Coronavirus Tracing Apps Conflict With Privacy

Uploaded on 2020-06-10 in TECHNOLOGY-Key Areas-Social Media, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Services-Health & Welfare

Smartphone apps designed to trace people at risk of Covid-19 infection have attracting criticism in Europe and the US for their potential as surveillance and spying tools to be used by governments.  

Scientists and researchers from more than 25 countries have published an open letter urging governments not to abuse such technology to spy on their people and warning of risks in an approach championed by Germany.

More than a hundreds of the British researchers and scientists have expressed concern over privacy and security resulting from 'mission creep' as the UK's government plans for using smartphones to trace and combat coronavirus slowly get going.

Much of our pre-coronavirus lives may be reclaimable with some modifications around how we work, socialise and travel, however in one crucial way the post-pandemic landscape will be very different as an individual’s autonomy and data privacy may be lost as mobile telephones are used for surveillance.

This will have important consequences for the relationship not just between citizens and governments, but also between consumers and businesses.

The risk of the coming end of privacy is attributable to the success of virus tracing apps in South Korea and Taiwan which have both been effective in flattening the Covid-19 curve by digitally tracking infected persons. No government was using dispersed databases as extensively to fight the spread of the disease as South Korea. Before an explosive outbreak in its worker dormitories, Singapore earned praise for TraceTogether, which claims to be the first Bluetooth contact-tracing app covering an entire nation. The 1.4 million users represent roughly a fourth of the island’s population.

Governments want access to phones, with or without informed consent and turning the clock back will be difficult, if not impossible. Where boundaries between private and public are thin to begin with, a pandemic can make them disappear. 

There have been assurances from various governments, including those in France, India and Singapore, that tracing  Apps will go away once the outbreak is contained, but no legal guarantees.  

  • The Singaporean app records physical proximity in an anonymised form on smartphones. Minimal data is stored on servers. The national TraceTogether’s App building blocks are in the public domain although he source code of  is yet to be disclosed.
  • As India reopens after a 43-day lockdown, it’s mandatory, first for public-sector employees and now for private-sector workers and company bosses are liable to ensure their workers download the app, though nobody is accountable for misuse of data.  The Indian government recently denied a French security researcher’s claim that the privacy of ninety million Indians is at stake. 

An analysis of China’s Alipay Health Code software, which uses various data sources of data to categorise a person’s health status with a colour code, found that some information is shared with the police.

One consequence of Covid-19 will be to erode privacy in the name of public health. European data protection laws will try to ensure that the emergency collection and processing of personal information is legally accountable and for a limited purpose but the British parliament’s human rights committee says it isn’t convinced that the National Health Service’s tracing App protects privacy.

Where they exist, robust institutions could will offer resistance to surveillance but  in many places the individual’s autonomy has already become a virus casualty. Poorer countries where consumers have only recently started going online will see states insist on devices that come with pre-loaded tracking apps. 

Whether sensitive data will be kept safely on devices or stored on a central server in a way that might allow a bad actor to reconstruct a person’s social activity, keeping a record of where they have been and when and who they meet. will become an urgent question as efforts to control the Coronavirus extend around the world.  

Bloomberg:      ZDNet:     SCMP:       LA Times:   

You Might Also Read: 

Incompatible: Privacy & The Internet of Things:

Coronavirus Track & Trace Apps On A Deadline:

 

« Hacked Vehicle Owner Database For Sale
Vehicle Cyber Crime Attacks Double »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Defense Advanced Research Projects Agency (DARPA)

Defense Advanced Research Projects Agency (DARPA)

DARPA's mission is to develop breakthrough technologies for national security. The Information Innovation Office undertakes cyber security activities.

Security Industry Association (SIA)

Security Industry Association (SIA)

The SIA's mission is to be a catalyst for success​ within the global security industry through information, insight and influence.

Cybereason

Cybereason

Cybereason provides attack protection with cutting edge EDR and XDR, and industry recognized consulting services to support organizations throughout any stage of the incident lifecycle.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

Sumo Logic

Sumo Logic

Sumo Logic simplifies how you collect and analyze machine data so that you can gain deep visibility across your full application and infrastructure stack.

FarrPoint

FarrPoint

FarrPoint is a specialist telecoms consultancy providing a range of services including cyber security assessments and technical assurance to safeguard your data.

Cyber Security Jobs

Cyber Security Jobs

Cyber Security Jobs was formed to help job seekers find jobs and recruiters fill cyber security job vacancies.

Rule4

Rule4

Rule4 is a global professional services firm that provides practical, real-world knowledge and solutions in areas including cybersecurity, AI, Machine Learning and industrial control systems.

CloudVector

CloudVector

CloudVector's API Detection & Response platform is the only API Threat Protection solution that goes beyond the gateway to provide Shadow API Prevention and Deep API Risk Monitoring and Remediation.

Blu Venture Investors (BVI)

Blu Venture Investors (BVI)

Blu Venture Investors is a venture capital firm that supports early stage companies with a focus on technology in diverse domains including cybersecurity, IoT, defense and homeland security.

CYSEC SA

CYSEC SA

Cysec is equipped to deliver agile security solutions for the most challenging IT infrastructures around the world.

Char49

Char49

Char49 specialize in Penetration Testing, Red Team Assessment, Social Engineering and Security Research.

Stratus Technologies

Stratus Technologies

Edge Computing solves the inherent challenges of bandwidth, latency, and security at edge locations to enable IIoT devices and data acquisition.

Enzen

Enzen

Enzen is a global knowledge practice that provides consulting, technology, engineering, operating and innovation services to the energy and utility sectors.

USX Cyber

USX Cyber

USX Cyber was founded on the idea that small and medium businesses deserve and require the same level and sophistication of cyber protection as large enterprises.

Runtime Ventures

Runtime Ventures

Runtime Ventures focuses on seed and pre-seed stage cybersecurity investments. We love to work with ambitious founders building the future of the secure enterprise.