Kerala Sprinklr Deal raises Data Privacy Concern
Ragy Thomas from Kerala is the founder and CEO of US based Sprinklr. Kerala Government used the services of Sprinklr during March 2020 to process Covid patients data and analyze the progress of infection in the State.The health data of 1.75 Lakh people under quarantin were handled by the software tool provided by Sprinklr.A separate website was opened under a domain name of the Kerala Government in which the form was hosted to collect this data. The information was collected without taking individual consent. The tool provided an analysis to assist doctors in making a informd decision about possible hospitalization.
Reason for selecting Sprinklr:
a) The company’s tool was offered free of cost in SAAS (Software as a Service) platform
b) Data was collected on massive scale and therefore a software tool was required to
collate and analyze in a quick way.
c) Sprinklr SAAS tool is a already developed product which can be implemented in Kerala with small customisations.
There was an objection raised by the opposition that the contract was not awarded properly with no proper procedures followed in evaluating the US company as the Vendor.
From the perspective of the Privacy, Kerala High court had expressed concern over the confidentiality of information gathered from COVID-19 patients being handed to a foreign firm.The court had directed that all the citizens’ data that has been collected by Kerala Government shall be be anonymised and Sprinklr to be allowed to access data only after completion of anonymisation. Anonymisation is the process of removing personally identifiable information from the data set to protect privacy.
Mr. Naavi, Chairman, FDPPI answering a query on Sprinkler observes “More than the “Scam” angle what is relevant is that this case has underscored the need for the PDPA to be made effective as soon as possible so that erring companies face regulatory supervision”