TousAntiCovid accused of endangering the privacy of French people

TousAntiCovid, the government’s Covid-19 tracking application, is accused of endangering the privacy of its users. According to a trio of computer security researchers, the statistics collection system launched in June, without the user’s consent, poses a series of problems for the privacy and anonymity of French people.

Last June, TousAntiCovid updated with a new statistics collection system. This system aims to assess the effectiveness of the application by obtaining anonymous data. According to a team of researchers, “The collection of statistics contradicts the principle of data minimization and endangers the properties of security and protection of privacy”.

Indeed, the system put in place turns out to be particularly greedy in personal data. “The statistics include a very detailed event log, which records most of the actions taken by the user, with an accurate time stamp”, regret the experts after having analyzed the code of the application. This data is collected every 12 hours.

Read also: a bug prevents the recovery of health passes to import into TousAntiCovid

TousAntiCovid poses a risk to privacy and anonymity

By combining the data obtained by the different protocols implemented, namely ROBERT and Cléa, it is possible to draw up a portrait of users’ habits. “If Alice and Bob have had lunch together all week, their logs contain almost synchronous events, and the server can observe a correlation between their data”, details Gaetan Laurent, one of the researchers behind the investigation on his Twitter account.

Ultimately, the data could theoretically develop a “Social graph” social interactions between users. Concretely, it is possible to determine that a TousAntiCovid user has gone for a drink, or eat in a restaurant, with another. By crossing other data collected, the user’s identity is quickly endangered.

This security hole is the result of the use of different security protocols which are not supposed to communicate with each other. “Bluetooth tracking data can be correlated with application statistics”, notes the report produced by the researchers. The breach has also widened with the addition of a feature to store and display health passes. Indeed, the pass is “Nominative”, recalls the report.

“These problems are directly linked to the design choices of the TousAntiCovid application, in particular the choice to put in the same application different systems which should be independent”, considers the conclusion of the report. For’stem the risk of data breaches, the researchers advise in particular to reduce the precision of time-stamped information.

Source: Risk analysis of TousAntiCovid statistics