The Centre for Internet and Society
https://cis-india.org
These are the search results for the query, showing results 1 to 13.
Health Data Management Policies - Differences Between the EU and India
https://cis-india.org/internet-governance/blog/health-data-management-policies
<b>Through this issue brief we would like to highlight the differences in approaches to health data management taken by the EU and India, and look at possible recommendations for India, in creating a privacy preserving health data management policy. </b>
<p>This issue brief was reviewed and edited by Pallavi Bedi</p>
<hr />
<h2>Introduction</h2>
<p style="text-align: justify; ">Health data has seen an increased interest the world over, on account of the amount of information and inferences that can be drawn not just about a person but also about the population in general. The Covid 19 pandemic also brought about an increased focus on health data, and brought players that earlier did not collect health data to be required to collect such data, including offices and public spaces. This increased interest has led to further thought on how health data is regulated and a greater understanding of the sensitivity of such data, because of which countries are in varying processes to get health data regulated over and above the existing data protection regulations. The regulations not only look at ensuring the privacy of the individual but also look at ways in which this data can be shared with companies, researchers and public bodies to foster innovation and to monetise this valuable data. However for a number of countries the effort is still on the digitisation of health data. India has been in the process of implementing a nationwide health ID that can be used by a person to get all their medical records in one place. The National Health Authority (NHA) has also since 2017 been publishing policies that look at the framework and ecosystem of health data, as well as the management and sharing of health data. However these policies and a scattered implementation of the health ID are being carried out without a data protection legislation in place. In comparison, Europe, which already has an established health Id system, and a data protection legislation (GDPR) is looking at the next stage of health data management through the EU Health Data Space (EUHDS). Through this issue brief we would like to highlight the differences in approaches to health data management taken by the EU and India, and look at possible recommendations for India, in creating a privacy preserving health data management policy.</p>
<h2 style="text-align: justify; ">Background</h2>
<h3>EU Health Data Space</h3>
<p style="text-align: justify; "><span>The EU Health Data Space (<b>EUHDS</b>) was proposed by the EU Council as a way to create an ecosystem which combines rules, standards, practices and infrastructure, around health data under a common governance framework. The EUHDS is set to rely on two pillars; namelyMyHealth@EU and HealthData@EU, where MyHealth@EU facilitates easy flow of health data between patients and healthcare professionals within member states, the HealthData@EU,faciliates secondary use of data which allows policy makers,researchers access to health data to foster research and innovation.<a href="#_ftn1" name="_ftnref1"><sup><sup><span>[1]</span></sup></sup></a> The EUHDS aims to provide a trustworthy system to access and process health data and builds up from the General Data Protection Regulation (GDPR), proposed Data Governance Act.<a href="#_ftn2" name="_ftnref2"><sup><sup><span>[2]</span></sup></sup></a></span></p>
<h3><span>India’s health data policies: </span></h3>
<p style="text-align: justify; "><span>The last few years has seen a flurry of health policies and documents being published and the creation of a framework for the evolution of a National Digital Health Ecosystem (NDHE). The components for this ecosystem were the National Digital Health Blueprint published in 2019 (NDHB) and the National Digital Health Mission (NDHM). The BluePrint was created to implement the National Health Stack (published in 2018) which facilitated the creation of Health IDs.<a href="#_ftn3" name="_ftnref3"><sup><sup><span>[3]</span></sup></sup></a> Whereas the NDHM was drafted to drive the implementation of the Blueprint, and promote and facilitate the evolution of NDHE.<a href="#_ftn4" name="_ftnref4"><sup><sup><span>[4]</span></sup></sup></a> </span></p>
<p style="text-align: justify; "><span>The National Health Authority (<b>NHA</b>) established in 2018 has been given the responsibility of implementing the National Digital Health Mission. 2018 also saw the Digital Information Security in Healthcare Act (<b>DISHA</b>) which was to be a legislation that laid down provisions that regulate the generation, collection, access, storage, transmission and use of Digital Health Data ("DHD") and associated personal data.<a href="#_ftn5" name="_ftnref5"><sup><sup><span>[5]</span></sup></sup></a> However since its call for public consultation no progress has been made on this front.</span></p>
<p style="text-align: justify; "><span>Along with these three strategy documents the NHA has also released policy documents more particularly the Health Data Management Policy (which was revised three times; the latest version released in April 2022), the Health Data Retention Policy (released April 2021), and the Consultation Paper on Unified Health Interface (UHI) (released March 2021). Along with this in 2022 the NHA released the NHA Data Sharing Guidelines for the Pradhan Mantri Jan Aarogya Yojana (PM-JAY) India’s state health insurance policy. </span></p>
<p style="text-align: justify; "><span>However these draft guidelines repeat the pattern of earlier policies on health data, wherein there is no reference to the policies that predated it; the PM-JAY’s Data Sharing Guidelines published in August 2022 did not even refer to the draft National Digital Health Data Management Policy (published in April 2022). As stated through the examples above these documents do not cross-refer or mention preceding health data documents, creating a lack of clarity of which documents are being used as guidelines by health care providers. </span></p>
<p style="text-align: justify; "><span>In addition to this the Personal Data Protection Bill has been revised three times since its release in 2018. The latest version was published for public comments on November 18, 2022; the Bill has removed the distinction between sensitive personal data and personal data and clubbed all personal data under one umbrella heading of personal data. Health and health data definition has also been deleted; creating further uncertainty with respect to health data as the different policies mentioned above rely on the data protection legislation to define health data. <br /></span></p>
<h3><b><span>Comparison of the Health Data Management Approaches </span></b><span><br /> </span><span>Interoperability with Data Protection Legislations </span></h3>
<p style="text-align: justify; "><b><span><br /></span></b><span>At the outset the key difference between the EU and India’s health data management policies has been the legal backing of GDPR which the EUHDS has. EUHDS has a strong base in terms of rules for privacy and data protection as it follows, draws inference and works in tandem with the General Data Protection Regulation (GDPR). The provisions also build upon legislation such as Medical Devices Regulation and the In Vitro Diagnostics Regulation. With particular respect to GDPR the EUHDS draws from the rights set out for protection of personal data including that of electronic health data.<br /></span></p>
<p style="text-align: justify; "><span>The Indian Health data policies however currently exist in the vacuum created by the multiple versions of the Data Protection Bill that are published and repealed or replaced. The current version called the Digital Personal Data Protection Bill 2022 seems to take a step backward in terms of health data. The current version does away with sensitive personal data (which health data was a part of) and keeps only one category of data - personal data. It can be construed that the Bill currently considers all personal data as needing the same level of protection but it is not so in practice. The Bill does not at the moment mandate more responsibilities on data fiduciaries<a href="#_ftn6" name="_ftnref6"><sup><sup><span>[6]</span></sup></sup></a> that deal with health data (something that was present in all the earlier versions of the Bill) and in other data protection legislation across different jurisdictions and leaves the creation of Significant Data Fiduciaries (who have more responsibilities) to be created by rules, based on the sensitivity of data decided by the government at a later date.<a href="#_ftn7" name="_ftnref7"><sup><sup><span>[7]</span></sup></sup></a> In addition to this the Bill does not define “health data”, the reason why this is a cause for worry is that the existing health data policies also do not define health data often relying on the definition mentioned in the versions of Data Protection Bill. </span></p>
<h3><span>Definitions and Scope</span></h3>
<p><span>The EUHDS defines ‘personal electronic health data’ as data concerning health and genetic data as defined in Regulation (EU) 2016/679<a href="#_ftn8" name="_ftnref8"><sup><sup><span>[8]</span></sup></sup></a>, as well as data referring to determinants of health, or data processed in relation to the provision of healthcare services, processed in an electronic form. Health data by these parameters would then include not just data about the status of health of a person which includes reports and diagnosis, but also data from medical devices. <br /></span></p>
<p style="text-align: justify; "><span>In India the Health Data Management Policy 2022, defines “Personal Health Records” (<b>PHR</b>) as a health record that is initiated and maintained by an individual. The policy also states that a PHR would be able to reveal a complete and accurate summary of the health and medical history of an individual by gathering data from multiple sources and making this accessible online. However there is no definition of health data which can be used by companies or users to know what comes under health data. The 2018, 2019 and 2021 version of the Data Protection Legislation had definitions of the term health data, however the 2022 version of the Bill does away with the definition.<br /></span></p>
<h3><span>Health data and wearable devices</span></h3>
<p style="text-align: justify; "><span>One of the forward looking provisions in the EUHDS is the inclusion of devices that records health data into this legislation. This also includes the requirement of them to be added to registries to provide easy access and scrutiny. The document also requires voluntary labeling of wellness applications and registration of EHR systems and wellness applications. This is not just for the regulation point of view but also in the case of data portability, in order for people to control the data they share. In addition to this in the case where manufacturers of medical devices and high-risk AI systems declare interoperability with the EHR systems, they will need to comply with the essential requirements on interoperability under the EHDS. </span></p>
<p style="text-align: justify; "><span>In India the health data management policy 2022 while stating the applicable entities and individuals who are part of the ABDM ecosystem<a href="#_ftn9" name="_ftnref9"><sup><sup><span>[9]</span></sup></sup></a> mention medical device manufacturers, does not mention device sellers or use terms such as wellness applications or wearable devices. Currently the regulation of medical devices falls under the purview of the Drugs and Cosmetics Act, 1940 (DCA) read along with the Medical Device Rules, 2017 (MDR). However in 2020 possibly due to the pandemic the Indian Government along with the Drugs Technical Advisory Board (DTAB) issued two notifications the first one expanded the scope of medical devices which earlier was limited to only 37 categories excluding medical apps, and second one notified the Medical Device (Amendment) Rules, 2020. These two changes together brought all medical devices under the DCA as well as expanded the categories of medical devices. However it is still unclear whether fitness tracker apps that come with devices are regulated, as the rules and the DCA still rely on the manufacturer to self-identify as a medical device.<a href="#_ftn10" name="_ftnref10"><sup><sup><span>[10]</span></sup></sup></a> However, this regulatory uncertainty has not brought about any change in how this data is being used and insurance companies at times encourage people to sync their fitness tracker data.<a href="#_ftn11" name="_ftnref11"><sup><sup><span>[11]</span></sup></sup></a></span></p>
<h3><span>Multiple use of health data </span></h3>
<p style="text-align: justify; "><span>The EUHDS states two types of uses of data: primary and secondary use of data. In the document the EU states that while there are a number of organisations collecting data, this data is not made available for purposes other than for which it was collected. In order to ensure that researchers, innovators and policy makers can use this data. the EU encourages the data holders to contribute to this effort in making different categories of electronic health data they are holding available for secondary use. The data that can be used for secondary use would also include user generated data such as from devices, applications or other wearables and digital health applications.However, the regulation cautions against using this data for measures and making decisions that are detrimental to the individual, in ways such as increasing insurance premiums. The EUHDS also states that as the data is sensitive personal data care should be taken by the data access bodies, to ensure that while data is being shared it is necessary to ensure that the data will be processed in a privacy preserving manner. This could include through pseudonymisation, anonymisation, generalisation, suppression and randomisation of personal data.</span></p>
<p style="text-align: justify; "><span>While the document states how important it is to have secondary use of the data for public health, research and innovation it also requires that the data is not provided without adequate checks. The EUHDS requires the organisation seeking access to provide several pieces of information and be evaluated by the data access body. The information should include legitimate interest, the necessity and the process the data will go through. In the case where the organisation is seeking pseudonymised data, there is a need to explain why anonymous data would not be sufficient. In order to ensure a comprehensive approach between health data access bodies, the EUHDS states that the European Commission should support the harmonisation of data application, as well as data request. <br /></span></p>
<p style="text-align: justify; "><span>In India, while multiple health data documents state the need to share data for public interest, research and innovation, not much thought has been given to ensuring that the data is not misused and that there is harmonisation between bodies that provide the data. Most recently the PMJay documents states that the NHA shall make aggregated and anonymised data available through a public dashboard for the purpose of facilitating health and clinical research, academic research, archiving, statistical analysis, policy formulation, the development and promotion of diagnostic solutions and such other purposes as may be specified by the NHA. Such data can be accessed through a request to the Data Sharing Committee<a href="#_ftn12" name="_ftnref12"><sup><sup><span>[12]</span></sup></sup></a> for the sharing of such information through secure modes, including clean rooms and other such secure modes specified by NHA. However the document does not mention what clean rooms are in this context. </span></p>
