CultureWatch

Bill Muehlenberg's commentary on issues of the day...

On Corona Tracking Apps

Apr 27, 2020

What could go wrong with a government app?

As expected, there is already a massive debate over the merits or otherwise of the new government COVID-19 tracking app that folks can download onto their phones. A major part of the controversy has to do with privacy concerns and the like. Before exploring all this further, let me offer my quick take on it:

If you want to get the app and you think it is just peachy, then fine, go ahead and get it. I will not tell you that you cannot make that choice. But by the same token, please do not tell me what I can and should do. If I and others have genuine concerns about it, and choose not to download it and use it, that is our choice.

I repeat: If folks want the corona app, they can feel free. No probs. If they think that is the right thing for them to do, I will not complain. But they better not lecture me and others about how ‘unchristian’ or ‘uncaring’ or ‘ignorant’ or ‘Luddite’ we are for daring to ask questions and for showing some due caution and concern with all this.

And we do have every reason for asking such hard questions and not blindly following whatever the State tells us to do. Sometimes the State gets it right, sometimes it doesn’t. Sometimes it has our best interests at heart, sometimes it doesn’t.

I have written before about some of the many real concerns, especially related to privacy issues. Despite good intentions, things CAN go wrong here. Let me offer just one Australian example of this as reported last year:

Australian Federal Police have admitted accessing the metadata of Australians around 20,000 times in just 12 months. The admission came during the AFP’s submission to the parliamentary joint committee on intelligence and security’s review of the mandatory data retention laws.

The review, currently underway, is examining a range of laws, including anti-encryption legislation, and is looking into the recent AFP raids on the media. Information on the number of times metadata is accessed by government agencies is supposed to be released in an annual report on the operation of the Telecommunications (Interception and Access) Act, but a report hasn’t been released for nearly two years.

Under the controversial 2015 metadata retention laws, internet service providers are required to keep data including call records and IP addresses of users for at least two years, and hand it over to law enforcement agencies without the need for them to obtain a warrant. This data includes, but is not limited to:

Telephone records
The time and length of phone calls
The internet protocol addresses (IP addresses) of computers from which messages are received or sent
Location of parties making phone calls
To and from email addresses on emails
Logs of visitors to chat rooms online
Status of chat sites – whether they are active and how many people are participating
Chat aliases or identifiers (the name a person uses in a chat room online)
Start and finish times of internet sessions
The location of an individual involved in communications
The name of the application someone uses online and when, where and for how long used

The laws were spruiked as being necessary to catch terrorists and organised criminals, but are actually being used by not just the AFP, but a range of law enforcement agencies and even local councils have been using the laws for ‘unintended’ purposes. www.sydneycriminallawyers.com.au/blog/afp-admits-accessing-metadata-of-australians-20000-times-in-a-year/

Another article at the time said this:

ACT Policing has admitted it unlawfully accessed citizens’ metadata a total of 3,365 times, not 116 as previously disclosed in an explosive commonwealth ombudsman’s report on Monday. The new disclosures include a total of 240 cases that resulted in information valuable to criminal investigations and one that “may have been used in a prosecution”.

In a statement on Friday, ACT Policing revealed the 116 unlawful metadata requests detailed in the report tabled in parliament on Monday are the tip of the iceberg, with a further 3,249 requests made from 11 March to 13 October 2015 under an invalid authorisation. The revelation comes as Western Australia’s top cop has said there have been no consequences for police who unlawfully accessed a journalist’s metadata, contradicting Peter Dutton’s suggestion they might be penalised. www.theguardian.com/australia-news/2019/jul/26/act-police-admit-unlawfully-accessed-metadata-more-than-3000-times

If these were just the occasional one-offs, and something not repeated here and elsewhere, that might be one thing. But sadly this is not always the case. And yet I have already had corona alarmists accusing me of being a technophobe, a conspiracy theorist, and worse – all because I have legitimate concerns about how things might pan out here.

