The Central Information Commission has dropped the show cause notices issued to the Central Public Information Officers(CPIOs) of the Ministry of Electronics and Information Technology, National Informatics Centre and National E-Governance Division(NeGD) in connection to the Aarogya Setu RTI case.
CPIOs apologized for their failure to provide a proper reply to the RTI applicant in Aarogya Setu RTI case , and explained that the same happened due to the information being scattered in different Government departments. It was also submitted that all the information pertaining to the App is already in public domain.
The Commission in Aarogya Setu RTI case has issued an advisory u/s 25(5) of the RTI Act, 2005 to the Secretary, Ministry of Electronics and Information Technology to ensure that the Aarogya Setu website is robust and maintained uptodate at all times so as to be able to satisfy the citizens queries on the subject without having to resort to filing of RTI applications and in this manner promote suo moto disclosure of information.
While disposing of the complaint filed by independent journalist Saurav Das, the Commission observed,
“After the showcause notice was issued the CPIOs made all possible efforts and coordinated with the concerned record holders to provide a proper explanation…from the above explanation it is also clear that there was no malafide intent on the part of the CPIOs, rather, they failed to provide a pointwise reply to the applicant due to the data being available in a scattered manner and due to the fact that proper co-ordination among all the concerned agencies was not undertaken before appearing for the hearing.“
The Commission relied on the Delhi High Court’s ruling in Registrar of Companies & Ors v. Dharmendra Kumar Garg & Anr., W.P.(C) 11271/2009 in this Aarogya Setu RTI case, where it was held that the Information Officers can be penalised in case of failure to provide information, only in case of malafaides.
“The legislature has cautiously provided that only in cases of malafides or unreasonable conduct, i.e., where the PIO, without reasonable cause refuses to receive the application, or provide the information, or knowingly gives incorrect, incomplete or misleading information or destroys the information, that the personal penalty on the PIO can be imposed,“ the Delhi High Court held.
In view thereof, the Commission said in Aarogya Setu RTI case, “Since no malafide or intention to conceal information has been found in the CPIOs’ oral and written replies, the Commission is not inclined to impose any penalty on them.“
It observed in Aarogya Setu RTI case that the concerned CPIOs had admitted that the subject matter is of prime importance and unnecessarily the RTI application was poorly handled by the officers by providing what appeared to be evasive replies whereas actually there is nothing to hide and the creation of this app was a positive step and had actually helped immensely in controlling the pandemic.
It may be noted that the Complainant was not present in the said proceedings of Aarogya Setu RTI case as the Commission had declined him permission to attend the same.
When Das wrote an email to the Central Information Commissioner Vanaja N Sarna’s office about not receiving a hearing notice, the IC’s office informed him that his “presence is not required”. The Commission informed him that since it is a show-cause hearing, it is only “between the Commission and the CPIOs concerned”.
The CIC on 27 October had passed a scathing remark against the Ministry of Electronics & Information Technology (MEITY) and National Informatics Centre (NIC) for failing to answer who had created the Aarogya Setu app, calling it as “extremely preposterous”. It then issued a show-cause notice in Aarogya Setu RTI case to the CPIOs of the two public authorities asking them as to why action should not be initiated against them under Section 20 (Penalty for failure to supply information without any reasonable cause) of the RTI Act. The CIC then fixed the next date of hearing on 24 November and directed all the CPIOs to be present before it.
It was further submitted that more than 10 public conferences were held and very significantly the app was made open source; backend code was also made available. Everything regarding the app from its start is in public domain and from 2nd April 2020 onwards there was enough information in public domain.
Regarding the failure to provide a proper reply to the Complainant, the Commission was informed that it was primarily on account of the query being related to multiple agencies and Government Departments for which though the entire information was available in public domain but the same was not specifically available to the individual CPIOs and hence a proper and clear reply could not be submitted in time.
The Commission was assured that now in Aarogya Setu RTI case, all information pertaining to the App has been brought together exclusively on one platform and Shiloma Rao, CPIO, NeGD, is now the DD in charge of handling all queries through RTIs on the Aarogya Setu app.
“Henceforth the entire matter of Aarogya Setu shall be dealt with by a single CPIO, Deputy Director, E-GOV Division, MEITY, Mr D K Sagar… to ensure timely disposal of RTI applications and dissemination of maximum information in the spirit of the RTI Act,” the CIC recorded.
Submissions about the Aarogya Setu App
The CPIO informed the Commission in Aarogya Setu RTI case that the Aarogya Setu App for contact tracing was built by stakeholders from across Industry-Academia and Government authorities, including officials from NITI Aayog and MeitY.
“This app was built in a record time of less than 3 weeks without any cost to Government and was launched on 2nd April, 2020. Within 13 days of the launch of the App it had more than 50 million users which was a world record of the fastest time to reach 50 million users for any mobile app,” the CPIO submitted.
Privacy under the Aarogya Setu App
So far as the right to privacy of its users is concerned, the CPIO submitted in Aarogya Setu RTI case,
“Most of the data remains on the mobile phone of the users and gets auto deleted after 30 days if the person concerned is not COVID-19 positive. Data of only those who are tested positive is pushed to the server, with the objective of alerting people who might have come in Bluetooth contact with those who tested positive. Such data is also deleted after a maximum of 60 days from the date a person recovers. These protocols are clearly defined and available in public domain.“
He added in Aarogya Setu RTI case,
“The user of the Aarogya Setu application is safeguarded with the provisions of the Information Technology Act, 2000 and Disaster Management Act, 2005. Moreover, all the necessary protection to the personal data of users is ensured as per the provisions of the proposed Personal Data Protection Bill 2018.“