Search
Content type: Examples
8th December 2018
In September 2018, researchers discovered that websites accessed via mobile phones could access an array of device sensors, unlike apps, which request permissions for such access. The researchers found that 3,695 of the top 100,000 websites incorporate scripts that tap into one or more sensors, including Wayfair, Priceline, and Kayak. Unlike location sensors, motion, lighting, and proximity sensors have no mechanism for notifying users and requesting permission. Ad blockers were not effective…
Content type: Examples
1st April 2020
In a widely circulated animated heat map, the geospatial visualisation company Tectonix GEO in partnership with the location technology company X-Mode used the secondary locations of anonymised mobile devices that were active on a single beach in in Ft Lauderdale, FL during spring break to show how the beach-goers fanned out across the US afterwards, potentially carrying infection with them. Although the visualisation was instructive in showing how contagion spreads, it was unclear whether any…
Content type: Examples
19th March 2020
Thailand's National Broadcasting and Telecommunication Commission (NBTC) provided a SIM card to every foreigner and Thai who had travelled from countries that have have been designated as "high risk" for COVID-19 infections (at the time, China, Hong Kong, South Korea, Italy, and Macau). According to NBTC secretary-general Thakorn Tanthasit, the AoT Airports' new application had more than 7,000 downloads in its first five days. The sim card will be used together with the AoT Airports application…
Content type: Examples
28th April 2020
By May 11, the Swiss Federal Office of Public Health, working with EFPL and ETH Zurich, will launch a secure, decentralised system for contact tracing developed by the Decentralised Privacy-Preserving-Proximity Tracing (DP-3T) international consortium, whose Swiss partners are Ubique and PocketCampus. Other international partners include UCl, KU Leuven, TU Delft, the University of Oxford, and the Universirty of Torino. The system has been posted to Github as an open source protocol and will…
Content type: Examples
8th April 2020
The global secure solutions integrator SuperCom has begun piloting a modified version of the company's PureHeath platform, which incorporates a specially designed "PureCare" smartphone and "PureTag" ankle bracelet, aimed at ensuring that people comply with quarantine requirements during the coronavirus pandemic. The expectation is that the smartphones, which are easier to distribute at scale, will be used widely, while the ankle bracelets will be reserved for high-risk individuals. The company…
Content type: Examples
12th August 2019
In October 2018, the Singapore-based startup LenddoEFL was one of a group of microfinance startups aimed at the developing world that used non-traditional types of data such as behavioural traits and smartphone habits for credit scoring. Lenddo's algorithm uses numerous data points, including the number of words a person uses in email subject lines, the percentage of photos in a smartphone's library that were taken with a front-facing camera, and whether they regularly use financial apps on…
Content type: Examples
1st April 2020
Although the alerts about contacts with people infected by the coronavirus sent out via SMS by the South Korean government do not include names, the information included about people who tested positive for coronavirus, and their past locations can be revealingly detailed in some cases. Those who have been identified by this means have suffered offline and/or online harassment; others, without being specifically identified by name, have been mocked. A survey has found that as a result people…
Content type: Examples
19th March 2020
With 6,300 COVID-19 cases and more than 40 reported deaths, the South Korean government launched a smarphone app (Android first, iPhone due on March 20) to monitor citizens on lockdown as part of its "maximum" action to contain the outbreak. The app keeps patients in touch with care workers and uses GPS to keep track of their location to ensure they don't break quarantine. The government said the tracking was essential to manage the case load (at the time, 30,000 people) and prevent "super…
Content type: Examples
19th December 2018
In November 2016, the security contractor Krytowire discovered that cheap Chinese Android phones often include pre-installed software that monitors users' locations, messaging, and contacts, and sends the gathered information to China every 72 hours. Shanghai Adups Technology Company, the Chinese firm responsible for the software, said its code had been installed on more than 700 million phones, cars, and other devices without informing users, but that it was not intended for American phones.…
Content type: Examples
19th December 2018
In July 2018, researchers at the London-based security and mobile commerce firm Upstream Systems found that millions of cheap smartphones sold in developing countries lacking privacy protections come with pre-installed apps that harvest users' data for the purpose of targeting advertising and that can only be removed with difficulty. One such app, which Singtech includes on the thousands of smartphones it sells in Myanmar and Cambodia, as well as others sold in Brazil or made by Indian and…
Content type: Examples
26th March 2020
