Stumbling Surveillance: The end of the COVIDSafe App

It took a few years of tolerable incompetence, caused fears about security, and was meant to be the great surveillance salvation to reassure us all.  Instead, Australia’s COVIDSafe App only identified two positive cases of infection during the SARS-CoV-2 pandemic, and failed, in every sense of the term, to work.

Launched in April 2020, this AU$21 million platform was heralded as a great tool for pandemic surveillance.  It was one of many such digital responses used by countries to combat viral transmission.  China adopted the Alipay Health Code app, which shares location data with police authorities.  Users receive various codes denoting status: red for those needing to spend two weeks in isolation; yellow for those needing to self-quarantine; and green for those able to move about freely.  India has Aarogya Setu; England and Wales, the NHS COVID-19 app.

As Privacy International observes, the spread of these apps, some voluntarily applied, others not, had a range of consequences.  Data might be generated without the user’s involvement.  Data might also be lifted from the relevant device.  Some apps might store data locally or convey it to servers.  “And they can leak data to analytics firms and social media platforms.”

COVIDSafe relied on Bluetooth signals transmitted at intervals to nearby users, with those testing positive would trigger a process by which state and territory authorities could request access to the phone to identify other potential infections.  The close contacts would have to be within 1.5 metres of each other for at least 15 minutes.  In principle, this was meant to lead to improved contact tracing, more effective isolation protocols and enable more restrictive measures to be eased.

From the start, the project seemed plagued.  There were questions about the exposure window and how viable it was, notably in the face of more infectious variants.  There were concerns that user data in the national data store could become accessible to the US government, given the awarding of the data-storage contract to Amazon Web Services (AWS), a cloud subsidiary of Amazon.  By the end of April 2020, 3 million Australians had downloaded the app.  In total, there were 7.9 million downloads.  The measure of success for the program, in other words, became one of downloading an app rather than its supposed effectiveness.

Users were assured that little needed to be done for the app to successfully operate.  “Your phone does not need to be unlocked for the app to work,” Minister for Government Services Stuart Robert claimed in an unconvincing statement.  Users were also encouraged to “have the app running in the background when they are coming into contact with others.”  This betrayed a lack of technological savvy habitual among cabinet ministers.

In the view of the Minister for Social Services Anne Ruston, the app was part of an effort to empower Australians “to proactively limit the spread of the coronavirus and protect the community.”  Having such a mechanism in place would “help protect the lives and health of the Australian community to make sure that we are in a position to quickly respond and be able to trace people if they have come into contact with somebody who has the virus.”

But the government’s own assessments revealed that the app only worked effectively on locked iPhones about a quarter of the time, if that.  As of late April 2020, documents from the Digital Transformation Agency found that the app’s qualities in communicating between two locked iPhones was “poor”.  The same finding was made for encounters between locked Android to iOS services and active Android to locked iOS devices.

The rating for unlocked or active iPhone-to-iPhone encounters was, by way of contrast, “excellent”, logging in a success rate of 80-100 per cent.  But the latter rate was fairly meaningless, given that iPhone users are, for reasons of privacy, encouraged to maintain a default lock setting.

With COVIDSafe’s effectiveness coming into question, the strategy of the Morrison government moved from the silver bullet to the general plan.  The digital tool was to be but one element in the overall battle against the pandemic, complementing, in Ruston’s words, “the existing manual process by which we currently trace and track people.”  It could be likened to, as Prime Minister Scott Morrison did with trivialising ease, donning sunscreen before heading out the door.

A subsequent government report into the app, released on July 29th, 2021, chose to avoid some of the more glaring problems in the enterprise.  Even then, the authors had to concede that COVIDSafe was “rarely” resorted to by public health officials “except to confirm cases identified through manual processes.”  This, the reasoning went, was due to low rates of community transmission and formidable manual contact tracing.  The app’s failure, in other words, was a sign of the country’s success.

A less than flattering counter report by software developers Richard Nelson, Jim Mussared and Geoffrey Huntley, along with cryptographer Vanessa Teague, noted a lack of “deep discussion of changes made throughout the app’s development which heavily impacted efficacy, and fails to disclose key information such as the number of active users of the application.”

This stood in sharp contrast to the peer-reviewed study, published in Nature, which considered the epidemiological impact of the NHS COVID-19 app developed in the UK.  In that case the National Health Service abandoned initial connection methods based on Bluetooth, implementing, instead, Apple and Google’s Exposure Notification Framework.

As the critical multi-authored study of COVIDSafe concludes, “Almost all of the serious security bugs, privacy issues, and bugs affecting efficacy that were present could have all been avoided by using the Exposure Notification Framework, keeping public perception  high.”

A few spluttering apologias can be found in defence of the app.  One effort can be found in that dullest of fora, The Conversation.  That contribution, sterilised and pasteurised, tries to be optimistic about a profligate, failed exercise.  “One of the goals of COVIDSafe was to automate the manual work, to help the efforts of contact tracers at scale.  This goal was achieved, although the value and effectiveness are questionable, as we discuss below.”

Then comes the following, which suggests a lamentable ignorance of the implications of surveillance.  “Getting so many Australians to download new and contested technology is an unparalleled achievement.  While the number of downloads doesn’t tell us how many people were actively using the app, it shows some success in getting people to at least download and engage with it.”

This relish for technological utopia can only take us so far before disgust sets in.  The issue for such believers is not how good the effort was, but the fact that it was tried by the unsuspecting.  And not only that, “COVIDSafe struck a balance between being aesthetic and relatively easy to use.”

In future, those in the business of dolling out such health initiatives should think more carefully.  These systems may be intended to keep public trust afloat but can have quite the opposite effect.  Ultimately, the proof of COVIDSafe’s great demise can be found in the number of individuals who consented to having their data added to the National COVIDSafe Data Store for reasons of contact tracing.  While there were 7.9 million registrations of the app between April 2020 and May 2022, fewer than 800 gave consent to that measure.  As Australia’s current health minister, Mark Butler, opined, the entire endeavour was a monumental waste.

Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at RMIT University, Melbourne. Email: bkampmark@gmail.com. Read other articles by Binoy.