Norway suspends ‘deeply intrusive’ contact-tracing app and deletes all existing data

Written by Sam Trendall on 16 June 2020 in News
News

The country’s data-protection authority has placed a ban on the collection of information via the software after Amnesty investigation

Credit: Kate Ter Haar/CC BY 2.0 - Image has been cropped

Norwegian authorities have suspended operations of the country’s contact-tracing app and deleted all data gathered by the program so far.

The suspension comes after the country’s data-protection agency, Datatilsynet, prohibited the app from processing personal data until further notice. In addition to temporarily disabling the app, Helse Norge – the Norwegian central health authority – has also said it will delete all data collected so far.

The decision to suspend the app comes following examination by Amnesty International of apps being used by various countries across Europe and the Middle East. The Norwegian program, which was launched in April, was found by the NGO’s researchers to have “alarming implications for users’ privacy, due to its live or near-live tracking of users’ locations by frequently uploading GPS coordinates to a central server”.

Amnesty shared its findings with Norway’s health and data-protection agencies, as well as the government’s justice ministry, and also met with the head developer of the Smittestop app – the name of which translates as ‘infection stop’.


Related content


Claudio Guarnieri, head of Amnesty International’s Security Lab, said: “The Norwegian app is deeply intrusive and put people’s privacy at risk. It is the right decision to press pause and go back to the drawing board to design an app that puts privacy front and centre. We were so alarmed by how invasive the app is in its current form that we shared our findings with the Norwegian authorities and urged them to change course. There are better options available that balance the need to trace the spread of the disease with privacy, and we hope the authorities take this opportunity to do just that.”

Amnesty examined 10 other contact-tracing apps, including technology from: Algeria; Bahrain; France; Iceland; Israel; Kuwait; Lebanon; Qatar; Tunisia; and the United Arab Emirates. 

The Norwegian app was named by Amnesty as one of three – alongside software developed by authorities in Kuwait and Bahrain – that “stood out as among the most alarming mass surveillance tools”.

In common with Smittestop, the Bahraini and Kuwaiti apps also infringe privacy by “allowing live or near-live tracking of users” via GPS.

“Technology can play a useful role in contact tracing to contain Covid-19, but privacy must not be another casualty as governments rush to roll out apps,” Guarnieri added. “Governments across the world need to press pause on rolling out flawed or excessively intrusive contact-tracing apps that fail to protect human rights. If contact-tracing apps are to play an effective part in combatting Covid-19, people need to have confidence their privacy will be protected.”

It is still unclear when the UK might roll out its contact-tracing app – developd by NHSX – across the country. The technology was originally due to launch in mid-May, but the potential launch date is now no clearer than sometime "in the coming weeks". PublicTechnology reported this week that, about 10 days after the technology began public testing across the Isle of Wight – which was intended as an immediate precursor to rolling out the app nationwide – the software began a programme of capacity and performance testing that will last until the end of July.

 

About the author

Sam Trendall is editor of PublicTechnology

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

Public testing begins on new NHS contact-tracing app
14 August 2020

Software based on Apple and Google systems made available to Isle of Wight residents, with those in Newham to follow shortly

The coronavirus ‘infodemic’: truth and conspiracy online
15 September 2020

The spread of online misinformation during the Covid-19 pandemic has exacerbated a public health crisis. PublicTechnology digs into a recent parliamentary inquiry to find out...

Personal data of all Welsh coronavirus cases compromised in breach
15 September 2020

Public Health Wales says leak that affected more than 18,000 people to have tested positive was attributable to ‘human error’

Policymakers must start asking difficult questions on the ethics of AI in healthcare
9 September 2020

Government needs to begin working with citizens and industry to address the risks created by the use of new technology, according to Jessica Morley and Luciano Floridi of the Oxford Internet...