More industry groups back COVID-19 tracing app

The National Committee of the Data Management Association Australia (DAMA Australia), the peak body for the data management industry, has sought to reassure its members concerned about the implications of the government’s COVID-19 tracing app.

DAMA Australia President David Wiebe has endorsed the government’s stated aim to automate contact tracing during the COVID-19 pandemic.

“Our members have two concerns, which are shared by many in the IT industry,” Wiebe said.

“One is to validate the data collected by the app is consistent with the Australia Government’s stated purpose of contact tracing and the other is to ensure that personal data is secure and protected from misuse.”

But the National Committee has assessed that the data the app collects should improve the efficiency of the contact tracing process, helping to reduce the risk of health authorities becoming overwhelmed by an outbreak.

In addition, the committee is satisfied that the security measures included in the app are consistent with best practices in data security as well as data governance.

All data will be held locally due to the government’s insistence on data sovereignty, and tracing data will be deleted after 21 days of no contact.

Wiebe added that all data that has been uploaded centrally will be deleted after the pandemic passes, and that the government has committed to legislating to make it illegal to use the app’s data for any other purpose to safeguard against abuse.

“Although we believe the decision as to whether citizens install the app is a personal choice, we are satisfied, based on the details provided to the public so far, that this app has been designed in a manner consistent with DAMA best practices for data security and sharing,” he said.

Meanwhile, ICT non-profit the Pearcey Foundation has released its own white paper covering the app, declaring that concerns over the privacy implications of the app are “largely unfounded”.

But the paper stipulates that the success of the app will be dependent on factors including citizens trusting the government not to misuse the data the app collects.

But questions over the security of the design of the app can only be truly answered if the app is properly vetted and accredited by experts such as the Australian Signals Directorate or the Cyber Security Cooperative Research Centre.

The Pearcey Foundation has called on the government to release the source code for the app as open source to show the Australian public the app has nothing to hide. It notes that the shared protocol used by the Australian app and the Singapore version it is based on has been released under a GNU general public licence.

But the paper also adds that inspections by experts including the Australian Information Industry Association have all given the code used a clean bill of health.

Meanwhile, the foundation is also urging the federal government to better communicate why Australians should download and use the app, as well as the benefits of adoption.

“The Pearcey Foundation wholeheartedly supports the introduction of the COVIDSafe tracing app and encourages all Australians to download it and use it. We believe the government has clearly addressed the privacy, security and other concerns,” the report states.

“But we also believe industry and community organisations need to collaborate with the Government as it continues to encourage people to use the app, and so allay community concerns. This can be achieved through total transparency at every stage of the process. It needs the right messaging, from the right people, through the right channels.”

Image credit: ©stock.adobe.com/au/chamsitr