[ad_1]
The Data Inspectorate writes in a press release:
“In the treatment protocol, the purpose of stopping the infection is defined as” digital monitoring of the infection. ” The Danish Data Protection Agency does not consider this to be accurate enough. “
– The app actually has various purposes, like tracking and alerting about covid-19 infection, monitoring population movements, analysis work and research. This should be established in a protocol, says director Bjørn Erik Thon.
FHI recognizes that the protocol must be adjusted.
– We emphasize that the two purposes of the application are communicated consistently in all communications related to the application, both in the privacy statement, the privacy impact assessment (DPIA), news cases and online texts , in interviews and press conferences. The two purposes of the application are also enshrined in the regulations. The fact that this is formulated for the superior in the treatment protocol should, of course, change immediately, says Acting Assistant Director Gun Peggy Knudsen at FHI.
FHI challenged the group of experts when they launched the Infect Stop app
FHI has not sent all documents
Also in the press release, the Norwegian Data Inspectorate writes:
“When it comes to risk and vulnerability analysis (ROS analysis), assessments are lacking for key parts of the solution: population warning of covid-19 infection, anonymisation of personal data, and analysis work. The purpose of such analysis is to present the risk of a technical solution so that risk mitigation measures can be implemented. Only when the risk is known can you decide whether the solution and any residual risks are acceptable. “
– The Norwegian Institute of Public Health has not documented that these necessary evaluations of key parts of the solution were made before Smittestopp was acquired and made available to the public, says Bjørn Erik Thon.
To this, the Institute of Public Health responds:
– The risk and vulnerability analyzes for the warning and monitoring section were in place before the validation period began in the three municipalities where the application has been tested to detect the infection. The documents have not yet been sent to the Data Inspection because we wanted to have a single document in place after the step-by-step introduction in the municipalities, but now we are presenting these risk and vulnerability analyzes and we will present the final documentation that includes analyzes and anonymization within the deadline. says Gun Peggy Knudsen.
The app should only be used for infection detection.
The application will collect information on the movements of users.
First, an alert function will be tested in Drammen and two other selected municipalities. Infection arrest users in these municipalities receive an SMS notification if they have had close contact with someone who has been diagnosed with coronary infection.
The app is not used to see if people are quarantined and isolated.
All data is deleted after 30 days.
The app itself will be removed in December of this year.
Complete information can be found at helsenorge.no.
Ensures privacy is emphasized
Both before and after the launch of the application, several have criticized it for privacy reasons. To this, FHI says:
– We have given high priority to the work on privacy and security during the development and validation of the application, which is now carried out in three municipalities, and we will be very careful to follow up on the Danish Agency’s orders, questions and comments. Data Protection, says Gun Peggy Knudsen, Acting Deputy Director. NIPH
Concerned about the government infection app? Here is everything you need to know
