As lockdown restrictions ease even further and the world begins to return to a new ‘normal,’ the Government has warned that we must still be vigilant if we hope to avoid a second wave. A huge part of this process is what is known as track and trace, and this will be one of the key tools for fighting Covid-19 in the coming months.
This contact tracing system is nothing new. In fact, this well-established system has been used in the past to control the transmission of diseases such as HIV. That said, technology has enabled these systems to be more efficient through these apps.
But while these apps present the best possible opportunity for combatting the virus, they do require the collection and use of a lot of personal information. This raises a whole host of data protection issues, and we’re going to look at these in more detail below.
What are contact tracing apps, and what are they used for?
The idea behind track and trace is that those who have tested positive for Covid-19 are then tracked and must give the details of everyone they’ve come into contact with. These people are alerted and will then have to self-isolate for two weeks. This helps to stop the spread.
In the past, these tracking systems were labor-intensive as they required a lot of manpower to test and record the details of everyone involved. Nowadays, new apps and digital tracing allow the process to be automated and saves a lot of time and money. This also allows for a much broader and more efficient service, helping to slow the virus down even faster.
What are the data protection issues?
There are several different apps currently being designed and used, including an app from the NHS, Google, and Apple. These are largely designed to do the same thing, trace, track, and slow the virus, and this requires them to collect a lot of personal information. In a bid to ensure that any data collected will be processed safely, securely, and fairly, those designing the apps have had to keep privacy at the forefront of these applications. This is because, without careful planning and execution, there could be some serious data protection issues. These include but are not limited to:
Also, you can read 32 Best Mobile App Ideas for the Startups in 2020!
One of the key aspects of data protection is the security of data, and it is vital that the infrastructure of all tracing apps has security built-in. Hackers and cybercriminals can use very sophisticated techniques to gain access to weak applications, and this can be very damaging when these apps contain so much personal information.
For this reason, the Information Commissioners Office (ICO) has recommended that all tracing apps need to apply the most robust security techniques both when collecting, storing, and using this data to ensure it is safe from cybercriminals and those with malicious intent.
Transparency and purpose limitation
Since all the information being collected is sensitive, many have raised concerns that the data might also be collected and then used for other purposes or shared with third parties. Because of this, the ICO has recommended that app developers be completely transparent with users about how their data will be used. It’s also advised that these apps only collect the minimum amount of information needed to achieve their purpose.
Furthermore, the app must meet all General Data Protection Regulations (GDPR) and be fully compliant with the guidelines. This means all privacy notices and information regarding how the data will be used must be comprehensive but written in simple language that is easy for everyone to digest. Designers must also be transparent about what they are trying to achieve with the app and any risks their app poses to personal data and individual rights.
Access and deletion
One of the biggest aspects of GDPR is user control. Every individual has the right to request access to their data and to opt-out of these services with no consequences. These tracing apps require information to work, but the problem is, they must offer a way for users to exercise their rights and withdraw their information should they wish to do so.
These apps might require developers to use third parties to create and maintain the application and its functions. This can increase the risk of a data breach via these third-party providers. This can be a real data protection issue, and therefore, developers are encouraged to implement effective systems and processes to ensure that any outside parties also have their own robust security systems in place to minimize these risks.
Decommissioning the app in the future
Once this crisis is over and the virus is under control, what will become of the app? Many are skeptical of these technologies as another way for Governments to store information about them. Therefore there must be an efficient and effective way to decommission these apps once the crisis is over. Developers must decide if the app will dismantle itself from within or if steps will need to be taken to manually erase any data and ensure this is deleted and removed properly and within GDPR compliance guidelines.
Roles and responsibilities
As with any new business, technology, or application that collects sensitive data, responsibility for compliance can be an issue. In these circumstances, a named data controller must be appointed to ensure that the system (in this case, the app) is 100% GDPR compliant. What’s more, everyone involved in creating and maintaining the app must be aware of their roles and responsibilities for protecting the data collected and stored within. Otherwise, the risk of human error increases, as does the likelihood of a data breach.
Finally, it is also important that everyone involved is aware of their roles should something go wrong. This is because they need to know who to report any glitches or breaches to as quickly as possible, and definitely within the 72-hour window assigned under GDPR. They may also need to present evidence of compliance to the ICO should there be a breach.
Here are a few more topics that you shouldn’t miss:
How to Delete Facebook Page, Facebook Account & Facebook Group
15 Terrible Mistakes Amateur Blogs Make That You Should Avoid!
Best URL Shortener Sites You Can Use To Shrink Long URL
Like this post? Don’t forget to share