Consumer privacy app company Jumbo studied the app, Care19, and found that it was transmitting information to third parties including Foursquare and Google, according to The Washington Post. The finding is unfortunate not only because it’s a major privacy violation, but also because it threatens to erode the public’s trust in government attempts to contain COVID-19.
ProudCrowd, the company that developed the contact-tracing app, confirmed that it sends data, but says it’s not for commercial purposes, according to WaPo. And a Foursquare spokesperson told WaPo that they don’t use the data and “it is promptly discarded.” But the fact remains that Care19 users were told their data wouldn’t be sent out at all.
“Sharing what is supposed to be an anonymous code along with an Advertising Identifier has serious privacy risks,” reads Jumbo’s analysis of the app.
Regardless of whether anyone actually is actually making money off of the data, the privacy violation risks making members of the public less trusting of the state’s response to COVID-19 and potentially increase resistance to future contact-tracing measures.
“Should this have been vetted? Yes. We are following up on that as we speak,” Vern Dosch, North Dakota’s contact-tracing facilitator, told WaPo. “We know that people are very sensitive.”
More on contact tracing: In China, This Coronavirus App Pretty Much Controls Your Life