91������̳

In its rush to the federal government is keen to get us all signed up to a new COVID-19 contact tracing mobile phone app. There are legitimate concerns about how our data and privacy would be affected.

Prime Minister Scott Morrison in the next few weeks. It is based on the being used in Singapore, which uses Bluetooth to detect when COVID-19 positive app users have been in close proximity to other app users.

Rather than logging the location data from the phone’s GPS signal, which is not accurate, the app uses the strength of the Bluetooth signal to measure proximity. When someone tests positive for COVID-19 the app is used to see who they were in close proximity to for 15 minutes or more in the weeks prior to infection.

From the information the government has released so far we know that: the data on each phone would be encrypted and only stored for 21 days; and only state health officials would be authorised to track carriers of the virus and alert those who have had contact with the infected person to get tested and self-isolate.

For such an app to be effective, people need to download it and consent to sharing data using the app. People also need to have their phones on, and with them, and with Bluetooth enabled at all times.

Government services minister Stuart Robert Adelaide on April 16 the app merely digitises a manual process. “Currently, if someone contracts the coronavirus or COVID-19 virus, we go through a manual tracing process to ask them who have they been close to, so we can contact them to see if they’ve got any symptoms and encourage them to get tested. All we are now going to do is to digitise that tracing capacity, very similar to what Singapore has done.”

Robert and Morrison have been on the public relations offensive following on Hobart’s Triple M on April 17, in which he refused to rule out that the app may become mandatory. After blow back from the Nationals' Barnaby Joyce, he clarified the next day that it .

To be effective for its stated purpose, the government needs 40% of the population, approximately 10 million people, to download and consent to using the app. Interestingly, only 20% of Singaporeans have downloaded it.

Leaving aside the about Bluetooth itself and why requiring people to walk around is not a good idea, there are also questions as to whether mobile phones are even .

Importantly, it is not clear is how laws already governing encryption could impact on the COVID-19 data collected and used by the app.

Australian Lawyers Alliance (ALA) national president Andrew Christopoulos that while the app may make sense “as a public health initiative”, there is a political context.

He said trust is missing, pointing out that “since 9/11 governments have had a poor track record when it comes to misusing surveillance laws and powers”.

“Without clear laws in place, the risks of the data being illegally accessed, used for unintended purposes or used beyond the immediate health crisis are high,” he said.

The ALA wants the government to agree to have the operation of the app reviewed every three months by the Australian Information and Privacy Commissioner to ensure there is no breach of the Privacy Act.

It also wants assurances that the information collected has only been used for the management of the COVID-19 pandemic.

“The legislation that governs the app must clearly state that its use is limited to minimising the danger of community transmission of the COVID-19 virus.

“A sunset clause is essential, but we caution that these have previously been inserted into anti-terror laws, only for them to be later removed, proving that they do not provide adequate protection,” Christopoulos said.

The also weighed in, pointing out that “Contact tracing applications cannot make up for shortages of effective treatment, personal protective equipment, and rapid testing, among other challenges”.

While making the app source code publicly available might allay some concerns, the government’s inconsistency on COVID-19 and its bad record of privacy and civil-rights stomping legislation in the tech area do not instill trust. Neither does its dodgy record for digitising manual processes.

While the government is pushing ahead using the carrot and stick approach — take up the app voluntarily so we don’t have to force it on you — its assurances that people’s data and privacy will be protected ring hollow.

It is another reason why a bill of rights is needed to protect us from government electronic surveillance and snooping.