England’s COVID test and trace programme breaks GDPR law
The NHS test and trace programme works by alerting any individuals who have been in contact with a person who has tested positive for the virus. This works by tracing people who have been in close contact with the COVID-19 positive individual, alerting them and instructing them to self isolate for 14 days to prevent furthering the spread.
On the forefront, the programme seems very useful in preventing the spread and allowing the country to move forward to a “new normal” however recently, the government has admitted that the test and trace application is unlawful due to it breaching the data protection law enforced in England, GDPR.
The government insists that the data was not breached and it was not being used unlawfully. However the data that they are collecting has been deemed as sensitive information. The data that they collect includes; Name, date of birth and address, places that the individual has recently visited and also the names and contact details (such as phone number or email address) of people that they have been in contact with including intimate partners, which may be uncomfortable for some people to disclose.
Image credits: BBC
The government has informed the ORG that they are working with the Information Commissioner's Office to ensure that all data is processed and stored in accordance with the requirements of the GDPR law.
A spokesman for the Department of Health and Social Care says that the application for contact tracing was rushed as the pandemic raged throughout the country.
The rushed development of the application could have resulted in GDPR being overlooked simply to get the application ready for use as quickly as possible.
Whilst the test and trace system may raise some security concerns, it is a key element to protecting public health and aiding the public to return to a “new normal” after the COVID-19 pandemic.
Stay safe, save lives
Vaccine rollout spurring dark net activity, McAfee finds
A report by security software company McAfee has found a huge rise in the availability and demand for illegal COVID-19 vaccines.
The research by McAfee Advanced Threat Research found evidence that COVID-19 vaccines are currently available on at least a dozen dark net marketplaces. Vaccines allegedly made by Pfizer-BioNTech are being sold for $600 to $2,500 per dose, with vendors using channels such as Wickr, Telegram, WhatsApp and Gmail to advertise and communicate.
Some of the supposed vaccines are imported from the US, while others are packed in the UK and shipped all over the world, according to the listings.
Moderna vaccines, potentially fraudulent antibody tests and fake vaccine cards are also being increasingly sold on the dark web, on at least 10 different underground markets.
Anne An, senior security researcher at McAfee’s Advanced Programs Group, told us that with the increased global demand for COVID-19 vaccinations, the demand for illegal vaccines, fake test results and vaccination record cards has also grown. "Consumers who are buying these items pose a serious threat to public health and spur the underground economy" she said.
"Opportunistic cybercriminals capitalise on public interest in obtaining a COVID-19 immunity passport. These bad actors can also benefit by reselling the names, dates of birth, home addresses, contact details and other personally indefinable information of their customers."
As well as cyber security measures, An says education is necessary to stem the rise in these illegal sales. "Dark net selling of illegal COVID-19 vaccinations, fake test results and vaccination record cards is both a cybersecurity issue and an educational issue.
"On the one hand, channels being used as a means of business have the responsibility to monitor and mitigate cybercriminal activity on their platforms. On the other, the ongoing efforts of government and medical officials to provide factual information on COVID-19 and vaccinations is critical to discouraging the demand for fraudulent alternatives."
Read McAfee's report Fool’s Gold”: Questionable Vaccines, Bogus Results, and Forged Cards