Had a great panel on #covidsafe tonight with @alecdtucker, @matthewrdev, @GeoffreyHuntley and @kcarruthers. I had a bit of an epiphany on where I believe a lot of the misunderstanding is coming from so bear with me here:

A theme across my intro was that I encouraged people to ask not whether #covidsafe ensured privacy or not, but rather how it *changes* privacy from what it would be without the app. If you test positive, for example, how will privacy differ with or without the app?

The epiphany is that people are frequently associating digitised records directly with the app. They ask questions like “how will data from the app be protected on the server” but never seem to consider that even without the app, your data will still be on a server if positive.

For example: some people were unhappy that #covidsafe stores data on Amazon, but where is data stored if you’re *not* using the app and test positive? Because y’know it’ll go onto a server somewhere, right?

Or they’re worried that uploading data on contacts (something that only happens if tested positive) poses a risk. Do people realise they’ll be queried about their movements and contacts and that their answers will be digitised even with no app?

These are all (quite rightly) valid concerns, my point is that for the most part they’re equally valid with or without the app in its current implementation. You catch this thing and a whole bunch of your personal data is going to end up on a server somewhere. That’s the point.