Singapore has updated the privacy policy for its TraceTogether COVID-19 contact tracing program and admitted that local police will be able to access this contact tracing data as part of criminal investigations.
The program’s privacy policy previously stated: “We are committed to safeguarding your privacy and will only use your data for contact tracing purposes.”
Over 4.2 million of the country’s citizens (around 78% of the population) had opted in to the TraceTogether program under this privacy policy by downloading the TraceTogether contact tracing app or using a wearable contact tracing token.
However, during today’s parliament sitting, Singapore’s Minister of State for Home Affairs, Desmond Tan, admitted that the “Singapore Police Force is empowered under the Criminal Procedure Code to obtain any data, and that includes the TraceTogether data, for criminal investigations.”
He added that during criminal cases where there is a suspect and witness, contact tracing data will be extracted from witnesses but not from suspects or individuals who are under investigation.
After Tan revealed that police can access this contact tracing data, statements about the data only being used for contact tracing purposes were scrubbed from the privacy policy and a new paragraph was added which states:
“TraceTogether data may be used in circumstances where citizen safety and security is or has been affected. Authorised Police officers may invoke Criminal Procedure Code (CPC) powers to request users to upload their TraceTogether data for criminal investigations. The Singapore Police Force is empowered under the CPC to obtain any data, including TraceTogether data, for criminal investigations.”
When questioned on whether the admission that contact tracing data could be used for police investigations is in violation of the original TraceTogether privacy statement, Tan said:
“We do not preclude the use of TraceTogether data in circumstances where citizens’ safety and security is or has been affected and this applies to all other data as well and authorized police officers may invoke then, the criminal procedure code I mentioned earlier, powers to obtain this data for purpose of criminal investigation and for the purpose of the safety and security of our citizens. But otherwise, TraceTogether data is indeed to be used only for contact tracing and for purpose of fighting COVID situation.”
Click here to display content from YouTube.
Learn more in YouTube’s privacy policy.
The revelation that police can access this data follows the government announcing that use of this TraceTogether contact tracing program will be mandatory for entry into some public venues in Singapore from this year.
Related: ? The invasive tracking tech of the post-COVID world
The admission that Singapore’s contact tracing data may be used for purposes beyond tracking coronavirus infection rates is the latest of many stories from the last few months that highlights how governments around the world are using the coronavirus to implement mass surveillance measures.
In Israel, during the early days of the pandemic, the government used a mass surveillance tool to track citizens’ phones and scoop up their devices’ browser history, location data, and call and text metadata. Israel’s Prime Minister Benjamin Netanyahu has also proposed putting sensors on all citizens.
In the UK, analysts from the intelligence agency Government Communication Headquarters (GCHQ) are providing the government with minute-by-minute reports on the behavior of citizens with these reports including data on people’s movements and online job searches.
And in Australia, the country’s intelligence agencies scooped up contact tracing data during the first six months after it launched.
Not only are governments using this data to implement invasive surveillance measures but the collection of coronavirus data also increases the risk of it being leaked or breached. India and Wales have both been plagued by this issue with the details of at least eight million users of India’s contact tracing app and over 18,000 Welsh COVID-19 test patients being leaked online over the course of the last few months.
Additionally, several coronavirus contact tracing apps have had issues that reduce the accuracy of the data that’s being collected. For example, the UK’s contact tracing app has falsely told people to self-isolate because it won’t accept negative results and had accuracy issues associated with its reliance on Bluetooth signals.