We’re delighted to bring to you a short guest post by our former blogger Aparajita Lath, updating us on the issue of prohibition on reverse engineering of the Govt’s COVID-19 tracking mobile app Aarogya Setu. She had recently questioned the legal enforceability of this prohibition in light of the fair use rights under the Copyright Act in a guest post here. Aparajita is a lawyer based in Bangalore. Her previous posts on the blog can be viewed here.
SpicyIP Tidbit: Reverse Engineering of Aarogya Setu Not Prohibited Anymore
The Government of India has updated the terms of service of the Aarogya Setu app. The terms of service no longer prohibit reverse engineering. The restriction on tampering has also been removed. However, acts that are intended to cause damage/ impair the functionality of the app/ attempts to gain unauthorized access or are not acts for the intended purpose of the app are still prohibited.
While it can still be argued that reverse engineering is use of the app for purposes for which the app is not intended, the specific removal of the term ‘reverse engineering’ coupled with the fair dealing right to reverse engineer, point to the intention to permit legitimate reverse engineering.
I had earlier written about this restriction here. The question was whether this restriction should be taken seriously since the Copyright Act, 1957 permits reverse engineering for certain activities, including research.
It is good to see that this restriction has been removed. While the app is not open source, at least legitimate research through reverse engineering can continue without fear. An audit and independent verification of the app could help both the government and people understand whether the app actually functions as specified.
There are several other updates to the app’s terms. The app is also no longer prescribed as ‘mandatory’. The app is, however, not purely voluntary. Employers / district authorities are required to, on a ‘best effort’ basis see to the installation of the app.