Australia has all but abandoned the COVIDSafe app in favour of QR codes (so make sure you check in)


Shutterstock

Paul M. Garrett, The University of Melbourne and Simon J Dennis, The University of MelbourneThe COVIDSafe app was pretty popular upon its release, with around 70% of surveyed Australians saying they supported the idea. And it was a good idea at the time. Now? Not so much.

Actual uptake was never high. By May last year, only 44% of those surveyed had actually downloaded it. Plenty on social media are now saying they’ve all but abandoned COVIDSafe in favour of the QR code check-ins done via, for example, the Victorian government app or the Service NSW app.

And when Victoria’s health minister Martin Foley was asked this week whether the COVIDSafe app had been used in responding to the latest outbreak, he said:

No. Not to my knowledge, and I’m sure in such a rare event it would have been brought to my attention.

For now, it seems the benefits to Australia’s public health may be better served by other technology, such as QR code check-ins. And the public cost of maintaining the COVIDSafe app may not be in our collective interest.

Was COVIDSafe a failure?

COVIDSafe was supposed to work by using Bluetooth technology to create an anonymous registry of close contacts (other app users). If one of your close contacts self-identified as having COVID-19 through the app, government contact tracers would be alerted and notify you to get tested and isolate, before starting manual contact tracing efforts.

It’s clear COVIDSafe didn’t live up to the hype, but understanding why may be more difficult than you might think.

Australia may be a victim of its own success in keeping the outbreak at bay. Having successfully suppressed the spread of COVID-19, the benefits of using COVIDSafe may not outweigh data privacy and security concerns many people had about it.

Even in places around the world where case numbers have been relatively high, this never guaranteed that a COVIDSafe-style contact tracing app would be widely used.

For example, Germany showed similar levels of app approval to Australia, but had similarly poor uptake of their CORONA-Warn App, even when their case numbers exceeded 30,000 per day.




Read more:
70% of people surveyed said they’d download a coronavirus app. Only 44% did. Why the gap?


And a large part of why QR scanning technology works is because we are reminded to use it when we enter a shop, restaurant or school. But there are no public reminders about COVIDSafe, and no consequences to not using it (whereas some — although by no means all — venues won’t let you in unless you can show you’ve checked in via a QR code scan).

Finally, there is no incentive to use COVIDSafe without public compliance. Without widespread support, COVIDSafe fails as a technology (it only works if others are using it in your proximity) and as a socially desirable behaviour (we often act and do things so as to fit in with our peers). This “social license” is necessary for any voluntary measure to be effective, and right now COVIDSafe doesn’t have it.

QR code scan tech and Google location services

Human memories are prone to making errors, with people wrong about where they were about a third of the time. The cost of a memory error is high during a pandemic and misremembering which shopping centre you visited could have dire consequences.

This is why the QR code scan system works well. They are a reliable way to track where you have been, you’re constantly reminded to use it and you get notifications if you visited an exposure site.

There are, of course, gaps. Not all venues or places require QR codes because it is impractical, and the use of QR check-ins is not uniformly enforced.

If, like many people, you keep your phone’s location services on, that provides a back-up plan. You can easily download your location history and take a digital walk through your past week, month or year, identifying where you were down to the minute. And there are services like unforgettable.me that provide more detailed information from multiple sources, combining your location data with messages, emails, and weather forecasts.

So, does Australia still need COVIDSafe?

Well, we need some sort of help to prevent memory errors that put others at risk. Overwhelmingly, people are more concerned about the health of others than themselves. What’s important is to remind others to use these technology aids, and highlight the public benefit of using them.

For now, it seems QR code check-ins are providing more benefit than COVIDSafe.

So if you are not using COVIDSafe, rest assured you’re not the only one. But there is still technology that helps you remember where you’ve been and when. That helps keep you and your loved ones safe and well.




Read more:
By persisting with COVIDSafe, Australia risks missing out on globally trusted contact tracing


The Conversation


Paul M. Garrett, Post Doctoral Research Fellow, The University of Melbourne and Simon J Dennis, Director of Complex Human Data Hub and Professor of Psychology, The University of Melbourne

This article is republished from The Conversation under a Creative Commons license. Read the original article.

Apple’s new ‘app tracking transparency’ has angered Facebook. How does it work, what’s all the fuss about, and should you use it?


Amr Alfiky/AP

Paul Haskell-Dowland, Edith Cowan University and Nikolai Hampton, Edith Cowan UniversityApple users across the globe are adopting the latest operating system update, called iOS 14.5, featuring the now-obligatory new batch of emojis.

But there’s another change that’s arguably less fun but much more significant for many users: the introduction of “app tracking transparency”.

This feature promises to usher in a new era of user-oriented privacy, and not everyone is happy — most notably Facebook, which relies on tracking web users’ browsing habits to sell targeted advertising. Some commentators have described it as the beginnings of a new privacy feud between the two tech behemoths.

So, what is app tracking transparency?

App tracking transparency is a continuation of Apple’s push to be recognised as the platform of privacy. The new feature allows apps to display a pop-up notification that explains what data the app wants to collect, and what it proposes to do with it.

Privacy | App Tracking Transparency | Apple.

There is nothing users need to do to gain access to the new feature, other than install the latest iOS update, which happens automatically on most devices. Once upgraded, apps that use tracking functions will display a request to opt in or out of this functionality.

iPhone screenshot showing new App Tracking Transparency functionality
A new App Tracking Transparency feature across iOS, iPadOS, and tvOS will require apps to get the user’s permission before tracking their data across apps or websites owned by other companies.
Apple newsroom

How does it work?

As Apple has explained, the app tracking transparency feature is a new “application programming interface”, or API — a suite of programming commands used by developers to interact with the operating system.

The API gives software developers a few pre-canned functions that allow them to do things like “request tracking authorisation” or use the tracking manager to “check the authorisation status” of individual apps.

In more straightforward terms, this gives app developers a uniform way of requesting these tracking permissions from the device user. It also means the operating system has a centralised location for storing and checking what permissions have been granted to which apps.

What is missing from the fine print is that there is no physical mechanism to prevent the tracking of a user. The app tracking transparency framework is merely a pop-up box.

