COVID-19 tracing apps found leaking data

    3040
    A comprehensive list researchers found to be leaking private user data

    Research reveals that COVID-19 tracing apps are leaking private user data.

    According to ProPrivacy, UK and France contact tracing apps scored a pitiful 4 out of 10 privacy points, allowing data access to third-party hosting providers. And with the holiday season upon us, airlines are reporting 400 percent surges in the number of bookings for the Christmas and New Year period, encouraging people to equip themselves with COVID-19 tracing apps to stay alerted.

    France and the UK are among the best and the worst

    Contact tracing apps don’t need to collect personal data to work properly. Based on recent research by ProPrivacy on COVID-19 tracing apps and their calculated privacy scores given to each country, France and the UK have some of the lowest numbers. While the British NHS official app scores 4 out of 10, France relaunched its app, changed the name, yet its privacy score remains at a low 4, allowing data access to a third-party hosting provider.

    Among other countries leaking app users’ data and having low privacy scores are Poland (data access is given to health officials, relevant official bodies, private companies), South Korea (data access is provided to private companies), Iceland (a privacy score of 2), and many others.

    CountryPrivacy ScoreAppCountryPrivacy ScoreApp
    Switzerland10SwissCovid-AppUK4NHS App
    Germany9ItoHungary4VirusRadar
    USA8NovidFrance4TousAntiCovid
    Uruguay8CoronavirusUYUAE3TraceCovid
    Spain8Radar COVIDIndonesia3PeduliLindugi
    Saudi Arabia8TabaudPoland2ProteGO Safe
    Portugal8StayAway CovidIceland2Rakning C-19
    Japan8Contact-Confirmation Application (COCOA)Argentina2CoTrack
    Ireland8COVID Tracker AppThailand1Mor Chana
    Estonia8HoiaNorway1Smittestopp (SUSPENDED OVER PRIVACY CONCERNS)
    Canada8COVID AlertNew Zealand1NZ Covid Tracer
    Brazil8Coronavirus – SUSColumbia1CoronApp
    Belgium8B-fenceBulgaria1ViruSafe

    Table 1. Countries with the highest and lowest privacy scores

    “Current apps have little to no coordination and very diverse approaches: some European countries, such as France and Bulgaria, prefer a centralized tracing apps approach. Such apps upload users’ data to the central server for analysis, while the remaining majority go for the decentralized version, reducing the loss of privacy,” explains Daniel Markuson.

    Major drawbacks of COVID-19 tracing apps

    There are various shortcomings related to COVID-19 contact tracing apps. Experts admit that GPS data as well as Bluetooth transmitters and receivers lack sufficient accuracy, possibly sending false positives. However, the most prominent issues are privacy challenges.

    Despite processing highly sensitive personal information like name, age, and email address, only 16 of the 50 apps indicate that the user’s data will be made anonymous, encrypted, and securely transmitted online. In addition, research reveals that numerous apps demand unnecessary data, such as access to contacts, photos, media files, location data, camera, call logs, Wi-Fi connection, and others.

    Stolen privacy —  is it the price of tackling the pandemic?

    Leaked data and stolen privacy are not solutions for tackling the pandemic — more considerate implementation should be established. Following the list of ETUI Policy Brief requirements built on the  European Data Protection Board’s statement, app users’ privacy could be expanded and protected. Some of the conditions are:

    • Minimum and relevant contact data only must be collected and stored;
    • The system must be totally decentralized, with no central authority involved;
    • Data retention should be limited, and collected data must be anonymous or anonymised, encrypted and deleted after a certain amount of time.

    Additionally, in order to protect yourself from cyber threats on your way home, Daniel Markuson, a digital privacy expert at NordVPN, has listed 5 tips to increase your mobile online privacy:

    1. Review permission for mobile apps. Some of them use unnecessary data, which might be later on given to third parties.
    2. Use cybersecurity tools, including VPN, to protect your mobile online presence. VPN encrypts traffic and makes it invisible to anyone eager to eavesdrop or cause harm.
    3. Be cautious while downloading apps.Buy them only from legitimate sources.
    4. Don’t ignore software updates.These often include important protective measures against the latest viruses.
    5. Secure your apps with a strong passcode. Keep in mind that passwords should be unique and not used on any other account. A list of the most vulnerable passwords has been revealed inNordPass’s recent research.

    People need to be reminded that technology is just one of the many requisite solutions, and it cannot tackle this pandemic alone. Even with a perfectly programmed app, people will still need to keep distance, wear masks, and get tested. 

    LEAVE A REPLY

    Please enter your comment!
    Please enter your name here