. The privacy of 90 million Indians is at stake.”
It said the app collects user location and stores them on a server in a “secure, encrypted, anonymised manner.”
Alderson indicated on Twitter that he was not convinced by the response. “I will come back to you tomorrow,” he posted. (DPA)