<p style="text-align: justify; "><span>The Health Data Management Policy 2022 states that Data fiduciaries (data controllers/ processors according to the data protection legislation) can themselves make anonymised or de-identified data in an aggregated form available based in technical processes and anonymisation protocols which may be specified by the NDHM in consultation with the MeitY. The purposes mentioned in this policy included health and clinical research, academic research, archiving, statistical analysis, policy formulation, the development and promotion of diagnostic solutions and such other purposes as may be specified by the NDHMP. The policy states that in order to access the anonymised or de-identified data the entity requesting the data would have to provide relevant information such as name, purpose of use and nodal person of contact details. While the policy does not go into details about the scrutiny of the organisations seeking this data, it does state that the data will be provided based on the term as may be stipulated. <br /></span></p>
<p style="text-align: justify; "><span>However the issue arises as both the documents published by the NHA do not have a similar process for getting the data, for example the NDHMP requires the data fiduciary to share the data directly, while the PMJay guidelines requires the data to be shared by the Data Sharing Committee, creating duplicate datasets as well as affecting the quality of the data being shared. </span></p>
<h3><b><span>Recommendations for India </span></b><span><br /> </span><span>Need for a data protection legislation:</span></h3>
<p style="text-align: justify; "><span>While the EUHDS is still a draft document and the end result could be different based on the consultations and deliberations, the document has a strong base with respect to the privacy and data protection based on the earlier regulations and the GDPR. The definitions of what counts as health data, and the parameters for managing the data creates a more streamlined process for all stakeholders. More importantly the GDPR and other regulations provide a way of recourse for people. In India the health data related policies and strategy documents have been published and enforced before the data protection legislation is passed. In addition to this India, unlike the EU has just begun looking at a universal health ID and digitisation of the healthcare system, ideally it would be better to take each step at a time, and at first look at the issues that may arise due to the universal health ID. In addition to this, multiple policies, without a strong data protection legislation providing parameters and definitions could mean that the health data management policies only benefit certain people. This also creates uncertainty in terms of where an individual will go in case of harms caused by the processing of their data, and who would be the authority to govern questions around health data. The division of health data management between different documents also creates multiple silos of data management which creates data duplication and issues with data quality. </span></p>
<h3><span>Secondary use of data</span></h3>
<p style="text-align: justify; "><span>While both the EUHDS and India's Health Data Management Policy look at the sharing of health data with researchers and private organisations in order to foster innovation, the division of sharing of data based on who uses the data is a good way to ensure that only interested parties have access to the data. With respect to the health data policies in India, a number of policies talk about the sharing of anonymised data with researchers, however the documents being scattered could cause the same data to be shared by multiple health data entities, making it possible to identify people. For example, the health data management policy could share anonymised data of health services used by a person, whereas the PMJAY policy could share data about insurance covers, and the researcher could probably match the data and be closer to identifying people. It has also been revealed in multiple studies that anonymisation of data is not permanent and that the anonymisation can be broken. This is more concerning since the polices do not put limits or checks on who the researchers are and what is the end goal of the data sought by them, the policies seem to rely on the anonymisation of the data as the only check for privacy. This data could be used to de-anonymise people, could be used by companies working with the researchers to get large amounts of data to train their systems, </span></p>
<p><span>train data that could lead to greater surveillance, increase insurance scrutiny etc. The NHA and Indian health policy makers could look at the restrictions and checks that the EUHDS creates for the secondary use of data and create systems of checks and categories of researchers and organisations seeking data to ensure minimal risks to an individual’s data. </span></p>
<h2><b><span>Conclusion</span></b></h2>
<p style="text-align: justify; "><span>While the EU Health data space has been criticised for facilitating vast amounts of data with private companies and the collecting of data by governments, the codification of the legislation does in some way give some way to regulate the flow of health data. While India does not have to emulate the EU and have a similar document, it could look at the best practices and issues that are being highlighted with the EUHDS. Indian lawmakers have looked at the GDPR for guidance for the draft data protection legislation, similarly it could do so with regard to health data and health data management. One possible way to ensure both the free flow of health data and the safeguards of a regulation could be to re-introduce the DISHA Act which much like the EUHDS could act as a legislation which provides an anchor to the multiple health data policies, including standard definition of health data, grievance redressal bodies, and adjudicating authorities and their functions. In addition a legislation dedicated to the health data would also remove the existing burden on the to be formed data protection authority. </span></p>
<hr />
<div><br />
<div id="ftn1">
<p><a href="#_ftnref1" name="_ftn1"><sup><sup><span>[1]</span></sup></sup></a><span> “</span><span>European Health Data Space</span><span>”, European Commission, 03 May 2022,https://health.ec.europa.eu/ehealth-digital-health-and-care/european-health-data-space_en </span></p>
</div>
<div id="ftn2">
<p><a href="#_ftnref2" name="_ftn2"><sup><sup><span>[2]</span></sup></sup></a><span>“</span><span>European Health Data Space</span><span>”</span></p>
</div>
<div id="ftn3">
<p><a href="#_ftnref3" name="_ftn3"><sup><sup><span>[3]</span></sup></sup></a><span> “National Digital Health Blueprint”, Ministry of Health and Family Welfare Government of India, https://abdm.gov.in:8081/uploads/ndhb_1_56ec695bc8.pdf</span></p>
</div>
<div id="ftn4">
<p><a href="#_ftnref4" name="_ftn4"><sup><sup><span>[4]</span></sup></sup></a><span> “National Digital Health Blueprint”</span></p>
</div>
<div id="ftn5">
<p><a href="#_ftnref5" name="_ftn5"><sup><sup><span>[5]</span></sup></sup></a><span> “Mondaq” “DISHA – India's Probable Response To The Law On Protection Of Digital Health Data” accessed 13 June 2023,https://www.mondaq.com/india/healthcare/1059266/disha-india39s-probable-response-to-the-law-on-protection-of-digital-health-data</span></p>
</div>
<div id="ftn6">
<p><a href="#_ftnref6" name="_ftn6"><sup><sup><span>[6]</span></sup></sup></a><span>“The Digital Personal Data Protection Bill 2022”, accessed 13 June 2023 , https://www.meity.gov.in/writereaddata/files/The%20Digital%20Personal%20Data%20Potection%20Bill%2C%202022_0.pdf</span></p>
</div>
<div id="ftn7">
<p><a href="#_ftnref7" name="_ftn7"><sup><sup><span>[7]</span></sup></sup></a><span>The Digital Personal Data Protection Bill 2022</span></p>
</div>
<div id="ftn8">
<p style="text-align: justify; "><a href="#_ftnref8" name="_ftn8"><sup><sup><span>[8]</span></sup></sup></a><span> Regulation (EU) 2016/679 defines health data as “Personal data concerning health should include all data pertaining to the health status of a data subject which reveal information relating to the past, current or future physical or mental health status of the data subject. This includes information about the natural person collected in the course of the registration for, or the provision of, health care services as referred to in Directive 2011/24/EU of the European Parliament and of the Council (1) to that natural person; a number, symbol or particular assigned to a natural person to uniquely identify the natural person for health purposes; information derived from the testing or examination of a body part or bodily substance, including from genetic data and biological samples; and any information on, for example, a disease, disability, disease risk, medical history, clinical treatment or the physiological or biomedical state of the data subject independent of its source, for example from a physician or other health professional, a hospital, a medical device or an in vitro diagnostic test. </span></p>
<p><span> </span></p>
</div>
<div id="ftn9">
<p style="text-align: justify; "><a href="#_ftnref9" name="_ftn9"><sup><sup><span>[9]</span></sup></sup></a><span> For creating an integrated, uniform and interoperable ecosystem in a patient or individual centric manner, all the government healthcare facilities and programs, in a gradual/phased manner, should start assigning the same number for providing any benefit to individuals.</span></p>
</div>
<div id="ftn10">
<p style="text-align: justify; "><a href="#_ftnref10" name="_ftn10"><sup><sup><span>[10]</span></sup></sup></a><span> For example a manufacturer of a fitness tracker which is capable of monitoring heart rate could state that the intended purpose of the device was fitness or wellness as opposed to early detection of heart disease thereby not falling under the purview of the regulation.</span></p>
</div>
<div id="ftn11">
<p style="text-align: justify; "><a href="#_ftnref11" name="_ftn11"><sup><sup><span>[11]</span></sup></sup></a><span>“</span><span>Healthcare Executive” “GOQii Launches GOQii Smart Vital 2.0, an ECG-Enabled Smart Watch with Integrated Outcome based Health Insurance & Life Insurance, accessed 13 June 2023<br /> </span><a href="https://www.healthcareexecutive.in/blog/ecg-enabled-smart-watch"><span>https://www.healthcareexecutive.in/blog/ecg-enabled-smart-watch</span></a><span> </span></p>
</div>
<div id="ftn12">
<p style="text-align: justify; "><a href="#_ftnref12" name="_ftn12"><sup><sup><span>[12]</span></sup></sup></a><span> The guidelines only state that the Committee will be responsible for ensuring the compliance of the guidelines in relation to the personal data under its control. And does not go into details of defining the Committee.</span></p>
</div>
</div>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/health-data-management-policies'>https://cis-india.org/internet-governance/blog/health-data-management-policies</a>
</p>
No publishershwetaHealth ManagementPrivacyInternet GovernanceCovid19Digitisation2023-07-10T16:36:25ZBlog EntryTechno-solutionist Responses to COVID-19
https://cis-india.org/internet-governance/blog/economic-and-political-weekly-july-17-2021-amber-sinha-pallavi-bedi-aman-nair-techno-solutionist-responses-to-covid-19
<b>The Indian state has increasingly adopted a digital approach to service delivery over the past decade, with vaccination being the latest area to be subsumed by this strategy. In the context of the need for universal vaccination, the limitations of the government’s vaccination platform Co-WIN need to be analysed.</b>
<p><span style="text-align: justify; ">The article by Amber Sinha, Pallavi Bedi, and Aman Nair was published in the </span><a class="external-link" href="https://www.epw.in/journal/2021/29/commentary/techno-solutionist-responses-covid-19.html" style="text-align: justify; ">Economic & Political Weekly</a><span style="text-align: justify; ">, Vol. 56, Issue No. 29, 17 Jul, 2021.</span></p>
<hr />
<p style="text-align: justify; ">Over the last two decades, slowly but steadily, the governance agenda of the Indian state has moved to the digital realm. In 2006, the National e-Governance Plan (NeGP) was approved by the Indian state wherein a massive infrastructure was developed to reach the remotest corners and facilitate easy access of government services efficiently at affordable costs. The first set of NeGP projects focused on digitalising governance schemes that dealt with taxation, regulation of corporate entities, issuance of passports, and pensions. Over a period of time, they have come to include most interactions between the state and citizens from healthcare to education, transportation to employment, and policing to housing. Upon the launch of the Digital India Mission by the union government, the NeGP was subsumed under the e-Gov and e-Kranti components of the project. The original press release by the central government reporting the approval by the cabinet of ministers of the Digital India programme speaks of “cradle to grave” digital identity as one of its vision areas. This identity was always intended to be “unique, lifelong, online and authenticable.”</p>
<p style="text-align: justify; ">Since the inception of the Digital India campaign by the current government, there have been various concerns raised about the privacy issues posed by this project. The initiative includes over 50 “mission mode projects” in various stages of implementation. All of these projects entail collection of vast quantities of personally identifiable information of the citizens. However, most of these initiatives do not have clearly laid down privacy policies. There is also a lack of properly articulated access control mechanism and doubts exist over important issues such as data ownership owing to most projects involving public–private partnership which involves a private organisation collecting, processing and retaining large amounts of data. Most importantly, they have continued to exist and prosper in a state of regulatory vacuum with no data protection legislation to govern them. Further, the state of digital divide and digital literacy in India should automatically underscore the need to not rely solely on digital solutions.</p>
<hr />
<p><span>Click to </span><a class="external-link" href="https://www.epw.in/journal/2021/29/commentary/techno-solutionist-responses-covid-19.html">read the full article here</a></p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/economic-and-political-weekly-july-17-2021-amber-sinha-pallavi-bedi-aman-nair-techno-solutionist-responses-to-covid-19'>https://cis-india.org/internet-governance/blog/economic-and-political-weekly-july-17-2021-amber-sinha-pallavi-bedi-aman-nair-techno-solutionist-responses-to-covid-19</a>
</p>
No publisherAmber Sinha, Pallavi Bedi and Aman NairDigital GovernancePrivacyDigitalisationCo-WINCovid19Digital TechnologiesInternet GovernanceTechnologyE-Governance2021-08-10T15:34:06ZBlog EntryDo We Really Need an App for That? Examining the Utility and Privacy Implications of India’s Digital Vaccine Certificates
https://cis-india.org/internet-governance/blog/do-we-really-need-an-app-for-that-examining-the-utility-and-privacy-implications-of-india2019s-digital-vaccine-certificates
<b>We examine the purported benefits of digital vaccine certificates over regular paper-based ones and analyse the privacy implications of their use.</b>
<p><em>This blogpost was edited by Gurshabad Grover, Yesha Tshering Paul, and Amber Sinha.<br />It was originally published on <a href="https://digitalid.design/vaccine-certificates.html">Digital Identities: Design and Uses</a> and is cross-posted here.<br /></em></p>
<p>In an experiment to streamline its COVID-19 immunisation drive, India has adopted a centralised vaccine administration system called CoWIN (or COVID Vaccine Intelligence Network). In addition to facilitating registration for both online and walk-in vaccine appointments, the system also allows for the <a href="https://verify.cowin.gov.in/" target="_blank">digital verification</a> of vaccine certificates, which it issues to people who have received a dose. This development aligns with a global trend, as many countries have adopted or are in the process of adopting “vaccine passports” to facilitate safe movement of people while resuming commercial activity.
