Data-privacy challenges for California COVID-19 contact-tracing technology

Developers, governments, and regulators must work with the cybersecurity industry to apply rigorous standards to contact-tracing apps to make sure that the societal impact of COVID-19 doesn’t extend into personal privacy.

As opt-in contact-tracing applications across the US are being built for state-specific usage, attention inevitably turns to the privacy risks they present, and how authorities must balance public health with cybersecurity to build systems that are fully fit for purpose.

In the battle to control COVID-19, the fundamental role of contact-tracing applications is to alert people when they’ve come into contact with someone who has tested positive for the virus. They have been touted as a vital tool in identifying localized spikes in infections and helping authorities to quickly isolate anyone who may be at risk of spreading the virus further.

Considerable effort is being made to develop the technologies across the public and private sectors. In April, Apple and Google announced they were partnering on COVID-19 contact-tracing technology, and their work includes the development of APIs to ensure apps operate across iOS and Android devices, alongside Bluetooth capabilities, to broaden the effectiveness of the technology. They are not building apps, but they are offering underlying technology designed to help contact-tracing apps work better.

As subsequently reported in CNN Business in May, the companies then shared guidelines designed to protect consumer data privacy when using tracing apps based on their technology. They would not, for instance, collect any location data. The technology “will be used only by health authorities without being monetized; will require explicit user consent; and will be disabled once contact tracing is no longer needed,” according to CNN Business.

But not everyone is going down that particular route, and in developing this technology, authorities are in new territory and are under pressure to build and launch apps as quickly as possible.

To read the complete article, visit Dark Reading.