It is also interesting to note the specific wording of the pop-up: “ask app not to track”. If the application is using legitimate “device advertising identifiers”, answering no will result in this identifier being set to zero. This will reduce the tracking capabilities of apps that honour Apple’s tracking policies.

However, if an app is really determined to track you, there are many techniques that could allow them to make surreptitious user-specific identifiers, which may be difficult for Apple to detect or prevent.

For example, while an app might not use Apple’s “device advertising identifier”, it would be easy for the app to generate a little bit of “random data”. This data could then be passed between sites under the guise of normal operations such as retrieving an image with the data embedded in the filename. While this would contravene Apple’s developer rules, detecting this type of secret data could be very difficult.




Read more:
Your smartphone apps are tracking your every move – 4 essential reads


Apple seems prepared to crack down hard on developers who don’t play by the rules. The most recent additions to Apple’s App Store guidelines explicitly tells developers:

You must receive explicit permission from users via the App Tracking Transparency APIs to track their activity.

It’s unlikely major app developers will want to fall foul of this policy — a ban from the App Store would be costly. But it’s hard to imagine Apple sanctioning a really big player like Facebook or TikTok without some serious behind-the-scenes negotiation.

Why is Facebook objecting?

Facebook is fuelled by web users’ data. Inevitably, anything that gets in the way of its gargantuan revenue-generating network is seen as a threat. In 2020, Facebook’s revenue from advertising exceeded US$84 billion – a 21% rise on 2019.

The issues are deep-rooted and reflect the two tech giants’ very different business models. Apple’s business model is the sale of laptops, computers, phones and watches – with a significant proportion of its income derived from the vast ecosystem of apps and in-app purchases used on these devices. Apple’s app revenue was reported at US$64 billion in 2020.

With a vested interest in ensuring its customers are loyal and happy with its devices, Apple is well positioned to deliver privacy without harming profits.

Should I use it?

Ultimately, it is a choice for the consumer. Many apps and services are offered ostensibly for free to users. App developers often cover their costs through subscription models, in-app purchases or in-app advertising. If enough users decide to embrace privacy controls, developers will either change their funding model (perhaps moving to paid apps) or attempt to find other ways to track users to maintain advertising-derived revenue.

If you don’t want your data to be collected (and potentially sold to unnamed third parties), this feature offers one way to restrict the amount of your data that is trafficked in this way.

But it’s also important to note that tracking of users and devices is a valuable tool for advertising optimisation by building a comprehensive picture of each individual. This increases the relevance of each advert while also reducing advertising costs (by only targeting users who are likely to be interested). Users also arguably benefit, as they see more (relevant) adverts that are contextualised for their interests.

It may slow down the rate at which we receive personalised ads in apps and websites, but this change won’t be an end to intrusive digital advertising. In essence, this is the price we pay for “free” access to these services.




Read more:
Facebook data breach: what happened and why it’s hard to know if your data was leaked


The Conversation


Paul Haskell-Dowland, Associate Dean (Computing and Security), Edith Cowan University and Nikolai Hampton, School of Science, Edith Cowan University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

An Australia–NZ travel bubble needs a unified COVID contact-tracing app. We’re not there


Mahmoud Elkhodr, CQUniversity Australia

New Zealand’s coronavirus contact-tracing app COVID Tracer was revamped yesterday.

It now uses the Bluetooth-based Google/Apple exposure notification (GAEN) framework. This allows Android and Apple (iOS) devices to communicate via a contact-tracing mechanism built into the devices’ operating systems.

Meanwhile, Australia continues to use the COVIDSafe app, which also uses Bluetooth, but with a different underlying system.

With both countries indicating they’ll likely wait several weeks before a vaccine rollout, current trans-Tasman travel arrangements continue to be a protective barrier.

Quarantine-free travel is allowed from New Zealand to certain safe travel zones in Australia, as long as travellers haven’t visited a New Zealand COVID hotspot in the preceding fortnight.

As of tomorrow, Queensland will be included in the safe zones. Discussions around expanding the “travel bubble” further are ongoing.

But in this context, New Zealand’s COVID Tracer upgrade is unlikely to help as both countries are using different contact tracing systems that can’t communicate.

Comparing COVID Tracer and COVIDSafe

COVID Tracer requires Bluetooth to work.

While COVIDSafe and COVID Tracer both use Bluetooth to determine proximity between users, and log close contacts with “digital handshakes”, both apps have different approaches to reporting close contact information to authorities.

If a COVID Tracer user tests positive for COVID-19, they can alert close contacts who also have the app. These contacts then receive a notification and are advised to self isolate.

New Zealand health authorities can’t know the contacts’ details at any point unless they themselves come forward.

On the other hand, if a COVIDSafe user tests positive, they can choose to send information about their close contacts directly to Australian health authorities — who can then follow up with manual contact tracing.

Will the apps help form a travel bubble?

Both COVIDSafe and COVID Tracer use different underlying systems and therefore can’t work together. This means Australians visiting New Zealand would have to download the COVID Tracer app and use it throughout their visit.

If a COVID Tracer user tests positive for COVID-19 they can alert their close contacts, who are advised to call a healthline, wear a mask and stay away from public spaces.

Similarly, a New Zealand resident visiting Australia would need to download and use COVIDSafe. But this may not be possible for many, as setting up COVIDSafe requires a verified Australian phone number and postcode.

And even if travellers do use the other country’s app during their visit, this alone won’t mitigate the risk of bringing home the coronavirus.

For instance, if they contract the virus shortly before returning home (from someone who didn’t know they were infectious) and then delete the app as soon as they return, the news of potential infection won’t reach them.

Global approaches

The Australian government reportedly updated COVIDSafe last month to address its previous functionality issues, particularly for iPhone users.

While the update was needed, critics pointed out adopting the GAEN framework would have been a better option, as it’s more reliable and lays a foundation for cross-border contact tracing.

It’s also relatively straightforward to redevelop existing apps to integrate it within them.




Read more:
By persisting with COVIDSafe, Australia risks missing out on globally trusted contact tracing


But even if COVIDSafe were redeveloped to adopt this framework, developers would still need to put in time before both COVIDSafe and COVID Trace could work together.

