UK gov't contact-tracing app violates data-protection rules, group says

test and trace app
(Image credit: Ascannio / Shutterstock.com)

Privacy campaigners accuse the UK government of violating data protection laws through the creation of the government's coronavirus Test and Trace app, which is yet to be released publicly. 

The Open Rights Group (ORG), a free-speech campaigning organization, confirmed that it would be making a complaint to the Information Commissioner's Office (ICO) over the national rollout of the app in the wake of the Covid-19 pandemic.

The organization has also written a letter to UK health secretary Matt Hancock, to the CEO of NHSX (the agency meant to bring the National Health Service up to speed with the latest technology), Matt Gould, and to the chief executive of Public Health England (PHE), Duncan Selbie, to ask for information on the data safeguards of the app.

In its complaint, ORG accuses the NHS and PHE of failing to complete a Data Protection Impact Assessment, which required by law through the General Data Protection Regulation. 

ORG said this was necessary “given the system is experimental and the sensitive nature and scale of the data being processed", adding that both health organizations are in breach of GDPR as they confirmed that a data protection impact assessment wasn’t conducted.

  • If you're outside the UK, you can access iPlayer with an iPlayer VPN

'Public health objectives are being undermined'

Campaigners at ORG also called the app’s 20-year data-retention period excessive while questioning its commercial and research purposes. They also claim to have found unspecified security issues that put people at risk and said the app’s privacy notice is flawed. 

Jim Killock, Executive Director of Open Rights Group, called on the ICO to act and enforce the law, accusing the Government of moving too fast with the roll out.

He said: “If they carry on in this manner, public confidence will be undermined, and people will refuse to engage with the Track and Trace programme. Public health objectives are being undermined by failures to get privacy and data protection basics in place.” 

The complaint will be filed by Ravi Naik, Legal Director of the data rights agency AWO. He also criticized the app for its approach to data protection, saying: “Rushing out Test and Trace without following basic legal requirements is troubling. These legal obligations are not simply a compliance point. 

“They are designed to ensure that risks are identified and mitigated. Not conducting these assessments has caused our client’s concern that those risks have not been properly thought through.”

  • Read more: Protection without the cost? Discover the best free VPN
  • A UK VPN will get you access to tons of British TV
TOPICS

Nicholas Fearn is a freelance technology journalist and copywriter from the Welsh valleys. His work has appeared in publications such as the FT, the Independent, the Daily Telegraph, The Next Web, T3, Android Central, Computer Weekly, and many others. He also happens to be a diehard Mariah Carey fan!

Latest in Online Security
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
An FBI agent typing on a computer
FBI issues warning to millions of Americans to avoid these websites that can steal your passwords and banking info
How to delete TikTok
TikTok has rolled out a vital new security feature — here's how to use it
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Thursday, March 20 (#648)
A phone with the Plex logo in front of an out-of-focus background of movie posters
Yikes! Plex is getting a price hike and this key feature is going behind a pay wall
back of Iris Pixel 9a
Google Pixel 9a pre-orders delayed due to 'component quality issue' — here's when you can get one
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Sony A95K QD-OLED TV in front of windows in a living room
This new TV breakthrough looks like a game-changer for OLED TVs
Apple iPhone 16 & 16 Plus hands-on.
Forget USB-C — a truly portless iPhone just got the all-clear from the EU