TikTok sued for billions over use of children’s data

TikTok is facing a legal challenge from former children’s commissioner for England Anne Longfield over how it collects and uses children’s data.

The claim is being filed on behalf of of millions of children in the UK and EU who have used the hugely popular video-sharing app.

If successful, the children affected could each be owed thousands of pounds.

TikTok said the case was without merit and it would fight it.

‘Sinister’
Lawyers will allege that TikTok takes children’s personal information, including phone numbers, videos, exact location and biometric data, without sufficient warning, transparency or the necessary consent required by law, and without children or parents knowing what is being done with that information.

In response, the video-sharing app said: “Privacy and safety are top priorities for TikTok and we have robust policies, processes and technologies in place to help protect all users, and our teenage users in particular. We believe the claims lack merit and intend to vigorously defend the action.”

TikTok has more than 800 million users worldwide and parent firm ByteDance made billions in profits last year, with the vast majority of that coming via advertising revenue.

The claim is being launched on behalf of all children who have used TikTok since 25 May 2018, regardless of whether they have an account or their privacy settings. Children not wishing to be represented can opt out.

Ms Longfield told the BBC she was focusing on TikTok because, while all social media platforms collected information, TikTok had “excessive” data collection policies.

“TikTok is a hugely popular social media platform that has helped children keep in touch with their friends during an incredibly difficult year. However, behind the fun songs, dance challenges and lip-sync trends lies something far more sinister.”

She alleges the firm is “a data collection service that is thinly veiled as a social network” which has “deliberately and successfully deceived parents”.

She added that those parents have a “right to know” what private information is being collected via TikTok’s “shadowy data collection practices”.

The case is being represented by law firm Scott and Scott. Partner Tom Southwell said he believed the information collected by TikTok represents “a severe breach of UK and EU data protection law”.

“TikTok and ByteDance’s advertising revenue is built on the personal information of its users, including children. Profiting from this information without fulfilling its legal obligations, and its moral duty to protect children online, is unacceptable.”

Age verification
The case is not without precedent.

In 2019, the Chinese firm was given a record $5.7m fine by the Federal Trade Commission (FTC), for mishandling children’s data.

The firm has been fined in South Korea over how it collects children’s data, and in the UK, it has been investigated by the Information Commissioner’s Office.

That action revolved around Musical.ly, which was incorporated into TikTok, knowingly hosting content published by users under the age of 13.

TikTok was ordered to delete the data and set up an age verification system.

According to Ofcom, 44% of eight to 12-year-olds in the UK use TikTok, despite its policies forbidding under-13s on the platform.

Class action
Similar legal action against TikTok was brought by an anonymous 12-year-old girl last year, supported by Ms Longfield.

At the time, Ms Longfield said she was waiting to see the result of another case before proceeding with suing TikTok.

The case in question was brought by Which? director Richard Lloyd on behalf of four million iPhone users who, he alleges, were illegally tracked by Google.

Despite being launched in 2017, the case has still not had the go-ahead and is due to be heard by the Supreme Court soon.

“It could be difficult for similar cases to succeed if the Supreme Court dismisses Mr Lloyd’s ability to bring his claim,” said Richard Leedham, partner at law firm Mishcon de Reya.

UK government intervenes in Nvidia takeover of chip designer Arm

The UK government is to examine the sale of computer chip designer Arm Holdings to a US company on national security grounds.

Japan’s SoftBank intended to sell the UK tech company to Nvidia for about $40bn (£29.5bn).

But Digital Secretary Oliver Dowden said he wanted the UK’s competition watchdog to assess its implications.

“Following careful consideration of the proposed takeover, I have today issued an intervention notice,” he said.

“As a next step and to help me gather the relevant information, the UK’s independent competition authority will now prepare a report on the implications of the transaction, which will help inform any further decisions.”

