Pledge to prevent COVID app ‘function creep’

The government has pledged to protect the COVID contact tracking app from “function creep” where information gathered starts being used for other purposes, such as law enforcement.

The COVIDSafe app was released on Sunday night with the government declaring on Monday morning that public uptake of the app has already exceeded expectations.

Scott Morrison

By 8.30 am on Monday 1.13 million Australians had downloaded it, health minister Greg Hunt said.

He said the government had expected to reach 1 million downloads in five days but has passed that milestone in just five hours.

“We’re well ahead of our best hopes and expectations already,” he told the ABC.

“It’s been an extraordinary response so far.”

The government has previously said 40 per cent of the Australian population, or around 10 million people, would need to download it for it to be effective, but on Monday Mr Hunt said there was “no magic number” and every sign-up was helpful.

Privacy concerns

Addressing concerns from some experts and members of the public about the use of the data, which will be stored by Amazon Web Services, Mr Hunt said privacy was paramount during the design process.

Other criticism of the app has related to mistrust of the government’s ability to manage technology including the Robodebt fiasco and Centrelink’s recent inability to cope with the surge in jobless people seeking support.

“What we’ve done here is put in place what we believe are the strongest protections ever,” Mr Hunt said.

Concerns have also been expressed about the government’s failure so far to provide a source code for the app.

An April 24 Privacy Impact Assessment prepared by Maddocks lawyers says the government has taken a “privacy by design” approach to the aap, including steps to minimise the sort of personal information that is collected and who will have access to it.

However it says further work needs to be undertaken to address potential privacy risks, including making the source code publicaly available “to allow for independent analysis and consideration”.

Function creep

The PIA also advises against “function creep” where information collected for one purpose starts being used for another purpose.

In its response to the PIA the government says the source code will be released subject to consultation with the Australian Signals Directorate’s Australian Cyber Security Centre.

It also acknowleges public concern about function creep and says it is taking “urgent action” to protect the information collected via the app.

“Any changes to the app will need to comply with these additional legal protections,” the health department says in its response.

“This will minimise the risk of function creep”.

Health also says the Notifiable Data Breaches Scheme will continue to apply to information held by AWS.

Launching the app on Sunday,  Prime Minister Scott Morrison said it came on the advice of the Chief Medical Officer and would help save lives and livelihoods.

“The more people who download this important public health app, the safer they and their family will be, the safer their community will be and the sooner we can safely lift restrictions and get back to business and do the things we love,” he said.

Mr Hunt said the government would work with experts to look into some glitches that had emerged last night, including some phone numbers not being recognised during registration.


Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at  

Sign up to the Government News newsletter

Leave a comment:

Your email address will not be published. All fields are required