I have already quoted Monica Wilkie on this. Let me do so again:

When Canberra introduced metadata laws a few years ago, we were told they would only be used to find terrorists. But greedy councils were soon demanding access so they could catch litterbugs. Facial recognition tool Clearview AI was allegedly misused by members of Australian police departments. This information is only known because Clearview’s data was breached. A breach of the government’s proposed tracking app is absolutely possible — cyber-attacks have already increased during this crisis.

Once we upload our data, we have relinquished control of it, and have no say over how it is used or misused.
Using personal data to track COVID-19 cases has already led to public shaming. A South Korean coronavirus patient detailed the fear and shame she felt after her neighbours discovered her identity, and people started demanding more and more information about her be released – some patients have also been targeted by online abuse.

Even though the South Korean government makes public a certain amount of information – like work and home addresses of infected patients – this example shows how once sensitive data is obtained, you cannot control how it is used. The South Korean government probably did not anticipate a public health intervention would be used to harass the sick. www.spectator.com.au/2020/04/tracking-a-pandemic-an-unacceptable-invasion-of-privacy/

The truth is, while technology itself can simply be neutral, it can always be used for good or ill. And there are no fool-proof technologies out there. No matter how many so-called safety measures are said to be included, I am sure that there are always those who will find a way to get around them. History has shown us this often enough as well.

But the alarmists and pro-appers have plenty of rather lame justifications for pushing this app while attacking those who dare to raise questions. One of the more idiotic arguments being made by this camp is that governments, social media and corporations already have so much data on us – so what is the big deal with this?

Um, that is about as helpful as saying that since so many folks know how to break into a home, we might as well just leave our front doors open and unlocked. Good grief, what folks should be arguing for is not MORE abuse of our private information but less. They should be concerned about all the personal data that is already so readily being gleaned and stolen from us, and not making cheap excuses for more of this to take place!

But it is the Christian pro-app camp that really can bother me at times. They are far too ready to judge you and attack you and claim that you are somehow being unloving if you say a polite ‘no thanks’ to the app. As my friend Rod Lampard recently put it on the social media:

So I’m not being a Christian, loving or Christlike, if I don’t sign up to the Government’s COVID-19 app?
I’m not caring about others by defending their hard won, blood earned, civil liberties? Where have we heard this same asinine, emotional manipulative non-sequitur before?
Oh, yeah. The same-sex marriage debate, Islamic terrorism #illridewithyou, abortion, transgenderism, Apocalyptic Climate Change…any Leftist cause, really.
Thus, and with all due respect, since when did Leftism become a yardstick for being a Christian?

Yes quite so. What scares me the most is how many Christians have zero understanding of history – or the Bible for that matter. Some of them really seem to think that government can do no wrong, and technologies can never be misused and abused.

Um, governments routinely go wrong as power grabs become the norm, and technologies are regularly used for evil purposes. Indeed, one clear lesson of history is what is merely ‘voluntary’ today far too often becomes ‘mandatory’ tomorrow – all for the common good of course.

I must once again quote from another friend, Mark Rabich, who said this about the app: “How about no? The simple rule of thumb for any new government power – in this case, to track your movements – is to imagine it in the hands of your worst enemy. NOW ask yourself if you still want that power created.”

Speaking of which, consider a primary example of this: China. Even “our” ABC has written about the dangerous digital Brave New World that is arising there. And this piece was penned back in 2018! It begins:

What may sound like a dystopian vision of the future is already happening in China. And it’s making and breaking lives. The Communist Party calls it “social credit” and says it will be fully operational by 2020. Within years, an official Party outline claims, it will “allow the trustworthy to roam freely under heaven while making it hard for the discredited to take a single step”. Social credit is like a personal scorecard for each of China’s 1.4 billion citizens.

In one pilot program already in place, each citizen has been assigned a score out of 800. In other programs it’s 900. Those, like Dandan, with top “citizen scores” get VIP treatment at hotels and airports, cheap loans and a fast track to the best universities and jobs. “It will allow the trustworthy to roam freely under heaven while making it hard for the discredited to take a single step.”

