wordpress blog stats
Connect with us

Hi, what are you looking for?

No data capture policy in place to govern vaccine alert apps

The number of third-party CoWIN vaccine alert apps and services continues to grow. This, despite the lack of a comprehensive data capture policy in place to govern what these services are allowed to do. Many of them capture mobile numbers and email IDs to notify users when a slot opens up in their desired area, but there is no clear policy in place to govern the use and storage of this data. A slew of these apps and websites have sprung up over the last week to address the limitations of the official CoWIN portal.

Why are CoWIN APIs open without a data capture policy in place?

The government has been double-minded on this issue. On April 17, the Government denied permission for CoWIN API to Step One, a non-profit organisation (NPO) working on enabling vaccination registration and appointment through WhatsApp. Back then, the Empowered Group of Vaccine Administration for COVID-19 said that a comprehensive data capture policy needs to be put in place before allowing third-party apps and services.

“We have built various services within the Co-WIN system as micro-services exposing APIs for ensuring integration and innovation in future. But, as you may be aware, Co-WIN APIs do deal with sensitive data and hence a well-defined policy covering data capture, protection, security certification, auditing, and other aspects need to be established. As of now, there is no such policy with respect to enabling third-party applications such as yours on top of Co-WIN APIs and hence we will not be able to allow you to connect to our APIs”Empowered Group of Vaccine Administration for COVID-19 letter dated April 17, 2021

However, on April 28, the government reversed its position and opened selective parts of the CoWIN API despite the lack of a data capture policy in place. One of the APIs that was opened up allows third-party services to find available vaccination slots based on district or pincode.  To the government’s benefit, it can be argued that the government believed opening up slot search can do no harm because it does not collect personal information of users but rather allows users to find slots based on district or pincode. But what the government might not have foreseen is the alert service that many of these apps provide. These apps allow users to register for alerts through email, Telegram and Twitter when slots open up in their desired area, which inevitably involves sharing email ID and phone number with the service.

Regardless, the government should have put a data capture policy in place because the second API that was opened up allows third-party services to download vaccination certificates. These certificates contain data that is personal and sensitive as it not only reveals the vaccination status of an individual but also details of the ID used for verification such as PAN card and Aadhaar. It’s unclear why the government changed its stance and decided to open up these APIs despite the privacy concerns.

How have some sites addressed this concern?

While the government has no policy in place, some sites have taken matters into their own hands and laid out what they do with the data they collect. But there is no guarantee that these sites will do what they say and there is no penalty if they do not. Here is a non-exhaustive list of these sites:

Advertisement. Scroll to continue reading.
  1. Signzy App –  Built by the team at Signzy, this app lets you search for slot availability by district or pin code and set email alerts based on pin code. This service perhaps has the most comprehensive policy in place. In addition to saying how each of the data fields will be used (email, pin code, date of birth, phone number), Signzy says that the data will be used with care and only for sending notification. It also says that all the personal data will be deleted post 15 days of registration.
  2. cowinalert.com – Developed by Kushagra Singh, Gurshabad Grover, and Varun Bansal, this website allows you to receive email alerts if a slot becomes available in the district of your choice. This site has a dedicated privacy policy page that says the “information stored shall not be used for any other purposes other than to send you email updates.” The site also has an unsubscribe button which can be used to delete all personal information stored with the site. If not, the site will delete all personal information on May 31, 2021.
  3. getjab.in – Made by a team of developers (Azhar, Shyam, Anurag, and Akshay), this site gives you an alert by email if a vaccination slot opens up in your district. It has a note on the front page saying “Your data won’t be shared or sold to anyone. Don’t worry.”

Also Read

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.

Views

News

The US and other countries' retreat from a laissez-faire approach to regulating markets presents India with a rare opportunity.

News

When news that Walmart would soon accept cryptocurrency turned out to be fake, it also became a teachable moment.

News

The DSCI's guidelines are patient-centric and act as a data privacy roadmap for healthcare service providers.

News

In this excerpt from the book, the authors focus on personal data and autocracies. One in particular – Russia.  Autocracies always prioritize information control...

News

By Jai Vipra, Senior Resident Fellow at Vidhi Centre for Legal Policy The use of new technology, including facial recognition technology (FRT) by police...

You May Also Like

Advert

135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...

News

Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...

News

By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

News

Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Name:*
Your email address:*
*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