The Political Life of COVIDSafe Contact Tracing in Australia, by Jake Goldenfein

This paper is part of the e-conference on « Data protection Issues and Covid-19: Comparative Perspectives » which consist in a daily publication at 12 p.m. (GMT+1) except on Sundays until the Summer break. A new session will start again at the beginning of the academic year 2020-21. Please subscribe to blogdroiteuropeen, so you don’t miss a publication. This e-conference was organised by Dr. Yseult Marique, Senior Lecturer at the University of Essex and FÖV Speyer and Dr. Olivia Tambou, Associate Professor at the University of Paris-Dauphine, External Scientific Fellow at the Max Planck Institute of Luxembourg, and Founder- Editor of Blogdroiteuropeen. If you are interested to contribute for our September session feel free to contact us at blogdroiteuropeen@gmail.com.

“If you want to get out and play, download the app today”. This was the Australian Prime Minister’s message at a press conference on May 1^st discussing the COVIDSafe digital contact tracing app. Australians were told early exit from lockdown would require 40% of the population to download the App. Instruction to download the App were everywhere – the government even enlisted companies like McDonalds to promote COVIDSafe to their customers. The App was a “critical issue for national cabinet making decisions… for how restrictions will be eased”. The Prime Minister also dangerously analogized use of the App to sunscreen, problematically suggesting it offered actual protection to virus exposure.

From that point, the quantity of political communication about COVIDSafe declined. Downloads slowed radically, and messaging about its importance become less frequent. While it remained, on May 29, a condition precedent for removing social distancing measures, its centrality to the pandemic response has since all but abated. It is no longer treated as central to easing of restrictions in official communications, and it is rarely discussed in public forums. The question then, is why the fall from techno-solutionist grace?

Australia and Covid-19

Australia has relatively good virus statistics. With only ~100+ deaths of the time of writing, high levels of testing, and low (but increasing) rates of community transmission. A number of social distancing, travel, and work restrictions have been lifted, although a June and July surge in cases have prompted another lockdown in Australia’s second largest city, Melbourne. Nonetheless, health services have not been overwhelmed, and social security programs have kept the material conditions of lockdown relatively good for a large number of citizens. With low quantities of virus in the population, economic stimulus has been a focus, and digital contact tracing was promoted as a way of doing that safely.

Built in the vein of Singapore’s TraceTogether App, Australia’s COVIDSafe App is more on the “centralized” end of the digital contact tracing spectrum. With consent, recorded encounters are provided to health departments who then use that data to perform contact tracing. Despite the “centralized” model however, the law governing its use make its privacy implications appear relatively benign.

Sui Generis Legislation

To facilitate the App’s use, on April 25, the day before the App was launched, the Government passed the Biosecurity (Human Biosecurity Emergency) (Human Coronavirus with Pandemic Potential) (Emergency Requirements – Public Health Contact Information) Determination 2020. This established that only government employees working in contact tracing could collect, use and disclose data from the App (along with other government employees who were working on the system). It also specified the conditions of data transmission to the Amazon servers running the system, a 21-day data retention limit for data on phones, and a requirement that all data be deleted from servers at the conclusion of the pandemic. It also specified that use of the App must be voluntary and not coerced.

A biosecurity “determination” is an interim emergency measure that anticipates legislation. On May 14, the Privacy Amendment (Public Health Contact Information) Act 2020 was passed, further codifying these rules, and establishing offences for non-permitted data collection and use, decrypting data, data breaches, and coercing App use. It formalized the COVIDSafe “data period” and established rules for data retention and deletion. It also offered further details, such as how to deal with incidental data, registration data, and data associated with App use, as well as further definitions and clarifications – like that COVIDSafe app data is taken as “personal information” (while strangely also being the property of the Australian Commonwealth). The legislation also prescribed institutional oversight and processes for review.

Having a specific law defining permissible uses of the App is important. Australia has no enforceable constitutional or fundamental privacy or data protection rights, and only limited causes of action in common law and equity. The states and federal government data protection statutes offer comparatively low levels of protection. This legal environment has enabled a dramatic proliferation of government surveillance capabilities over the last 15 years, including metadata retention, anti-encryption laws, and profound powers for intelligence agencies.

The academic and activist community has been pivotal for ensuring privacy protection and transparency in the COVIDSafe program. Numerous issues persist, nonetheless. Graham Greenleaf and Katharine Kemp, for instance, describe problems like the absence of published metrics of success or effectiveness, and government deception as to which encounters are recorded. But the legal environment effectively constrains use of the App to a public health function.

