COVIDSafe all is good for all of us
By Rachael Falk, CEO, Cyber Security Cooperative Research Centre
Pulished in The Australian 4/05/20
Some would have us believe the introduction of the COVIDSafe app signals our nation’s slide into a totalitarian state – citizens tracked by government, their data gathered, their privacy lost.
But, to put it bluntly, such assertions are nothing but fear mongering. And while government does not always get all things digital right, once the Commonwealth Coat of Arms is applied, it is automatically assumed that this is a grab for more data or creeping ‘rights’. There is no slippery slope we are heading down, nor are we under the thumb of an autocratic government.
COVIDSafe is a public health app. It is about saving lives, not about surveillance.
And, while flattening the coronavirus curve is key, protecting the data of those who sign up to the app must also be paramount. Because when it comes to the application of tracing technology like this, we all agree there must be robust structures in place to ensure the privacy and security of citizens are protected.
That is why the Cyber Security Cooperative Research Centre together with Data61 led an independent review of the app prior to its release, with a team of 17 cyber experts from across the country collaborating to test it, analyse it and poke holes in it.
They found that COVIDSafe is secure and operates as described by government. And, in line with our democratic principles, it is opt-in. Those who do not wish to download it are under no obligation to do so.
Given the world is in the throes of a pandemic, it is not surprising a particular level of haste was applied to COVIDSafe’s development and release. Could it have been done better? Possibly yes. Should there have been an Australian sovereign database provider? Possibly yes.
These are not normal times. And this is not business as usual. To let red tape stymy the app’s release had the potential to set us back as a nation.
People want life to return to normal sooner, not later, and the app will play a key part in mapping Australia’s path to a post-coronavirus future.
The collection of data is minimal – a name, a phone number, a postcode and an age range are the only information gathered. And contrary to ongoing misinformation, locations are not tracked and metadata is not stored.
Human memory is fallible and that is where the key strength of the app lies – it helps fill the gaps where memory fails.
Ultimately, this will allow relevant health authorities the ability to contact someone who may have been exposed to COVID-19 so they can take steps to limit further spreading of the deadly virus, making the very manual task of contact tracing more efficient.
The fact the Federal Government is releasing some of the source code should serve as reassurance and illustrates how open the approach to implementing this app has been. Essentially, if there is anything that can be improved and enhanced, provision of the source code will help.
It is absolutely a positive thing that citizens are questioning their privacy and value of their data – in this interconnected world cyber security must be front of mind.
But let’s hope that level of scrutiny applies to the next app they download, online form they fill out or social media post they make. What data have you been asked to share? Is it even clear what data they will take and share? Who will they share it with and who are they accountable to should that data be stolen or lost?
Of course, COVIDSafe is no silver bullet. But it will play a vital role in helping us overcome coronavirus while the world waits for a vaccine.
And it is undoubtedly better than doing nothing.