<br /><br />Some places, such as the <a href="https://www.schengenvisainfo.com/news/all-your-questions-on-eus-covid-19-vaccine-certificate-answered/" target="_blank">EU</a>, have constrained the scope of use of their vaccine certificates to international travel. The Indian government, however, has so far <a href="https://www.livemint.com/opinion/columns/vaccination-certificates-need-a-framework-to-govern-their-use-11618160385602.html" target="_blank">skirted</a> important questions around where and when this technology should be used. By allowing <a href="https://verify.cowin.gov.in/" target="_blank">anyone</a> to use the online CoWIN portal to scan and verify certificates, and even providing a way for the private-sector to incorporate this functionality into their applications, the government has opened up the possibility of these digital certificates being used, and even mandated, for domestic everyday use such as going to a grocery shop, a crowded venue, or a workplace.
<br /><br />In this blog post, we examine the purported benefits of digital vaccine certificates over regular paper-based ones, analyse the privacy implications of their use, and present recommendations to make them more privacy respecting. We hope that such an analysis can help inform policy on appropriate use of this technology and improve its privacy properties in cases where its use is warranted.
<br /><br />We also note that while this post only examines the merits of a technological solution put out by the government, it is more important to <a href="https://www.accessnow.org/cms/assets/uploads/2021/04/Covid-Vaccine-Passports-Threaten-Human-Rights.pdf" target="_blank">consider</a> the effects that placing restrictions on the movement of unvaccinated people has on their civil liberties in the face of a vaccine rollout that is inequitable along many lines, including <a href="https://thewire.in/gender/women-falling-behind-in-indias-covid-19-vaccination-drive" target="_blank">gender</a>, <a href="https://www.thehindu.com/sci-tech/science/will-25-covid-19-vaccines-for-private-hospitals-aggravate-inequity/article34799098.ece" target="_blank">caste-class</a>, and <a href="https://scroll.in/article/994871/tech-savvy-indians-drive-to-villages-for-covid-19-vaccinations-those-without-smartphones-lose-out" target="_blank">access to technology</a>.</p>
<h4>How do digital vaccine certificates work?</h4>
<p>Every vaccine recipient in the country is required to be registered on the CoWIN platform using one of <a href="https://www.cowin.gov.in/faq" target="_blank">seven</a> existing identity documents. [1] <a name="ref1"></a> Once a vaccine is administered, CoWIN generates a vaccine certificate which the recipient can access on the CoWIN website. The certificate is a single page document that contains the recipient’s personal information — their name, age, gender, identity document details, unique health ID, a reference ID — and some details about the vaccine given.<a name="ref2"></a> [2] It also includes a “secure QR code” and a link to CoWIN’s verification <a href="https://verify.cowin.gov.in/" target="_blank">portal</a>.
<br /><br />The verification portal allows for the verification of a certificate by scanning the attached QR code. Upon completion, the portal displays a success message along with some of the information printed on the certificate.
<br /><br />Verification is done using a cryptographic mechanism known as <a href="https://en.wikipedia.org/wiki/Digital_signature" target="_blank">digital signatures</a>, which are encoded into the QR code attached to a vaccine certificate. This mechanism allows “offline verification”, which means that the CoWIN verification portal or any private sector app attempting to verify a certificate does not need to contact the CoWIN servers to establish its authenticity. It instead uses a “public key” issued by CoWIN beforehand to verify the digital signature attached to the certificate.
<br /><br />The benefit of this convoluted design is that it protects user privacy. Performing verification offline and not contacting the CoWIN servers, precludes CoWIN from gleaning sensitive metadata about usage of the vaccine certificate. This means that CoWIN does not learn about where and when an individual uses their vaccine certificate, and who is verifying it. This closes off a potential avenue for mass surveillance. [3] However, given how certificate revocation checks are being implemented (detailed in the privacy implications section below), CoWIN ends up learning this information anyway.</p>
<h4>Where is digital verification useful?</h4>
<p>The primary argument for the adoption of digital verification of vaccine certificates over visual examination of regular paper-based ones is security. In the face of vaccine hesitancy, there are concerns that people may forge vaccine certificates to get around any restrictions that may be put in place on the movement of unvaccinated people. The use of digital signatures serves to allay these fears.
<br /><br />In its current form, however, digital verification of vaccine certificates is no more secure than visually inspecting paper-based ones. While the “secure QR code” attached to digital certificates can be used to verify the authenticity of the certificate itself, the CoWIN verification portal does not provide any mechanism nor does it instruct verifiers to authenticate the identity of the person presenting the certificate. This means that unless an accompanying identity document is also checked, an individual can simply present someone else’s certificate.
<br /><br />There are no simple solutions to this limitation; adding a requirement to inspect identity documents in addition to digital verification of the vaccine certificate would not be a strong enough security measure to prevent the use of duplicate vaccine certificates. People who are motivated enough to forge a vaccine certificate, can also duplicate one of the seven ID documents which can be used to register on CoWIN, some of which are simple paper-based documents. [4] Requiring even stronger identity checks, such as the use of Aadhaar-based biometrics, would make digital verification of vaccine certificates more secure. However, this would be a wildly disproportionate incursion on user privacy — allowing for the mass collection of metadata like when and where a certificate is used — something that digital vaccine certificates were explicitly designed to prevent. Additionally, in Russia, people were <a href="https://www.washingtonpost.com/world/europe/moscow-fake-vaccine-coronavirus/2021/06/26/0881e1e4-cf98-11eb-a224-bd59bd22197c_story.html" target="_blank">found</a> issuing fake certificates by discarding real vaccine doses instead of administering them. No technological solution can prevent such fraud.
<br /><br />As such, the utility of digital certificates is limited to uses such as international travel, where border control agencies already have strong identity checks in place for travellers. Any everyday usage of the digital verification functionality on vaccine certificates would not present any benefit over visually examining a piece of paper or a screen.</p>
<h4>Privacy implications of digital certificates</h4>
<p>In addition to providing little security utility over manual inspection of certificates, digital certificates also present privacy issues, these are listed below along with recommendations to mitigate them:
<br /><br /><em>(i) The verification portal leaks sensitive metadata to CoWIN’s servers:</em> An analysis of network requests made by the CoWin verification portal reveals that it conducts a ‘revocation check’ each time a certificate is verified. This check was also found in the source <a href="https://github.com/egovernments/DIVOC/blob/e667697b47a50a552b8d0a8c89a950180217b945/interfaces/vaccination-api.yaml#L385" target="_blank">code</a>, which is made openly available<a name="ref5"></a>.
[5]</p>
<p>Revocation checks are an important security consideration while using digital signatures. They allow the issuing authority (CoWIN, in this case) to revoke a certificate in case the account associated with it is lost or stolen, or if a certificate requires correction. However, the way they have been implemented here presents a significant privacy issue. Sending certificate details to the server on every verification attempt allows it to learn about where and when an individual is using their vaccine certificate.
<br /><br />We note that the revocation check performed by the CoWIN portal does not necessarily mean that it is storing this information. Nevertheless, sending certificate information to the server directly contradicts claims of an “offline verification” process, which is the basis of the design of these digital certificates.
<br /><br /><strong>Recommendations:</strong> Implementing privacy-respecting revocation checks such as Certificate Revocation Lists, [6] or Range Queries [7] would mitigate this issue. However, these solutions are either complex or present bandwidth and storage tradeoffs for the verifier.
<br /><br /><em>(ii) Oversharing of personally identifiable information:</em> CoWIN’s vaccine certificates include more personally identifiable information (name, age, gender, identity document details and unique health ID) than is required for the purpose of verifying the certificate. An examination of the vaccine certificates available to us revealed that while the Aadhaar number is appropriately masked, other personal identifiers such as passport number and unique health ID were not masked. Additionally, the inclusion of demographic details, such as age and gender, provides little security benefit by limiting the pool of duplicate certificates that can be used and are not required in light of the security analysis above.
<br /><br /><strong>Recommendation:</strong> Personal identifiers (such as passport number and unique health ID) should be appropriately masked and demographic details (age, gender) can be removed.
<br /><br />The minimal set of data required for identity-linked usage for digital verification, as described above, is a full name and masked ID document details. All other personally identifying information can be removed. In case of paper-based certificates, which is suggested for domestic usage, only the details about vaccine validity would suffice and no personal information is required.
<br /><br /><em>(iii) Making information available digitally increases the likelihood of collection:</em> All of the personal information printed on the certificate is also encoded into the QR code. This is <a href="https://www.bbc.com/news/uk-scotland-57208607" target="_blank">necessary</a> because the digital signature verification process also verifies the integrity of this information (i.e. it wasn’t modified). A side effect of this is that the personal information is made readily available in digital form to verifiers when it is scanned, making it easy for them to store. This is especially likely in private sector apps who may be interested in collecting demographic information and personal identifiers to track customer behaviour.
<br /><br /><strong>Recommendation:</strong> Removing extraneous information from the certificate, as suggested above, mitigates this risk as well.</p>
<h4>Conclusion</h4>
<p>Our analysis reveals that without incorporating strong, privacy-invasive identity checks, digital verification of vaccine certificates does not provide any security benefit over manually inspecting a piece of paper. The utility of digital verification is limited to purposes that already conduct strong identity checks.
<br /><br />In addition to their limited applicability, in their current form, these digital certificates also generate a trail of data and metadata, giving both government and industry an opportunity to infringe upon the privacy of the individuals using them.
