Defender of your Digital Freedom

Home > Online Censorship > Joint Letter to the Central and State Governments on Unwarranted, Excessive, Collection and Processing of Personal Data of Individuals during the ongoing COVID-19 Pandemic

Joint Letter to the Central and State Governments on Unwarranted, Excessive, Collection and Processing of Personal Data of Individuals during the ongoing COVID-19 Pandemic

Mar 31,2020 | 01:22 pm

March 31, New Delhi: Delhi-based non-profit legal services organization SFLC.IN along with a coalition of non-profit organisations, civil society groups, lawyers, public policy professionals, technologists, social activists, entrepreneurs, and citizens voice their concerns urging the government to resort to strict legal measures to regulate and supervise the collection, and subsequent processing of personal data of individuals during the ongoing COVID-19 pandemic.

A joint letter was sent to Shri Amit Shah, Home Minister, Shri Harsh Vardhan, Minister of Health and Family Welfare, Shri Ravi Shankar Prasad, Minister of Electronics and Information Technology, as well as heads of various State Governments urging them to process the personal data of individuals within the territory of India, and conduct the monitoring of persons, only as per the law laid down through various judgments of the Supreme Court of India and the norms and principles enunciated therein. Any unwarranted, excessive, collection and processing of personal data can cause irreversible harms or violations of informational and bodily privacy of an individual.

The organisations who have signed are CCAOI, Digital Empowerment Foundation, Free Software Movement of India, Internet Democracy Project, Internet Freedom Foundation, Internet Society-Delhi Chapter, IT For Change, SFLC.in and Swathanthra Malayalam Computing.

Prasanth Sugathan, Voluntary Legal Director, SFLC.in said that “Central and State Governments are taking various steps like publishing information of patients and persons under quarantine and are coming out with apps that collect and process personal information. Although this is an extraordinary situation, care should be taken to ensure that the personal information of individuals are handled securely and with due care respecting their privacy rights. Any measure adopted for public health purpose should be the least intrusive and should not violate the privacy rights of individuals. Publishing of route maps and contact tracing should be done without publishing the personal details of patients”

The letter highlights the following principles that the governments should follow while processing data during the ongoing Covid-19 Pandemic:

Time-Limited: All measures related to the public emergency response to COVID-19 should be temporary in nature and limited in scope and should not become permanent features of governance. The personal data collected for the purpose of public health should only be retained during the response to the pandemic and deleted automatically without maintaining any copies, once the pandemic has been declared to be over.

Necessity and Proportionality: Any collection, processing of personal data, including health data, shall be necessary and proportionate for the purpose of combating the pandemic and public health. In some states the list of persons who are under quarantine have been made public in the guise of public monitoring. This is excessive and a disproportionate invasion into the privacy of the individuals under quarantine.

Transparency and Accountability: Processing of personal data must be conducted transparently, and appropriate notices must be provided about use, collection and purpose in an easy to read, plain language format. Individuals must be informed as to the volume, extent, and purpose of the personal data belonging to them being collected, processed, stored or transferred to any person.

Use Restrictions: No use of the data unconnected to public health should be allowed. Use of such data for advertisement and commercial purposes unrelated to public health should be completely prohibited. No discrimination shall be meted out to individuals in the collection and processing of personal data during this pandemic and such personal data shall not be used to discriminate any individual in the future.

Security:Security protections for data processing during the Covid-19 pandemic should not be compromised and the data must be maintained securely and must be exchanged only through secure platforms and hardware.  Any apps related to COVID-19 promoted by the Government should be secure and their data collection should be in tune with the principles mentioned herein.

No Surveillance without Due Process:Any surveillance required to respond to the pandemic should be temporary and only to the extent and degree allowed by provisions of the Indian Telegraph Act, 1885 and the Information Technology Act, 2000 and the rules notified under these statutes. Any surveillance pursuant to the aforementioned statutes and other relevant laws such as the Epidemic Diseases Act, 1987, and the Code of Criminal Procedure, 1973 used for the monitoring of individuals during this pandemic are subject to judicial review.


SFLC.IN is a donor-supported legal services organisation that brings together lawyers, policy analysts, technologists, and students to protect freedom in the digital world. SFLC.in promotes innovation and open access to knowledge by helping developers make great Free and Open Source Software, protect privacy and civil liberties for citizens in the digital world by educating and providing free legal advice and help policy makers make informed and just decisions with the use and adoption of technology.

For further communication:

Prasanth Sugathan

Voluntary Legal Director, SFLC.IN

prasanth @sflc.in

+91 9013585902

Representation sent to Arunchal Pradesh

A newspaper article dated 30.10.2020 published in Telegraph India titled ‘Arunachal Internet Bar to curb Cheating’ stated that Arunachal Pradesh government will be ...

Letter to the Kerala Government to Reconsider the Proposal for Amending the Kerala Police Act by inserting Section 118 (A)

Letter to Kerala Government to Reconsider the Proposal for Amending the Kerala Police Act by inserting Section 118 (A) SFLC.in sent ...

Event – Creating Safe Spaces Online

SFLC.in in collaboration with Trust Law, Thompson Reuters Foundation is hosting a 2 day event on 'Creating Safe Spaces Online' on 21st-22nd ...

SFLC.in writes to the Criminal Reforms Committee

SFLC.in sent its recommendations to the Criminal Reforms Committee on 16th September 2020. Our recommendations covered criminal sanctions against free speech ...

Representation sent to Government of Rajasthan to publish orders regarding suspension of Internet services.

SFLC.in wrote to the Home Secretary, Government of Rajasthan as well the District Collectors of Udaipur, Dungarpur, Pratapgarh and Banswara ...

Letter to the Standing Committee on Information Technology on Content Moderation by Social Media Platforms

SFLC.in has written to the Standing Committee on Information Technology chaired by Dr. Shashi Tharoor on the Content Moderation policies ...

Collective statement to urge the Government of Jammu and Kashmir to restore High-Speed internet.

SFLC.IN along with a coalition of non-profit organisations and civil society groups voice their concerns urging the Jammu and Kashmir ...

Event – Reconciling State’s interests with a digital life

SFLC.in in collaboration with Live Law is hosting a panel to commemorate an entire year of communication block in The ...

SFLC.in wrote to the IT committee on issue of women saftey in Digital Spaces

SFLC.in wrote to the Standing Committee on Information Technology chaired by Dr. Shashi Tharoor on the issue of women safety ...

Analysis of the recent app blocking

MEITY on 29th June 2020 blocked 59 apps using Section 69A of the Information Technology Act coupled with the Blocking Rules ...