You’re reading it here first: “[The] Protocol is not a statute, and nor does it offer any legislative foundation for the Aarogya Setu Mobile Application, and therefore the primary issue of Aarogya Setu lacking legal basis, as raised in the captioned writ petition, is still alive and unaddressed,” Jackson Mathew has said in his affidavit filed in the Kerala High Court today. The affidavit argues that the Aarogya Setu Data Access and Knowledge Sharing Protocol, 2020, issued by the Ministry of Electronics and Information Technology, is not a “statutory authorisation” that can be used to infringe upon fundamental rights granted under the Constitution. The affidavit has also cited Justice B.N. Srikrishna’s comments, as per which, the Protocol was “akin to an inter-departmental circular” that “was not adequate to protect privacy”. Justice Srikrishna also said that the government’s push to mandate Aarogya Setu is “utterly illegal”, as quoted in this Indian Express article.
Mathew had filed a writ petition in Kerala High Court challenging the Ministry of Home Affairs directive that holds employers liable for ensuring that all their employees download Aarogya Setu on the grounds that it fails the tests laid down in the Puttaswamy judgement on right to privacy.
Empowered Groups do not have the power to legislate: As per the affidavit, the 11 Empowered Groups created to contain the pandemic — of which Empowered Group 9 on Technology and Data Management developed this Protocol — do not have the power “to formulate laws or even binding guidelines”.
The Protocol also suffers from “excessive delegation”, as per the affidavit, since “a core legislative function (of formulating binding laws and regulations)” is delegated to a committee set up by the government. The Protocol, the affidavit says, has not been signed by a member of the Central Government authorised/empowered to do so under the Disaster Management Act, 2005, but by Ajay Prakash Sawhney, MEITY Secretary and chairperson of Empowered Group 9.
The lack of public information about the constitution of Empowered Group 9 and how it sought external inputs for drafting the Protocol is an issue, as per the affidavit. There is also no public information if the Empowered Group 9 is “responsible for the creation and execution” of Aarogya Setu, “much like the Unique Identification Authority of India (UIDAI) for the Aadhaar number”.
Matter not listed for today
In the last hearing on May 12, Mathew’s advocate, Santhosh Mathew had pled for an interim order that stayed any prosecution of employers for failures on part of an employee to download the contact-tracing app. Justice Gopinath Puzhankhara had not stayed the order, but had instructed the counsel for the Ministry of Electronics and Information Technology (MEITY) to get instructions from the Home Ministry and MEITY on how the government proposed to practically implement this requirement, and the matter was to be heard today. However, it has not been listed for today.
Since the Ministry of Home Affairs issued revised guidelines yesterday as per which Aarogya Setu is no longer mandatory and employers “on best effort basis should ensure” that the app is installed by all employees with “compatible mobile phones”, it appears that the two immediate concerns in the petition have been addressed. And as S. Mathew argued in court last week, that the legality of the move in the absence of legislative anchoring — which is a concern that the writ petition brings up — “is a larger issue which can be considered later”.
Mathew’s is not the only petition in Kerala High Court against the mandatory nature of Aarogya Setu. There are two other PILs that were supposed to be heard today, but neither of them is listed. Both made similar pleas.