Morioh
Login
Christa Stehr

Christa Stehr

3 years ago

Thousands have signed a petition that underscores data privacy issues with Singapore’s newly announced contact-tracing wearable, in development.

Singapore’s announcement that it is developing a wearable for contact tracing has caused citizens to voice concern for the technology’s impact on their data privacy, with more than 35,000 signing a petition against the devices.

On Friday during a parliament session, Vivian Balakrishnan, Minister-in-Charge of the Smart Nation Programme Office initiative and Minister for Foreign Affairs, said the wearables would help Singapore’s 5.7 million citizens track whether they were exposed to someone who has tested positive for the virus.

Previously, Singapore had created a contact tracing app, TraceTogether, which uses Bluetooth mobile phones’ functions to detect other phones nearby and track the spread of the virus (which Balakrishnan said has been voluntarily downloaded by 1.5 million users). However, this app came with a slew of road bumps. Only those who had phones could participate, for instance, and even those with phones reported various interoperability issues.

The soon-to-be-rolled-out wearable devices aim to solve these glitches by allowing users to report their health conditions and then use Bluetooth to detect the conditions of others nearby — sans mobile phones. Balakrishnan said, “if this portable device works, we may then distribute it to everyone in Singapore”; however, he did not clarify whether the government would make the wearable mandatory for citizens.

Singapore residents rebuked the technology over the weekend, with a petition called “Singapore says ‘No’ to wearable devices for COVID-19 contact tracing” rejecting the development of the device.

“With a failed smartphone app already scrapped, the Singapore government is implementing a wearable, always-on contact-tracing device under the guise of tracking interactions with those afflicted by COVID-19,” Matt Gayford, principal consultant at the Crypsis Group, told Threatpost. “Officials have stated that the device will only use Bluetooth’s proximity function and will not rely on GPS or cellular data for the purposes of contact tracing. Some may find this comforting; however, others may fear it is only lip service.”

Wilson Low, who started the petition, in a Sunday post voiced concerns about the wearables potentially allowing contact tracers to locate users’ whereabouts based on their proximity to others’ phones, cell towers or potentially other wearable devices themselves.

“We reject what could potentially be a new form of apartheid (those who wear devices being unable to interact, commune or live with those who reject the devices),” said Low. “Thus, we continue to send a strident and unwavering voice to any actor or authority that the preservation of our rights and freedoms will not be predicated upon the adoption of any wearable tracking device by the general population of Singapore.”

In response to concerns aired out on his Facebook page, Balakrishnan stressed that the devices would not track user locations, but would instead use Bluetooth proximity data to collate “prolonged, close” contacts. The data would then be encrypted on users’ personal devices and erased after 25 days, he said.

In a follow-up press conference, Monday, Balakrishnan said that the wearables would not have GPS, internet or cellular connectivity — meaning that collected data can only be extracted when physically handed over to health officials.

Balakrishnan said Singapore needs to “get the balance right between public health and personal privacy.” He added that he believes Singapore is actually being far more protective of privacy than in many other jurisdictions.

“We are NOT tracking movements,” he said on his Facebook page. “There is no GPS chip. But this as a pandemic that affects all of us. And we do want to know if we have been exposed to the virus or have inadvertently exposed others if we are infected.”

While retaining the data for only 25 days is a “step in the right direction,” Gayford told Threatpost a number of questions remain about the technology, including whether anyone would be permitted to review the code and its functions, and whether people can count on government officials to allow an independent review of the software and hardware.

“In heavily regulated environments such as finance and healthcare, systems and software are required to undergo rigorous assessment and testing processes,” he said. “Many would argue governments should face the same scrutiny, especially if they expect their citizens to freely give up data that is quite literally tracking their every step.”

#mobile security #privacy #contact tracing #coronavirus #covid-19 #data privacy #singapore #tracetogether #wearable

Singapore’s Contact Tracing Wearable Causes Privacy Backlash

threatpost.com

Singapore’s Contact Tracing Wearable Causes Privacy Backlash

Thousands have signed a petition that underscores data privacy issues with Singapore's newly announced contact-tracing wearable, in development.

1.15 GEEK