iTnews

After CovidSafe, QR codes spark privacy concerns

By Tess Bennett on Oct 30, 2020 12:53PM
After CovidSafe, QR codes spark privacy concerns

"Solid gold for data aggregators."

Researchers are calling for a renewed public discussion about the role of technology in Australia’s contact tracing regime as questions remain over the effectiveness of CovidSafe and private companies continue to harvest data via QR code check-in systems. 

Graham Greenleaf, professor of law and information systems at the University of New South Wales summed up the dilemma: 

“We've got a genuinely voluntary CovidSafe app with Australia's strongest privacy policy protections, but it's now largely ignored because it's been shown to be ineffective. 

“In contrast, we have semi-compulsory QR codes which have no effective privacy regulation but look like they're going to be here for quite a few years to come.”  

Speaking during a panel hosted by Deakin University's Global Digital Publics Network and the Science and Society Network, Greenleaf said after six months the government’s app “has not made any significant contribution to combating COVID in Australia”. 

According to a recent senate estimates hearing, CovidSafe has traced just 17 cases in NSW that might not have otherwise been found by human contact tracers. 

While the app in its current state might be a dud, Greenleaf defended the CovidSafe legislation that accompanied it, which was introduced in May. 

In particular, he highlighted protections against making it compulsory for people to download the app, limiting scope creep by not allowing “police or the spooks” to access the data, and a sunset clause which would require all data be deleted if the app is “no longer required or effective”.  

“The app might have been a failure but in many ways the legislation is a success because we have not seen a piece of surveillance-related legislation in Australia that genuinely addresses the various problems of surveillance systems in as serious fashion as this one does,” he said.  

“It may still be a valuable model for the future for how to constrain future surveillance systems that will be built.” 

Greenleaf contrasted the rules surrounding CovidSafe with the “laissez-faire neglect” of QR code industry. 

Scanning a QR code has quickly become a condition of entry to many Australian venues, mandated by state and territory governments to assist in contact tracing efforts. 

Greenleaf argued those jurisdictions aren’t paying close enough attention to the collection and use of data which is being outsourced to a range of QR code providers. 

“There is no quality control over those QR providers in relation to the privacy protections. The venues that hire them have no strong incentive to enforce what they do with their privacy protections and governments have abdicated from setting required standards for QR providers.” 

The current system raises concerns over data being sold to third parties for data matching and marketing. 

“The data that you're providing is solid gold for data aggregators, full name, email, and phone number all together, linking to one person,” Greenleaf said. 

Greenleaf argued state and territory governments could use the licensing powers to force venues to impose quality standards and the Commonwealth Privacy Commissioner could impose a new code on QR providers, or consumers can insist on a pen and paper option. 

Another possibility raised during the panel discussion was the New Zealand Covid Tracer, which makes a digital diary note in a centralised location when QR codes are scanned rather than creating a record in a vendor’s database.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
contact tracingcovidsafedigital & disruptionprivacyqr codesoftware

Partner Content

DoT Victoria turns to Oracle to implement unified cloud-based platform
Promoted Content DoT Victoria turns to Oracle to implement unified cloud-based platform
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
The case for postponing mainframe migration has eroded
Partner Content The case for postponing mainframe migration has eroded
Security through visibility: supporting Essential Eight cyber mitigation strategies
Promoted Content Security through visibility: supporting Essential Eight cyber mitigation strategies

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

  • iTnews Benchmark Awards 2022 - Finalist Showcase
  • 11th Annual Fraud Prevention Summit 2022
  • IoT Impact Conference
  • Cyber Security for Government Summit
By Tess Bennett
Oct 30 2020
12:53PM
0 Comments

Related Articles

  • Woolworths wraps digital wallet into its loyalty app
  • Videoconferencing apps can access muted mics
  • Tasmanians to get a single government identifier
  • Senate inquiry calls for gov to wind up COVIDSafe app
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Kmart Australia stands up consent-as-a-service platform

Kmart Australia stands up consent-as-a-service platform

NSW digital driver's licences 'easily forgeable'

NSW digital driver's licences 'easily forgeable'

Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS

NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co's 250Mbps and gigabit growth is finally clear

Digital Nation

The other ‘CTO’: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration
Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.