Those at the bottom can be locked out of society and banned from travel, or barred from getting credit or government jobs. The system will be enforced by the latest in high-tech surveillance systems as China pushes to become the world leader in artificial intelligence. Surveillance cameras will be equipped with facial recognition, body scanning and geo-tracking to cast a constant gaze over every citizen.

Smartphone apps will also be used to collect data and monitor online behaviour on a day-to-day basis. Then, big data from more traditional sources like government records, including educational and medical, state security assessments and financial records, will be fed into individual scores. Trial social credit systems are now in various stages of development in at least a dozen cities across China.

Several companies are working with the state to nationalise the system, co-ordinate and configure the technology, and finalise the algorithms that will determine the national citizen score. It’s probably the largest social engineering project ever attempted, a way to control and coerce more than a billion people. If successful, it will be the world’s first digital dictatorship. mobile.abc.net.au/news/2018-09-18/china-social-credit-a-model-citizen-in-a-digital-dictatorship/10200278

So did I just say that the Australian corona app is identical to what we find in China, and that Morrison is a hard-core communist intent on enslaving every single one of us? Um, no. But this is what I AM saying: the price of liberty is eternal vigilance, and even well-intentioned government policies – and apps – CAN be turned to the dark side of the force. And very easily and quickly as well, if we are not all very careful.

Much more can be said about all this. But let me repeat what I said at the outset: if you want to get and use the app and think it is the next best thing to sliced cheese, then go for it. I am not begrudging you your choice here. But I do hope that you do not begrudge me my choice here.

[1983 words]

41 Responses to On Corona Tracking Apps

  • Sad to say, but I know that there are plenty of folks who are now ready to lynch me for daring to ask these sorts of questions. Therefore, let me remind you of my commenting rules, and please read carefully the entire article before you even consider sending in a comment!

  • Hi Bill, on a purely practical observation. I did go to the App Store on my phone to just have a look at it. What I did observe were about a dozen “very legitimate” looking apps all purporting to be the Official Covid tracking app! I did not attempt to open any of them. Apart from the genuine issues that you’ve quite rightly raised, the risk of inadvertently installing a virus or malware is just too great. This Covid 19 pandemic has created an absolute field day for con -artists of every shape and form. I hope this helps, blessings, Kel.

  • Stats out of the US and UK are showing the death rates to be similar to that of the annual flu. More people have had it than was expected, because they either showed no symptoms at all or their symptoms were mild.
    Think about what that really means; we shut down the economy, we shut down the schools, we have vowed to change societal norms and we gave up our freedoms for a contagious virus no deadlier than the regular flu.

  • Well said Bill. It is always wisdom to ask questions and consider all aspects before we make any decision. My Uncle, who was a lovely godly man, always advised that ‘prayerfully and carefully’ was the way to go! Have we become so saturated with such ready information in this day and age that we have forgotten ‘how to think’ and instead have fallen into the trap of accepting ‘what to think?’ If so we might well have already placed ourselves in a very perilous position. And just a thought – we have been told repeatedly that face masks are of no use to the general public but on the other hand crucial for health workers – the shortage very problematic. I wonder if one of the reasons we have been discouraged from wearing face coverings is that it makes facial recognition more difficult? Just a thought!! But right or wrong it is still good to think and to investigate for ourselves. And as you say respect each other’s choices without resorting to lecturing or unkind labelling if you don’t agree with another’s choice. I wonder how many who have opted in would want to change their minds after reading the information you have offered here Bill? Thank you.

  • I’m very much leaning towards not getting the app .Without 100% factual proof that our data would not be used for other purposes then checking the spread of covid19 between people I’m one of the skeptical people about using it . Yet if you wanted to test who would down load the app and who would resist government interference in our privacy/ personal lives ,what a great way to find this out . So is the app for getting ppl to down load or for looking for those who wont and keeping them under closer scrutiny.

  • I understand your concerns. But many of the folks against the Covid-19 tracking app are fervent users of WhatsApp/Facebook etc – which makes no sense: those apps have far more data on their users and are in the hands of (foreign) entities with intentions which one should trust less than our government.