Such a cohesive cross-border contact-tracing solution would also require agreement by both countries on several fronts, including policies governing the technology, data access permission and the location of physical data servers.

That said, this isn’t impossible.

Australia and New Zealand could choose to follow the European Union’s efforts. Several EU member states, including Germany, Italy and Ireland, have adopted an EU-established service called the “gateway”.

Map showing which EU member states have a contact tracing app using the 'gateway' system.
This map shows which EU member states have a national contact tracing app using the ‘gateway’ system.
EU, CC BY

The gateway acts as a middle man which relays information between
different EU countries’ contact-tracing apps. Contact tracing can still occur while a person is travelling between the various countries, as long as their home country’s app has adopted the gateway system.

Where to from here?

Using mobile-based technologies for contact tracing comes with a range of challenges. Besides the issues discussed above, it’s also crucial for contact-tracing systems to be widely adopted by the communities they’re meant to service.

This has proven challenging. Uptake of COVID-19 contact-tracing apps remains low globally, despite governments pushing for mass use.

Meanwhile, Bluetooth itself is fallible. Determining distance between two devices using Bluetooth has limitations, since signal strength (and therefore accuracy) can be impacted by environmental factors.




Read more:
False positives, false negatives: it’s hard to say if the COVIDSafe app can overcome its shortcomings


For example, the signal may be weaker if a phone is kept inside a thick pocket. Or the app may pick up a signal from someone on the other side of a wall, with whom the user never came into contact.

There’s probably no quick fix. But if more time and effort are invested, we may discover a more suitable technology that can provide secure cross-border contact tracing, which also doesn’t impinge on users’ privacy.The Conversation

Mahmoud Elkhodr, Lecturer in Information and Communication Technologies, CQUniversity Australia

This article is republished from The Conversation under a Creative Commons license. Read the original article.

TikTok can be good for your kids if you follow a few tips to stay safe


Tashatuvango/Shutterstock

Joanne Orlando, Western Sydney University

The video-sharing app TikTok is a hot political potato amid concerns over who has access to users’ personal data.

The United States has moved to ban the app. Other countries, including Australia, have expressed concern.

But does this mean your children who use this app are at risk? If you’re a parent, let me explain the issues and give you a few tips to make sure your kids stay safe.

A record-breaker

Never has an app for young people been so popular. By April this year the TikTok app had been downloaded more than 2 billion times worldwide.

The app recently broke all records for the most downloaded app in a quarterly period, with 315 million downloads globally in the first three months of 2020.

Its popularity with young Aussies has sky-rocketed. Around 1.6 million Australians use the app, including about one in five people born since 2006. That’s an estimated 537,000 young Australians.

Like all social media apps, TikTok siphons data about its users such as email address, contacts, IP address and geolocation information.

TikTok was fined $US5.8 million (A$8 million) to settle US government claims it illegally collected personal information from children.

As a Chinese company, ByteDance, owns TikTok, US President Donald Trump and others are also worried about the app handing over this data to the Chinese state. TikTok denies it does this.




Read more:
China could be using TikTok to spy on Australians, but banning it isn’t a simple fix


Just days ago the Trump administration signed an executive order to seek a ban on TikTok operating or interacting with US companies.

Youngsters still TikToking

There is no hint of this stopping our TikToking children. For them it’s business as usual, creating and uploading videos of themselves lip-syncing, singing, dancing or just talking.

The most recent trend on TikTok – Taylor Swift Love Story dance – has resulted in more than 1.5 million video uploads in around two weeks alone.

But the latest political issues with TikTok raise questions about whether children should be on this platform right now. More broadly, as we see copycat sites such as Instagram Reels launched, should children be using any social media platforms that focus on them sharing videos of themselves at all?

The pros and cons

The TikTok app has filled a genuine social need for this young age group. Social media sites can offer a sense of belonging to a group, such as a group focused on a particular interest, experience, social group or religion.

TikTok celebrates diversity and inclusivity. It can provide a place where young people can join together to support each other in their needs.

During the COVID-19 pandemic, TikTok has had huge numbers of videos with coronavirus-related hashtags such as #quarantine (65 billion views), #happyathome (19.5 billion views) and #safehands (5.4 billion views).

Some of these videos are funny, some include song and dance. The World Health Organisation even posted its own youth-oriented videos on TikTok to provide young people with reliable public health advice about COVID-19.

The key benefit is the platform became a place where young people joined together from all corners of the planet, to understand and take the stressful edge off the pandemic for themselves and others their age. Where else could they do that? The mental health benefits this offers can be important.

Let’s get creative

Another benefit lies in the creativity TikTok centres on. Passive use of technology, such as scrolling and checking social media with no purpose, can lead to addictive types of screen behaviours for young people.

Whereas planning and creating content, such as making their own videos, is meaningful use of technology and curbs addictive technology behaviours. In other words, if young people are going to use technology, using it creatively, purposefully and with meaning is the type of use we want to encourage.

Users of TikTok must be at least 13 years old, although it does have a limited app for under 13s.

Know the risks

Like all social media platforms, children are engaging in a space in which others can contact them. They may be engaging in adult concepts that they are not yet mature enough for, such as love gone wrong or suggestively twerking to songs.




Read more:
The secret of TikTok’s success? Humans are wired to love imitating dance moves


The platform moves very quickly, with a huge amount of videos, likes and comments uploaded every day. Taking it all in can lead to cognitive overload. This can be distracting for children and decrease focus on other aspects of their life including schoolwork.

Three young girls video themselves on a smartphone.
How to stay safe and still have fun with TikTok.
Luiza Kamalova/Shutterstock

So here are a few tips for keeping your child safe, as well as getting the most out of the creative/educational aspects of TikTok.

  1. as with any social network, use privacy settings to limit how much information your child is sharing

  2. if your child is creating a video, make sure it is reviewed before it’s uploaded to ensure it doesn’t include content that can be misconstrued or have negative implications

  3. if a child younger than 13 wants to use the app, there’s a section for this younger age group that includes extra safety and privacy features

  4. if you’re okay with your child creating videos for TikTok, then doing it together or helping them plan and film the video can be a great parent-child bonding activity

  5. be aware of the collection of data by TikTok, encourage your child to be aware of it, and help them know what they are giving away and the implications for them.

