Laws are set to pass parliament in May in an attempt to address some of the privacy issues raised ahead of the release of the government’s coronavirus tracing app.
The bill is scheduled to appear in parliament in May and will address the Crimes Act 1914, which allows law enforcement officials to access the phones of suspected criminals and would now likely include any data held within the upcoming app, according to a report from the Sydney Morning Herald.
With the app’s release imminent, however, it’s expected it could be governed under the Biosecurity Act 2015 ” the laws that govern what powers the government has during large-scale health crises like coronavirus ” until those changes are introduced and passed. Under those laws, that data could still be accessed if it were deemed necessary for the purpose of Australia’s health security.
According to the report’s sources, the proposed legislation would directly deal with the privacy concerns being raised, particularly with who can access the data outside of health authorities.
Attorney-General Christian Porter told the Sydney Morning Herald on Wednesday that both federal and state law enforcement authorities would be barred from accessing the app’s data as well as any metadata associated with it.
“Specific regulatory action will be taken to prevent such access for law enforcement agencies at both the Commonwealth and state/territory level,” Porter said in a statement to Sydney Morning Herald.
“The government has already made the decision not to make any information collected by the app available for other purposes, including law enforcement investigations.”
The Australian government's coronavirus tracing app is set to be released soon but it hasn't been without its fair share of controversy due to privacy concerns and a lack of clarity over whether it will be mandatory. The latest concern is that the app's technical details might not be fully revealed for scrutiny prior to its public release and data security experts are concerned about what that could mean.Read more
While the government has stated the data collected would be limited to names, phone numbers, age ranges and post codes, privacy experts have called on the government to release the app’s source code to determine if it would inadvertently capture anything else as well as uncover any flaws it may contain.
“The Australian Government should follow Kerckhoff’s principle ” that there’s no security through obscurity ” and release its source code so that the public might better understand the privacy and security implications of sharing [their] data,” Professor Rubinstein told Gizmodo Australia.
The Government Services minister Stuart Robert announced the full source code would be released for transparency on April 18 but Services Australia has since confirmed to Gizmodo Australia it’s still dependent on security advice.
“The government intends to release the source code for the app,” a spokesperson for Services Australia told us over email.
“Subject to cybersecurity advice, the government will not be releasing any code that could compromise privacy or security for both Australians using the app and state health authorities, such as encryption keys.”
It did not specify whether the source code would be released prior to the app’s public release.
The race to contain coronavirus is underway in Australia. While local efforts to trace confirmed cases has likely resulted in a decline in spread, it's an intensive operation authorities are looking to streamline. One way to automate that process is through the use of mobile phone apps but its prompting concerns over privacy.Read more