Security News > 2020 > May > Campaign groups warn GCHQ can re-identify UK's phones from COVID-19 contract-tracing app data

Campaign groups warn GCHQ can re-identify UK's phones from COVID-19 contract-tracing app data
2020-05-21 15:15

Campaign groups have written to the UK Prime Minister warning GCHQ and its digital arm, the National Cyber Security Centre, will have the capacity to re-identify the phones of people who have installed the nation's coronavirus contact-tracing app.

"The centralised recording of data could facilitate mission creep; there is no guarantee that the Government will not add additional tracking features or later use the data for purposes other than COVID-19 tracking. Of particular concern is the fact that the National Cyber Security Centre and GCHQ will have the capacity toidentify the phones of people who have installed the app. Based on the UK Government's track record on surveillance, we consider these risks to be real," the letter said.

Evidence mounts that the contact tracing app is riddled with bugs and fails to anonymise data.

Updated to add at 10:08 on 26 May. "A government spokesperson has been in touch to tell The Reg:"It is simply wrong to suggest that the app has been designed for any purpose other than helping people to stay safe, protect others and protect the NHS. We have been clear from the outset that this app will be used solely for coronavirus tracing purposes, and that it has been developed with privacy and security at its heart.

"Neither NCSC nor GCHQ have access to user data and no GCHQ data, infrastructure or capabilities have been used in the app's development."


News URL

https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/21/campaign_groups_warn_gchq_can/