  • Thanks Jan. But did you actually bother to read my article? I already dealt with your objection. But let me repeat it here: “Um, that is about as helpful as saying that since so many folks know how to break into a home, we might as well just leave our front doors open and unlocked. Good grief, what folks should be arguing for is not MORE abuse of our private information but less. They should be concerned about all the personal data that is already so readily being gleaned and stolen from us, and not making cheap excuses for more of this to take place!”

    And guess what: a business only has very limited power – it may prevent you from using or buying their products for example. But a government of course has far, far more power: it can imprison you, fine you, take away your livelihood and liberties, etc. Sorry, but your rather naïve trust in the State is rather alarming to be honest.

  • Good article, Bill.
    Even if the Australian Government acts with totally benign intentions here, the app is still a bad idea.
    Firstly the data will be stored on servers owned by Amazon which is subject to U.S. laws. So if the U.S. Government wants to know where I’ve been, they can demand Amazon, an American company, hands over the data.
    Secondly, the data and the encryption keys will be stored on the same server. This is like keeping your spare door key under a plant pot next to the door step. Again, even if you trust the Australian Government with your data, there is no guarantee that hackers cannot get to it.
    Thirdly, although the current version does not track your geographical information, it does request permission to access your GPS data, at least on Android phones. So there is nothing to stop the Government from adding that information to the data they scoop up when they upgrade the app.

  • Hi Bill,
    An IT friend who is familiar with data collection activities of a number of governments told me over the weekend that it is purely semantics when a government says it won’t store/use data collected on individuals. He said they typically out-source the control of the data to organizations like Amazon or Microsoft who can then do what they like with the data, including providing it to governments! I think I heard on the news a few days ago that the government was working with Amazon on their app. Scary if true.

  • Thanks Keith and Julian.

  • The big problem with saying things are unlawful and just leaving it at that, is that, in this world, it is often mighty difficult to prove that something unlawful has occurred – especially when it is to do with data held out of most people’s sight and control. Sooner or later you have to trust the bureaucracies and, when you see what has happened with the unlawful behavior of the ABC and SBS, I don’t see that there is any good reason to trust.

    Anyway my phone is not smart enough to use the app. and I don’t have enough battery to constantly run Bluetooth anyway, so unless I want to invest in an exorbitantly expensive and largely useless waste of time and money facility (also known as a smart phone) the decision is already made for me.

    For those who already give huge amounts of information to Facebook and Google etc., I don’t see a problem. They are already exposing themselves to even less trustworthy organizations than government bureaucracies.

  • Thanks Michael, but it is clearly a moot point as to who is less trustworthy. See the reply I offered above. I repeat: ‘A business only has very limited power – it may prevent you from using or buying their products for example. But a government of course has far, far more power: it can imprison you, fine you, take away your livelihood and liberties, etc.’

  • Well said Bill, most of us are generous, kind, community minded, volunteer, give everything we have and have always been like that. Now all of a sudden this community minded. Work together is just and charity is just being pushed down our gobs like it’s a new thing.
    I’m with you if people want to download, do so, but it’s their choice, we should not be bullied into doing this. If we have been isolated for ages and. Or gone anywhere and your town hasn’t had any infections why are they the public elected officials pushing this draconian way of living and trying to bully you into putting the app on.
    Also I would question the testing if you get the virus supposedly after testing I would definitely be asking for a second and their testing, I don’t trust their testing facilities and am leaning more to if they want you to have the virus they will give it to you….
    They can’t lock us down because of a test or an app.
    In Victoria if anyone is going to have it it will come from the city and shouldn’t allow people to go travelling until they have been checked.
    Our freedoms are being eroded. I have stopped watching a lot of news media, news, and crap on social media. It’s all just a mockingbird operation. What’s wrong with people using natural methods to kill the supposed virus. In the US they are basically letting people die…no help given or anything.
    Thank you for all your information. Take care. Cheers.