The new Singaporean app, TraceTogether, developed by the Government Technology Agency in collaboration with the Ministry of Health was launched on March 20 after eight weeks of development. The app, which can be downloaded by anyone with a Singapore mobile number and a Bluetooth-enabled smartphone, asks users to turn on Bluetooth and location services, and enable push notifications. The app works by exchanging short-distance Bluetooth signals between phones to detect other users within two…
Content type: Examples
19th March 2020
Russian authorities are using surveillance cameras, facial recognition systems, and geolocation to enforce a two-week quarantine regime affecting 2,500 people. Chinese citizens are banned from entering Russia; Russians and citizens of other countries who arrive from China are required to go through two weeks of quarantine. Police raid hotels to find Chinese citizens who arrived before border controls began, and bus drivers have been ordered to call their dispatchers if they see Chinese citizens…
Content type: Examples
21st March 2020
The Polish government has developed the free Home Quarantine app for both iPhone and Android, which allows the police to check that individuals do not break quarantine; those who do may be fined up to PLN 5,000 and also offers support to those who are quarantined. Once users activate the app by entering a phone number and a code sent via SMS, they send a reference photo. Every so often the app sends an unscheduled request for a new photo to be sent within 20 minutes. The system checks both the…
Content type: Examples
9th April 2020
Led by Germany's Fraunhofer Heinrich Hertz Institute for Telecoms, technologists and scientists from at least eight countries, are working on a proximity-based contact tracing technology that complies with GDPR. The Pan-European Privacy-Preserving Proximity Tracing project (PEPP-PT) is intended to leverage smartphones to help disrupt the spread of infection by notifying individuals when their smartphones are near enough to to that of another person to carry out a Bluetooth handshake - thereby…
Content type: Examples
26th March 2020
After Pakistani residents queried whether messages labelled "CoronaALERT" sent out via SMS were legitimate, telecom authorities confirmed that it was authentic, being sent to selected individuals at the request of the Ministry of Health under the Digital Parkistan programme. Individuals were chosen because they might have come in contact with infected individuals during travel or in specific locations. It is not clear, however, what the criteria were for selecting individuals at risk,…
Content type: Examples
30th March 2020
Together with Norwegian company Simula the Norwegian Institute of Public Health is developping a voluntary app to track users geolocation and slow the spread of Covid-19. Running in the background, the app will collect GPS and Bluetooth location data and store them on a server for 30 days. If a user is diagnosed with the virus, its location data can be user to trace all the phones that have been in close contact with the person. Authorities will use this data to send an SMS only to those phones…
Content type: Examples
16th April 2020
The Norwegian contact tracing app, Infection Stop, relies on a centralised database to store users' GPS locations for 30 days, like its Chinese counterpart. Sumula, the company that developed the app, claims is necessary because of technical limitations in Apple's smartphone operating system iOS. Simula has rejected using Bluetooth, like Singapore's TraceTogether, because to work on Apple's iPhones the tracker app would have to be in the forefront in order to be able to use Bluetooth to send,…
Content type: Examples
1st April 2020
Researchers at the Center for IT-Security, Privacy and Accountability (CISPA) have identified a security vulnerability related to encryption on Bluetooth BR/EDR connections. The researchers identified that it is possible for an attacking device to interfere with the procedure used to set up encryption on a BR/EDR connection between two devices in such a way as to reduce the length of the encryption key used. In addition, since not all Bluetooth specifications mandate a minimum encryption key…
Content type: Examples
18th March 2020
A task force at the Italian Ministry of Innovation, in collaboration with the University of Pavia to leverage big data technologies to deal with COVID-19, after the WHO advised governments that lockdowns alone are not enough, and that testing, isolation, and contact tracing are crucial. The effort is beginning with anonymised data provided by Facebook; Italian telcos including Tim, Vodafone, Wind Tre, and FastWeb, via their Asstel trade association, have also offered anonymous datasets…
Content type: Examples
19th March 2020
Ministers have permitted the Shin Bet security service to "use the cellular phone data of carriers of the disease to retrace their steps and identify anyone they may have infected", and will relay the information to the Health Ministry, which will send a message to those who were within two meters (6.6 feet) of the infected person for 10 minutes or more, telling them to go into quarantine. An update to the original order has extended the period during which it is in force from 30 days until the…
Content type: Examples
22nd April 2020
While the agency that manages residence permits, the Coordination of Government Activities in the Territories, is closed, Israel has instructed Palestinians seeking to verify whether their permits to remain in Israel are still valid to download the app Al Munasiq, which grants the military access to their cellphone data. The app would allow the army to track the Palestinians' cellphone location, as well as access their notifications, downloaded and saved files, and the device's camera.