Nvidia takeover of chip designer Arm investigated
UK tech firm ARM sold to America’s Nvidia for $40bn
Arm’s technology is at the heart of most smartphones and smart devices worldwide.

But there were concerns when the Cambridge-based designer – which licenses its tech to the likes of Apple, Samsung and Huawei – accepted the offer from Nvidia, a US graphics chip specialist.

In January, the Competition and Markets Authority (CMA) announced it was looking into the deal amid worries it could lead Arm to withdraw, raise prices or reduce the quality of its services to Nvidia’s rivals.

Mr Dowden has now ordered it to begin a “phase one” investigation, which will decide whether a full “phase two” investigation is needed that could lead to the deal being blocked.

A spokesperson for Nvidia said: “We do not believe that this transaction poses any material national security issues.

“We will continue to work closely with the British authorities, as we have done since the announcement of this deal.”

‘Premier computing company’
Last year, more than 2,000 business leaders signed an open letter calling on the prime minister to stop the merger, saying UK jobs and influence could be lost.

Nvidia has promised to keep Arm based in the UK, to hire more staff, and to retain its brand.

It said that the deal would create “the premier computing company for the age of artificial intelligence”.

Nvidia could face barriers from other regulators around the world.

China, in particular, has already made clear that it is not happy about a deal which gives so much power to an American giant at a time when the US has sought to deny Chinese firms access to chip technology.

The CMA will have until 30 July to submit its findings to the digital secretary.

When Arm was sold to Japan’s SoftBank just after the 2016 EU referendum, the government celebrated the deal as a vote of confidence in the UK. Some had misgivings about what they saw as the jewel in the crown of 21st Century British technology falling into foreign hands, but guarantees that research and development would be strengthened in Cambridge seemed to allay ministers’ concerns.

Then when SoftBank sold Arm on to the American chip giant Nvidia last year, there were even louder complaints from the likes of Hermann Hauser who had been instrumental in the founding of the company more than 30 years ago. But it seemed there was even less likelihood of an intervention – what business of the Competition and Markets Authority was a deal between a Japanese and an American company?

But much has changed since 2016. Arm being bought by Nvidia is, it appears, a national security concern now in a way that the Softbank deal was not. Why? Well the vital importance of the semiconductor industry has become clear in recent months, with chips at the centre of a US-China trade war and chip shortages halting production at car plants.

There has also been a major shift in the UK’s attitude towards industrial policy. After three decades of a laissez-faire approach from both Conservative and Labour governments there’s a new willingness to intervene – witness the move to spend taxpayers’ money on a controlling stake in the failing satellite business OneWeb.

With other governments and regulators around the world not convinced that Nvidia owning Arm will be good for competition in the chip industry, it is far from certain that this deal will go through.

Charles Geschke: Adobe co-founder who helped develop the PDF dies

Charles Geschke, the co-founder of the software company Adobe who helped develop the Portable Document Format, or PDF, has died at the age of 81.

Geschke set up Adobe in 1982, giving the world the ubiquitous PDF software, among many other audio-visual innovations.

He made headlines 10 years later when he was kidnapped at gunpoint and held for ransom before being released unhurt after a four-day ordeal.

Geschke died in California on Friday.

Adobe CEO Shantanu Narayen said Geschke, widely known as Chuck, “sparked the desktop publishing revolution”.

“This is a huge loss for the entire Adobe community and the technology industry, for whom he has been a guide and hero for decades,” he wrote in an email to the company’s employees.

“As co-founders of Adobe, Chuck and John Warnock developed ground-breaking software that has revolutionized how people create and communicate,” he said.

Geschke and Warnock were responsible for transformative software inventions, including PDF, Acrobat, Illustrator, Premiere Pro and Photoshop, Mr Narayen said.

In 1992, Geschke was kidnapped in an incident that made national headlines.

He was held at gunpoint in his office and taken to Hollister, California, for four days.

Geschke was freed after a suspect, found with $650,000 (£470,000) in ransom money, took police to the location where he was being held, Associated Press reported.

