My analysis of the COVIDSafe app (thread). Short version is that individual risks that could be reduced by government action (increasing trustworthiness and hence downloads). Actual decision will remain personal (individual risk versus collective benefit). 1/

First, contemplated legislation (to replace the Determination) should be prioritised, both to ensure permanence and to amend interacting legislation directly. In particular, the Determination ends at the end of the biosecurity emergency period and can be amended /2

Third, the process used to de-identify data for statistical purposes should be made public (allowing researchers to confirm that the methodology is sufficient to render negligible the risk of re-identification) /4

Second, the government should be transparent about the source code and encryption protocols to facilitate testing by everyone (as opposed to select agencies). Many have echoed this. /3

The government should clarify the procedures for auditing compliance with rules (by both federal and state agencies) and responding rapidly to any identified bugs and exploits. /5

Clause 7 of the Determination should be amended to provide (1) that no data from the app can taken out of Australia, with the exception of the situation contemplated in cl 7(4), and .../6

... (2) that data relating to individuals’ COVID-19 status and contacts be deleted from the data store after 21 days. /7

Need to introduce amendments into the Telecommunications Legislation Amendment (International Production Orders) Bill 2020 and related agreements with the US to specifically exclude COVIDSafe data. /8

Happy to be corrected on anything after a very speedy analysis today! /9.