<br /><br />Keeping this in mind, the adoption of this technology should be discouraged for everyday use.</p>
<p> </p>
<h4>References</h4>
<p>[1] Exceptions <a href="https://web.archive.org/web/20210511045921/https://www.mohfw.gov.in/pdf/SOPforCOVID19VaccinationofPersonswithoutPrescribedIdentityCards.pdf" target="_blank">exist</a> for people without state-issued identity documents.</p>
<p>[2] This information was gathered by inspecting three vaccine certificates linked to the author’s CoWIN account, which they were authorised to view, and may not be fully accurate.</p>
<p>[3] This design is similar to Aadhaar’s “<a href="https://resident.uidai.gov.in/offline-kyc" target="_blank">offline KYC</a>” process.</p>
<p>[4] “Aadhaar Card: UIDAI says downloaded versions on ordinary paper, mAadhaar perfectly valid”, <em>Zee Business</em>, April 29 2019, <em>https://www.zeebiz.com/india/news-aadhaar-card-uidai-says-downloaded-versions-on-ordinary-paper-maadhaar-perfectly-valid-96790</em>.</p>
<p>[5] This check was also verified to be present in the reference <a href="https://github.com/egovernments/DIVOC/blob/261a61093b89990fe34698f9ba17367d4cb74c34/public_app/src/components/CertificateStatus/index.js#L125" target="_blank">code</a> made available for private-sector applications incorporating this functionality, suggesting that private sector apps will also be affected by this.</p>
<p>[6] <a href="https://en.wikipedia.org/wiki/Certificate_revocation_list" target="_blank">Certificate Revocation Lists</a> allow the server to provide a list of revoked certificates to the verifier, instead of the verifier querying the server each time. This, however, can place heavy bandwidth and storage requirements on the verifying app as this list can potentially grow long.</p>
<p>[7] Range Queries are described in this <a href="https://www.ics.uci.edu/~gts/paps/st06.pdf" target="_blank">paper</a>. In this method, the verifier requests revocation status from the server by specifying a range of certificate identifiers within which the certificate being verified lies. If there are any revoked certificates within this range, the server will send their identifiers to the verifier, who can then check if the certificate in question is on the list. For this to work, the range selected must be sufficiently large to include enough potential candidates to keep the server from guessing which one is in use.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/do-we-really-need-an-app-for-that-examining-the-utility-and-privacy-implications-of-india2019s-digital-vaccine-certificates'>https://cis-india.org/internet-governance/blog/do-we-really-need-an-app-for-that-examining-the-utility-and-privacy-implications-of-india2019s-digital-vaccine-certificates</a>
</p>
No publisherdivyankPrivacyDigital IDCovid19Appropriate Use of Digital ID2021-08-03T05:13:28ZBlog EntryIFAT and ITF - Protecting Workers in the Digital Platform Economy: Investigating Ola and Uber Drivers’ Occupational Health and Safety
https://cis-india.org/raw/ifat-itf-protecting-workers-in-digital-platform-economy-ola-uber-occupational-health-safety
<b>Between July to November 2019, Indian Federation of App-based Transport Workers (IFAT) and International Transport Workers’ Federation (ITF), New Delhi office, conducted 2,128 surveys across 6 major cities: Bengaluru, Chennai, Delhi NCR, Hyderabad, Jaipur, and Lucknow, to determine the occupational health and safety of app-based transport workers. CIS is proud to publish the study report and the press release. Akash Sheshadri, Ambika Tandon, and Aayush Rathi of CIS supported post-production of this report.</b>
<p> </p>
<h4>Report: <a href="https://cis-india.org/raw/files/ifat-itf-protecting-workers-in-digital-platform-economy-ola-uber-occupational-health-safety-report/" target="_blank">Download</a> (PDF)</h4>
<h4>Press Release: <a href="https://cis-india.org/raw/files/ifat-itf-protecting-workers-in-digital-platform-economy-ola-uber-occupational-health-safety-press-release" target="_blank">Download</a> (PDF)</h4>
<hr />
<h3>Press Release, August 25, 2020</h3>
<p><br />Between July to November 2019, IFAT and ITF conducted 2,128 surveys across 6 major cities: Bengaluru, Chennai, Delhi NCR, Hyderabad, Jaipur, and Lucknow, to determine the occupational health and safety of app-based transport workers.</p>
<p>Some of the most startling findings from the survey are below:</p>
<ul>
<li>There is a complete absence of social security and protection—a glaring 95.3% claimed to have no form of insurance, accidental, health or medical. This reflects the inability of workers to invest in their own health. This partly is a result of declining wages—after paying off their EMIs, penalties and commission to the companies and having less than Rs. 20,000 left at the end of the month.<br /><br /></li>
<li>Only 0.15% of the respondents reported to have access to accidental insurance, which is the bare minimum companies like Ola and Uber should have provided to their drivers.<br /><br /></li>
<li>Uber and Ola provide no assistance with regard to harassment and violence while drivers are on the road. Ola or Uber for the most part do not intervene if there is any intimidation from traffic police or local authorities, incidents of road rage, violent attack by customers or criminal elements that endanger drivers’ lives, accidents while driving etc.<br /><br /></li>
<li>On average drivers spend close to 16-20 hours in their cars in a day. 39.8% of the respondents spent close to 20 hours in their vehicle in a day, and 72.8% of the respondents from Bengaluru, Chennai and Hyderabad drive for close to 20 hours a day. Due to long hours, 89.8% of the respondents claim they get less than 6 hours of sleep.<br /><br /></li>
<li>Health issues arising directly as a result of conditions of work is affecting the day-to-day lives of workers. Backache, constipation, liver issues, waist pain and neck pain are the top five health ailments that app-based transport workers suffer from due to their work. 60.7% respondents identified backache as a major health issue.</li>
</ul>
<p>App-based drivers/driver partners work in a very toxic and isolated work environment. Drivers can’t exit their current occupational status even if they want to because they are shackled in debts and outstanding EMIs. As a result, they race every day to complete targets so that they may earn just enough to pay these liabilities.</p>
<p style="text-align: justify; ">The work these drivers are engaged in cannot be considered to be within the ambit of decent work and in reality, is representative of modern slavery. The algorithm of the companies they work for, pits them against their peers in order to maximize profit, while at the same time denying them social security or protection and essentially refusing to acknowledge them as employees.</p>
<p style="text-align: justify; ">Drivers working in various cities and working for different app-based platforms have complained about the lack of transparency in how these app-based companies determine fares, promotional cost, surge pricing, incentives, penalties and bonuses. There is little to no information on how rides are being fixed or are being allocated. There also isn't any effective grievance redressal mechanism to resolve any of the issues faced by workers.</p>
<p style="text-align: justify; ">The apathy of the state and the exploitation by app-based companies have brought the transport and delivery workers in a precipitous position across the globe. This is underlined and explained by the absence and lack of any social security or protection for the workforce, there are some other issues that the workforce is battling during the Covid-19 pandemic.</p>
<p>Hear our voices and address our demands.</p>
<p>- <em>Shaik Salauddin</em></p>
<p>National General Secretary, Indian Federation of App-based Transport Workers (IFAT)<br /> Phone: +91 96424 24799</p>
<p> </p>
<p><strong>Indian Federation of App-based Transport Workers</strong><br /> Facebook: <a href="https://www.facebook.com/connectifat/" target="_blank">connectifat</a><br /> Twitter: <a href="https://twitter.com/connect_ifat" target="_blank">@connect_ifat</a><br /> YouTube: <a href="https://www.youtube.com/channel/UCA1AxGq0Fb_A_O_Ey44eiPg" target="_blank">Indian Federation of App-based Transport Workers</a></p>
<p>
For more details visit <a href='https://cis-india.org/raw/ifat-itf-protecting-workers-in-digital-platform-economy-ola-uber-occupational-health-safety'>https://cis-india.org/raw/ifat-itf-protecting-workers-in-digital-platform-economy-ola-uber-occupational-health-safety</a>
</p>
No publisherIndian Federation of App-based Transport Workers (IFAT) and International Transport Workers’ Federation (ITF), New Delhi officeDigital EconomyResearchers at WorkDigital LabourCovid19ResearchPlatform-WorkFeaturedHomepage2021-06-29T06:53:47ZBlog EntryAtmanirbhar Bharat Meets Digital India: An Evaluation of COVID-19 Relief for Migrants
https://cis-india.org/raw/migrant-workers-solidarity-network-and-cis-ankan-barman-atmanirbhar-bharat-meets-digital-india-an-evaluation-of-covid-19-relief-for-migrants
<b>With the onset of the national lockdown on 24th March 2020 in response to the outbreak of COVID-19, the fate of millions of migrant workers was left uncertain. In addition, lack of enumeration and registration of migrant workers became a major obstacle for all State Governments and the Central Government to channelize relief and welfare measures.</b>
<p style="text-align: justify; ">A majority of workers were dependent on relief provided by NGOs, Civil Society Organizations and individuals or credit via kinship networks. With mounting domestic and international pressures, various relief and welfare schemes were rolled out but they were too little, too late and more often than not characterised by poor implementation.</p>
<p style="text-align: justify; ">The aim of this report is to qualitatively assess health conditions of migrant workers and access to welfare during the first COVID-19 lockdown. The primary focus is on the host states of Tamil Nadu, Maharashtra and Haryana. 20 in-depth interviews were conducted remotely with migrant workers working in various sectors. Their access to welfare schemes of the Central Government as well as of their host states was ascertained. Emphasis was also laid on their access to healthcare facilities in relation to COVID-19 and non-COVID-19 ailments.</p>
<p style="text-align: justify; ">The findings of the report showcase a dismal state of affairs. No one in our sample group received any kind of dry ration or cooked food in a sustained manner and, in the rare occasions when they did, it was woefully inadequate. Of the three states considered, we found that relief distribution was the best in Tamil Nadu followed by Maharashtra and then Haryana. Even the Direct Cash Transfer Scheme of the Central Government under ‘<i>Atmanirbhar Bharat</i>’ did not reach the migrant workers. Moreover, the migrant workers were apprehensive to report any COVID-19 related symptom due to the draconian treatment that followed therein and the crumbling healthcare sector made it impossible to avail facilities in non-COVID-19 related issues. Lastly, a case has been made for the creation of bottom-level infrastructures to further dialogue between various stakeholders, including associations of migrant workers, for the implementation of schemes and policies which can consolidate migrant workers as a relevant political subject. As migrant workers reel from the impact of the second wave, pushing for on-ground infrastructure and supporting community-based organisations becomes even more urgent.</p>
<hr />
<p style="text-align: justify; "><a class="external-link" href="https://cis-india.org/raw/files/atmanirbhar-bharat-meets-digital-india.pdf">Click here to read the report</a> authored by Ankan Barman and edited by Ayush Rathi. [PDF, 882 kb]</p>
<p>
For more details visit <a href='https://cis-india.org/raw/migrant-workers-solidarity-network-and-cis-ankan-barman-atmanirbhar-bharat-meets-digital-india-an-evaluation-of-covid-19-relief-for-migrants'>https://cis-india.org/raw/migrant-workers-solidarity-network-and-cis-ankan-barman-atmanirbhar-bharat-meets-digital-india-an-evaluation-of-covid-19-relief-for-migrants</a>
</p>
No publisherankanRAW PublicationsResearchers at WorkCovid19FeaturedLabour FuturesAadhaarHomepage2021-06-03T12:53:57ZBlog EntryPandemic Technology takes its Toll on Data Privacy
https://cis-india.org/internet-governance/blog/deccan-herald-aman-nair-and-pallavi-bedi-june-13-2021-pandemic-technology-takes-its-toll-on-data-privacy
<b>The absence of any legal framework has meant these tools are now being used for purposes beyond managing the pandemic.</b>
<p style="text-align: center; ">The article by Aman Nair and Pallavi Bedi was <a class="external-link" href="https://www.deccanherald.com/specials/pandemic-technology-takes-its-toll-on-data-privacy-996870.html">published in the Deccan Herald </a>on June 13, 2021.</p>
<hr />
<p style="text-align: center; "><img src="https://cis-india.org/home-images/ArogyaSetuApp.jpg" alt="Arogya Setu App" class="image-inline" title="Arogya Setu App" /></p>
<p style="text-align: center; "><span class="discreet">People show Arogya Setu App installed in their phones while travelling by special New Delhi-Bilaspur train from New Delhi Railway Station. Credit: PTI File Photo<br /></span></p>
<p style="text-align: justify; "> </p>
<p style="text-align: center; "><img src="https://cis-india.org/home-images/CovidCertificate.jpg/@@images/672b385b-d0b0-49af-953d-ae96a42be117.jpeg" alt="Covid Certificate" class="image-inline" title="Covid Certificate" /></p>
<p style="text-align: center; "><span class="discreet">Jabalpur: A beneficiary shows his certificate on his mobile phone after receiving COVID-19 vaccine dose, at Gyan Ganga College in Jabalpur, Saturday, May 15, 2021. (PTI Photo)</span></p>
<p style="text-align: justify; ">At a time when technology is spawning smart solutions to combat Covid-19 worldwide, India’s digital response to the pandemic has stoked concerns that surveillance could pose threats to the privacy of the personal data collected. Be it apps or drones, there is widespread criticism that digital tools are being misused to share information without knowledge or consent. At the other end of the spectrum, the great urban-rural digital divide is hampering the already sluggish vaccination drive, exposing vulnerable populations to a fast-mutating virus.</p>
<p style="text-align: justify; ">Last year, the Centre, states and municipal corporations launched more than 70 apps relating to Covid-19, demonstrating the country’s digital-driven approach to handling the pandemic. Chief among these was the central government’s contact tracing app Aarogya Setu. Launched under the Digital India programme, the app quickly came under scrutiny over data privacy.</p>
