Future of Privacy Forum compares Covid-19 mobile apps

Web Log: Forum seeks to ensure health crisis does not prompt weakening of data privacy

Comparison looks at what personal data is collected, how it is collected, who can access this data, what purposes it is used for and how it is stored.  Photograph: Stefan Wermuth/Bloomberg

Comparison looks at what personal data is collected, how it is collected, who can access this data, what purposes it is used for and how it is stored. Photograph: Stefan Wermuth/Bloomberg

 

The Washington DC-based Future of Privacy Forum has carried out a comparison of the main apps and software development kits (SDKs) being used by governments around the world. This comparison looks at what personal data is collected, how it is collected, who can access this data, what purposes it is used for and how it is stored.

The report examines K Health (US), HaMagen (Israel), TraceTogether (Singapore), Covid Symptom Tracker (UK), Home Quarantine (Poland), and Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) (EU).

Looking at the EU-based PEPP-PT SDK you can see it is the only one to be developed by international researchers (all others are developed by either private companies or government). It is GDPR-compliant and promises data protection and anonymisation. Already, several countries within the EU including France are looking to develop an app running on this protocol that enables tracing of infection chains across national borders.

Fundamental rights

In terms of proportionality, fundamental rights, and data protection and privacy issues, the FoP Forum notes that “a central principle driving the work forward is to ‘not allow a health crisis to lead to a weakening of privacy that so many generations before us have fought for’”.

In comparison, they note that with Poland’s Home Quarantine app processing “is justified by important public interest. People may choose between installing the app or police visits. Users are required to immediately notify authorities if they develop symptoms. Non-compliance with obligations may result in legal coercion.”

https://fpf.org/wp-content/uploads/2020/04/Privacy-Pandemics-The-Role-of-Mobile-Apps.pdf