  • It’s interesting to see what’s happened in nth West Taasmania when medical staff became infected. Nearly 5000 people were placed under 2 weeks quarantine/home detention once the non app tracing procedures were carried out. Very few were tested for the virus or antibodies. 1000s are being let out of quarantine this week but more cases keep new recruits coming as the spider web of contacts are tracked down. The app would allow rounding up more quickly. If you all of a sudden finding you are a contact, and you need to keep working you most likely will not be able to get a test to put you back on the street prior to completing home detention.

  • Just a suggestion, Bill, but could you please add the word, “Thanks.” to the end of your aticle? That way, the word count would be 1984 😀 It feels like we’re headed that way.

    I’m not interested in getting the app. I wasn’t interested in completing the 2016 census online or signing up for “My Health Record” either and for the same reason: the less information I give the government, the more I feel I’ve done my best to protect my privacy. Remember the 2016 online census? https://www.abs.gov.au/websitedbs/d3310114.nsf/Home/Assuring+Census+Data+Quality

    As Grace Hopper said, “It is often easier to ask for forgiveness than to ask for permission.” I feel many people (including governments) operate on this principle.

  • Yes Cheryl, one more word would have been ideal!!

  • https://www.melbourne.vic.gov.au/arts-and-culture/events-partnerships/melbourne-conversations/Pages/social-credit-is-here.aspx

    Check this out Bill. Looks like Melbourne Council already wants us to warm to the idea of a social credit system.

    Let me tell you something else interesting which may or may not be a coincidence. The myGovID app which businesses need now to deal with their tax and activity statements online — and apply for Jobkeeper payments — was planned to be rolled out at time just before this virus hit us. Individuals need to certify their ID by scanning documents and linking their ID to their personal phone.

  • Excellent article as always Bill! Thanks for being a voice of reason amongst all the ridiculous and manipulative emotionalism so many others choose to partake in!

  • Thank you Bill for this well researched article It so aptly describes the reasons why we should seriously consider not downloading the Covid-19 app. I am one who decided not too, and also the MyHealth record. We only have to look at the CCP example and envision – Australia is possibly at the beginning of that road to monitor, manipulate and totally control it’s citizens.

  • Re; “A business only has very limited power.” I’m definitely not so sure. There has most definitely been instances of major corporation’s power outstripping those of, especially smaller, democracies.

    Also, speaking as someone who has worked for many years as a business analyst and extensively with computer databases, I can say the assurances that you don’t even need to enter your name is unconvincing. If you have the data from various databases it would be quite rudimentary to match phone numbers to names and addresses, and if people already have geotracking software running, for navigation or whatever, and that data is also available, again, it would probably not be too hard to match it all up. The only question is would there be any incentive to do this? I can’t think of one but it is definitely a shoe in the door. The thing is, if you only look at the situation in isolation, i.e. with tunnel vision, you are not likely to notice the ramifications.

    This is the big issue. We routinely give people access to our bank accounts to purchase on-line etc. and there have been scandals, such as Sony having their customer information compromised, so to me, over time, these issues are a disaster waiting to happen and indeed Revelation 18:11 does seem to suggest a worldwide business collapse. How would we all be with our money, including mine, held by institutions who it is possible could collapse and shut down, taking our money and ability to buy with them?

  • Bill, I wrote about the cyber security of the app, as someone with over 15 years’ experience in the industry. The idea that the government could produce a secure app in a month — even with the source code from Singapore — isn’t one that makes sense to me.

    And, worse, the idea that the current government won’t abuse what data is given to them is not one based on history, as you write. The Road to Digital Serfdom continues.

    https://www.melbournelibertarian.com/2020/04/freedom-over-government-surveillance-im-not-installing-the-governments-covid-19-app/

  • Hi Bill,
    Designing and building databases is what I do for a living. I am often dealing with very sensitive data, and I take all precautions to make sure that it is kept secure. I also accept old PC’s and laptops that I strip for parts, or my client has requested a hard drive wipe. I’m sure you would not be surprised by how many hard drives I find in hard rubbish collections with data on them!
    Your concerns are completely valid.

