COVIDSafe App: Prison time for hackers who mis-use personal data
Five years in prison or a $63,000 fine per offence is potentially awaiting those who abuse COVIDSafe App data.
The draft legislation for the government's new COVIDSafe App – billed as the ticket to easing restrictions – has been released as the government works to ease anxieties on behalf of users.
Under the legislation anyone who breaches the privacy safeguards of the app could face tens of thousands of dollars worth of fines and even potential jail time.
These tough laws apply to anyone, including police and even Australian security agencies.
Here's what we know about the draft legislation so far:
OFFENDERS COULD FACE FIVE YEARS IN JAIL
A person who is not permitted to collect, use or disclose data from the COVID app – especially if it is shared outside of Australia – could face a maximum penalty of imprisonment for five years or incur 300 penalty units.
Under the Crimes Act 1914, a penalty unit means the amount of $210, making a 300-unit penalty approximately $63,000.
WHO IS ALLOWED TO ACCESS THE DATA?
Under the draft legislation (which has not yet been passed as law), a person is permitted to access the data if they are employed by a state or territory health authority or if they are an officer, employee or contractor managing the data store.
Even under these circumstances, a person is only allowed to access the data if it is in the purpose of enabling contact tracing or ensuring that the COVIDSafe App is functioning correctly.
YOUR EMPLOYER CANNOT FORCE YOU TO DOWNLOAD THE APP
Under the legislation, your employer nor the government – nor anyone else for that matter – can force you to download the app.
"A person commits an offence if the person requires another person to download COVIDSafe to a mobile telecommunications device," the legislation reads.
The penalty for this is also 5 years imprisonment or a $63,000 fine per offence.
Establishments such as pubs and clubs are also not allowed to deny you entry into their premises on the proviso that the app be downloaded.
This applies to any transfer of goods or services, or contract based around business.
APP DATA MUST NOT REMAIN ON YOUR PHONE FOR 21 DAYS
Under "Division 3" of the legislation, the data store administrator must "take all reasonable steps" to ensure that COVID app data is not retained on a mobile device for more than 21 days.
If that's not possible, the data must not be retained "for longer than the shortest practicable period" after.
YOU CAN REQUEST TO HAVE YOUR DATA DELETED FROM THE STORE
Under the legislation, all COVIDSafe users who request the data store administrator to delete any registration data have the right to do so.
"The data store administrator must take all reasonable steps to delete the data from the National COVIDSafe Data Store as soon as practicable," the document reads.
Almost five million Australians have now downloaded the app.
A spokesman for Government Services Minister Stuart Robert said the figures quoted reflected people who had both downloaded and registered.
"More than 4.5 million Australians have registered for the COVIDSafe app, which has received widespread support and endorsement from across the Australian community including public health officials, as well as information technology and cybersecurity experts," said the spokesman.
For breaking news alerts and livestreams straight to your smartphone sign up to the and set notifications to on at the or
You can also get up-to-date information from the Federal Government's Coronavirus Australia app, available on the , and the .