Atlassian co-founder and Aussie tech entrepreneur Mike Cannon-Brookes has come out in support of the government’s COVIDSafe tracking app, even as the broader tech community remains divided and sceptical.
Released on Sunday morning, the tracking app was reportedly downloaded by one million people within five hours.
Although the Department of Health has promised to make the app’s source code public, in a bid to alleviate privacy concerns, as of yet, the code has not been released.
The app is intended to track connections between individuals and alert those who have been in the vicinity of someone who has tested positive for COVID-19. However, it has divided public opinion and attracted questions about privacy and surveillance.
On Sunday, Cannon-Brookes tweeted his support of the app.
He also shared a comment he had written on Hacker News, saying he believes the source code will indeed be released, calling on the tech industry to “turn the HN angry mob mode off”.
— Mike Cannon-Brookes ???????????????? (@mcannonbrookes) April 26, 2020
Rather, Cannon-Brookes urged the community to commend the government on the good decisions it has made regarding security — for example, deleting data after 21 days, and the promise to release the source code — and to look for bugs in the tech and help close them.
However, his stance on the app has attracted everything from commenters defending the angry mob and its place in democracy, to those questioning the tech track record of the Morrison government. Or, what one commenter calls it’s “unilateral self-righteous anti-privacy rampage”.
To Cannon-Brookes’ original tweet about the app, one commenter even suggested the post should have been labelled as sponsored content.
Elsewhere, Matthew Robbins, founder of Aussie productivity startup MFractor, noted in a Twitter thread that the app is not obfuscated, and that it can, therefore, be unpacked to a point he says is “almost as good as having the original source code”.
And unpick it he has, ultimately suggesting the app is “above board, very transparent and follows industry standard”.
So, I’ve downloaded and decompiled the Android app using the freely available, open source tools apktool and JadX.
Here are my findings for those who are interested interested:
— Matthew Robbins (@matthewrdev) April 26, 2020
Again, the sticking point here is a mistrust of the government and its approach to tech — specifically privacy — historically.
And, just from a browse of Aussie tech Twitter, there’s a noticeable lack of faith in the government.
Thanks for diving in. I’m a bit miffed they haven’t released source, given the importance of trust in getting people to install this and a very chequered past with privacy issues for both this govt and labor.
— Simeon J M (@simeonjm) April 26, 2020
analysis by privacy/security geeks is helping me do an end-run around that trust deficit. considering it.
— ????simon holmes à court ???? (@simonahac) April 26, 2020
Others have noted that consumers hand over their data when downloading all kinds of apps. But that comparison doesn’t quite hold up.
While those apps may use your data for financial gain, targeting and all manner of other surreptitious activities, they hardly have the power of a sitting government.
The Morrison government is going to lengths to reassure the public of the safety of the app.
Data will reportedly be deleted after 21 days, and a privacy impact assessment conducted by law firm Maddocks says the government does not intend to use data for any purposes other than for contact tracing.
“The government understands there are public concerns that information collected by the app will be used or disclosed for purposes other than contact tracing, such as law enforcement,” the report says.
It also suggests the government is working to amend legislation under the Biosecurity Act 2015, to add additional legal protections for any data collected, to “minimise the risk of ‘functional creep’”.
The government has said, however, that personal information could be disclosed if it is necessary to “prosecute a breach of the law in relation to contact tracing under the Biosecurity Determination and the Biosecurity Act 2015”.
Is the government’s tracking app a good thing getting bad PR off the back of previous mistakes? Or is it a threat to privacy that will do more harm than good? Let us know what you think.