<p style="text-align: justify; ">As per its privacy policy, Aarogya Setu collects personal details such as name, age, sex, profession and location. As there is no underlying legislation forming its basis, and in the absence of a personal data protection bill, serious privacy concerns regarding the collection, storage and use of personal data have been raised.</p>
<p style="text-align: justify; ">The government has attempted to mitigate these concerns with reassurances that the data will be used solely in tracing the spread of the virus. However, recent reports from the Kulgam district of Jammu and Kashmir point to the sharing of application data with police. This demonstrates how easy it is to use personal data for purposes other than which it was collected, and presents a serious threat to citizen privacy.</p>
<p style="text-align: justify; ">Though Aarogya Setu was initially launched as ‘consensual’ and ‘voluntary’, it soon became mandatory for individuals to download the app for various purposes such as air and rail travel (this order was subsequently withdrawn) and for government officials. Initially it was also mandatory for the private sector, but this was later watered down to state that employers should, on a ‘best effort basis', ensure that the app is downloaded by all employees having compatible phones. However, the ‘best effort basis’ soon translated into mandatory imposition for certain individuals, especially those working in the ‘gig economy’.</p>
<p style="text-align: justify; ">Several states had also launched apps for various purposes ranging from contact tracing of suspected Covid patients to monitoring the movement of quarantined patients. As a report by the Centre for Internet and Society observed, given the attention on Aarogya Setu, most of the apps launched by the state governments escaped scrutiny and public attention.Most of these apps either did not have a privacy policy or the policy was vague and often did not provide important details such as who was collecting the data, the time period for retaining the data and whether personal data could be shared with other departments, most notably, law enforcement.Apart from contact tracing apps, the pandemic also ushered in a wave of other apps and digital tools by the government. These include systems such as drones to check whether people are following Covid-19 norms and facial recognition cameras to report to the police whether someone has broken quarantine. Similar to Aarogya Setu, these tools have also largely been brought about in the absence of a legal and regulatory framework.<br />The absence of any legal framework has meant these tools are now being used for purposes beyond managing the pandemic.</p>
<p style="text-align: justify; ">The government is now planning to use facial recognition technology along with Aadhaar toauthenticate people before giving them vaccine shots.</p>
<p style="text-align: justify; ">Aarogya Setu is now linked with the vaccination process. Beneficiaries have been provided an option to register through Aarogya Setu. The pandemic has also provided a means for the government to bring in changes to health policies and introduce the National Health Data Management Policy for the creation of a Unique Health Identity Number for citizens.</p>
<h3 style="text-align: justify; ">Vaccination and digital platforms</h3>
<p style="text-align: justify; ">The use of digital technology has extended to the vaccination process through the deployment of the Covid Vaccine Intelligence Network (Co-WIN) platform.During the first phase of inoculation, beneficiaries were required to register on the Co-WIN app while in the subsequent phases, registration was to be done on the Co-WIN website. The beneficiary is required to upload a photo identity proof.</p>
<p style="text-align: justify; ">While Aadhaar has been identified as one of the seven documents that can be uploaded for this, the Health Ministry has clarified that Aadhaar is not mandatory for registration either through Co-WIN or through Aarogya Setu. However, as per media reports, certain vaccination centres still seem to insist on Aadhaar identity even though beneficiaries may have used another identity proof to register on the Co-WIN website.</p>
<p style="text-align: justify; ">It is also pertinent to note that the website did not have a privacy policy till the Delhi High Court issued directions on June 2, 2021. The privacy policy hyperlinked on the Co-WIN app directed the user to the Health Data Policy of the National Health Data Management Policy, 2020.</p>
<p style="text-align: justify; ">The vaccination drive has been used as a means to push the health identity project forward as beneficiaries who have opted to provide Aadhaar identity proof have also been provided with a health identity number on their vaccination certificate. It is interesting to note that Co-WIN’s privacy policy now states that if the beneficiary uses Aadhaar as identity proof, it can 'opt' to get a Unique Health Id.However, as a recent report revealed, health identity numbers have already been generated for certain beneficiaries without obtaining consent from them for the purpose.</p>
<h3 style="text-align: justify; ">Have the apps been successful?</h3>
<p style="text-align: justify; ">One could argue that privacy concerns are a worthwhile tradeoffin order to contain the spread of thepandemic. But it is worth examining how successful these technologies have been. In reality, the use of digital technology at every stage of combating the pandemic has clearly highlighted the extent of our digital divide. As per data from TRAI, there are around 750 million Internet subscribers in India,which is only a little more than half of India’s estimated 1.3 billion citizens — with this gap having a significant impact on the efficacy of the government’s strategies. Aarogya Setu has fallen far short of its goal, of having near universal adoption. It has limited adoption in much of the country. This has severely limited its efficacy in tracing the spread of the virus. Research from Maulana Azad Medical College has cited socio-economic inequalities,educational barriers and the lack of smartphone penetration as being the key causes behind the app’s limited success, pointing back to the digital divide. Moreover, the app has also brought with it a host of associated problems including lateral surveillance and function creep caused by the addition of new features. All of which, along with the previously mentioned privacy concerns, have served to hamper public trust and adoption.</p>
<p style="text-align: justify; ">A similar situation is seen in the case of vaccination and the Centre’s Co-WIN web portal. The need for registration, first on the Co-WIN app and later on the Co-WIN web portal, has disproportionately affected those who either have no or limited digital access. Many of them belong to vulnerable groups such as migrant and informal sector workers (mainly from disadvantaged castes), LGBTQIA + individuals, sex workers and both urban and rural poor. These issues have also been acknowledged by the Supreme Court, which raised serious concerns about the government being able to achieve its stated object of universal vaccination.</p>
<p style="text-align: justify; ">As the inoculation exercise opened up for the 18-45 age group, it increasingly favoured the urban population who possessed the technological and digital literacy to either create or access a host of tools. One need to only look at the wave of automated CO-WIN bots that arose as soon as the vaccination process was expanded to see how these dynamics manifested.</p>
<p style="text-align: justify; ">Ultimately, the digital-driven approach that the governments have adopted has resulted in a number of issues — most notably, data privacy and exclusion. Going forward, government strategies must actively account for these factors and ensure that citize rights are adequately protected.</p>
<p>
For more details visit <a href='https://cis-india.org/internet-governance/blog/deccan-herald-aman-nair-and-pallavi-bedi-june-13-2021-pandemic-technology-takes-its-toll-on-data-privacy'>https://cis-india.org/internet-governance/blog/deccan-herald-aman-nair-and-pallavi-bedi-june-13-2021-pandemic-technology-takes-its-toll-on-data-privacy</a>
</p>
No publisherAman Nair and Pallavi BediHealth TechPrivacyInternet GovernanceTechnological Protection MeasuresCovid19Healthcare2021-06-26T06:52:52ZBlog EntryIFAT and ITF - Locking Down the Impact of Covid-19
https://cis-india.org/raw/ifat-itf-locking-down-the-impact-of-covid-19
<b>This report, by Indian Federation of App-based Transport Workers (IFAT) and International Transport Workers’ Federation (ITF), New Delhi office, explores the responses to the outbreak of Covid-19 by digital platform based companies, trade unions, and governments to help out workers for digital platform based companies hereafter app based workers during the lockdown. The research work in this article is a characterization of the struggles of app based workers during the global pandemic and how it has affected and changed the world of work for them. The surveys were conducted amongst the workforce working for app based companies like Ola, Uber, Swiggy, Zomato etc. This study is partially supported by CIS as part of the Feminist Internet Research Network led by the Association for Progressive Communications.</b>
<p> </p>
<h4>Report: <a href="https://cis-india.org/raw/files/ifat-itf-locking-down-the-impact-of-covid-19-report/" target="_blank">Download</a> (PDF)</h4>
<h4>Press Release: <a href="https://cis-india.org/raw/files/ifat-itf-locking-down-the-impact-of-covid-19-press-release/" target="_blank">Download</a> (PDF)</h4>
<hr />
<h3>Press Release, 17 September, 2020</h3>
<p><br />Between March and June 2020, IFAT and ITF conducted 4 surveys with transport and delivery workers to assess (i) their income levels during the Covid-19 pandemic, (ii) the burden of loan repayment during these months, (iii) the relief provided to them by companies, and (iv) the access to welfare schemes offered by state and central governments.</p>
<p>The first survey, on income levels and loans administered in March 2020, had 5964 respondents, across 55 cities, in 16 states. The second and third surveys conducted in April 2020, on financial relief from companies and governments, had 1630 respondents, across 59 cities, in 16 states. The fourth survey was conducted in June 2020 to assess income levels as the economies were slowing opening up. Some of the most startling findings from the 4 surveys are:</p>
<ul>
<li>The average monthly EMI of the respondents in March 2020 was between Rs. 10,000 - 20,000. 51% of the respondents had taken vehicle loans from 19 national public sector banks.<br /><br /></li>
<li>30.3% of the respondents worked between 40-50 hours a week, in the week prior to the first national lockdown. Despite high hours of work, the average income of the drivers for the week commencing April 15, 2020 was less than Rs. 2500. 57% of respondents earned between 0 to Rs. 2250.<br /><br /></li>
<li>89.8% of workers did not receive any ration or food assistance, and 84.5% did not receive any financial assistance from either companies or governments.<br /><br /></li>
<li>Where companies had announced financial assistance programmes, including through donations collected by customers, there was no transparency in disbursement of funds. Other reasons for exclusion included administrative red tape (such as the requirement to produce bills that are GST compliant), and absence of clear criteria for eligibility, leading to random disbursement, among others.<br /><br /></li>
<li>Ola announced waiving off the rental amount for leased vehicles, and asked drivers to return such vehicles. However, there was no announcement of a plan to repossess vehicles once there was an easing of the lockdown, causing great anxiety among workers.<br /><br /></li>
<li>After the easing of the national lockdown, 69.7% of respondents indicated that they had no earnings, while 20% earned between Rs.500 to 1500.<br /><br /></li>
<li>2716 respondents from 19 states across gig platforms articulated their support for a peaceful demonstration against company practices.<br /><br /></li>
<li>Mandatory installation of Aarogya Setu by workers raised concerns of privacy, as this would allow companies to surveil workers and collect data on their movements after work hours.</li>
</ul>
<p>IFAT organised several meetings and protests after each survey, to bring attention to the vulnerable conditions of workers. At these gatherings, workers raised the following key demands:</p>
<ul>
<li>Companies must reduce commission rates to 5%, to allow workers to get back on their feet, and compensate for losses over the past few months;<br /><br /></li>
<li>Adequate protective equipment and health insurance cover to all drivers must be provided;<br /><br /></li>
<li>There must be increased transparency in disbursement process of funds, and in the criteria for selection of beneficiaries;<br /><br /></li>
<li>Compounded interest must be waived on EMIs for the 3 months of moratorium on loan repayment.</li>
</ul>
<p>Hear our voices and address our demands.</p>
<p><br /><em>Shaik Salauddin</em></p>
<p>National General Secretary, Indian Federation of App-based Transport Workers (IFAT)</p>
<p>Phone: +91 96424 24799</p>
<p><br /><strong>Indian Federation of App-based Transport Workers</strong></p>
<p>Facebook: <a href="https://www.facebook.com/watch/connectifat/" target="_blank">www.facebook.com/watch/connectifat/</a></p>
<p>Twitter: <a href="https://www.twitter.com/connect_ifat" target="_blank">www.twitter.com/connect_ifat</a></p>
<p>YouTube: <a href="https://www.youtube.com/channel/UCA1AxGq0Fb_A_O_Ey44eiPg" target="_blank">www.youtube.com/channel/UCA1AxGq0Fb_A_O_Ey44eiPg</a></p>
<p>
For more details visit <a href='https://cis-india.org/raw/ifat-itf-locking-down-the-impact-of-covid-19'>https://cis-india.org/raw/ifat-itf-locking-down-the-impact-of-covid-19</a>
</p>
No publisherIndian Federation of App-based Transport Workers (IFAT) and International Transport Workers’ Federation (ITF), New Delhi officeDigital EconomyResearchers at WorkDigital LabourCovid19ResearchPlatform-WorkFeaturedHomepage2021-06-29T07:27:09ZBlog EntryRaina Roy and Abhiraj Bag - Kolkata’s trans community has been locked out of healthcare and livelihood
https://cis-india.org/raw/raina-roy-abhiraj-bag-transgender-community-kolkata-covid19-healthcare-livelihood
