A Kerala Police directive to collect call detail records (CDR) of Covid-19 patients for contact tracing has met with objections, with the Opposition alleging that the move infringes upon citizens’ right to privacy.
The government recently assigned police the task of contact tracing and ensuring compliance with quarantine and social distancing rules and control of the containment zones amid a surge in Covid-19 cases. Subsequently, state police chief Loknath Behera on August 11 directed the ADGP (intelligence) T K Vinod Kumar to get the CDR of live positive cases from mobile service providers for contact tracing.
Congress leader Ramesh Chennithala told the media on Thursday that by allowing police to collect CDR, the government violated Supreme Court orders protecting the right to privacy. “Provisions of Indian Telegraph Act permit collecting CDR only in very serious criminal cases. Does the government see patients as criminals or is getting infected by Covid-19 a crime?” he said.
The Opposition leader said the DGP order empowering police to collect CDR would not stand judicial scrutiny. “The order should be withdrawn immediately. The telecom companies need not hand over CDRs to police when they demand, as the police have no right to make such demands. The government is collecting CDR without the consent of patients,” he said.
Justifying the move, Chief Minister Pinarayi Vijayan had said on Wednesday, “It is part of deploying technology for contact tracing. Law enforcement agencies have the right to collect CDR. It is done for public health and safety. The fear that the data would be misused for any other purpose is out of place.”
Police sources said the government had issued an order on June 29 for obtaining data such as mobile call records and location details from telecom subscribers for the purpose of tracing persons who have come in contact with Covid-19 infected persons, and this stands legal scrutiny under Section 69 of Information Technology Act and Section 5 (2) of the Telegraph Act.
Sources said that CDR and tower location of a few patients or their contacts have been collected in instances where the persons have been reluctant to disclose their route map for effective contact tracing. “The sensitive data is part of personally identifiable information there is a clear security protocol for processing this. Health department has been alerted about steps to be taken but the data has not been shared with any other agency. However, we haven’t taken consent from persons regarding collecting their CDR details,” sources said, adding that the follow-up action based on the August 11 directive is only in process.