Fresh calls for an inquiry into COVIDSafe app


Denham Sadler
Senior Reporter

COVIDSafe did nothing to help combat the second wave of COVID-19 in Victoria, according to a state parliament report, while a federal Parliamentary committee has called for an independent inquiry into the controversial contact tracing app.

COVIDSafe was launched by the federal government in April with much fanfare, but the app is yet to pick up any new close contacts of a confirmed COVID-19 case anywhere outside of New South Wales.

The Victorian parliament inquiry, chaired by Reason Party leader Fiona Patten, tabled its report on Monday, finding that the digital contact tracing app developed by the federal government had “insignificant” effectiveness.

“The committee received no evidence that the federal government’s COVIDSafe app was effective or contributed to supporting Victoria’s public health response,” the report said.

COVIDSafe
COVIDSafe: Fresh calls for an inquiry into the effectiveness of the contact tracing app

Just days earlier, the federal Select Senate Committee on COVID-19, led by Labor, called for an independent inquiry into COVIDSafe’s design, and the nearly $10 million paid to private contractors for work on the app.

It also came in the same week that the New Zealand government announced it would adopt the Google and Apple framework for digital contact tracing in its own app, making Australia even more of an outlier in flatly refusing to do this and sticking with its centralised model.

The Senate Committee tabled its interim report late last week, with its recommendations including for an independent review into expenditure on, and the design of, the COVIDSafe app.

The federal government has now paid private contractors nearly $10 million for work developing the app, after Canberra-based tech firm Delv had its contract tripled to more than $6 million recently. The Boston Consulting Group was also paid nearly $1 million for its work on COVIDSafe, while Shine Solutions landed nearly $2 million and Cevo just over $1 million.

In the interim report, the Select Senate Committee said COVIDSafe has “delivered extremely limited tangible results to date” and has “significantly under-delivered on the Prime Minister’s promise that the app would enable an opening up of the economy in a COVID safe manner”.

“The COVIDSafe app, which was supposed to be ‘like sunscreen’ and enable the states and territories to reopen, failed to meet its download target, suffered performance issues and to date has only identified 17 close contacts,” the committee said.

The committee recommended that an independent review be commissioned into the money spent on COVIDSafe and the design of the app.

In developing COVIDSafe, the government opted for a centralised model where contact info of users that have later contracted COVID-19 is sent to a national database operated by AWS and then sent to the relevant state or territory health authority.

Tech giants Google and Apple have released a framework for contact tracing based on a decentralised model, where contact information does not leave a user’s phone and users are automatically notified if they have come into contact with a confirmed case.

The committee received a number of submissions calling for the government to adopt the Google and Apple solution as this is “more consistent with a ‘privacy by design’ approach and can run reliably in the background of devices”.

“The government is yet to make a compelling case for the value that the app has actually delivered. The government has spent a considerable amount of public money and adopted a very optimistic stance on the benefits of the app – which the Prime Minister suggested would become second nature to Australians and play an integral role in protecting the community,” the interim report said.

In a dissenting report, the participating Coalition senators said COVIDSafe is working as intended.

“The COVIDSafe app is working and is being used by state health officials as part of contact tracing. It is an additional tool that helps supplement the contact tracing process and helps keep people safe through early notification by health officials of possible exposure,” they said.

Last week the New Zealand government joined a long line of overseas jurisdictions that have chosen to adopt the Google and Apple framework for digital contact tracing rather than following in Australia’s footsteps.

The New Zealand government’s COVID Tracer app will soon be updated to include a bluetooth-based proximity feature to record close contacts between users. The app has previously been based around QR code check-ins, a feature that will continue alongside Bluetooth tracking.

New Zealand’s approach will be based on Google and Apple’s Exposure Notification Framework, in contrast to the Australian government’s outright refusal to do so.

Earlier this month the federal government announced a significant overhaul of the protocol underpinning COVIDSafe, with the introduction of the new Herald Bluetooth protocol, saying this would significantly improve its performance, especially on locked iPhones.

But this did little to stem calls from tech experts for the adoption of the Google and Apple framework, which they said would lead to better performance and privacy protections.

A spokesperson for Government Services Minister Stuart Robert confirmed the government would not be shifting to the solution offered by the tech giants.

“The Apple / Google platform puts health information in the hands of the IT companies and would not be covered by the current privacy legislation – which received bipartisan support,” the spokesperson said.

“It also does not allow the source of an infection to be traced which is a major factor in stopping the spread of the virus.”

The Australian government has also refused to incorporate QR code check-ins to COVIDSafe, saying this was not allowed under the privacy legislation passed earlier this year.

Do you know more? Contact James Riley via Email.

1 Comment
  1. I do not for one minute defend the federal COVIDSafe App. It seems to be a dud (by the same token, I don’t think there’s much evidence as yet for the efficacy of any other method of mobile-based automatic proximity logging).

    On the other hand, I do want to make a point about privacy. It seems to me that technologists and privacy purists have yet to reckon with the reality of contact tracing.

    There are constant calls for the government to adopt the so-called “decentralised model” where “contact information does
    not leave a user’s phone and users are automatically notified if they have come into contact with a confirmed case.”

    This insistence ignores the fact that COVID-19 is a notifiable disease. The reality is that if you test positive, your health information will be logged in a national register, you will be interviewed by health officials, and they will follow up with your contacts. It’s completely academic if “contact information does not leave a user’s phone” as the same information (and a whole lot more) is going to be manually collected anyway. This is the law! Moreover, contact tracing by and large works extremely well in Australia; it has helped keep the impact of COVID-19 down to amonsgt the lowest in the world. The great majority of the public accepts contact tracing. Health Ministers would be bonkers to change the model, including the central registry and the way patients are notified in person by health professionals.

    So the idea that the Google and Apple solution is “more consistent with a ‘privacy by design’” defies reason. It elevates PbD to a sort of tech-cult status. The decentralised Google-Apple approach is inconsistent with public health law and practice, while established contact tracing protocols do in fact preserve privacy as best can be expected in an epidemic. Let’s be real: does anyone have an example of a real privacy breach from conventional contact tracing?

Leave a Comment