Connect with us

Hi, what are you looking for?


Campaign groups warn that it is possible to re-identify UK phones from COVID-19 contract-tracing app data • Register

Campaign groups wrote to the British Prime Minister to warn the GCHQ and its digital envelope that the National Cyber Security Centre (NCSC) could re-identify the phones of those who installed the COVID 19 contract tracking application.

In an open letter to Prime Minister Boris Johnson [PDF], the groups say that the current proposal for an appendix threatens to drift to the surveillance state. Among the groups that signed the message are the non-profit organization Foxglove Technical Justice and the digital rights activists Access Now.

Campaign groups warn that it is possible to re-identify UK phones from COVID-19 contract-tracing app data • Register

The NHS contact tracing application is not anonymous, contains errors and is susceptible to abuse. It’s a good thing we’re not in the middle of a pandemic, huh?


As noted by the Joint Human Rights Committee, the existing legal framework for combating this phenomenon, which is currently under review on the Isle of Wight, is not sufficient to protect individuals against the misuse of their data.

Parliament must rapidly adopt an appropriate legal framework to ensure the protection of users’ human rights, according to a letter also signed by Paul Bernal, lecturer in information technology, intellectual property and media law at the UEA Faculty of Law, and Andy Phippen, professor of digital rights at the University of Bournemouth.

The groups repeat the warnings about the use of a centralized model for collecting, processing and storing user data. The centralised recording of data could facilitate the redirection of missions; there is no guarantee that the government will not add additional monitoring functions or use the data for purposes other than COVID 19 monitoring at a later date. Of particular concern is the fact that the National Cyber Security Centre and GCHQ will be able to (re)identify the phones of those who have installed the application. On the basis of the results of the UK Government’s comments, we believe that these risks are real, according to the letter.

Meanwhile, the troublemakers warn that another government plan is on the rise: the fight against false reports by COWID-19. In March, the Ministry of Digital, Culture, Media and Sport launched an anti-disinformation unit to combat false and misleading stories.

The letter from the activists states that the Rapid Response Team, which has been attached to the Cabinet Office and No. 10 since April 2018, is currently supporting the work of the Anti-Disclosure Team. This includes working with social media platforms to remove malicious content.

Maybe you shouldn’t wear an aluminum hat like conspiracy theorists do, by shouting nonsense about the bands between 5G and KOVID-19 to get access to a wide audience. But a balance has to be found, the activists said.

They moved on:

The problem seems to be the limited ability of the government to verify the use of this contact tracing application and the behaviour of the anti-counterfeiting team.

In April, the Office of the Commissioner for Information (ICO) stated that it was flexible in fulfilling its obligations in the area of freedom of information and informed the applicants that during the pandemic there could be delays in submitting requests for information, according to the letter.

The effect on transparency is already clear, they say. The groups referred to a JTF request of 3. On 4 April, the Commission asked the United Kingdom authorities for further information on transactions involving the exchange of patient data between the United Kingdom government and technical companies, which have not yet received a concrete reply.

The concerns expressed in the campaign letter were reinforced by the news that an exchange unit called jHub will facilitate the secure transfer of relevant symptom and epidemiological data from third party COVID-19 applications to the NHSx data warehouse.

In the meantime, there are indications that the contract tracking application contains errors and cannot make the data impersonal.

To receive a reply, the Registry contacted number 10 and the ICO. ®

Webcast : Customize your hybrid cloud correctly

You May Also Like


Introduction In previous articles we have talked about images of dockers, the origin and functioning of dockers and the dockers’ hub. In this document...


Linux desktops are good in many ways, but like Windows they are not known as the most efficient battery. This does not mean that...


The United States Supreme Court has indicated that it will finally solve a problem that has been causing legal problems for almost two decades:...


To secure your AWS assets, follow these AWS Identity and Access Management (IAM) guidelines. Locking the Root User Access Key for AWSAccount You use...