<b>Over six months into the outbreak of Covid-19 in India, it has become clear that the pandemic does not affect everybody equally. It has amplified the sufferings of the already-marginalised trans community. Raina Roy spoke to 10 trans persons and trans rights activists in Kolkata over the course of the past few months to better understand the situation. The piece was transcribed by Abhiraj Bag and edited by Kaarika Das and Srravya C, researchers at the Centre for Internet and Society, India. This work is part of a project at CIS on gender, welfare and surveillance, supported by Privacy International, United Kingdom. </b>
<p> </p>
<p><em>Originally published by <a href="https://scroll.in/article/968182/coronavirus-kolkatas-trans-community-has-been-locked-out-of-healthcare-and-livelihood" target="_blank">Scroll</a> on July 28, 2020.</em></p>
<p>Raina is a founder of <a href="https://bdssamabhabona.org/" target="_blank">Samabhabona</a> (Baishamya Durikaran Samiti), a trans-led organisation in Kolkata working with trans rights since 2013. Abhiraj is a trans rights activist based in Kolkata.</p>
<hr />
<p>Over six months into the outbreak of Covid-19 in India, it has become clear that the pandemic does not affect everybody equally. It has amplified the sufferings of the already-marginalised trans community. We spoke to 10 trans persons and trans rights activists in Kolkata over the course of the past few months to better understand our situation as a community.</p>
<p>Several members of our community have lost their livelihoods due to the lockdown and remain unemployed for over three months now. Those engaged in sex work and begging have no respite in sight for the foreseeable future. As a community, we are more likely to be unemployed as traditional employment opportunities are inaccessible to us. Our health concerns are also diverse, as we grapple with gender dysphoria alongside other psychosocial issues. Covid-19 has exacerbated these inequalities and effectively locked us out of livelihood as well as healthcare.</p>
<h3>An alienating system</h3>
<p>When it comes to accessing institutional healthcare, visiting hospitals can be a daunting ordeal for trans men and trans women, as we frequently encounter discrimination and stigmatisation from healthcare providers.</p>
<p>Even in emergency cases such as accidents, medical attention is delayed due to confusion whether the patient should be admitted to the male or female ward. Finding compassionate healthcare providers is difficult, especially in government hospitals. Most often, they are not sensitised to trans-health issues.</p>
<p>Such experiences have alienated us from the healthcare system and left several members of the trans community reluctant to seek medical help.</p>
<p>Access to general healthcare has further worsened with Covid-19, as many are unable to seek emergency medical assistance. With no sustainable source of income and deteriorating health condition, elderly trans persons are hit with a double whammy. Despite their failing health, there is presently no provision for routine health check-up which they can avail. The reluctance to consult a healthcare service provider has increased due to the added risk of infection.</p>
<h3>SRS services are city-centric</h3>
<p>Many in the community had scheduled their sex reassignment surgery or SRS and started taking the necessary hormonal medication. However, because of Covid-19, they have now had to postpone their surgery indefinitely. This uncertainty further aggravated distress together with issues of hormonal imbalance. Due to loss of income, many are resorting to alternative cheap hormonal medication and without proper medical supervision, its consequence could be harmful.</p>
<p>Those who have undergone SRS or are currently on hormone replacement therapy often experience side effects such as rise in blood pressure and blood sugar levels, urinary tract infection, and other immunity-compromising problems. To treat these side-effects, a patient may need to consult an endocrinologist, gynaecologist or urologist. However, such specialists are only available at district hospitals. At the sub-district level, we may be able to consult a gynaecologist at best. An endocrinologist or urologist would be available only if we travelled to the district hospitals or medical college hospitals.</p>
<p>A lockdown spanning over three months, restrictions on travel and closure of public transport have made the city-centric, SRS-related healthcare systems inaccessible to the transgender persons in smaller towns and villages. Pre-Covid-19, a few NGOs and community-based organisations provided sexual health services. However, they were unable to continue their services during the lockdown. This has adversely impacted the trans community’s access to sexual health services.</p>
<p>So far, two trans women have been tested positive for Covid-19 in Kolkata. Thanks to the intervention from activists and other allies, they were quarantined in the female ward when they tested positive. Both were asymptomatic and are presently self-isolating at home. Within the trans community, there is inadequate awareness about Covid-19 testing protocols and procedures. The saving grace has been the dedicated provisioning of ten beds at the MR Bangur Hospital, specifically reserved for transgender persons.</p>
<h3>Community care</h3>
<p>The most hard-hitting impact of Covid-19 is undoubtedly on the mental health of our community. Often faced with social stigma and physical abuse, we take refuge in the comfort of each other’s support. In the absence of familial ties, community support is vital for our well-being. However, Covid-19 and the consequent lockdown measures, has distanced us from our only source of support and solace – community interaction and meet-ups.</p>
<p>Although digitally mediated communication has somewhat helped in coping, it is not as effective or cathartic as an in-person conversation. This has increased the susceptibility of substance abuse in the community. Parallelly, there has been a considerable rise in domestic violence cases too. Even under normal circumstances, we are more likely to encounter intimate partner violence, but are skeptical to seek redressal as the law-enforcing institutions – both judiciary and the police – are biased against us.</p>
<p>At hospitals, the constant misgendering that we face at the hands of healthcare professionals can be traumatising. Aparna Banerjee, a trans-person in Kolkata, said that this trauma has only worsened during Covid-19, when frontline healthcare workers are not sensitised about trans health. To escape this trauma, some trans women have resorted to unscientific castration, leading to urinary tract infection and kidney-related problems. Gender dysphoria also puts the trans community at a higher risk of anxiety, depression, self-harm and suicidal tendencies.</p>
<h3>The political milieu</h3>
<p>Such strains on our mental and physical health come at a time when we are already distressed by the thought of being disenfranchised. The latest National Register of Citizens list in Assam had excluded many trans persons, as they couldn’t establish family ties, for being disowned by their families. And if they were included, their gender was incorrectly stated.</p>
<p>With the 2019 Transgender Person Act coming into force, a District Magistrate is given the authority to recognise a person as trans. This defies the right to self-identify, as upheld in the 2014 NALSA judgement. The current provision also necessitates providing proof of surgery and has no consideration for gender incongruence. The burden of providing proof of surgery is unnerving, especially for someone who has just transitioned.</p>
<p>As such, the cumulative impact of the 2019 Transgender Person Act and the Citizenship Amendment Act-National Register of Citizen mandate could lead to a significant part of the community being disenfranchised. In resisting this coercive pronouncement, we staged a protest in Kolkata earlier this year.</p>
<h3>What can be done</h3>
<p>The health and well-being of the trans community has suffered decades of institutional neglect and the Covid-19 pandemic has intensified this suffering. Remedial policy measures have been long due and cannot be delayed any further. Shelter homes have been one of our long-standing demands, to ensure safety and care for the transgender community, particularly the elderly. It is important that such shelter homes are democratic spaces, and not religious centres, that are welcoming of trans persons from different walks of life.</p>
<p>Secondly, healthcare systems, both public and private, need to be more trans-friendly – doctors, nurses and other staff in hospitals and healthcare centres need to be sensitised and trained to identify and understand the healthcare needs of transmen and transwomen. Recruitment of more transgender people as health workers would go a long way in treating transgender patients more humanely, with support and care.</p>
<p>Measures to contain the spread of the pandemic should include increased testing of transgender persons, and tracking the testing and infection rates among trans persons. Relief measures aimed at addressing the economic crisis need to acknowledge the loss of livelihood in the trans community and provide adequate financial support and compensation. Finally, it is important that governments, both at the centre- and state-level, pay heed to our demands and include representatives from the trans community while formulating policies that impact our lives in significant ways.</p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/raw/raina-roy-abhiraj-bag-transgender-community-kolkata-covid19-healthcare-livelihood'>https://cis-india.org/raw/raina-roy-abhiraj-bag-transgender-community-kolkata-covid19-healthcare-livelihood</a>
</p>
No publisherRaina Roy and Abhiraj BagGenderCovid19ResearchGender, Welfare, and PrivacyResearchers at Work2020-08-01T14:54:16ZBlog Entry'I feel the pain of having nowhere to go': A Manipuri Trans Woman Recounts Her Ongoing Lockdown Ordeal
https://cis-india.org/raw/a-manipuri-trans-woman-recounts-her-ongoing-lockdown-ordeal-covid19
<b>"My life and work in Bengaluru came to an abrupt halt with the COVID-19 outbreak and lockdown this March. We no longer had jobs and were forced to plan our departure from the city." -- As told to Santa Khurai, Manipur-based queer and Nupi Manbi activist, artist and writer. Compiled by Aayush Rathi, a cisgender, heterosexual man, and researcher with Centre for Internet and Society, India. This account is part of an ongoing CIS research project on gender, welfare and surveillance in India, and is supported by Privacy International, UK.</b>
<p> </p>
<p><em>Originally published by <a href="https://www.firstpost.com/india/i-feel-the-pain-of-having-nowhere-to-go-a-manipuri-trans-woman-recounts-her-ongoing-lockdown-ordeal-8494321.html" target="_blank">Firstpost</a>, June 20, 2020.</em></p>
<hr />
<p>In 2015, I left my home state of Manipur for Bengaluru.</p>
<p>My name is Sarik*; I prefer to be known as Siku. I am a Nupi Manbi (trans woman).</p>
<p>Other Nupi Manbi had told me that Bengaluru is tolerant of transgender individuals, and that it is easy to find decent, well-paying jobs here. I contacted friends who had already moved here and relocated with their help.</p>
<p>Immediately, I found work at a fabric dyeing factory. The salary meant I could send some money home, my family was able to invest some of the funds in a monthly marup [revolving informal credit collective], and I was able to dream of someday having enough to buy a piece of land in Manipur.</p>
<p>I wasn’t to know at the time that just five years later, the happiness and hope would both prove fleeting.</p>
<p>***</p>
<p>I grew up in a small locality of Imphal East District, the youngest of three siblings. My mother had passed away, my father is a priest and story-teller, and my older brother worked as a traditional cook. As a result, our lives were fairly hand-to-mouth.</p>
<p>The frequent shifting of homes was very difficult for me, but I had no choice in the matter. I used to earn money by assisting other transgender friends in their tailoring works. While I worked hard in order to set aside enough money to own a small piece of land, it proved impossible with my meagre earnings.</p>
<p>After years of struggle, I decided to move to a big city with the aspiration to earn more.</p>
<p>***</p>
<p>My life and work in Bengaluru came to an abrupt halt with the COVID-19 outbreak and lockdown this March.</p>
<p>We no longer had jobs and were forced to plan our departure from the city. The Manipur government had announced measures that would allow stranded citizens to return to the state, so we began the formal process for our repatriation.</p>
<p>On 14 May 2020, three of us left Bengaluru in a special train that was organised for returnees to Manipur. Four days later, we were in Manipur.</p>
<p>When we reached Imphal, all returnees were first assembled at Modern College in Porompat, Imphal East. From there, we were sent to our respective constituencies to be quarantined. In the process, I was separated from my friends.</p>
<p>I was taken to Wangkhei Girl School as my permanent address falls under this constituency. At the quarantine centre, I was allocated a room shared by six other men. All the inmates were also sharing a toilet. This made me very uncomfortable; my body was undergoing changes due to hormonal effects.</p>
<p>In my discomfort, I reached out to transgender activist Santa Khurai, highlighting the need to set up a separate quarantine centre for transgender people. She immediately created a WhatsApp group for all the transgender people housed at different quarantine centres, keeping us updated about a separate quarantine centre for us. On the evening of 20 May, we rejoiced on seeing photos of the quarantine centre set up for transgender people. That night was the end of my terrible stay at the common quarantine centre.</p>
<p>***</p>
<p>On 21 May, I was shifted to the quarantine centre for transgender people at Ideal Blind School, Takyel. There, I was reunited with two of my friends. We stayed there for 17 days, receiving support from Santa Khurai through telecounseling. Before the quarantine period concluded, we were tested for COVID-19. We did not receive the results, but were advised to go back home. We were provided an acknowledgment in the form of a medical document. The relatives and parents of the other two trans girls had come to pick them up, but since my family doesn’t own a vehicle and it was not possible to hire on, I called a transgender friend to drop me home. I could sense some animosity in the neighbourhood, and decided not to step out from the house.</p>