Happy (safe) TikToking!The Conversation

Joanne Orlando, Researcher: Children and Technology, Western Sydney University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

TikTok tries to distance itself from Beijing, but will it be enough to avoid the global blacklist?



HAYOUNG JEON/EPA

Michael Keane, Curtin University and Haiqing Yu, RMIT University

TikTok, the made-in-China, video-sharing platform beloved by youth and influencers alike, is suddenly everywhere in our new world of COVID-19 lockdowns and social distancing.

The platform’s growth has been tremendous, but this has come at a cost: it has come under increasing scrutiny from politicians in the US and allies like Australia over concerns about potential breaches of data security and the platform’s perceived ties to the Chinese government.

The Trump administration is now considering banning the platform – and Australia may well follow suit.

The controversies surrounding TikTok are centred around its Chinese origins, and its potential connections or compliance with the Chinese Communist Party and its authoritarian system.




Read more:
China could be using TikTok to spy on Australians, but banning it isn’t a simple fix


There are some reasons to be concerned. The platform is known to censor material deemed sensitive by the Chinese government.

Last year, for example, TikTok was accused of manipulating videos relating to Hong Kong pro-democracy protests and was forced to apologise for censoring a video criticising China’s crackdown on Uyghurs. This prompted claims of it being an arm of China’s state-run media system.

Digital security experts also point to the potential for the data TikTok collects from users to be sent to China’s servers.

But there is not clear evidence yet that TikTok poses a threat to the national security of countries like the US or Australia, or that the CCP interferes in the overseas operations of the company.

TikTok’s physical distancing from Beijing

TikTok is owned by the Beijing-based technology company Bytedance, which also operates a Chinese version of the platform called Douyin.

TikTok and Douyin are completely separate entities. They store their data in different centres and are governed by different sets of rules and business operations. TikTok is designed for the overseas market with its data stored in Singapore and the US, while Douyin targets solely the Chinese domestic market with its data stored in China.

As the pressure has mounted against the platform in the West, however, TikTok has shifted into survival mode through de-Sinicization. While users are posting videos on TikTok from the safety of their bedrooms, the company is deliberately distancing itself from Beijing.

Part of this distancing strategy involves announcing plans to move its operational headquarters outside China. According to industry reports in China this involved disbanding the Beijing-based overseas operation team, as well as cutting off the Chinese team’s access to its international data pool.




Read more:
TikTok is popular, but Chinese apps still have a lot to learn about global markets


The company also announced plans this week to add 10,000 jobs in the US, following a commitment to open a transparency centre in Los Angeles earlier this year.

TikTok’s most prominent PR move has been hiring key international players in communications, entertainment, government relations, IP protection, cybersecurity and global business solutions to change the way the company is structured and run in its overseas markets.

The appointment of non-Chinese executives, such as new US CEO Kevin Mayer (Walt Disney’s former top streaming executive), illustrates its global aspirations.

Of course, bringing foreigners into the corporate tent is not a new strategy for a Chinese tech firm. Alibaba and Huawei have done this with mixed success; Huawei, in particular, has failed to convince Western governments it would not pose a security risk to their 5G networks.

But TikTok is a different kind of proposition. Unlike other Chinese tech companies and platforms (such as WeChat), TikTok does not operate in China. The platform was created to be global.

TikTok and tit-for-tat retaliations

The response to TikTok’s rise in the US comes from the Donald Trump manual of political strategy. When the trade war between the US and China broke in January 2018, the two nations engaged in a tit-for-tat series of tariffs, from steel and automobiles to pork and soybeans.

In the latest round of recriminations and political bluster, Trump suggested he was considering using TikTok as a way to retaliate against China for its handling of the coronavirus. The idea is to erect a barrier against TikTok and ask like-minded allies to do the same.




Read more:
The internet is now an arena for conflict, and we’re all caught up in it


What this reaction precipitates, however, is a move toward national internet sovereignty. Some are calling this the age of the “splinternet”, rather than the internet as we know it, a borderless space.

For starters, erecting barriers against platforms offers limited effectiveness because users will find a way around them.

But banning TikTok, or any other Chinese platform, is also taking a page directly from Chinese President Xi Jinping’s “little red book” for the digital age.

The list of Western platforms and news sites now blocked in China is very long. Playing China’s game of shuttering foreign sites will only provide more ammunition for Chinese propaganda against the West – and lead to more tit-for-tat closures.

Blacklisting companies or individuals based on country of origin and citing national security concerns sets a dangerous precedent. It’s akin to going down the path of digital McCarthyism; not only will this erode online freedom, it won’t address the more significant problems of data harvesting and news manipulation — practices that are not unique to Chinese platforms.

Some critics have instead argued for more coordinated global governance of tech companies. As Samm Sacks writes in Foreign Affairs,

we need stricter rules for data security and privacy for all companies, not just Chinese ones … regardless of country of origin, [to] manage online content in an era of misinformation.

As with all user-driven platforms, content moderation on TikTok runs up against issues of freedom of speech. Censorship will continue be a concern for the platform, and TikTok’s content moderators will inevitably be tested by those who want to use it to challenge China.

In the interest of maintaining its brand credibility as a truly global company, TikTok’s smartest move would be to continue to distance itself from Beijing — and for Beijing to do the same.The Conversation

Michael Keane, Professor of Chinese Digital Media and Culture, Curtin University and Haiqing Yu, Associate Professor, School of Media and Communication, RMIT University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

China could be using TikTok to spy on Australians, but banning it isn’t a simple fix



Shutterstock

Paul Haskell-Dowland, Edith Cowan University and James Jin Kang, Edith Cowan University

In an age of isolation, video sharing platform TikTok has emerged as a bonding force for many. But recent headlines allege the service, owned by Beijing-based company ByteDance, is feeding users’ data to the Chinese Communist Party.

Earlier this week, the Herald Sun reported an unnamed federal MP was pushing for the app to be banned.

Following suit, Liberal senator Jim Molan said TikTok was being “used and abused” by the Chinese government, while Labor senator Jenny McAllister called on TikTok’s representatives to face the Select Committee on Foreign Interference Through Social Media.

TikTok has denied the accusations and rebuffed suggestions it should be banned in Australia.