In 2009, President Barack Obama awarded Geschke and Warnock the National Medal of Technology.

“He was really a humble, humble man – I can say that, as his wife,” Nan Geschke told Mercury News. “He was very proud of his success, of course, but he was very circumspect about how much he had to do with that.”

Ocado in self-driving vans push with £10m stake in Oxbotica

Online grocery retailer Ocado has unveiled a major push into autonomous driving technology.

It has teamed up with another British company, Oxbotica, to build self-driving vehicles for itself and others who use its platform.

That could include automatic forklift trucks at warehouses, self-driving delivery vans, or even “kerb to kitchen” robots for the final leg.

As part of the deal, Ocado has bought a £10m stake in Oxbotica.

Together, they say they plan to build hardware and software for autonomous vehicles.

“We want the entire end to end operation, ultimately, to be autonomous – from the receipt of stock to the warehouse all the way through to the customer’s door,” said Alex Harvey, Ocado’s head of advanced technology.

“From a customer’s perspective you open your door and outside you will see an autonomous van or another autonomous vehicle pull up outside your house, and most likely an autonomous robot will get out of that autonomous vehicle, will collect your groceries, and hand them to you at the doorstep.”

In recent years, Ocado has tried to project itself as a technology platform to be used by global retailers, rather than just an online grocery store.

It has developed robots which now pick and pack groceries at its state-of-the-art fulfilment centres, and this week, America’s Kroger supermarket chain unveiled its first warehouse using the Ocado technology.

Grocery shopping has changed for good, says Ocado
Self-driving car tests begin on Oxford’s roads
Kroger’s delivery vans also use software developed by Ocado to plot the most efficient routes.

The new partnership with Oxbotica will aim to take this idea further.

Driverless deliveries?
Oxbotica builds autonomous driving software for a range of global clients. The company was founded in 2014 by two Oxford professors – Paul Newman and Ingmar Posner – whose university research focused on self-driving cars.

The startup company has just raised new funding from investors in the UK, US and China. Ocado’s £10m stake is part of that funding round, and will give it a seat on Oxbotica’s board.

In its announcement, Ocado tempered expectations and said that getting permission from regulators to operate autonomous vehicles on public roads – allowing driverless deliveries to customers’ homes – may take some time.

But it said that “last-mile” deliveries to customers’ homes are a significant part of an online retailer’s costs, with labour accounting for half of that – so autonomous vans could produce big savings.

In the short term, it sees vehicles operating in restricted areas such as its own warehouses, with the first prototypes coming within two years.

William Amos: Canadian politician seen naked in work Zoom call

A Canadian politician has apologised after appearing naked in a video call with colleagues.

“This was an unfortunate error,” William Amos, who represents the Quebec district of Pontiac, said in a statement on Wednesday.

“My video was accidentally turned on as I was changing into my work clothes after going for a jog,” he said.

A screenshot of the incident posted on social media shows Mr Amos holding a mobile phone over his private parts.

The liberal member of parliament was captured standing behind a chair near a desk between the Quebec and Canadian flags.

Mr Amos said he was “embarrassed” by the incident, which he described as an “honest mistake” that “won’t happen again”.

“I sincerely apologise to my colleagues in the House of Commons for this unintentional distraction,” he said in his statement, later tweeting a similar apology.

A member of Canada’s Bloc Québécois party, Claude DeBellefeuille, said after the conference call that it might be “necessary to remind the members, especially the male ones, that a tie and jacket are obligatory”.

“We have seen that the member is in great physical shape, but I think members should be reminded to be careful and control the camera,” she said in French, according to CTV News.

line
You may also be interested in:
All the times virtual meetings didn’t go as planned in 2020
‘I’m not a cat’: Lawyer gets stuck with cat filter during virtual court case

Iran nuclear attack: Mystery surrounds nuclear sabotage at Natanz

Within hours of Iran proudly announcing the launch of its latest centrifuges, a power blackout damaged some of the precious machines at its site in Natanz.

