Kerala High Court Exposes Serious Lapses in Sprinklr Data-Sharing Deal
In a significant development, the Kerala High Court's judgment on January 28 has confirmed serious procedural lapses and illegality in the contract entered into by the state government with US-based firm Sprinklr during the COVID-19 pandemic. Former opposition leader Ramesh Chennithala highlighted that the court's ruling directs action against the officials responsible for these violations.
Court Upholds Interim Order and Details Contract Flaws
While disposing of the writ petitions related to the Sprinklr deal, the High Court confirmed its interim order issued on April 24, 2020. The court noted that the contract with Sprinklr was of short duration, was subsequently cancelled, and that the collected data was destroyed, leading to no further directions being issued. However, the judgment explicitly recorded that the agreement was executed in violation of established government procedures.
The court observed that the then IT principal secretary, M Sivasankar, entered into the contract without cabinet approval or the consent of the chief minister, describing this action as a "gross dereliction of duty." This finding underscores the lack of proper oversight and adherence to mandatory protocols in the handling of sensitive personal data.
Chennithala Criticizes CPM's Misinterpretation of Judgment
In a statement, Ramesh Chennithala responded to criticisms from CPM state secretary M V Govindan, who had demanded an apology based on a misinterpretation of the High Court judgment. "It is clear that the CPM state secretary has no real understanding either of what the Sprinklr case was or of what the judgment states," Chennithala asserted, emphasizing the need for accurate comprehension of the legal findings.
Key Concerns Raised by the High Court
The High Court upheld several critical concerns regarding the Sprinklr deal:
- Data Privacy Violations: The court highlighted the legality of sharing personal data of individuals under home quarantine during the COVID-19 pandemic without their consent, raising alarms about privacy breaches.
- Jurisdiction Issues: It took note of the jurisdiction clause in the agreement, which granted exclusive jurisdiction to courts in the United States in case of disputes. The court observed that this could make it difficult for affected individuals in India to seek remedies in instances of data theft or misuse.
- Commercial Use Apprehensions: The court accepted apprehensions that the data collected could be used for commercial purposes, even though no monetary consideration was specified in the agreement, pointing to potential exploitation risks.
Procedural Failures and Government Accountability
Referring to the findings of the Madhavan Nambiar Committee appointed by the government, the court noted that several mandatory procedures were not followed during the contract execution:
- The Rules of Procedure were ignored.
- The Kerala Secretariat office manual was not adhered to.
- Mandatory consultations with the law and finance departments were bypassed.
Furthermore, the court rejected the state's argument that Article 299 of the Constitution was not applicable, holding that this provision applies to all government contracts, regardless of financial liability. This reinforces the necessity for strict compliance with constitutional mandates in governmental agreements.
Court's Directives for Future Governance
In its concluding remarks, the High Court directed the state government to take appropriate action against the concerned officer, M Sivasankar, and to ensure that such lapses do not recur in the future. This directive aims to strengthen accountability and prevent similar procedural violations in government dealings, particularly those involving sensitive data and public trust.
The judgment serves as a stark reminder of the importance of transparency and adherence to legal frameworks in government contracts, especially in matters concerning data privacy and public welfare during crises like the COVID-19 pandemic.