<p>On the morning of 4 June, local governing bodies and clubs including Meira Paibi [a women’s rights group] thronged my house. A large crowd gathered in the temple shed. The club and Meira Paibi leader called my family members out and we were made to sit in the middle of a large group of people. They asked me to produce the result of the COVID-19 test, and I showed the acknowledgement given to us at the quarantine centre. People in the crowd passed the paper to each other disapprovingly, arguing that I hadn’t been declared COVID negative. One of the local club leaders called the police and doctors. The doctor who was in charge of the facility for transgender persons responded to the call, and validated my discharge from quarantine.</p>
<p>After few hours, even the police arrived and said that I could stay at home. However, the locals pressured the cops into taking my family — including my frail father who is in his 80s — to the police station.</p>
<p>***</p>
<p>We were finally allowed to leave the police station after several rounds of interrogation. My father, my brother (along with his wife and son) were taken back home by the police, while I was separately dropped off at a hotel in Gandhi Avenue, Thangal Bazar. I was advised to check in the hotel at around 3 pm; the charge was Rs 1,000 per day. When I asked the man who would pay for the room, he said, “Let’s see. At least you will be safe to stay here as the locals didn’t accept you coming home. You stay here until the test result come out.”</p>
<p>I called Santa in desperation, who consoled and reassured me. In the meantime, I had also called my sister to ask if some clothes could be brought for me. Her response alarmed and frightened me: My sister told me that my family were not being allowed to enter the house. The gate had been locked and they were instructed to stay at a quarantine centre as they were exposed to me. The news shocked me and made me desperate in wanting the test result to come out expeditiously, so that it would at least prevent any further hardships for my family.</p>
<p>Now I’m staying at the hotel. I fear going back to the house, the hostility of the locals, my family being attacked, my old father being forced to stay at a quarantine centre. I feel the pain of having nowhere to go. It is also infuriating to think that this could have been completely avoided had the officials not been in a haste to make us leave the quarantine centre, and had let us stay till the actual test results were received.</p>
<p><em>* Name changed to protect identity</em>.</p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/raw/a-manipuri-trans-woman-recounts-her-ongoing-lockdown-ordeal-covid19'>https://cis-india.org/raw/a-manipuri-trans-woman-recounts-her-ongoing-lockdown-ordeal-covid19</a>
</p>
No publisherSanta KhuraiGenderCovid19ResearchGender, Welfare, and PrivacyResearchers at Work2020-06-22T11:42:39ZBlog EntryDWRU, BBGS & MKU - The Covid-19 Pandemic and the Invisible Workers of the Household Economy
https://cis-india.org/raw/dwru-bbgs-mku-covid19-invisible-household-workers
<b>Domestic Workers Rights Union (DWRU), Bruhat Bangalore Gruhakarmika Sangha (BBGS), and Manegelasa Kaarmikara Union (MKU) have prepared a report on the invisibilisation of domestic workers under the Covid-19 pandemic and a set of demands directed at the government and resident welfare associations (RWAs) for better, dignified and just treatment of domestic workers in Karnataka. We at CIS are proud to contribute to and publish this work as part of the ongoing 'Feminist Internet Research Network' project supported by the Association for Progressive Communications (APC).</b>
<p> </p>
<h4>Report: <a href="https://cis-india.org/raw/files/dwru-bbgs-mku-covid19-invisible-household-workers-report" target="_blank">Download</a> (PDF)</h4>
<p><em>This report is authored by Geeta Menon, and edited by Aayush Rathi (CIS) and Ambika Tandon (CIS).</em></p>
<hr />
<h3><strong>Introduction</strong></h3>
<p>Up until the first phase of the imposition of lockdown in India, while restrictions were enforced, domestic workers went to work as usual. Domestic workers were aware of the announcements of precautions, but the
employers insisted they come for work disregarding any concerns for workers' safety.</p>
<p>During the phase of strict imposition of the first lockdown, covering the time from March 24, 2020 to the first week of May, several corporate employees “worked from home”. While pictures of employers’ families spending family time, and learning to clean and cook, circulated widely on social media and in press, domestic workers lived in cramped conditions with the fear of rations running out.</p>
<p>In the first 2 weeks of May, a survey of nearly 2400 domestic workers in Bengaluru was conducted by Domestic Workers Rights Union (DWRU), Bruhat Bangalore Gruhakarmika Sangha (BBGS), and Manegelasa Kaarmikara Union. Some of the findings from the survey are below:</p>
<ul><li>2084 (about 87%) of the workers were told not to come for work since the lockdown in March and were not sure if and when they would be called to work again.</li>
<li>341 workers in the areas surveyed by BBGS (87%) and 150 workers in the areas surveyed by Manegelasa Kaarmikara Union lost their jobs entirely during the lockdown.</li>
<li>91% of workers lost their salaries for the month of April.</li>
<li>50% of all workers above the age of 50 lost their jobs during the lockdown.</li></ul>
<p>The report also showcases the tyranny and hypocrisy of resident welfare associations (RWAs) and employers. The period of relaxation of the lockdown has again seen RWAs issuing directives that are demeaning to domestic workers and pose insurmountable barriers to domestic workers’ ability to work. For example, several RWAs issued emails advising residents to ask domestic workers to minimise or avoid usage of the lift and take the stairs instead. They also discouraged domestic workers from waiting in the common areas in between shifts. RWAs also invaded domestic workers’ privacy by mandating the disclosure of personal information without any protocols in place to keep this information secure.</p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/raw/dwru-bbgs-mku-covid19-invisible-household-workers'>https://cis-india.org/raw/dwru-bbgs-mku-covid19-invisible-household-workers</a>
</p>
No publisherGeeta MenonCovid19ResearchNetwork EconomiesResearchers at WorkDigital Domestic Work2020-06-19T12:34:22ZBlog Entry Unlock = Open, not Choked!
https://cis-india.org/telecom/blog/unlock-open-not-choked
<b> Don't let a virus stall initiatives and weaken the economy.</b>
<p>This article first appeared in the <a class="external-link" href="https://www.business-standard.com/article/opinion/unlock-open-not-choked-120060400079_1.html">Business Standard</a> and on June 4, 2020.</p>
<hr />
<p> </p>
<p>A
recent column in this newspaper juxtaposed the way smart, experienced
people have high expectations, only to be disappointed by our weak
state’s predictable failures (<em><a href="https://www.business-standard.com/article/opinion/strong-expectations-from-a-weak-state-120052401090_1.html" rel="nofollow" target="_blank">Strong expectations from a weak state</a>, May 25</em>).
Is there justification for any optimism, or at least hope? Here is an
exploration of reasons for persisting in the face of continued odds, and
pushing for economic recovery. Why should one persist with constructive
efforts? Because a rising tide lifts all boats, and one’s contribution
can affect outcomes. And because attempts at partial opening will not
suffice.</p>
<div>
There could be new economic opportunities by way of capacity, logistics
or markets, or a wider array of sustainable consumer choices, whether
for manufactured goods, services, or activities. Think back, and surely
you have witnessed government action extend beyond the grind of just
keeping everything going.</div>
<div>
One instance of major change that affected the economy was in 1990, when
the secretary of the Department of Electronics N Vittal worked in close
consultation with industry. This resulted in path-breaking reforms,
such as the setting up of “high-speed” links (of a mere 64 kilobits per
second at the time) between Information Technology (IT) companies in
Indian software technology parks and their international clients, and
various tax incentives that followed much later. The offshore services
industry gathered strength, and later expanded to cover IT-enabled
services with call centres and business processing, extending to
knowledge processing.</div>
<div>
Likewise, telecommunications reforms began in 1990, when prime minister
Chandra Shekhar led a shaky government for a brief period. The
telecommunications ministry was looking for a private sector consultant.
Through an invisible network, an investment banker who had been a
management consultant in San Francisco was asked to look into
telecommunications reforms. This led to the setting up of the Athreya
Committee and its recommendations: On separating policy-making from
operations, corporatising the Mahanagar Telephone Nigam as an operating
company for Delhi and Mumbai, and Bharat Sanchar Nigam for the rest,
while recommending access to private sector operators. All this was not
smooth and painless, and took years, but did happen eventually, although
the separation remains untidy.</div>
<div>
By 1998, telecommunications operators were in a situation similar to the
predicament some months ago, of weak revenues and a debt overhang, with
some differences. There were many operators with heavy debt because of
government charges and limited revenue generation capacity, because of
smaller networks and less clients. This is the “winners’ curse” of
auctions, when exorbitant amounts are paid to government for auctions,
with nothing left for building and running networks and enterprises to
generate the revenues to justify those payments. There are exceptions,
as in the social democrat Nordic states, or state-controlled allocations
as in China, or in Japan for a number of years.</div>
<div>
Key people in government grasped this. The Prime Minister’s Office
consulted with industry and external consultants, and took action. This
resulted in the New Telecom Policy 1999 (NTP-99), whereby the major
change was converting up-front licence fees to revenue sharing, although
the policy was uneven because of cherry-picked recommendations.
Initially, the government set the percentage share too high. It took
years to reduce and trigger rapid growth. This came about through
reduced government charges, calling party pays (which cut call costs),
and a price war, brought on by the stealth entry of a new technology
(CDMA) network, which the authorities allowed despite incumbent
protests. Mobile services then grew exponentially from 2004, until the
2G spectrum scam surfaced in 2011.</div>
<div>
A stream of articles advocated extending revenue-sharing to spectrum
fees as for licence fees, and for shared infrastructure including
spectrum. In 2011, a senior official in the DoT was sufficiently
impressed to explore the possibility of evaluating alternatives using
simulation models. But the 2G scam broke after the first few meetings of
DoT officials, and this process was aborted. Instead of major changes
based on simulations, a mere statement of intent about spectrum pooling
and sharing made it into NTP-2012.</div>
<div>
There were other incredible developments, although with no apparent
results (yet). For instance, in 2013, a non-governmental organisation,
the Centre for Internet and Society in Bengaluru, arranged for the
former chief technology officer of the US Federal Communications
Commission, Jon Peha, who had pioneered changes in America, to meet with
top officials of the DoT, the Telecom Regulatory Authority of India,
and some IIT professors. The latter conducted successful trials using TV
White Space spectrum for the Ministry of Electronics and Information
Technology. The details are many, but the point is that constructive
advocacy can have an impact.</div>
<div>
<strong>Reviving the Economy Now</strong></div>
<div>
We are in a difficult situation, with our economy and society battered
by the lockdown and much else. We will need to do everything possible to
recover, and it will take years. Attempts at partial opening will not
suffice. Systemic revival calls for unrestricted flows of money, people,
activity, and goods and services.</div>
<div>
While reactivating the economy, we will need to be cautious through the
pandemic (through “social distancing”, using masks to reduce infection,
avoiding close contact with outsiders, and so on). But survivors have to
live with this virus, as with other strains of viruses and bacteria,
and other threats.</div>
<div>
Consider traffic accidents, which average over 145,000 deaths annually (data 2013-2017: <a href="https://ncrb.gov.in/sites/default/files/chapter-1A-traffic-accidents-2017_0.pdf">https://ncrb.gov.in/sites/default/files/chapter-1A-traffic-accidents-2017_0.pdf</a>).
Extrapolating, this means a million fatalities in seven years, yet we
don’t shut down all traffic. By comparison, Covid-19 had about 6,000
fatalities since January.</div>
<div>
A proportion of the medical fraternity opines that (a) there is
community spread of Covid-19, and (b) with many cases milder than the
expected severity, that most patients need home care rather than
hospitalisation. If these continue, our health systems will not be
overwhelmed with severe cases. Also, so far, India has had a relatively
low fatality rate of 2.8 per cent (<em>see chart</em>).</div>
<p> </p>
<p> </p>
<p><img src="https://cis-india.org/telecom/case-fatality-rate/" alt="null" width="50%" /></p>
<p> </p>
<div>
Source: Data - <a href="https://ourworldindata.org/coronavirus">https://ourworldindata.org/coronavirus</a></div>
<div>
As long as these factors hold, our priority has to be unfettered
economic activity. Countries with higher fatality rates, including
Sweden, China, Japan and Germany in the chart, have open economic
activity (with tremendous productivity). We will weaken and our problems
will escalate if we are held back.</div>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/telecom/blog/unlock-open-not-choked'>https://cis-india.org/telecom/blog/unlock-open-not-choked</a>
</p>
No publisherShyam PonappaTelecomEconomicsCovid192020-06-15T03:04:18ZBlog Entry A Compilation of Research on the Gig Economy
https://cis-india.org/raw/a-compilation-of-research-on-the-gig-economy
<b>Over the past year, researchers at CIS have been studying gig economies and gig workers in India. Their work has involved consultative discussions with domestic workers, food delivery workers, taxi drivers, trade union leaders, and government representatives to document the state of gig work in India, and highlight the concerns of gig workers.