Iran has described this as an act of “terrorism” and pointed the finger at Israel. But there is still mystery over the cause.

In Israel, some reports have suggested a cyber-attack might have been responsible but Iran has talked of “infiltrators” amid reports of an explosion linked to the power generator.

One thing reports seem to agree on is that an “incident” affected the power distribution network at Natanz, leading to a blackout until emergency power systems kicked in.

Iran’s nuclear crisis in 300 words
Iran Iran’s nuclear crisis in 300 words‘to avenge Israeli attack’ on nuclear site
Why do the limits on uranium enrichment matter?
A blackout may not sound that serious, but it can be at an enrichment plant. Centrifuges are slender machines linked up in what are called cascades which enrich uranium gas by spinning it at incredibly high speeds using rotors. The stress on the advanced materials involved is intense and the process is technically immensely challenging.

A small problem can send a centrifuge spinning out of control, with parts smashing into each other and damaging a whole cascade.

Ensuring the power supply reaching a centrifuge is perfectly balanced is vital. Which means sabotage of that supply can be catastrophic.

The question is: what caused it – a cyber-attack or a physical act of sabotage, like a bomb?

The speculation of cyber-attack comes because Natanz is Ground Zero for cyber-war – the place where the world’s first real cyber-attack took place a decade ago.

Most events called cyber-attacks are not really attacks in the physical sense – they are thefts of data. But Stuxnet – the name given to the incident that targeted Iran’s nuclear programme over a decade ago – is not just one of the few exceptions but arguably also the first demonstration of what such a cyber-attack looks like.

In that case, computer codes caused real-word damage by interfering with the centrifuge controllers to spin them out of control (and even relaying false messages back to those monitoring them so they would not worry until it was too late). The result was what sounded like a slow-motion explosion as centrifuges crashed into each other. It was an incredibly sophisticated and targeted operation, run jointly by the US and Israel and developed over a period of years.

But that does not mean that a cyber-attack has to be responsible this time. Iran invested heavily in cyber-defence and offense after Stuxnet making such an attack much harder and doing more to protect its systems, including the power supply.

Stuxnet showed the separation between online and physical attacks could be blurry – a cyber incident could cause real-world damage. But it also worked the other way – cyber-attacks sometimes required real-world help. Some of the versions of Stuxnet are believed to have required a person to physically insert a USB into a machine in order to get access to the Iranian system. And a physical act of sabotage might be accompanied by a cyber-intrusion to black out the power or alarm systems.

And there is also precedent for some kind of physical sabotage.

Last summer, a previously unknown group calling itself the Homeland Tigers said it was behind a blast which affected a building above ground at Natanz (most of the sensitive work is underground). Statements were sent to the BBC, as well as others, claiming the group were disaffected Iranians and promising more attacks would come. Many at the time assumed Israel was involved in some way, not least because the country has also been linked to the assassination of Iranian nuclear scientists.

Iranian nuclear scientist shot ‘by remote control’
Why Iran’s nuclear facilities are still vulnerable to attack
In the immediate aftermath of an incident, reports are often conflicting and hazy. There can also deliberate disinformation – sometimes a country like Israel might prefer it to appear that a cyber-incident was involved to protect anyone who infiltrated the site. And Iran itself may either not know, or want to reveal all it knows.

The details are likely to become clearer in the coming days, with more reports pointing towards an explosion at the power supply rather than simply a cyber-incident. But whatever the cause, previous incidents of either online or physical sabotage have only led to temporary setbacks for the Iranian nuclear programme. And this time Iran has again insisted it will push forwards with its work at Natanz.

Xiaomi to invest $10bn in electric vehicle race

Chinese phone maker Xiaomi is wading into electric vehicles with a $10bn (£7.3bn) investment over ten years.

