Privacy Principles in Tracking Apps

With countries slowly trying to find a way back to a new normality, contact tracing is one of the means to keep the infection rate on an acceptable level. Digitalization might be one way to support these activities – the corresponding apps on phones are in the press since a while.

Privacy and the “Big Brother” scenarios are all over it as well. Obviously, approaches have to be taken to protect privacy while being able to support the economy and the society on our joint way to open up again.

We published a blog post on Preserving privacy while addressing COVID-19, where we offer seven privacy principles for such apps. These principles are not completely new and follow classical privacy guidelines:

1. Obtain meaningful consent by being transparent about the reason for collecting data, what data is collected and how long it is kept.

2. Collect data only for public health purposes.

3. Collect the minimal amount of data.

4. Provide choices to individuals about where their data is stored.

5. Provide appropriate safeguards to secure the data.

6. Do not share data or health status without consent, and minimize the data shared.

7. Delete data as soon as it is no longer needed for the emergency.

Read the details in the post mentioned above but I feel that this would allow for reasonable apps and make people feel at least kind of comfortable with the protection of their privacy. We need a certain level of participation to make these apps work!

*** This is a Security Bloggers Network syndicated blog from Roger Halbheer on Security authored by Roger Halbheer. Read the original post at: https://www.halbheer.ch/security/2020/04/29/privacy-principles-in-tracking-apps/