Krise To Go #5

KRISE TO GO – observations and challenges during the covid19 pandemic by the research group 8 inequality and digital sovereignty

What´s the safest way to trace? As the challenge of containing the coronavirus outbreak continues, governments around the world have released smartphone apps to help trace the spread of the pandemic, in an effort to reduce the number of people who fall ill with COVID-19.

Contact tracing is an important component of effective pandemic response, and contact tracing apps have the potential to support this objective, but there are also concerns that gathering information about people’s geo-location and other personal data risks infringing on our individual privacy more than ever before. Many of the countries in Europe that have released tracing apps are following recommendations by independent networks like Amnesty International, which say that in order to be human rights compliant, contact tracing apps must build in privacy and data protection by design, meaning any data collected must be the minimum amount necessary, and securely stored. All data collection should not be used for any other purpose – including law enforcement, national security or immigration control.

The german app “Corona-Warn-App”, released on the 15th of June is using Bluetooth Low Energy (BLE) which enables decentralized contact tracing. This offers greater protection against abuse and misuse of people’s geo location data as the information is saved on the phone itself and not pulled into centralized pots.

BLE is usually being used for IoT (Internet of Things) devices or Bluetooth devices such as headphones, which are exchanging messages with a computer.

The “Corona-Warn-App” uses Bluetooth technology to measure the distance and duration of encounters between people who have installed the app on their devices: Your phone is constantly broadcasting messages with random codes into its surroundings. Any other device which is close enough to capture that message receives it, while at the same time transmitting its own. A contact is established when two devices are in a certain proximity. If people using the app test positive for the corona virus, they can voluntarily share their test results with other users through the app. The infected person’s random codes are then made available to all people who use the Corona warning app. The codes are locally secured on the phone itself without any connection to geo-locations. it´s about who met each other and not where they met.

But even if this seems like a good solution there are already investigations on the security of this application: the Frankfurter Allgemeine Zeitung released an article reporting on the results of researchers at Universities in Darmstadt, Marburg and Würzburg confirming security gaps which come with the Google/Apple protocol (GAP). 

Claudio Guaneri who is Head of Security Lab at Amnesty International also points out that the efficacy of digital contact tracing depends on wide adoption, which is more likely in the more privileged segments of wealthy economies. In a talk (that we recently posted on our blog) he explains that these technologies can only be complementary to equitable public health initiatives and international collaboration. Access to modern smartphones can not be a discriminatory factor for access to proper healthcare.

Here are some articles and podcasts we find worth consuming regarding the topic #datasecurity and #tracingapps


EU privacy experts push a decentralized approach to COVID-19 contacts tracing

Data protection in times of COVID-19: the risks of surveillance in Brazil

Unicef: Digital contact tracing and surveillance during COVID-19

Digital Contact Tracing for Pandemic Response: Ethics and Governance Guidance



data protection, privacy, security, tracing apps