Earlier this month, the Department of Health undertook a Privacy Impact Assessment in relation to the COVIDSafe contact tracing app — and now with over 5 million Australians registered to use the app, the federal government has introduced the Privacy Amendment (Public Health Contact Information) Bill 2020 (Bill) to amend the Privacy Act 1988 (Cth) (Privacy Act) so that many of the privacy protections already set out in the Minister for Health’s Determination under the Biosecurity Act 2015 (Cth) are reinforced in the Privacy Act.
For the purposes of the Privacy Act, the Bill specifies that COVIDSafe app data relating to an individual is classified as “personal information” and COVIDSafe app data generally is the property of the Commonwealth.
The draft legislation outlines several criminal offences relating to the improper use of the COVIDSafe app, including:
- retaining or disclosing uploaded data outside Australia;
- decrypting encrypted COVIDSafe app data; and
- coercing individuals to use the COVIDSafe app.
The Bill also empowers the Office of the Australian Information Commissioner to manage complaints, conduct assessments relating to COVIDSafe app data and share information with state or territory privacy authorities where necessary.