Contact tracing teams can now start making use of data collected through the COVIDSafe app, but there are still some questions about its effectiveness and safety.

Australia’s state health authorities now have access to what they hope will be a vital tool to help them fight COVID-19.
Contact tracing teams can now start making use of data collected through the COVIDSafe app.
A bill regulating the collection of personal information through the app is currently before the Parliament.
But there are still some questions about the app’s effectiveness and safety.
How does the app actually work?
Downloading and using the app is voluntary.(ABC News: Rachel Riga)
The COVIDSafe app can be voluntarily downloaded onto Australians’ smartphones. The app relies on Bluetooth to detect other users of the app that are within Bluetooth range.
When it detects another user, it exchanges an encrypted packet of information containing the name, age range, postcode, mobile number, date and time and Bluetooth signal strength of the contacts.
That data is stored on a user’s phone for up to 21 days. If a user tests positive for COVID-19, they can upload their stored contacts to a central repository held by the federal Health Department. That data is then made available to state health authorities for contact tracing.
Coronavirus update: Follow all the latest news in our daily wrap
How effective is it?
Paul Kelly says information gathered by the app will only be used for its intended purpose.(AAP: Lukas Coch)
Health officials have said the app works reasonably well on Android phones, but the biggest stumbling block has been with iPhones.
Here’s what the COVIDSafe app looks like and what it wants to do
As Australia looks to implement an app that will help ease coronavirus restrictions, privacy concerns remain.
Read more
A known issue with Apple’s operating system is that the app will not function well if it is on in the background.
In a parliamentary hearing last week, the Digital Transformation Agency acknowledged that on iPhones the app “progressively deteriorates and the quality of the connection is not as good as you get to a point where the phone is locked and the app is running in the background”.
The app is most useful for situations where people are in public, such as commuting to and from work. Given that this is also the time when many would also be on Facebook or Instagram, the background issue will limit the usefulness of the app for contact tracers until this issue is resolved.
Apple is going to release a workaround for the issue.
“Apple themselves are working through that matter and in coming weeks there will be an improvement,” the Deputy Chief Medical Officer Paul Kelly said.
How safe is it?
One security researcher in Australia has compiled what they say is a dossier of weaknesses they believe could make the COVIDSafe app vulnerable to a range of different attacks.
Coronavirus questions answered
Breaking down the latest news and research to understand how the world is living through an epidemic, this is the ABC’s Coronacast podcast.
Read more
Internationally, concerns are being raised over the emergence of similar tracing apps on a global scale. Their swift rollout increases the risk that technical bugs could allow users’ devices to be exploited and attacked and risks exposing more personal information.
The release of Apple’s fixes to allow Bluetooth tracing apps to work on iPhones will be a significant new technical update to millions of phone users around the world. That update may mean it becomes a target for cyberattacks that could create vulnerabilities in devices.
“We’re going to see a lot of attacks because this is going to be software that’s running on every single phone,” Ashkan Soltani, a former chief technologist for the US Federal Trade Commission, said.
“And if that’s not a honeypot for anyone, I don’t know what is.”
Safeguards welcomed, but is more work needed?
There are concerns about how long data gathered from the app will be retained.(Supplied)
Some privacy law professionals believe the current version of the COVIDSafe bill does go a long way to protecting the use and disclosure of personal information collected by the app. The Australian Human Rights Commission also acknowledges that the bill contains several important protections.
Those protections appear to prevent the data from being used for purposes beyond contact tracing by Australian authorities.
The bill also cancels out other laws that could be used to access the data. And it will go a long way in deterring attempts by individuals or corporations to coerce people into using the app.
The Labor Opposition agrees.
“In many ways the privacy protections included in this bill are to use the word of our times unprecedented in Australian law,” the shadow assistant communications minister Tim Watts said in Parliament.
But it places no time limit on the retention of the collected data.
There is a requirement for it to be deleted when it is no longer likely to be effective in fighting the pandemic, but no clear sunset clause.
This chart uses a logarithmic scale to highlight coronavirus growth rates. Read our explainer to understand what that means and how COVID-19 cases are spreading around the world.
“At the moment the bill creates a fairly open-ended storage of that data, in that it will be kept until essentially the end of the pandemic, the end of the usefulness,” Katherine Kemp, a privacy law academic at the University of New South Wales, said.
“But it’s by no means clear that that retention is necessary for contact tracing.”
Dr Kelly has guaranteed that the information will only be used for its intended purpose.
“It’s a promise we’ve made to the Australian people about the privacy and security elements of the app,” he said.
“It’s for contact tracing by disease detectives in state and territory health departments and they are the only people that can use it.”
Concerns have also been raised by the crossbench over the potential risk of US Government gaining access to the vast repository of data collected in the national data store, which will be held by Amazon cloud subsidiary Amazon Web Services.
Find out more
Has the Government released the source code for the app?
The Government has said it would release the source code for the app. Releasing this publicly allows security researchers to scrutinise the app and search for any vulnerabilities.
While the Government has released the code for the app, there has been an omission it has not released the server code that accompanies it.
This would allow further scrutiny of how stored data is encrypted. The approach is also a departure from the Singapore Government, which has released both the app and source code.
What you need to know about coronavirus:

Breaking news

The eighth round of Corps Commander-level talks between India and China is likely to take place on Friday.

Police were attacked as people made the most the last hours before restrictions are introduced

President Donald Trump is chipping away at former Vice President Joe Biden’s lead in Arizona, raising the possibility that he could take the state, giving him more options in any path to the…

Supporters of President Trump took to an Arizona elections center Wednesday night to demand that workers keep counting votes, according to multiple reports.

A Fort Hood soldier has been arrested in connection with the 2019 murder of 32-year-old Chelsea Lynell Cheatham in Killeen, Texas, according to a news release from the Killeen Police Department.

Joe Biden is just six electoral votes away from reaching 270 in the presidential race. Here is what we know as we turn to Thursday.

The most dangerous implication of this election is that tens of millions accept a fictitious world created by an autocrat and marketed by Fox News.

India News: Speaking to reporters in Mumbai, the Rajya Sabha MP also said that Bharatiya Janata Party (BJP) was free to protest against Goswami’s arrest if they t

Contact tracing teams can now start making use of data collected through the COVIDSafe app, but there are still some questions about its effectiveness and safety.