The imposition of a severe lockdown in India in response to the outbreak of COVID-19 has left gig workers in precarious positions. Without the privilege of social distancing, these workers are having to contend with a drastic reduction in income, while also placing themselves at heightened health risks. </b>
<p> </p>
<h3 dir="ltr">On gig economy during the COVID-19 pandemic</h3>
<p dir="ltr">Supported by <a href="https://www.apc.org/en/project/firn-feminist-internet-research-network">Feminist Internet Research Network</a> led by the Association for Progressive Communications (APC) and funded by the International Development Research Centre (IDRC)</p>
<ul><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">Along with Tandem Research, we spoke to leaders of four unions that represent gig workers across the country about the risks and vulnerabilities that they are having to contend with in the face of the COVID-19 crisis. <strong>Zothan Mawii</strong> (Tandem Research), <strong>Ambika Tandon</strong>, and <strong>Aayush Rathi</strong> share key reflections in this essay published on The Wire. (<a href="https://cis-india.org/raw/gig-workers-need-support">link</a>).</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">Based on the discussion, a charter of recommendations was prepared with contributions from participants, and was shared with public and private stakeholders. (<a href="https://cis-india.org/raw/covid-19-charter-of-recommendations">link</a>)</p>
</li></ul>
<div> </div>
<h3 dir="ltr">On domestic workers in the platform economy </h3>
<p dir="ltr">Supported by <a href="https://www.apc.org/en/project/firn-feminist-internet-research-network">Feminist Internet Research Network</a> led by the Association for Progressive Communications (APC) and funded by the International Development Research Centre (IDRC)</p>
<ul><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">We discussed our ongoing research on the platformisation of domestic work in India with domestic workers, union members, and representatives from the Karnataka Labour Department in November 2019. <strong>Tasneem Mewa</strong> documented the rich discussion from this consultation. (<a href="https://cis-india.org/raw/platformisation-of-domestic-work-in-india-report-from-a-multistakeholder-consultation">link</a>)</p>
</li></ul>
<p dir="ltr">CIS worked with members of the Domestic Workers Rights Union to conduct field research on the lives and challenges of domestic workers in the platform economy. The following essays published on GenderIT capture their experiences of doing this research:</p>
<ul><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr"><strong>Parijatha G.P.</strong> writes about a “gated society management app,” MyGate, and the experiences of surveillance of migrant workers in Bengaluru. (<a href="https://www.genderit.org/articles/domestic-work-platform-economy-reflections-awareness-workers-rights">link</a>) </p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr"><strong>Radha Keerthna</strong> writes about the similarity in the conditions of domestic workers in the traditional and platform economy, particularly the precarity and invisibility of labour. (<a href="https://www.genderit.org/articles/domestic-work-platform-economy-reflections-conducting-interviews-sensitive-issues">link</a>)</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr"><strong>Sumathi</strong>, a union leader, reflects on and her experience as an activist-researcher interacting with domestic gig workers through the course of our study. (<a href="https://www.genderit.org/articles/domestic-work-platform-economy-reflections-difficulty-set-interviews">link</a>)</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr"><strong>Zeenathunissa</strong> shares the difficulty of speaking to domestic workers in the gig economy, especially when workers undergo constant surveillance by employers and companies. (<a href="https://www.genderit.org/articles/domestic-work-platform-economy-reflections-research-and-social-work">link</a>)</p>
</li></ul>
<p dir="ltr"> </p>
<h3 dir="ltr">On economic, algorithmic, and affective vulnerabilities of gig workers</h3>
<p dir="ltr">Supported by <a href="https://azimpremjiuniversity.edu.in/SitePages/research-grant-overview.aspx">Azim Premji University</a></p>
<p dir="ltr">CIS commissioned a set of four field studies of platform workers delivering food and driving taxis for platform companies in Mumbai and New Delhi. The researchers involved wrote a series of essays that were published by Platypus blog of CASTAC:</p>
<ul><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr"><strong>Anushree Gupta</strong> explores women’s presence as workers as well as passengers/customers in the ride hailing platform economy in Mumbai and related concerns of safety and risk mitigation. (<a href="https://cis-india.org/raw/anushree-gupta-ladies-log-women-safety-risk-transfer-ridehailing">link</a>)</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr"><strong>Sarah Zia</strong> highlights how algorithmic management of work and revenue targets of gig workers impact their everyday lives and plans for the future. (<a href="https://cis-india.org/raw/sarah-zia-not-knowing-as-pedagogy-ride-hailing-drivers-in-delhi">link</a>)</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">Kinship networks are a critical source of safety and security for workers in the gig economy. <strong>Simiran Lalvani</strong> writes about the network among transportation workers in Mumbai, also reflecting on implications for those who are excluded. (<a href="https://cis-india.org/raw/simiran-lalvani-workers-fictive-kinship-relations-app-based-food-delivery-mumbai">link</a>)</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr"><strong>Noopur Raval</strong> and <strong>Rajendra Jadhav</strong> describe the unregulated and exploitative temporal structures of gig work, and how work-time of gig workers get configured by customer-facing promises of platform companies. (<a href="https://cis-india.org/raw/noopur-raval-rajendra-jadhav-power-chronography-of-food-delivery-work">link</a>)</p>
</li><li style="list-style-type: disc;" dir="ltr">
<p dir="ltr">The four researchers, led by <strong>Noopur Raval</strong> (co-PI for the project, held a roundtable discussion to reflect on methods, challenges, inter-subjectivities and possible future directions for research on the gig economy and its workers. (<a href="https://cis-india.org/raw/india-gig-work-economy-roundtable">link</a>)</p>
</li></ul>
The consultants - Noopur Raval, Anushree Gupta, Rajendra Jadhav, Sarah Zia and Simiran Lalvani - involved in this project on mapping digital labour in India’s platform economies (in Mumbai and New Delhi) gathered in <a href="https://cis-india.org/raw/platform-work-india-panel-discussion-20190719">Bengaluru on July 19, 2019</a> to share their preliminary field insights along with reflections on what it meant to do such studies, how they went about studying gig-work, and challenges that arose in their work. Watch the livestream from this discussion <a href="https://www.youtube.com/watch?v=Q1lwpb3jRMQ">here</a>.
<p>
For more details visit <a href='https://cis-india.org/raw/a-compilation-of-research-on-the-gig-economy'>https://cis-india.org/raw/a-compilation-of-research-on-the-gig-economy</a>
</p>
No publisherAayush Rathi, Ambika Tandon, Sumandro ChattapadhyayGenderDigital LabourCovid19ResearchPlatform-WorkRAW ResearchresearchResearchers at WorkDigital Domestic Work2020-05-19T08:20:20ZBlog EntryCOVID-19 Charter Of Recommendations on Gig Work
https://cis-india.org/raw/covid-19-charter-of-recommendations
<b>Tandem Research and the Centre for Internet and Society organised a webinar on 9 April 2020, with unions representing gig workers and researchers studying labour rights and gig work, to uncover the experiences of gig workers during the lockdown. Based on the discussion, the participants of the webinar have drafted a set of recommendations for government agencies and platform companies to safeguard workers’ well being. Here are excerpts from this charter of recommendation shared with multiple central and state government agencies and platforms companies.</b>
<p> </p>
<em><a href="https://cis-india.org/raw/zothan-mawii-covid-19-and-relief-measures-for-gig-workers-in-india" target="_blank">Summary of discussions</a> from the COVID-19 and Gig Economy webinar, authored by Zothan Mawii, Tandem Research</em>
<hr />
<h3><strong>Contributors</strong></h3>
<ol>
<li>Aayush Rathi, Ambika Tandon and Tasneem Mewa, The Centre for Internet and Society, India</li>
<li>Aditi Surie, Indian Institute for Human Settlements</li>
<li>Anita Gurumurthy and Nandini Chami, IT for Change</li>
<li>Astha Kapoor, Aapti Institute</li>
<li>Dharmendra Vaishnav, Indian Delivery Lions (IDL)</li>
<li>Janaki Srinivasan, International Institute of Information Technology, Bangalore</li>
<li>Kaveri Medappa, University of Sussex</li>
<li>Pradyumna Taduri, Fairwork Foundation</li>
<li>Rakhi Sehgal, Gurgaon Shramik Kendra</li>
<li>Sangeet Jain, Researcher</li>
<li>Shaik Salauddin, Indian Federation of App-based Transport Workers (IFAT)</li>
<li>Shohini Sengupta, Assistant Professor of Research, Jindal School of Banking and Finance</li>
<li>Simiran Lalvani, Independent researcher</li>
<li>Tanveer Pasha, Ola, Taxi 4 Sure and Uber Drivers and Owners’ Association (OTU)</li>
<li>P. Vignesh Ilavarasan, Researcher and professor, IIT Delhi</li>
<li>Vinay Sarathy, United Food Delivery Partners’ Union (UFDPU)</li>
<li>Vinay K. Sreenivasa, Advocate, Alternative Law Forum</li>
<li>Zothan Mawii, Iona Eckstein and Urvashi Aneja, Tandem Research</li></ol>
<h3><strong>Context</strong></h3>
<p>The nationwide lockdown in response to the ongoing COVID-19 pandemic has had a devastating impact on ‘gig workers’ working for on-demand service platforms such as those providing ride-hailing, home-based work and food delivery services and also e-commerce companies. Those driving for on-demand transportation companies have lost their source of livelihood as services remain suspended.</p>
<p>Workers for on-demand delivery and home-based services, on the other hand, have been deemed “essential” and continue to work although demand has fallen drastically. Earnings for delivery workers have fallen to as low as INR 100-300 per day for a whole day’s work. Workers face a high risk of contracting COVID-19 due to their exposure to multiple customers. Apprehensions are rising after a <a href="https://indianexpress.com/article/cities/delhi/pizza-man-who-tested-covid-19-positive-also-delivered-food-for-us-zomato-6365513/" target="_blank">delivery worker for Zomato</a> tested positive for COVID-19 in New Delhi. Demand has fallen further but delivery workers must continue to put themselves and their families’ health and safety at risk with limited or no provisions for personal protective equipment or other safety measures <a href="https://gadgets.ndtv.com/apps/news/swiggy-zomato-customer-advisory-coronavirus-outbreak-covid-19-india-2193038" target="_blank">offered by companies</a>.</p>
<p>The relief works announced by the central and state governments do not specifically provide for ‘gig workers’. At the same time, the measures announced by on-demand service companies are inadequate, ambiguous and inconsistent. The eligibility, manner and quantum of relief and the process of availing relief is unclear to workers.</p>
<p>We urge you to bolster the socio-economic and healthcare protections for ‘gig workers’ in India in light of the outbreak of COVID-19. Any efforts aimed at directing relief to ‘gig workers’ will have to be combined, involving the central and state governments and on-demand service companies.</p>
<p>We suggest that the measures adopted incorporate the recommendations outlined below. The recommendations have been drafted after discussion between civil society actors including labour unions from delivery and transportation sectors, researchers, and activists. A summary of the discussions leading to this charter of recommendations can be found <a href="https://cis-india.org/raw/zothan-mawii-covid-19-and-relief-measures-for-gig-workers-in-india" target="_blank">here</a>.</p>
<h3><strong>Charter of Recommendation on Gig Work</strong></h3>
<p><img src="https://cis-india.org/raw/covid19-charter-image-1/" alt="null" width="85%" /></p>
<p><img src="https://cis-india.org/raw/covid19-charter-image-2/" alt="null" width="85%" /></p>
<p><img src="https://cis-india.org/raw/covid19-charter-image-3/" alt="null" width="85%" /></p>
<p> </p>
<p>
For more details visit <a href='https://cis-india.org/raw/covid-19-charter-of-recommendations'>https://cis-india.org/raw/covid-19-charter-of-recommendations</a>
</p>
No publisherAayush Rathi and Ambika TandonResearchers at WorkGig WorkDigital LabourCovid19ResearchPlatform-WorkFuture of WorkFeaturedNetwork EconomiesHomepage2020-05-13T08:53:02ZBlog Entry