Data security fears over the COVIDSafe app are rife once again, thanks to a report from Australia's governing security body.
iTnews reports that data accessed by the Australian Federal Government's COVIDSafe contact tracing app has been "incidentally collected" by at least one of the agencies under the banner of the Inspector-General of Intelligence and Security (IGIS).
Although it's currently unknown which specific agencies have and have not collected COVIDSafe data, there are six agencies that comprise the Australian Intelligence Community, including the Australian Security Intelligence Organisation (ASIO).
While it sounds scary, don't expect the feds to come knocking on your door anytime soon. iTnews clarifies that an official report from IGIS specifies that nothing proves collected data was accessed in any way — an important distinction to make.
So what data has been collected? When signing up to use the COVIDSafe app, you provide your postcode, mobile number, age range, and a name — which can be a pseudonym.
Legislation passed in May dictates that any use of COVIDSafe data — including collection — other than for contact tracing purposes can be penalised for up to five years jail.
This doesn't mean that Australia's top security agencies suddenly have to arrest themselves, however. Incidental collection of COVIDSafe data while sourcing information lawfully, such as when executing a warrant, must be deleted.
IGIS told iTnews that the agencies in question are "taking steps to ensure any Covid app data is deleted as soon as practicable" and will be independently verifying that this occurs when agencies become aware of incidental data collection over the next six months.
This is yet another concerning look for the COVIDSafe app, which has copped a fair whack since its implementation back in April.
It hasn't worked as intended, particularly on iPhones, and the South Australian Police Commissioner recently said the app provided "no material benefit" to the state's contact tracing efforts.
"Incidentally collecting" data certainly isn't great optics for an app so many are already sceptical of.