But why is the federal government examining this app so closely? And could it really be a tool used by the Chinese government to spy on us?

A growing following

With a reported two billion downloads worldwide, TikTok’s Australian market is also significant. It has an estimated 1.6 million Aussie users, mostly aged 16-24 but with a growing number of older users too.

Simply, users generate short videos that are shared in the app, with many celebrities also signing up. But although TikTok seems to offer carefree entertainment, is there a darker side?

Australian television presenter Andrew Probyn had an unexpected TikTok moment.

What information is collected?

When installed, TikTok asks users to grant several permissions, including the use of the camera, microphone and contact list. However, it may also collect location data, along with information from other apps on the device.

Last year, a proposed class action lawsuit filed against TikTok in California claimed the company gathered users’ data, including phone numbers, emails, location, IP addresses, and social network contacts.

The lawsuit also stated TikTok concealed the transfer of data (including biometric data), and continued to harvest it even after the app was closed. This would mean when a user shoots a video and clicks the “next” button, the video could be automatically transferred to servers – without the user’s knowledge.




Read more:
TikTok: the world’s most valuable startup that you’ve never heard of


Where is the data stored?

While TikTok’s headquarters are in Beijing, Australian general manager Lee Hunter recently claimed Australian users’ data was stored in Singapore.

A major challenge in sorting the truth from fiction lies in how we define “data”. While TikTok users’ details and videos may be stored in Singapore, there’s still potential for data to be extracted from this video content and the device and sent to China’s servers (although this hasn’t been proven to have happened).




Read more:
Huawei’s window of opportunity closes: how geopolitics triumphed over technology


Hypothetically, it would then be possible for Chinese authorities to use biometric data to identify people using facial recognition. It would also be possible to map rooms and locations by using “feature extraction” (a machine learning method) on videos.

This could then aid the creation of new, advanced deepfake videos potentially targeting specific people.

While this may seem far-fetched, there have already been preemptive TikTok bans within major organisations to ensure sensitive information isn’t leaked.

For instance, the app has been banned from devices used by the Australian Defence Department, the US Department of Defence, and even entire countries – with the Indian government announcing a nationwide ban last month.

Privacy issues

ByteDance claims its data is stored in servers in the US and Singapore:

Our data centers are located entirely outside of China, and none of our data is subject to Chinese law.

TikTok’s privacy policy is ambiguous. As of January, it states:

You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100% secure.

From a user privacy perspective, TikTok has access to a device’s location and a user’s personal information. Although TikTok’s servers may be located outside China, it’s very difficult (if not impossible) to confirm where this data could end up, or what it could be used for.

While the location of servers can be important, possession of data is more relevant. Once data is obtained, it can be used. If data is stored on a server in Australia, for instance, Australian jurisdiction applies. But once it is sent to another country, that country’s laws take precedent.

And if a TikTok user decides to delete their content from their device, or if there is a government-imposed ban, data can’t be retrospectively erased. Once information is transferred, it’s impossible to retract without the cooperation of the organisation or agency concerned (in this case, TikTok).

Can the government actually ban TikTok?

The fact is, enforcing an Australia-wide ban on TikTok isn’t a simple prospect. While the federal government could request the app’s removal from the Apple App Store and Google Play Store, it could only do this for Australian regions and marketplaces.

Users in Australia would still be able to download TikTok from another region’s store, or via a third-party source. Also, banning the app won’t automatically remove it from devices on which it is already installed.

Blocking access to TikTok’s servers would be done in conjunction with internet service providers (such as Telstra and Optus), as they can block access to apps and websites. But users could still use proxies or Virtual Private Networks (VPNs) to circumvent these controls.

And even if TikTok was banned, citizen data already handed over would remain stored, and could be accessed for the foreseeable future.




Read more:
Restricting underage access to porn and gambling sites: a good idea, but technically tricky


The Conversation


Paul Haskell-Dowland, Associate Dean (Computing and Security), Edith Cowan University and James Jin Kang, Lecturer, Computing and Security, Edith Cowan University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

By persisting with COVIDSafe, Australia risks missing out on globally trusted contact tracing


Ritesh Chugh, CQUniversity Australia

Australia has ruled out abandoning the government’s COVIDSafe contact tracing app in favour of the rival “Gapple” model developed by Google and Apple, which is gaining widespread support around the world. Deputy Chief Medical Officer Nick Coatsworth told The Project the COVIDSafe app was “a great platform”.

In the two months since its launch, COVIDSafe has been downloaded just over 6.4 million times – well short of the government’s target of 40% of the Australian population.

Its adoption was plagued by privacy, security and backwards compatibility concerns, and further exacerbated by excessive battery consumption. And despite being described as a vital tool in the response to COVID-19, it is reportedly yet to identify a single infection that hadn’t already been tracked down by manual contact tracing.




Read more:
False positives, false negatives: it’s hard to say if the COVIDSafe app can overcome its shortcomings


It seems the app has failed to win the public’s trust. Software downloads are based on the perceptions of risk and anticipated benefits. In this scenario, the risks appear to outweigh the benefits, despite the dangers of a second coronavirus wave taking hold in our second most populous city.

COVID-19 cases in Melbourne continue to surge. But more broadly, the relatively low number of overall cases in Australia and the lack of adequate buy-in among the public make it difficult for COVIDSafe to make a meaningful contribution.

Is there another way?

Some 91% of Australians have a smartphone, whereas a rough calculation based on the 6.4 million downloads suggests only 28% have downloaded COVIDSafe.

For digital contact tracing to be effective, an uptake of around 60% of the population has been suggested – well beyond even the 40% target which COVIDSafe failed to hit.

The logic is straightforward: we need a system that 60% of people are willing and able to use. And such a system already exists.

Tech giants Apple and Google have collaboratively developed their own contact-tracing technology, dubbed the “Gapple” model.

How does Gapple work?

Gapple is not an app itself, but a framework that provides Bluetooth-based functionality by which contact tracing can work. Crucially, it has several features that lend it more privacy than COVIDSafe.

In simple terms, it allows Android and iOS (Apple) devices to communicate with one another using existing apps from health authorities, using a contact-tracing system built into the phones’ operating systems.

