Why the Sprinklr contract raises serious legal questions

If the Sprinklr contract by the Kerala government seems trivial, its because the opposition is completely inept at voicing the issue and the left’s PR machinery is on an offensive. But it doesn’t make the glaring procedural and legal lapses go away.

Procedural Lapses

The IT secretary purchased the services of Sprinklr as a discretionary purchase allowed during times of crises, for which he doesn’t need prior permission. But he vastly overstepped his authority by signing a contract without consulting the legal department, and the purchase even involves the transfer of private health data to Sprinklr.

Every action, every contract and every circular by the state needs legal sanctity which only the legal department can ensure. While the government sometimes does sign agreements without prior legal consultation, those are based on templates or model agreements already approved by the legal department. Thus the IT secretary could sign a routine purchase agreement because it is based on a template, but not a master contract drafted by the Sprinklr company. This distinction seems to have been lost on him.

This legal consultation aims to protect the government from costly future legal implications and this is exactly the kind of contract that could lead to a lot of trouble.

Legal issues

While the Supreme Court has declared privacy a fundamental right, due to the absence of any legislation about it, the legal implications of how privacy will be interpreted is unknown. And these are not usual records but health records, their confidentiality can be read into the Medical Council Act. Records that shouldn’t be passed even between two different doctors, forget a private entity.

Furthermore, The agreement is signed with Sprinklr USA and not one of it’s Indian subsidiaries and any litigation against the company will have to be at New York. All of this tells us this contract was one that needed to be thoroughly vetted by the legal department.

To consider a hypothetical scenario, if any of the patients approached the judiciary to protect the confidentiality of his health records the court could very well ask the government to pay compensation, that could lead to an avalanche of cases, and there’s no way the government can pass the cost on to Sprinklr. We have a legal department to avoid exactly these kinds of scenarios which the IT secretary side stepped.

Political contention

Now this began as one minor procedural lapse that the government could have easily rectified by putting Sprinklr program on hold. But the aggressive government response leads one to doubt if there’s more to this than what meets the eye. Despite such huge risks nobody in government seems to know what the Sprinklr dashboard is being used for or what benefits Kerala derives from it. The government refuses to answer this question. It is this stubbornness that makes a one wonder if there’s any truth to the allegations about CM’s daughter’s software firm being linked to Sprinklr.

I’ve heard this being defended by framing it as a stroke of genius where the government wanted to protect the data under the stronger data protection laws in the US. But the government has officially made no such claim and I can’t see why the citizen’s go out of their way to find reasons and defend the government. His duty is not to defend but to question relentlessly.