Kerala High Court, on Tuesday, asked the state government to file a report on plea challenging COVID-19 data processing contract with a US firm and directed it to file a statement by April 24 on the details of the deal.
"We do not want you to upload data unless you can tell us that data is confidential from [Sprinklr] also. Cannot accept the submission that the data collected is not sensitive. If Kerala government thinks the information is not sensitive, something is amiss," the bench, comprising of Justices Devan Ramachandran and T R Ravi, remarked.
The bench also directed the government to explain the reason for engaging a foreign firm for such works when government IT wings are there to do the job. The court observed that the state government will be held responsible if the firm misused the data.
"We are proud that Kerala has done well in controlling COVID-19. But we have also concerns about data confidentiality. A citizen is not privy to the contract between Kerala Government and the company. If that company misuses the data, state government is responsible. If there is a breach tomorrow, the State Government will have to go to New York. We do not know why the State of Kerala chose New York as the jurisdiction", Justice Devan Ramachandran observed.
The state government had entered into a contract with the IT company based out of the US, owned by a non-resident Keralite, wherein the data of suspected and actual patients of the COVID-19 virus will be collected using government machinery and is uploaded to the foreign firm''s web server on a daily basis.
The IT company, in turn, will provide actual data to the State machinery after analysis, for better understanding and treatment of the pandemic.
The petition was filed by Balu Gopalakrishnan, who said he was concerned about the manner in which the data regarding the COVID19 patients in the state are collected, stored, analysed and retrieved.