  • Many thanks for that Peter.

  • Thanks Bill,
    I will not be signing on to an APP that will generate location information on who I visit ( residences of friends) and exactly where I go. I have I zero
    Control over who can use and access this data. For those of us who are Christians it’s a great way for a government agency to find the exact location of home bible study groups.
    Could be really useful in future if governments believe Christians are a threat, Really dangerous in the wrong hands,
    Phil

  • Thanks Mark,

    Highly valuable info.
    I saw the federal minister laughing and kidding around just before the announcement on the APP on the ABC. Gave me zero confidence in his security assurances.
    God bless
    Phil

  • Great article. And the shaming has more than begun for not downloading this App. From snitching to shaming, what a sad state of things. I even had a professional health worker advise me to just lie and say ‘yes I downloaded it’ when I haven’t just so I can appear part of the IN crowd. Um no. Never was part of the IN crowd anyway. Nice going quoting Mark Rabich again!

  • Thanks Anita. And yes, Mark is a very quotable sort of guy!

  • No app for me … I’m certain most Australians aren’t going to be compliant with this … it’s just un Australian … seriously though in these times we really have to question everything that is happening .
    It’s like everyday the goalposts are being moved to combat this virus … yet not that many people are dying … crazy times … keep looking up everyone … thanks Bill for your work.

  • If I had a spare phone and a spare mobile number it would be interesting to download the app then hover somewhere where people are and watch to see if I can detect any Bluetooth connections on the phone. (in theory I could do this on mine then uninstall the app but can I trust that?).

    Reading the FAQs, (https://www.health.gov.au/resources/publications/covidsafe-app-faqs) what is meant to happen is if you and I are around each other for 15 mins or more our phones will store each other’s reference codes (these change every 2 hours). What is stored includes the “date and time, distance and duration of the contact” but not the location. If then I get tested +ve I have to flag that on my phone and the app will “upload the contact information (i.e. your reference code etc.) to a highly secure information storage system”.

    Now this will give your name and number to a human who will call you and let you know to “quickly self-quarantine and seek medical attention”.

    (Not sure if you want to publish this next bit, I’ll leave it up to you. It’s random thinking so may be flawed.)

    Seems OK, but obviously the token can be de-crypted and has in it your name and phone number. That could be broken.

    So if I write my own app to mimic the real one, and work out how to decrypt the reference codes I could watch people go past by name and phone number.

    Give me two (or three) devices and I can tell which way the people are walking.

    Let me place a number of devices around town and I can track people. (I wonder how many CCTV cameras have Bluetooth in them?)

    I don’t think I will install the app. (unless it becomes a work requirement then I’ll have to rethink things)

  • 7 days of no virus detentions in SA now & they want us to download this app! No way! In any case I won’t download it as I’m moving more away from technology the older I get ( I’m not even 50 yet). I’m just sick of technology & try to use it less and less. My brain functions better when I don’t look at screens for days.

  • Harassment of people with corona virus after addresses were released should have been foreseen.

    For those Christians who insist we can trust the government we can say “You’re right when has a government ever used it immense powers to persecute Christians??”

    Being Christian does not mean being brainless.

  • Hmm, why am I not surprised? “Glitch and privacy issues stall COVIDsafe as PM pushes for more downloads”

    https://thenewdaily.com.au/news/coronavirus/2020/05/03/coronavirus-covidsafe-app-delay/

  • And another article worth reading and sharing: “Australia’s leading coronavirus expert at the World Health Organisation REFUSES to download the COVIDSafe app – despite Scott Morrison saying it’s our key to lifting lockdowns”

    https://www.msn.com/en-au/news/coronavirus/australia-s-leading-coronavirus-expert-at-the-world-health-organisation-refuses-to-download-the-covidsafe-app-despite-scott-morrison-saying-it-s-our-key-to-lifting-lockdowns/ar-BB13wtuy

Leave a Reply