Adhering to the Kerala High Court's orders, US data company 'Sprinklr' on Saturday, informed the Court that it has deleted all back-up data on COVID-19 patients shared with it by the state government. The state government had filed a n affidavit affirming that no data was shared with Sprinklr after it was transferred to the Centre for Development of Imaging Technology (C-DIT) cloud space and Sprinklr had no access to the system. The affidavit also reads that in case, any data would need to be shared, a detailed protocol including anonymisation would be followed.
United States-based company Sprinklr, which was entrusted with handling data related to #COVID19 patients, has informed Kerala High Court that it has deleted all backup data shared with it by the state govt.— ANI (@ANI) May 23, 2020
On April 24, upholding COVID-19 patients' privacy, the Kerala High Court directed the state government to anonymize all data collected and collated so far and allow US-firm Sprinklr to access data only after anonymization is completed while hearing pleas challenging the Kerala govt- Sprinklr deal. Moreover, the court also directed Sprinlklr to not breach data confidentiality, not advertise, and to return the data as soon as their contract expires. It has also directed it to delete any residual data.
Moreover, the court ordered the Kerala government to inform individuals that the data will be accessed by Sprinklr and obtain their consent. The Centre had argued that the state government must clarify that sufficient safeguards are taken to protect citizens' privacy while sharing data with the foreign firm for COVID-19 surveillance. The Kerala government had roped in the US-based firm to handle data compiled by the government in its Coronavirus battle efforts.
Reports state that the CPI(M)-led government used Sprinklr, a SaaS (Software as a Service) company to aide grassroots health workers to compile data on people about their symptoms and health conditions. The company had reportedly developed a tool to assist doctors and medical officials to choose if a particular citizen needed hospitalisation, based on their inputs. This has raised major concerns of privacy.
The controversy erupted when Leader of the Opposition and Congress leader Ramesh Chennithala alleged that the government had allowed the US firm to access health data of around 1.75 lakh people under quarantine without taking their consent. He added that the government did not follow due procedures in choosing Sprinklr and risked the transfer of crucial health data of the citizens to pharmaceutical companies. The government, in response, has defended its move stating that it needed an app to collated data which was collected on a massive scale and that Sprinklr’s tool was already ready and needed customization, as per reports.