The system offers an opt-in exposure notification system that can alert users if they have been in close promixity to someone diagnosed with COVID-19.

Gapple’s exposure notification system.

Gapple’s decentralised exposure notification system offers more privacy and security than many other contact-tracing technologies, because:

  • it does not collect or track device location

  • data is collected on the users’ phones rather than a centralised server

  • it does not share users’ identities with other people, Apple or Google

  • health authorities do not have direct access to the data

  • users can continue to use the public health authority’s app without opting into the Gapple exposure notifications, and can turn the notification system off if they change their mind.

The system meets many of the basic principles of the American Civil Liberties Union’s criteria for technology-assisted contact tracing. And its exposure notification settings appear in recent updates of both Android and iOS devices. But without an app that uses the Gapple framework, the exposure notification system cannot be used.

COVID-19 Exposure Notification System.

Gapple going global

Global support for the Gapple model is growing. The United Kingdom, many parts of the United States, Switzerland, Latvia, Italy, Canada and Germany are abandoning their native contact-tracing technologies in favour of a model that could achieve much more widespread adoption worldwide.

The ease of communication between different devices will also make Gapple a crucial part of international contact tracing once borders are reopened in the future, and people start to travel.

In this light, it is hard to see why Australia resisted the calls to ditch COVIDSafe and adopt the Gapple model.

Can Australians use Gapple anyway?

No, they can’t, because the Gapple model requires users to download a native app from their region’s public health authority which uses the Gapple exposure notification system. Australia’s decision means that won’t be happening here any time soon.

In grappling with the dilemma between citizens’ civil rights and curbing the growth of the fatal COVID-19 virus, the Gapple model is a trade-off to encourage higher uptake of contact-tracing technologies.




Read more:
70% of people surveyed said they’d download a coronavirus app. Only 44% did. Why the gap?


Ultimately, the Gapple model will be a step forward in the world’s fight against COVID-19, because it will encourage significant numbers of people to use it.

The decision to persist with the COVIDSafe app, rather than adopting an emerging global model, could have severe repercussions for Australians. For any digital contact-tracing technology to work effectively, a large number of people must use it, and COVIDSafe has fallen short of that basic requirement.The Conversation

Ritesh Chugh, Senior Lecturer/Discipline Lead – Information Systems and Analysis, CQUniversity Australia

This article is republished from The Conversation under a Creative Commons license. Read the original article.

False positives, false negatives: it’s hard to say if the COVIDSafe app can overcome its shortcomings



Shutterstock

Dinesh Kumar, RMIT University and Pj Radcliffe, RMIT University

The Australian government’s contact-tracing app, COVIDSafe, has been touted as crucial for restarting the country’s economy and curbing COVID-19’s spread.

But until more data are collected, it’s hard to estimate how effective the app will be. Nonetheless, there are some predictable situations in which COVIDSafe’s design may mean it will struggle to fulfil its purpose.

False positives

COVIDSafe uses Bluetooth to digitally “trace” people with whom a user has come into contact, with the aim of alerting anyone who has interacted with a confirmed COVID-19 case. But this technology carries a risk of “false positives”, wherein a user may be falsely alerted despite not actually having come into contact with the virus.

This is because Bluetooth radio waves pass through walls and glass. They can only measure how physically close two people are; they can’t tell whether those people are in the same room, in different rooms, or even in different cars passing each other.

In a high-density apartment building, depending on the strength of Bluetooth signals, it’s possible COVIDSafe could falsely alert plenty of people.




Read more:
As coronavirus forces us to keep our distance, city density matters less than internal density


The Department of Health has acknowledged this complication, saying:

If this happens and one of the contacts is identified as having coronavirus, state and territory health officials will talk to the people to work out if this was a legitimate contact or not.

Nonetheless, this process may cause unnecessary distress, and could also have negative flow-on effects on the economy by keeping people home unnecessarily. False positives could also erode public trust in the app’s effectiveness.

False negatives

On the other side of the coin, COVIDSafe also has the potential for “false negatives”. Simply, it will not identify non-human-to-human transmission of the virus.

We know COVID-19 can survive on different surfaces for various periods of time. COVIDSafe would not be able to alert people exposed to the virus via a solid surface, such as a shopping trolley or elevator button, if the person who contaminated that surface had already left the scene.

COVIDSafe is also not helpful in the case of users who become infected with COVID-19 but remain asymptomatic. Such a person may never get tested and upload their contact data to the app’s central data store, but may still be able to pass the virus to those around them. More data is needed on asymptomatic transmission.




Read more:
Why do some people with coronavirus get symptoms while others don’t?


And regarding the decision to classify “close contacts” as people who have been within a 1.5m distance for 15 minutes – this may have been based on research from Japan for when people are in an open space, and the air is moving.

However, this research also showed micro-droplets remained suspended in the air for 20 minutes in enclosed spaces. Thus, the 1.5m for 15 minutes rule may be questionable for indoor settings.

Downloads vs usage

Recently, Iceland’s contact tracing app achieved the highest penetration of any such app in the world, with almost 40% of the population opting in. But Icelandic Police Service detective inspector Gestur Pálmason – who has overseen contact tracing efforts – said while it was useful in a few cases, the app “wasn’t a game-changer”.

Australia’s Prime Minister Scott Morrison has said on multiple occasions COVIDSafe requires a 40% uptake to be effective.

Since then, federal health minister Greg Hunt has said there’s “no magic figure, but every set of people that download will make it easier and help”. This was echoed more recently by Department of Health acting secretary Caroline Edwards, who told a Senate committee there was no specific uptake goal within her team.

Past modelling revealed infection could be controlled if more than 70% of the population were taking the necessary precautions. It’s unclear what science (if any) was forming the basis of Australia’s initial 40% uptake goal for COVIDSafe.

This goal is also lower than proposed figures from other experts around the world, who have suggested goals varying from 50-70%, and 80% for UK smartphone owners. But the fact is, these figures are estimates and are difficult to test for accuracy.

A survey conducted by University of Sydney researchers suggested in Sydney and Melbourne, COVIDSafe’s uptake could already be at 40% – but lower in other places.
Shutterstock



Read more:
In some places 40% of us may have downloaded COVIDSafe. Here’s why the government should share what it knows


Demographic bias

There are many other uncertainties about COVIDSafe’s effectiveness.

