Critics warn that India’s new national contact tracing app, downloaded by over 100 million people, is just the latest move in the country’s drive to establish an increasingly draconian surveillance state.

Prime Minister Narendra Modi’s government launched the app, named Aarogya Setu — Hindi for “Bridge to Healthcare” — on April 2.

The app is designed to provide information about the Covid-19 crisis, allow individuals to report their symptoms and, using Bluetooth, alert users to the risk of contact with infected people. It also reports the number of suspected infections within a radius of 500 meters to 10 kilometers.

But opponents believe it is part of a wider plan to track and monitor residents stretching back more than a decade to the introduction of Aadhaar, the nation’s controversial biometric identification system.

At the time of its release, Aarogya Setu was presented as a way for people to voluntarily assist government efforts to combat the pandemic. But on May 1, the Ministry of Home Affairs issued new guidelines decreeing, without the backing of parliamentary legislation, that the use of the app be made mandatory for all private and public sector employees. Legal experts have argued that this move is unconstitutional. 

Police in the city of Noida, in the state of Uttar Pradesh, have announced that anyone with a smartphone who refuses to download the app will face a $13 fine or up to six months in jail. While this is the only reported case of such penalties, Home Ministry guidelines hold employers responsible for employees downloading Aarogya Setu, and companies could face fines for non-compliance.

Reportedly, new smartphones will soon be sold with the app pre-installed. It is already mandatory for train travel and likely to become a prerequisite for air travel, once commercial flights resume.

Aarogya Setu has received widespread criticism from privacy advocates. Similar contact tracing apps have been deployed in countries including Israel and Singapore. Unlike them, India’s version is not open-source. This makes it very difficult to know who has access to user data and how securely that information is protected.

The press release accompanying the app’s launch stated vaguely that it was “developed in public-private partnership,” but did not specify who the private partners were.

In subsequent reporting, some of the app’s developers have identified themselves, and indicated that they continue to be involved in running the app, drawing criticism about a lack of transparency. 

“What we’re lacking most is transparency and accountability,” Nikhil Pahwa, a digital rights activist and the editor of MediaNama, a news site focusing on Indian internet policy, told me in an interview. 

The app has also encountered criticism for apparent security vulnerabilities — a French hacker found that, by spoofing his location, he was able to determine the number of self-reported infections at any location in India. Another in Bangalore managed to modify the app so that it collected no data about him, but still provided him with the green badge status that gives users access to services such as train travel.

The app’s terms and conditions also state that the government has no liability if user data is leaked.

A better case could be made for Aarogya Setu were there more confidence in its effectiveness in tracking the virus. But Pahwa explained that the technology used by the app makes it prone to inaccuracy and its potential for reporting false positives high.

“Bluetooth is not directional,” he said. “So, I may be on one floor and someone else may be on the floor above mine in an apartment building,” and the app “will show us as having been in contact.”

Background: a unique ID for every Indian

The foundations of the debate around Aarogya Setu were laid in 2009, when India introduced Aadhaar, a system under which residents are given a unique 12-digit ID number, linked to biometric information, including fingerprint and retinal scans.

Its launch — which took place under Modi’s predecessor, Manmohan Singh — promised to streamline the disbursement of welfare and food aid to those in need. Like Aarogya Setu, it was presented as a voluntary scheme, but has become a de facto requirement for anyone seeking to live a normal life in India.

Siddharthya Roy, a Mumbai-based journalist who has reported extensively on Aadhaar, described how the system is now connected to “every possible facet, every possible transaction of our public lives.”

“You want to get a bank account, you need your Aadhaar,” he told me. “You want to pay this, you want to do that, you want to rent a house: you need Aadhaar.”

The problem with having such a wide array of services tied to a single ID number, Pahwa explained, is that it intensifies the risk posed by security breaches. 

“Aadhaar becomes a single point of failure for each individual,” he said. “Once it is linked to so many schemes, Aadhaar getting compromised means that they get compromised on multiple fronts.”

“Over the years, we have seen a vast amount of leakage of Aadhaar information,” he added. This has included “government departments publishing information on the web — Excel sheets of people’s Aadhaar numbers and their personal details.” 

Roy, meanwhile, pointed that the system is ripe for exploitation by unscrupulous individuals. Aadhaar has “spawned a massive secondary trade of personal information,” he said. A 2018 report by the Chandigarh-based Tribune newspaper revealed that access to a database of every single Aadhaar number — linked to the personal details of over a billion Indians — could be purchased online for as little as $7.

Aadhaar and the pandemic

India’s lockdown — the largest in world history — would seem to present an ideal test of Aadhaar’s initial promise. But the system’s ability to facilitate the distribution of aid to India’s poor has been hampered by repeated failures of its biometric verification technology. 

“Aadhaar came in with the promise of delivering welfare to the needy,” said Roy. “Now that we have a pandemic, now that we have tens of millions of migrants who are stranded, starving, without any pay, have you really seen Aadhaar deliver any goods to them?”

The system has also hindered the government’s belated efforts to arrange train travel for unemployed migrant workers stranded during the lockdown. By requiring Aadhaar as proof of residence in order to obtain travel permissions, the state of Odisha excluded those who weren’t enrolled in the program from returning home from cities around India. In other cases, enrolled individuals have been left trapped because the address associated with their ID is in the city where they work.

Critics have long maintained that Aadhar’s real purpose is not to help the poor, but rather to keep tabs on Indians. Officials from the agency that runs the database gave added weight to this charge when they recently floated the idea of linking information held in the database to facial recognition cameras in public places, in order to help track the spread of the virus. 

Privacy activist Usha Ramanathan offered an analysis of the surveillance-first approach taken by India’s government during the pandemic: “If you look at what happened in the coronavirus era here,” she said, “you find it is being treated like it is a law and order problem and not as a humanitarian crisis. It’s not disease surveillance, but personal surveillance.”