The quiet decline of COVIDSafe

Despite its relatively benign privacy implications, the App has not been downloaded by 40% of the population, and its political promotion has more or less ceased. It is certainly no longer the lynchpin to ending economic restrictions. The question is why?

There are several possible answers.

One possibility is that the App has been downloaded widely and worked as hoped, and the government no longer needs to broadcast its importance. This seems unlikely. At the time of writing approximately 6.4 million Australians have downloaded the App – although no data about active registrations or daily use has been made available. That’s only a ~1 million increase in the last 6 weeks, and well below the government’s target of 40% of the population. The rate of uptake has radically dropped, but the government is not pushing harder. Even web-searches for COVIDSafe have declined dramatically since the beginning of May.

A second possibility is that the App does not work as anticipated. In the first month, no state health departments reported using data from COVIDSafe in contact tracing. In the few times COVIDSafe has been used in June, there is only one instance of it identifying a person not already identified by contact tracers. Recent testing shows that for some devices, especially Apple devices, COVIDSafe only works about 25% of the time. The federal Health Department (untruthfully) published a media release dismissing claims that there were technical issues with the App on May 20. But numerous technical issues continue to be reported. Most of these relate to the quality of iOS / Apple Bluetooth functionality when devices are locked, or general unreliability with logging “encounters”.

It may be that because infection rates are low, there are not enough transmission events for the system to detect. But then that does not explain why the political rhetoric has changed. As the nation emerges from lockdown, one would expect the rhetoric around downloading the App to ramp up.

Technical issues around Apple devices are why other nations have abandoned their custom built “centralized” apps, and instead adopted the Google / Apple “privacy preserving contact tracing” system – which is more reliable with Apple phones. Some argue the Apple / Google approach is more privacy protective because it is “decentralized” and does not transmit contact tracing information to a central authority. But this is a very narrow understanding of privacy that focuses on consumer choice and consent while ignoring the necessity of information flows that would enable health authorities to adopt and implement scientific advice about responding to the pandemic.

That the Australian government has stopped insisting on the App’s importance is not only because the COVIDSafe system cannot work as intended, but because making it work means adopting the Apple / Google system. There are fundamental inconsistencies with the notions of privacy that these systems embed, and what degree of contact tracing functionality they enable.

Consumer privacy vs contextual privacy

The Google / Apple system embeds a notion of contact-data privacy that keeps the social contact graph away from government authorities. This is fundamentally foreign to the institutional health context. The Google / Apple system is not so much a Covid-19 contact tracing application, but rather a proximity tracing platform infrastructure. With the infrastructure built, after the pandemic, apps using that infrastructure will likely be able to use proximity tracing data for whatever users agree to. This is only “privacy protecting” according to a “notice and consent” consumer privacy model. Information flows defined by user consent are fundamental to these platforms’ business models.

On the other side, systems that transmit information to health departments require a contextual privacy model. This approach would constrain information flows according to the needs of a government department in the health context. That means ensuring that the system does not generate an informational surplus that can be used beyond the institutional context of its application. This is more complex than notice and consent, but more in line with public health governance. Indeed, consent has rarely been an element of public health data collection and processing.

Both the consumer and institutional / contextual models have their issues and risks. But one ostensibly shapes its information flows according to a democratic political process, the other devolves information flow to individual “rational” choice. Both are easily abused – by states and corporate actors. The Australian government repeatedly demonstrates it is not trustworthy when it comes to its promises around surveillance technologies. And introducing a new surveillance technology that offers little beyond manual contact tracing (which is itself performed according to contextual information flows) is almost definitely a bad idea. However, the consumer consent model, under the guise of being privacy protective, makes Bluetooth proximity tracing a general surveillance platform. While the initial roll out will only allow Apps from government health departments – the system generates a form of infrastructural surplus – a proximity tracing data stream and social network graph – that we can expect will be cashed out eventually – in one way or another.

In this context, it is easy to sympathize with the Australian government’s reluctance to get the COVIDSafe App working. It might be easier to just let the idea of digital contact tracing go away quietly than allow these massive commercial players to intermediate what is a fundamental state function.

Jake Goldenfein is a law and technology scholar researching surveillance, data governance, platform economies, and the relationship between data science and legal theory. He is presently a fellow at Cornell Tech’s Digital Life Initiative and will commence a faculty position at Melbourne Law School, University of Melbourne later in 2020.