Privacy Analysis of COVID-19 Contact Tracing Apps in the EU
2021 (English)In: Lecture Notes in Computer Science LNCS 12556 / [ed] M. Asplund and S. Nadjm-Tehrani, Springer, 2021, Vol. 12556, p. 213-228Conference paper, Published paper (Refereed)
Abstract [en]
This paper presents results from a privacy analysis of COVID-19 contact tracing apps developed within the EU. Though these apps have been termed advantageous, concerns regarding privacy have become an issue that has led to their slow adoption. In this empirical study, we perform both static and dynamic analysis to judge apps’ privacy-preserving behavior together with the analysis of the privacy and data protection goals to deduce their transparency and intervenability. From the results, we discover that while the apps aim to be privacy-preserving, not all adhere to this as we observe one tracks users’ location, while the other violates the principle of least privilege, data minimisation and transparency, which puts the users’ at risk by invading their privacy.© 2021, Springer Nature Switzerland AG.
Place, publisher, year, edition, pages
Springer, 2021. Vol. 12556, p. 213-228
Series
Lecture Notes in Computer Science, ISSN 0302-9743, E-ISSN 1611-3349 ; 12556
Keywords [en]
Privacy, COVID-19, Contact tracing apps, Transparency, Contact tracing, Empirical studies, Least privilege, Minimisation, Privacy analysis, Privacy preserving, Protection goals, Static and dynamic analysis
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:bth-21237DOI: 10.1007/978-3-030-70852-8_13ISI: 000927605100013Scopus ID: 2-s2.0-85103585121ISBN: 9783030708511 (print)OAI: oai:DiVA.org:bth-21237DiVA, id: diva2:1537157
Conference
The 25th Nordic Conference on Secure IT Systems, NordSec, Linköping, 23 November 2020 through 24 November 2020
Note
open access
2021-03-152021-03-152024-01-01Bibliographically approved