Contact tracing apps must be made with privacy at their heart and only keep data as long as necessary, governments have been told.
Countries including South Africa are looking to contact tracing technologies in the fight against the coronavirus pandemic and a possible way to help end lockdown.
As already seen in places like Singapore, this would use Bluetooth to keep an anonymous log of every person an individual has been in close contact with and alert them if one should test positive for Covid-19.
While the technology has been welcomed as one potential solution to ease in a return to normality, it has also been met with concern for the public’s privacy.
The Organisation for Economic Co-operation and Development (OECD) has made a number of recommendations to decision makers, saying a “privacy by design” approach – where personal data protections are built into the system by default – could help address the risks.
“Data should be retained only for so long as is necessary to serve the specific purpose for which it was collected,” the OECD’s report says.
It pointed towards a Covid-19 app developed by the Norwegian Institute of Public Health which is designed to store location data only for 30 days.
Governments are urged to consider whether the use of these technologies and the subsequent data gathering is proportionate, as well as how the data is stored, processed, shared and with whom.
The public should be kept well informed, with full transparency and accountability on the approaches adopted.