The iOS Covid App Ecosystem Has Become a Privacy Minefield
Jonathan Albright, the director of Digital Forensics Initiative at the Tow Center for Digital Journalism, has released the product of his months-long analysis of 493 Covid-related iOS apps. The apps range from telehealth consultations to contact tracing, gathering sensitive user information in the process. 359 of those apps contained features of contact tracing, exposure notification, exposure, or workplace monitoring.
Albright found that only 47 of the apps he examined use the model set forth by Google and Apple to promote privacy and utilize just Bluetooth data. More than 6/7 Covid-19 iOS apps are free to use whatever data and privacy permissions they want, with 59% asking for a user’s location when in use, and 43% track location at all times. 44% of COVID-19 apps asked to access the user’s camera, while 22% allowed to access the microphone and 32% requested photo access. Albright claims that these apps have become a minefield of user information ranging up to highly sensitive information. For Covid app developers, it is extremely important that data be stored in a secure location.