More then 730,000 Norwegians have already downloaded a new app aimed at tracking and limiting the spread of the Corona virus, less than a day after it was launched by the state. They don’t seem to care about warnings that the app raises serious privacy concerns, as debate flies over whether “Big Brother” will be watching them.
“When the authorities in crisis times ask us to sacrifice portions of our privacy, we must be extremely careful with what we accept,” Åshild Bruun Gundersen, health policy spokesperson for the conservative Progress Party, told TV2 shortly after the launch Thursday afternoon.
She was back on national radio Friday morning, claiming that the state was ushering in “surveillance like we’ve never experienced before.” She claimed on NRK’s Politisk Kvarter debate program that “this app will give the authorities access to where you are, which people you speak with and how long you speak with them,” adding that “everyone concerned about privacy should be skeptical about this app.”
Gundersen was challenged, however, by Health Minister Bent Høie, who chided her for spreading “unnecessary fear.” He claims all data collected will be encrypted and analyzed without anyone being personally identified. He said he respected Gundersen’s decision not to use the app, “but I react to use of words like ‘surveillance’ to try to scare others” from taking part in what he consistently calls Norway’s dugnad (collective effort) to fight the Corona virus.
Use of the app called Smittestopp (Stop Infection) is voluntary. It was quickly developed by the state public health institute FHI (Folkehelseinstitutt) as a means of tracking infection and halting its spread. By tracking the movements of people registering to use it in Norway via their mobile phones, it will send out a warning to everyone who’s been within two meters or less of another registered person confirmed as infected with the Corona virus for 15 minutes for more.
Both Høie and Prime Minister Erna Solberg, who said she was among the first to download the app, hope the app will be widely used and are encouraging Norwegians to download it and register. They think that can halt or at least control the spread of the virus in Norway, and thus allow them to lift more of the state’s invasive Corona containments measures and “reopen the country.”
Technology experts were quick to raise troubling issues with the app. One of the biggest questions involves who and how many will have access to the data FHI will be gathering. Høie told NRK Friday morning that he had no exact numbers, while FHI’s director, Dr Camilla Stoltenberg, has said they’ll amount to just a few. Both Høie and Stoltenberg insist the data will be secure and that those alerted to possible virus infection won’t be told who may have passed it on. Nor will the warnings reveal where or at what time of day the exposure occurred.
It’s all based on location data picked up by GPS and Bluetooth technology, and many argue that should remain in the personal sphere. Magnus Brøyn, a technology commentator and leader of the communications firm Coxit, cautioned against how Norwegians are already “revealing personal information” in the Internet age “that we never would have shared with others just 10 to 15 years ago.”
Brøyn told newspaper Dagsavisen on Friday that even though the location technology is not new, it’s already much more widespread than many people realize. Using the app will further reveal users’ locations at all times, this time to state authorities. “In recent years, many of us have been left at the station when the privacy train left,” he told Dagsavisen.
He and others think it’s problematic that the state will basically have app users under surveillance. “The question,” he said, “is whether the Corona situation is an exception from the rule, because the rule itself is clear: this type of surveillance is something we normally do not want.”
‘False sense of security’
Brøyn also noted that that the app won’t help much if it’s only used by those who are not infected with the virus. He suggests it can thus give people a feeling of “false sense of security” and not actually limit infection.
According to FHI’s app developer, Simula, data from the app will be encrypted and stored on its own secure server for 30 days before its deleted. It remains unclear who will have access to the data while in storage and what could be done with it.
“Great responsibility will rest on the authorities to follow up and handle this data in a secure manner going forward,” Torgeir Waterhouse, another technology expert and partner in the consulting company Otte, told Dagsavisen. “There will be huge pressure on the authorities to confirm that they’re worthy of our confidence in this. If they don’t succeed, they will have damaged opportunities to use something like this later.”
Waterhouse also sees troubling aspects of the infection-tracing app, but thinks the Corona epidemic can justify its use. “In a situation like this, we appear willing to do things we normally wouldn’t do,” he said.
‘Can save lives’
That doesn’t comfort Gundersen of the Progress Party or one of her fellow Members of Parliament, Solveig Schytz of the Liberal Party, which is part of Solberg’s conservative government coalition. Schytz called on the government to “continually improve privacy and security aspects” of the app, while Gundersen went so far at to warn Norwegians against using the app.
Prime Minister Solberg strongly disagreed, and claimed she had no personal privacy or security concerns about using the app herself. “I believe that if we’re going to get our everyday freedom back, then the most people possible should download this app,” she said. Stoltenberg said the app will be closely monitored and continually refined.
Bjørn Erik Thon, director of the Norwegian Data Protection Authority (Datatilsynet), has deemed the app “acceptable” for public use given the Corona crisis situation. “We have been told by FHI and those developing the app that it can save lives and allow society to open up again,” Thon told Dagsavisen. “Those are good and important goals.”
In order to win Datatilsynet’s approval, however, the app’s use had to be voluntary and data collected on users must be deleted when a user deletes the app. Thon said it was also important that data be held anonymous, even though users may be able to guess who they came in contact with. FHI, meanwhile, will continue testing and quality-checking the apps warning methods as they’re taken into use.