News
    TECHNOLOGY
    News
    Aarogya Setu app responds to hacker Elliot Alderson's privacy concerns; says no data at risk

    Aarogya Setu app responds to hacker Elliot Alderson's privacy concerns; says no data at risk

    Coronavirus contact tracing app Aarogya Setu app has been pulled into a discussion on privacy flaws. Ethical hacker Elliot Alderson says that the app has put data of 90 million Indians at risk

    Coronavirus lockdown extension: Aarogya Setu responds to privacy concerns
    BusinessToday.In
    • New Delhi,
    • May 06, 2020,
    • Updated May 13, 2020, 5:29 AM IST

    Contact tracing app, Aarogya Setu on Wednesday responded to ethical hacker Elliot Alderson's concerns over data leak. It said that no personal data of any user is at risk and said that they discussed the concerns with the hacker.

    It all started with Elliot Alderson tweeting that security flaws have been found in the COVID-19 contact tracing app. "The privacy of 90 million Indians is at stake. Can you contact me in private?," it tweeted to Aarogya Setu app. It also said that Rahul Gandhi was right about privacy concerns.

    Alderson said that 49 minutes after the tweet, Computer Emergency Response Team, Ministry of Electronics & Information Technology and NIC contacted him to discuss the privacy flaws.

    Aarogya Setu app soon took to social media to respond to Elliot Alderson's alerts. It said that the app pulls up a user's location by design and it is not a flaw. It said that the user's location is stored on the server in a secure, encrypted and anonymised manner.

    Also read: Coronavirus Lockdown India Live Updates: Cases near 50,000; death toll-1,694, states open liquor, wine shops

    They also discussed that a user can get the COVID-19 stats displayed on Home Screen by changing the radius and latitude-longitude using a script. Aarogya Setu responded and said that "the radius parameters are fixed and can only take one of the five values: 500 meters, 1km, 2km, 5km and 10km." It added that all this information is already available publicly and does not compromise user data.

    On receiving the response, Elliot Alderson said that the app basically says that there is "nothing to see here". "We will see. I will come back to you tomorrow," he wrote. He also followed up the tweet in a few hours and asked the app, "Do you know what triangulation is Aarogya Setu?"

    Aarogya Setu is a contact-tracing app developed by NIC under the Ministry of Electronics and Information Technology and is endorsed by the government. It has been pushed across government and private employees and even in COVID-19 evacuation procedures.

    Also read: BT BUZZ: MHA order to make Aarogya Setu mandatory weak on legal ground

    Also read: Coronavirus crisis: Despite privacy concerns, govt may make Aarogya Setu App mandatory

    Also read: Coronavirus outbreak: Aarogya Setu app made mandatory for employees in India; check how to register

    For Unparalleled coverage of India's Businesses and Economy – Subscribe to Business Today Magazine

    Read more!
    RECOMMENDED