COVID Alert App by Michael Geist (CC BY 2.5 CA)

COVID Alert App by Michael Geist (CC BY 2.5 CA)

News

Four Million Downloads and Counting: Everyone Should Install the COVID Alert App

Earlier this summer, I posted on why I installed the COVID Alert App, the national exposure notification app designed to provide Canadians with an alert if they may have been exposed to COVID-19. The post discusses the privacy safeguards that have been built into the app, the reviews from both the federal and Ontario provincial privacy commissioners, and points to previous Lawbytes podcasts (Edwards, Clayton, Kosseim) that discuss the use of technology to help counter the spread of the virus. While there were some concerns (notably the ongoing concerns with social inequities), I concluded that the safeguards combined with the public health benefits were enough to justify installation (Apple, Android).

On the day of the post, there were a total of 88 new cases in Ontario and just four in Ottawa, where I live. As I write this post just over two months later, the latest numbers are 797 new cases in Ontario and 182 new cases in Ottawa (now 939 province-wide). What started out as app that was nice to have with little urgency among many to download, has become an increasingly important tool in trying to stem the second wave. When the app first launched, it was only functional in Ontario. Today, the app can be used to report a COVID-19 diagnosis in seven provinces: Manitoba, New Brunswick, Newfoundland, Ontario, PEI, Quebec, and Saskatchewan. The app is close to launching in Nova Scotia and Alberta has announced that it plans to switch over to the app as well.

The download numbers have also grown significantly in recent weeks.  There was just over 1 million downloads in the first few days and just over 2 million after the first month.  Five weeks later, the number has topped 4 million downloads. More notably, the app is being used to alert people of potential exposure with 90 users providing a notification in the first month and over 1,000 notifications in the last five weeks. The increasing notifications points to the rapid spread of the virus, but also confirms that Canadians are willing to not only install the app, but also alert others should the need arise.

As we head into the Thanksgiving weekend, if you haven’t downloaded and installed the app, please do so. The app doesn’t replace other essential measures – social distancing, wearing masks, testing, contact tracing – but it has emerged as an important part of the toolbox for keeping everyone a bit safer.

16 Comments

  1. Pingback: #MichaelGeist telling people to embrace #surveillance :/ https://ww… | Dr. Roy Schestowitz (罗伊)

  2. Pingback: COVID Alert app passes 4 million downloads as more provinces join on – Digital Access

  3. Michael and others here:

    Has anyone specifically investigated what appears to be a privacy “big, open barn door”… the fact that on Android the Covid app requires Google Location Services to be running?

    While I accept as true the assertion that the Covid app doesn’t acquire or share location information, the fact that GLS is running means that Google (therefor also 5eyes), other apps, web pages, and real-world people-tracking sensors (retail & other public spaces) also have access to very fine-grained, real time, personally identifiable trackable location information.

    What is particularly frustrating is that the Covid app would only need to use the Bluetooth API and that GLS is complete overkill.

    I’d appreciate expert insight either verifying this concern or explaining exactly why this isn’t a substantial privacy weakness.

    Thanks!

  4. Pingback: News of the Week; October 7, 2020 – Communications Law at Allard Hall

  5. Pingback: COVID Alert app passes 4 million downloads as more provinces join on

  6. The Exposure Notifications System uses Bluetooth scanning.

    For Android 11, released 8 September 2020, the Exposure Notifications System does not require the phone’s Location setting to be on.

    For devices running Android 6 through 10 and earlier, for Bluetooth scanning to work, the device location setting needs to be turned on for all apps, not just apps built with the Exposure Notifications System.

    Google provides further information in this link.

    https://support.google.com/android/answer/9930236

    Professor Geist’s July article on this topic provides links to the Federal and Ontario Privacy Commissioners’ analyses, as well as links to other excellent information. I’d recommend you read those for the analysis you are seeking.

    • Thank you very much Ziad. Michael, please note:

      I understand how the app is architected and I did study the privacy officer statements when the app was launched. My testing in July (Android 10) but did not notice that Android 11 unbundled Bluetooth from Google Location Services effective last month.

      I assume the federal and provincial privacy offices were not sufficiently knowledgeable to identify this failure in privacy-by-design.

      What this seems to mean then is that no android phones at the launch of the Covid app, and only a small fraction of android phones in use can preserve their location privacy. Newer google phones will have had their OTA update now and other recently launched makes and models of Android phones may get the version 11 update in the coming months.

      It seems you have verified for me that the government’s carefully worded assertion that “the covid app” doesn’t track location and identity must have been determined while knowing and wishing to avoid drawing attention to the fact that enabling the app on all android phones (then) and the vast majority (throughout the pandemic) would fully betray private identity and real-time location data to other on device apps and services.

      If others here see an error in this reasoning, by all means please explain the case.

  7. “Everyone Should Install the COVID Alert App” Uh, not everyone has a fancy new smart phone.

  8. Pingback: COVID Alert App Passes 4 Million Downloads As More Provinces Join On

  9. Pingback: COVID Alert App Surpasses 4 Million Downloads As More Provinces Join - The Canadian

  10. Pingback: COVID Alert app passes 4 million downloads as more provinces sign up with on

  11. Devil's Advocate says:

    Like lambs to the slaughter.

    People continue to willingly surrender all their rights, freedom and protections. Some even view that act as if it was a good thing, and insist that others “need” to do the same.

    Critical thinking has become a thing of the past. This whole CV19 thing has demonstrated that fact very clearly. The masses have learned absolutely nothing from the “Swine Flu epidemic”.

    Lies and propaganda now completely shape and drive society.

    • Nemesis Enforcer says:

      Pandemic, not epidemic. Maybe you should get a refund on your medical degree.

      • Devil's Advocate says:

        The “Swine Flu” was described as an “epidemic” at the time. It was the Swine Flu farce that sparked the WHO to change its definition of a “pandemic” for future use.

        Either you’re not familiar with the reference, or you need to read something more carefully before attempting to comment on it.

  12. The COVID Alert App instructs us as to how easy it is in fact to produce Apps that respect our privacy. I will download this app once all other apps stop taking our data ; the feds and provinces and everyone else stop collecting and sharing our info, including health, banking, insurance, security, political party’s, etc., and institute an enshrined right to privacy that is sorely lacking. Yes, this is hostage taking. Yes, it is the right thing to do.

  13. Devil's Advocate says:

    I’d love to know what makes you believe this app wouldn’t pose any threat.

    The fact that your operating system (which you already can’t trust) is being used to break the security of your bluetooth connection and create future vulnerabilities for other exploits should be enough to cause concern. Or didn’t anyone pick up on that?

    How about the part where your device ID is being locally broadcasted, openly, by your bluetooth connection, without your consent, thanks to the security protocols being bypassed? Anyone catch that one? No?

    People have to start thinking about more than just the “data”. And they need to get better acquainted with what they’re carrying around in their hand.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

*