A comprehensive list of COVID-19 contact tracing apps researchers found to be leaking private user data
Research reveals that COVID-19 tracing apps are leaking private user data. According to ProPrivacy, UK and France contact tracing apps scored a pitiful 4 out of 10 privacy points, allowing data access to third-party hosting providers. And with the holiday season upon us, airlines are reporting 400% surges in the number of bookings for the Christmas and New Year period, encouraging people to equip themselves with COVID-19 tracing apps to stay alerted.
France and the UK are among the best and the worst
Contact tracing apps don’t need to collect personal data to work properly. Based on recent research by ProPrivacy on COVID-19 tracing apps and their calculated privacy scores given to each country, France and the UK have some of the lowest numbers. While the British NHS official app scores 4 out of 10, France relaunched its app, changed the name, yet its privacy score remains at a low 4, allowing data access to a third-party hosting provider.
Among other countries leaking app users’ data and having low privacy scores are Poland (data access is given to health officials, relevant official bodies, private companies), South Korea (data access is provided to private companies), Iceland (a privacy score of 2), and many others.
|Country||Privacy Score||App||Country||Privacy Score||App|
|Saudi Arabia||8||Tabaud||Poland||2||ProteGO Safe|
|Portugal||8||StayAway Covid||Iceland||2||Rakning C-19|
|Japan||8||Contact-Confirmation Application (COCOA)||Argentina||2||CoTrack|
|Ireland||8||COVID Tracker App||Thailand||1||Mor Chana|
|Estonia||8||Hoia||Norway||1||Smittestopp (SUSPENDED OVER PRIVACY CONCERNS)|
|Canada||8||COVID Alert||New Zealand||1||NZ Covid Tracer|
|Brazil||8||Coronavirus – SUS||Columbia||1||CoronApp|
Table 1. Countries with the highest and lowest privacy scores
“Current apps have little to no coordination and very diverse approaches: some European countries, such as France and Bulgaria, prefer a centralized tracing apps approach. Such apps upload users’ data to the central server for analysis, while the remaining majority go for the decentralized version, reducing the loss of privacy,” explains Daniel Markuson.
Major drawbacks of COVID-19 tracing apps
There are various shortcomings related to COVID-19 contact tracing apps. Experts admit that GPS data as well as Bluetooth transmitters and receivers lack sufficient accuracy, possibly sending false positives. However, the most prominent issues are privacy challenges.
Despite processing highly sensitive personal information like name, age, and email address, only 16 of the 50 apps indicate that the user’s data will be made anonymous, encrypted, and securely transmitted online. In addition, research reveals that numerous apps demand unnecessary data, such as access to contacts, photos, media files, location data, camera, call logs, Wi-Fi connection, and others.
Stolen privacy — is it the price of tackling the pandemic?
Leaked data and stolen privacy are not solutions for tackling the pandemic — more considerate implementation should be established. Following the list of ETUI Policy Brief requirements built on the European Data Protection Board’s statement, app users’ privacy could be expanded and protected. Some of the conditions are:
- Minimum and relevant contact data only must be collected and stored;
- The system must be totally decentralized, with no central authority involved;
- Data retention should be limited, and collected data must be anonymous or anonymised, encrypted and deleted after a certain amount of time.
Additionally, in order to protect yourself from cyber threats on your way home, Daniel Markuson, a digital privacy expert at NordVPN, has listed 5 tips to increase your mobile online privacy:
- Review permission for mobile apps. Some of them use unnecessary data, which might be later on given to third parties.
- Use cybersecurity tools, including VPN, to protect your mobile online presence. VPN encrypts traffic and makes it invisible to anyone eager to eavesdrop or cause harm.
- Be cautious while downloading apps. Buy them only from legitimate sources.
- Don’t ignore software updates. These often include important protective measures against the latest viruses.
- Secure your apps with a strong passcode. Keep in mind that passwords should be unique and not used on any other account. A list of the most vulnerable passwords has been revealed in NordPass’s recent research.
People need to be reminded that technology is just one of the many requisite solutions, and it cannot tackle this pandemic alone. Even with a perfectly programmed app, people will still need to keep distance, wear masks, and get tested.
NordVPN is the world’s most advanced VPN service provider used by over 14 million internet users worldwide. NordVPN provides double VPN encryption, malware blocking, and Onion Over VPN. The product is very user-friendly, offers one of the best prices on the market, has over 5,000 servers in 60 countries worldwide, and is P2P-friendly. One of the key features of NordVPN is the zero-log policy. For more information: nordvpn.com.