Aarogya Setu, which is the Indian Government’s Contact Tracing App, uses the user’s location for tracking. However, location privacy is a matter of concern for users as the app straight forwardly mentions — We fetch a user’s location and store on the server in a secure, encrypted, anonymized manner.
Consequently, this app is facing a lot of criticism against the security policy by political opponents and privacy experts.
The Hacker said that The App Aarogya Setu is a failure in terms of both security and privacy.
On Tuesday night, a French hacker Robert Baptiste, popularly known as Elliot Alderson on Twitter, tweeted the official Aarogya Setu handle that, a security issue has arisen in the app due to which privacy of 90 million Indians is at stake. Also, he tagged Rahul Gandhi mentioning him as correct for criticizing the app.
Alderson’s condemnation included the issues;
- The app asks users location which raises some concern.
- Any user can get the COVID-19 stats by changing the radius and latitude-longitude.
Today, the Aarogy Setu handle responded to the tweeted issue about the user’s privacy as,
- Elon Musk’s $100 million carbon capture XPrize competition starts today
- Nasal spray to protect you from Covid-19 could be sold in pharmacies
Alderson replied to the tweet that, the app should be open source. He added sarcastically – “When you ask (force) people to install an app, they have the right to know what the app is really doing. If you love your country @SetuAarogya, publish the source code“