We lack data on whether the app is actually being downloaded by those most at risk. This may include:

We also know COVIDSafe doesn’t work properly on iPhones and some older model mobile phones. And older devices are more likely to be owned by those who are elderly, or less financially privileged.

What’s more, COVIDSafe can’t fulfil its contact tracing potential until it’s downloaded by a critical mass of people who have already contracted the virus. At this stage, the more people infected with COVID-19 that download the app, the better.

A tough nut to crack

Implementing a contact tracing app is a difficult task for our leaders and medical experts. This is because much remains unknown about the COVID-19 virus, and how people will continue to respond to rules as restrictions lift around the country.

Predictions of the disease’s spread have also shown a lot of variation.

Thus, there are many unknowns making it impossible to predict the outcome. The important thing is for people to not start taking risks just because they’ve downloaded COVIDSafe.

And while the government pushes for more downloads and reopening the economy, ongoing reviews will be crucial to improving the app’s functionality.The Conversation

Dinesh Kumar, Professor, Electrical and Biomedical Engineering, RMIT University and Pj Radcliffe, Senior Lecturer, Electrical and Computer Engineering, RMIT University

This article is republished from The Conversation under a Creative Commons license. Read the original article.

In some places 40% of us may have downloaded COVIDSafe. Here’s why the government should share what it knows


Robert Slonim, University of Sydney

It’s 18 days since the government launched its digital contact-tracing app COVIDSafe. The latest figure we have for downloads is 5.4 million, on May 8, about 29% of smartphone users aged 14 and over.

My own mini-survey suggests that in Sydney and Melbourne the takeup could already be 40% – a figure the government has mentioned as a target – while in other places it is much lower.

Oddly, it’s information the government isn’t sharing with us.


Total number of COVIDSafe app users (millions)


Endorse COVIDSafe

The importance of downloading and using the app is growing day by day as we relax restrictions. We are able to see what has happened in countries such as South Korea that have relaxed restrictions and then experienced a second wave.

5.4 million Australians after 13 days is a promising start.

As can be seen in the above graph produced by my colleague Demetris Christodoulou and me, 5.4 million downloads represents about 28.7% of Australians with smartphones.




Read more:
Chief Medical Officer Brendan Murphy predicts more than 50% take-up of COVID tracing app


It compares favourably to the 22.4% of Singaporeans with smartphones who downloaded their app within 13 days of its launch.

But the government is only making public a single figure indicating “total” downloads. It would be far more useful if it provided disaggregated community, city and state level data, and below, I attempt to fill the breach.

Letting us know more about which communities are downloading the app would help with health, motivation and transparency.

Health

Knowledge about potentially-dramatic variations in where the app was being downloaded could help guide policy.

Hypothetically speaking, if 70% of Melbourne’s smartphone users had downloaded the app but only 20% of Adelaide’s users, this could have distinct implications for the ability to successfully trace COVID-19 outbreaks in the respective cities and for the right amount of easing of restrictions in each city.

It could also help residents of those cities make more informed decisions about their own safety, such as whether and how to shop and whether to wear a mask.

Motivation

While COVIDSafe originally generated more than 500,000 daily downloads, the number has fallen to less than 100,000, suggesting that new efforts to motivate more downloads is urgently needed.

Providing geographical details could energise downloads in three ways.

First, people often feel enormous pride when their community steps up to help others. Knowing how well the community is doing is likely to motivate more people to help.




Read more:
COVIDSafe tracking app reviewed: the government delivers on data security, but other issues remain


Second, knowing how well other communities are doing can be a powerful incentive to catch up; few people want to be in the community that isn’t doing its part.

Third, if state leaders make decisions about relaxing restrictions partly on the basis of local downloads, community members will see a direct connection between downloading the app and the freedoms that will be available to them.

Transparency

The government’s appeal to download the app is built around trust.

It has asked us to trust it by downloading the app. In return it should trust us with better information.

People in Adelaide, Alice Springs, Brisbane, Cairns, Canberra, Darwin, Geelong, the Gold Coast, Hobart, Launceston, Melbourne, Newcastle, Perth, Sydney, Townsville, Wollongong, rural communities and other places deserve access to information the government already has that could help them make better choices.

The sort of data authorities are keeping to themselves

Given the lack of transparency to date, I conducted my own online survey among 876 residents of Sydney, Melbourne and regional communities with less than 50,000 people.

My survey results, run with a sample of people using the online survey platform PureProfile, indicate the proportion of people who had downloaded the app by May 11 was 50.5% in Sydney, 44.0% in Melbourne and 36.1% in less populated communities.

Controlling for age and gender, there was no significant difference between downloads in Sydney and Melbourne. Both were significantly higher than rural communities.




Read more:
Contact tracing apps: a behavioural economist’s guide to improving uptake


Restricting the responses to people who have a mobile phone that is capable of downloading the app, the proportion of downloads increases to 53.8% in Sydney, 47.8% in Melbourne and 41.2% in less populated communities. An extra 7.2%, 6.9% and 5.7% of respondents said they would either definitely or probably download the app in the next week.

This survey evidence indicates that there are stark regional differences in the downloads, and that although the national level of downloads is about 29%, some locations such as Sydney and Melbourne may have already surpassed (or will soon supass) the 40% government stated target.

Of course the government shouldn’t rely these survey results, because it’s got the actual information. It is time it shared the detailed download information it has with us, both to reciprocate our trust and let us make more informed decisions.The Conversation

Robert Slonim, Professor of Economics, University of Sydney

This article is republished from The Conversation under a Creative Commons license. Read the original article.

70% of people surveyed said they’d download a coronavirus app. Only 44% did. Why the gap?



Shutterstock

Simon J Dennis, University of Melbourne; Amy Perfors, UCLA School of Medicine; Daniel R. Little, University of Melbourne; Joshua P. White, University of Melbourne; Lewis Mitchell, University of Adelaide; Nic Geard, University of Melbourne; Paul M. Garrett, University of Melbourne, and Stephan Lewandowsky, University of Bristol

In late March, we posed a hypothetical scenario to a sample of Australians, asking if they would download a contact tracing app released by the federal government; 70% responded in favour.

