OAIC publishes first COVIDSafe report
The half-year report, covering the period from 16 May to 15 November, found that the office commenced four assessments into the integrity of the app during the period.
The first of these relates to access controls applied to the National COVIDSafe Data Store by its data administrator the Digital Transformation Agency. The second relates to access controls applied to the use of COVID app data by state and territory health authorities.
The report also found that the agency received 11 enquiries seeking information or expressing general concern about COVIDSafe over the period, with the majority received in July. But no formal complaints were filed, and there was no reason to commence any privacy investigations.
The agency was also not notified of any data breaches related to the app, and did not seek to exercise its power to share information with state or territory privacy authorities.
Australian Information Commissioner and Privacy Commissioner Angelene Falk said oversight of the operation of the privacy aspects of COVIDSafe is a key priority for the OAIC.
“The privacy protections that accompany COVIDSafe are important outcomes for privacy in Australia,” she said.
“My office will continue to work to ensure that the protections are being applied so that Australians can be confident in the protection of their personal information within the COVIDSafe system.”
In June, the DTA released guidance aimed at helping entities understand their privacy obligations related to COVIDSafe and COVID app data. According to this guidance, it is a criminal offence for any individual, organisation or government agency to require any individual to download or use the app.
It is also an offence for individuals or organisations to require an individual to upload their data to the National COVIDSafe Data Store without their consent.
COVID app data must also be stored on a database in Australia, and can only be collected, used or disclosed to conduct contact tracing by an individual authorised to manage the tracing process.
The US Cybersecurity and Infrastructure Security Agency's National Risk Management Center has...
US President-elect Joe Biden has announced US$9bn in funding for an initiative aimed at improving...
In our annual Leaders in Technology series, we ask the experts what the year ahead holds. Today...