Gov Contact-Tracing App Sends User Data to Foursquare, Google

This privacy debacle threatens to erode public trust.

Public Access

There's a troubling flaw with the coronavirus contact-tracing app used in North Dakota: it violates its own privacy policy by quietly sending users' information to companies likeFoursquare.

Consumer privacy app company Jumbo studied the app, Care19, and found that it was transmitting information to third parties including Foursquare and Google, according to The Washington Post. The finding is unfortunate not only because it's a major privacy violation, but also because it threatens to erode the public's trust in government attempts to contain COVID-19.

Contact Monetization

ProudCrowd, the company that developed the contact-tracing app, confirmed that it sends data, but says it's not for commercial purposes, according to WaPo. And a Foursquare spokesperson told WaPo that they don't use the data and "it is promptly discarded." But the fact remains that Care19 users were told their data wouldn't be sent out at all.

"Sharing what is supposed to be an anonymous code along with an Advertising Identifier has serious privacy risks," reads Jumbo's analysis of the app.

Public Safety

Regardless of whether anyone actually is actually making money off of the data, the privacy violation risks making members of the public less trusting of the state's response to COVID-19 and potentially increase resistance to future contact-tracing measures.

"Should this have been vetted? Yes. We are following up on that as we speak," Vern Dosch, North Dakota's contact-tracing facilitator, told WaPo. "We know that people are very sensitive."

READ MORE: One of the first contact-tracing apps violates its own privacy policy [The Washington Post]

More on contact tracing: In China, This Coronavirus App Pretty Much Controls Your Life