But a more recent survey, following the release of COVIDSafe, revealed only 44% of respondents had downloaded it.

The Australian government’s COVIDSafe app aims to help reduce the spread of COVID-19 and let us all return to normal life. But this promise depends on how many Australians download and use the app. The minimum required uptake has been variously estimated at 40-60% of the population.

Our ongoing research, led by the Complex Human Data Hub of the University of Melbourne’s School of Psychological Sciences, surveyed the Australian public to understand their opinions and use of the COVIDSafe app, and other possible government tracking technologies.

Our research is helping us understand the conditions under which Australians will accept these technologies, and what’s holding them back.

Is there community support for COVIDSafe?

COVIDSafe uses Bluetooth to establish an anonymous contact registry of who a user has been close to, and for how long. If that user tests positive for COVID-19, they can voluntarily upload their contact registry to a central data store accessible only by state and territory health officials. Human contact tracers then alert those at risk and advise them on appropriate isolation measures.




Read more:
Explainer: what is contact tracing and how does it help limit the coronavirus spread?


Gaining broad community support for COVIDsafe requires the app’s perceived public health benefits to outweigh concerns of personal privacy, security and potential risk of harm.

As of May 7, from a sample of 536 survey participants, 44% reported having downloaded the COVIDSafe app. Promisingly, another 17% said they had not, but planned to.

We also asked all our respondents what technology they thought COVIDSafe used. Only 60% correctly responded with “Bluetooth”. Others responded with “location data” (19%), “mobile phone towers” (5%), or that they did not know (16%). This breakdown differed between people who had downloaded the app and those who had not, as shown below.

Why are people opting in?

For those who downloaded COVIDSafe, most reported doing so to monitor others’ health (28%), their own health (19%), and in the hope of returning to normal activities sooner (18%). The least motivating factor was “to help the economy” (14%).

Most people who had not downloaded the app said they were weighing the pros and cons (22%), had not had time (19%) or had technical issues (12%). A small number were waiting for legislation that stipulated how the data could be used (6%).

This may be good news for the government, as many of these reasons are relatively straightforward to address.

Of those who reported they would not download the app, privacy was the main concern (31%).




Read more:
The COVIDSafe bill doesn’t go far enough to protect our privacy. Here’s what needs to change


Downloads does not equal usage

Whether those who download COVIDSafe are using it properly will largely determine its effectiveness.

Of those who had downloaded COVIDSafe, 90% said they had registered and kept Bluetooth switched on either at all times (77%) or when they left home (15%). Also, 58% said they had tried to share the app with others – helping to increase the rate of uptake.

Yet, there remains some doubt as to whether turning Bluetooth on is sufficient for the app to work productively on iPhones.
According to app developers, COVIDSafe works best on iPhones when the app is open, on the front screen (foreground), and the phone is unlocked.

But since these iPhone-related issues can be fixed (albeit potentially with some level of difficulty), it would be worthwhile for the government to invest in this.

International comparisons

Before the release of COVIDSafe, our research also tracked social support for similar apps and tracking technologies in other countries, including the UK, US, Taiwan and Germany.

We asked respondents about two hypothetical scenarios of government tracking.

The first scenario was similar to Australia’s COVIDSafe app rollout. In it, people were asked to download a voluntary government tracking app allowing them to be contacted if they had been exposed to COVID-19. In this scenario, 70% of our respondents said they would download the app.

The second scenario was less voluntary, wherein all people with a mobile phone had their location tracked. Governments would use the data to trace contacts, locate people who were violating lockdown orders and enforce restrictions with fines and arrests, if necessary. Interestingly, in this scenario even more people (79%) said they would download the app. If people could opt out, 92% indicated they would support the policy.

Importantly, these scenarios were completely hypothetical at the time, which may account for the intention-behaviour gap. That is, the gap between people’s values and attitudes, and their actual actions.

So, while 70% of people in our first survey said they would download a hypothetical government app, a later survey showed only 44% had actually downloaded COVIDSafe after its release.

This graphs shows the proportion of participants who indicated they would download a voluntary government app (in green), and who found mandatory tracking through telecommunications companies acceptable (purple) in Taiwan, Australia, UK, Germany, and the US under various situations. ‘Sunset’ refers to a sunset clause, in which governments legislate promises to stop tracking and delete the associated data within six months. ‘Local data storage’ refers to when tracking data is stored on a user’s device, rather than a central repository. This data was collected prior to the announcement of the COVIDSafe app.

Australians showed high levels of support for both scenarios, particularly in comparison to other western democracies, such as the UK and the US.

An evolving situation

Prime Minister Scott Morrison has repeatedly linked COVIDSafe’s uptake to a potential easing of lockdown restrictions. But more recently, federal defence minister Marise Payne said the app’s uptake wouldn’t be a deciding factor for when restrictions were lifted.

When asked if the government should use the app’s uptake levels to decide when restrictions should be lifted, only 51% of our survey participants responded “yes”.

Overall, our data show Australians are generally accepting of the use of government tracking technologies to combat the COVID-19 emergency. However, only time will tell how this translates to real-world uptake of the COVIDSafe app.

Detailed results of the survey data from Australia, as well as the UK, US, Spain, Switzerland, Germany, and Taiwan, are continually being reported here.The Conversation

Simon J Dennis, Director of Complex Human Data Hub and Professor of Psychology, University of Melbourne; Amy Perfors, Associate Professor, UCLA School of Medicine; Daniel R. Little, Associate Professor in Mathematical Psychology, University of Melbourne; Joshua P. White, Research Assistant – Complex Human Data Hub, Melbourne School of Psychological Sciences, University of Melbourne; Lewis Mitchell, Senior Lecturer in Applied Mathematics, University of Adelaide; Nic Geard, Senior Lecturer, School of Computing and Information Systems, University of Melbourne; Senior Research Fellow, Doherty Institute for Infection and Immunity, University of Melbourne; Paul M. Garrett, Post Doctoral Research Fellow, University of Melbourne, and Stephan Lewandowsky, Chair of Cognitive Psychology, University of Bristol

This article is republished from The Conversation under a Creative Commons license. Read the original article.