Source…
Content type: Examples
2nd April 2020
The Mumbai police have been asked by the civic governing body to track the movements of people arriving at Mumbai airport through the GPS location of their phones. Arrivals at the airport in Mumbai are also being stamped with “Proud to protect Mumbaikars. Home quarantined” with the date until which they have to remain in home isolation.
Source: https://indianexpress.com/article/india/coronavirus-mumbai-civic-body-turns-to-phone-gps-to-enforce-home-quarantine-rules-6321098/
Writer: Tabassum…
Content type: Examples
22nd April 2020
India's COVID-19 tracker app, Aarogya Setu, was downloaded 50 million times in the first 13 days it was available. Developed by the National Informatics Centre a subsidiary of the Ministry of Electronics and IT, the app is available on both Android and iOS smartphones, and uses GPS and Bluetooth to provide information on whether the phone has been near an infected person. Users provide a mobile number, health status, and other credentials, and must keep both location services and Bluetooth…
Content type: Examples
8th April 2020
On April 1, Iceland launched an app that uses GPS to locate people who may have been in close contact with confirmed COVID-19 patients. A message containing a download link for the app will be sent to all Icelanders; downloading it and then agreeing to disclose GPS data are both voluntary, but for it to work as intended 60% will need to opt in. The app will register all nearby phones, so that if an individual gets infected the authorities will have an accurate record of everyone who came into…
Content type: Examples
16th July 2018
Google launched its first version of Android in 2009. Based on a modified Linux kernel and other open source software, Android provides the operating system for mobile phones, tablets, televisions, cars, wrist watches, and many other devices including digital cameras, game consoles, PCs, and personal video recorders. By 2017, Android had become the best-selling operating system in the world, with over 2 billion monthly active users. Even in 2009, critics warned that the operating system, which…
Content type: Examples
26th March 2020
After Asian countries used mass surveillance of smartphones to trace contacts and halt the spread of the coronavirus, Western countries such as the UK and Germany are trying to find less-invasive ways to use phones to collect and share data about infections that would work within data privacy laws and retain public trust. Nearly half of virus transmissions may occur before the individual shows symptoms of the disease. At Oxford researchers are working on a notification app that would notify…
Content type: Examples
17th May 2019
In February 2019 Google engineers announced that they had created faster, more efficient encryption system that could function on less-expensive Android phones that were too low-powered to implement existing full-device encryption. The scheme, known as Adiantum, uses established and well-vetted encryption tools and principles. Android has required smartphones to support encryption since 2015's version 6, but low-end devices were exempt because of the performance hit. It will now be up to device…
Content type: Examples
28th April 2020
Three days after announcing Germany would adopt the centralised Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) standard for contact tracing, the country's chancellery minister Helge Braun and health minister Jens Spahn announced they would instead use the decentralised approach backed by Apple, Google, and other European countries. While both standards rely on Bluetooth connections between nearby phones, PEPP-PT would have required Apple's cooperation to implement, and the company…
Content type: Examples
1st April 2020
On November 3rd, 2019, [...] a critical vulnerability affecting the Android Bluetooth subsystem [was reported]. This vulnerability has been assigned CVE-2020-0022 and was now patched in the latest security patch from February 2020. The security impact is as follows:
On Android 8.0 to 9.0, a remote attacker within proximity can silently execute arbitrary code with the privileges of the Bluetooth daemon as long as Bluetooth is enabled. No user interaction is required and only the Bluetooth MAC…
Content type: Examples
19th March 2020
Colombia's has launched the free, Android-only, prevention-focused Colombia-Coronapp developed by the National Health Institute (INS) to help identify and eradicate the virus across the country, as well provide centralisation and transparency. Besides their basic information, users are asked to say if they have participated in any mass events in the prior eight days, a controversial question because of the recent protests across the country. The app also provides safety tips, an updated map of…