COVIDsafe: there's a privacy-first alternative that Morrison is ignoring
Everywhere you go, your phone goes too. Every time you stop to have a conversation with someone, your phones are talking too, in the silent language of the Bluetooth protocol. This means our phones can play an important role in tracing the spread of COVID-19. All we have to do is ask our phones to remember all of the conversations they have had with other phones, and when someone is diagnosed, all of the people they have interacted with can be instantly notified. This technology could be very useful to health authorities. But law enforcement, intelligence and border control agencies also find it very attractive: it’s open to abuse by the surveillance state. And they’re already asking for access.
“COVIDsafe”, the Australian version of the Singaporean TraceTogether app, has unfortunately inherited its many privacy problems. The biggest is its centralised structure. All the data supplied by COVIDsafe about which phones have interacted with each other is stored together, creating a single central library of every interaction between phones. Centralised models are vulnerable to government abuses.
Professor Kenneth Paterson, from the Institute of Information Security at ETH Zurich, says that a centralised database “opens the gates to privacy hell”.
“It could give governments the ability to build the ‘social graph’ for everyone who downloads the app”, Paterson argues. “They could trivially figure out who has been in close proximity to whom, and when.”
Paterson is not alone with his concerns in the data privacy community. More than 300 experts around the world have signed a joint statement that warns, “We are concerned that some [centralised] ‘solutions’ to the crisis may ... allow unprecedented surveillance of society at large”.
Attorney general Christian Porter assures us that “the government has already made the decision not to make any information collected by the app available for other purposes, including law enforcement investigations”. Nonetheless, law enforcement agencies saw an opportunity and asked for “added capabilities” to be included with COVIDsafe. These requests have been denied, but legal experts have pointed out that authorities could assert their right to access the app’s metadata under extreme and invasive telecommunications laws passed in 2018.
The Morrison government is asking us to trust that it won’t abuse the data that it collects, but given this government’s track record, who would take its word for it? That same 2018 bill was initially introduced under the guise of fighting terrorism, but was then used just last year to target ABC and News Corp journalists in the infamous AFP raids. Among the new police powers was the right to “add, copy, delete or alter” whatever they wanted on the computers of journalists. It is a jewel in the crown of repressive powers governments and police have granted themselves since start of the “war on terror”. We know that once the genie is out of the bottle, privacy and digital rights campaigners find it incredibly hard to put it back.
Decentralised methods, which don’t trust any one central server, begin with the assumption that governments may abuse whatever data they have access to. So instead of relying on privacy laws to prevent these abuses, decentralised systems such as DP-3T in Switzerland simply don’t give the government access to sensitive data. Instead, data is retained on individual phones. This way, instead of relying on laws that can change over time, governments are technologically prevented from snooping. These approaches are becoming widespread across Europe and were recommended to the Morrison government by researchers. But instead of adopting a privacy-first model, the Morrison government has forced Australians into choosing between their privacy and their health.
Such a simple and private alternative raises the question: why not start there in the first place, if the government truly values privacy?
