Sprinklr Deal Ensures Data Security; COVID-19 Exigency Necessitated Extraordinary Steps : Kerala Govt To HC [Read Statement]

Defending the controversial Sprinklr deal to process COVID-19 data, the Kerala Government has filed a statement in the High Court of Kerala stating that the contract with the US-based tech company has adequate provisions to ensure data security.The Government has also explained that the contract was entered into a situation of health emergency created by apprehensions of large outbreak of COVID-19 cases in Kerala. Referring to a study report released by health experts of John Hopkins University on March 24, it is stated that there was an estimate of about 80 lakh COVID-19 cases in Kerala between March 28 and April 24. The assessment by the State Disaster Management Authority also endorsed such estimate."The crisis management group of the Government was faced with a dangerous situation like never before, unique by the sheer volume of threat", said the statement filed by V Manu, Senior Government Pleader.Explaining the need for the software services, it was stated that during crisis times, there will be multiple SOS calls through various channels, leading to data duplication which makes relief work delayed and difficult."In these circumstances, a multichannel communication network, which could handle volumes of structured and unstructured data and pass on to supporting information technology systems, was necessitated", the affidavit stated. The Government entities were not equipped to deal manage such large volumes of data."The issue had to be resolved in the shortest possible time and the circumstances necessitated extraordinary steps on behalf of the government. Any invitation for tender would have been time consuming in so far a technical committee ought to have ascertained the pre qualification criteria, for which at least two weeks would have been necessary; then a pre-qualification bid had to be called for, then technical bidding process would have to be undertaken; then pre-bidding would have to be held, and then selection would have to be made, all these processes consuming another month. Time would have taken for grant of administrative and technical sanction. The Government, on account of the alarming situation, had no time to spare. Even a day's delay would have been fatal", the 83-page statement read.As regards Sprinklr coming into picture, the Government said that it was already in talks with the company since 2018, as part of its initiative to reach out to Global Malayalee diaspora. It was stated that during the early COVID-19 days, the company offered to help free of cost, and the offer was found to be reasonable and suitable, having regard to the company's association with several global players. It was highlighted that Sprinklr was a pro bono partner of the World Health Organization in developing its COVID-19 update dash board."In these emergent circumstances, where time was of the essence, the third respondent was chosen. It will not be feasible for a Government agency to develop such scalable platforms and solutions in a very short period of time. Further, the Government is not in a position to carry out any experiments or take any risks on account of the extra ordinary situation prevailing due to the pandemic. The need of the hour has necessitated the steps now taken by the Government"."Policy decisions taken by the executive in such a dire situation with the help of experts cannot be said to be arbitrary or subjected to the same level of scrutiny as in ordinary times, as long as the action was necessary and proportionate to achieve the intended purpose", the Government asserted.On data protectionThe Government asserted that data of COVID-19 patients and their primary contacts in surveillance collected by field level workers was safe and secure within the services offered by Sprinklr.During initial testing, the data was stored in the subdomain of Sprinklr, and was later migrated to the subdomain of Kerala government. The data is stored in encrypted form in the Amazon Cloud Server located in Mumbai in the account maintained by C-DIT, which was upgraded to handle the huge voluminous data. Amazon Cloud Server services are approved by the Union Ministry of Electronics and Information Technology."It is submitted that the Government has now full and exclusive ownership of the data", the statement said.The Master Services Agreement has standard clauses for data security as per established industry practices."The above clauses indicate that there are sufficient protections with respect to any data that the third respondent may have access to. It not only gives the Government, as opposed to the third respondent, full control and right over the data of the people, but also obligates the third respondent to take appropriate measures to protect such data. There is a prohibition on the third respondent for using the data for purposes other than for the need intended and from sharing it with third parties without consent. It is also envisaged that no data will be available to the third respondent after ...

Sprinklr Deal Ensures Data Security; COVID-19 Exigency Necessitated Extraordinary Steps : Kerala Govt To HC [Read Statement]

LIVELAW NEWS NETWORK

Tags