The Chinese tech giant’s goal is to “offer quality smart electric vehicles,” it said on Tuesday.

Xiaomi is the world’s third largest smartphone maker behind Apple and Samsung, according to data firm Canalys.

The company will be entering a fiercely competitive electric car market that also includes rivals Apple and Huawei.

China’s biggest car brand to launch rival to Tesla
The Chinese £3,200 budget electric car chasing Tesla
China’s Baidu and Geely partner up for smart cars
Xiaomi will set up a wholly-owned subsidiary with an initial investment of about $1.5bn, with the company’s chief executive Lei Jun heading up the new venture.

“The decision was made after numerous rounds of deliberation among all our partners, and this will be the final major entrepreneurial project of my life,” he said in a statement.

So far, the company has given no indication about whether it will produce budget models or target the top end of the market.

There are already hundreds of companies in China jostling for a share of the world’s leading market for electric cars.Planned or existing models in China range from the tiny Hong Guang Mini EV, which retails for $4,500 to the new high-end electric brand Zeekr, which is owned by China’s biggest carmaker Geely.

Foreign manufacturers are also looking to build EVs for Chinese consumers.

Tesla is already delivering its Model Y to China from its Shanghai factory, while Ford has plans to manufacture the electric version of its Mustang there.

Partnering up
Other Chinese technology companies have also signalled their intention to make cars, or to partner with existing carmakers to produce new driving technologies.

Search engine giant Baidu announced in January it would also launch an electric car business.

China’s e-commerce giant Alibaba has formed an EV joint venture with SAIC, while ride-hailing app Didi Chuxing has partnered with automaker BYD to make electric vehicles specifically designed for its services.

Data provider S&P Global Platts estimates that “new energy vehicles” will account for 20% of total new car sales in China by 2025.

US blacklists seven Chinese supercomputer groups

The US has blacklisted seven Chinese groups it accuses of building supercomputers to help its military.

It is the first move by the Biden administration to make it harder for China to obtain US technology

On Thursday, three companies and four branches of China’s National Supercomputing Center were added to the US blacklist.

This bars American companies from exporting technology to the groups without proper approval.

World’s fastest supercomputer fights coronavirus
Tech Tent: Is Arm the future of computing?
Too many computer chips made in Asia – Intel chief
The US commerce department said the groups were involved in building supercomputers used by Chinese “military actors” and facilitating programmes to develop weapons of mass destruction.

The sanctioned groups are leading China’s supercomputing development and are key players in Beijing’s plan for chip self-sufficiency.

US Commerce Secretary Gina Raimondo said the Biden administration would use “the full extent of its authorities to prevent China from leveraging US technologies to support these destabilising military modernisation efforts”.

The Trump administration had also targeted dozens of Chinese companies it suspected of using American technology for military uses, including phonemaker Huawei.

Mr Biden’s move on Thursday requires the seven Chinese groups to obtain licences to access American technologies, including chip infrastructures designed by Intel and other U.S chipmakers.

While the blacklist bars US-based companies from providing services and products to the Chinese firms, it doesn’t bar those that are produced in facilities outside of the US.

One such company is TSMC, the Taiwan-based company that has become the world’s most advanced semiconductor manufacturer.

What is a supercomputer?
Supercomputers have a considerably higher level of performance compared to a general-purpose computer and can make billions of calculations per second.

Supercomputers are made up of thousands of connected processors and are used for functions like forecasting weather and climate trends, simulating nuclear tests and for pharmaceutical research.

They are also necessary for the development of advanced weapons such as hypersonic missiles.

“Supercomputing capabilities are vital for the development of many – perhaps almost all – modern weapons and national security systems, such as nuclear weapons and hypersonic weapons,” Ms Raimondo added.

‘Not waiting around’
The US is worried about China gaining access to American technology that helps its army close the gap with the US military.

The Biden administration is currently reviewing dozens of China-related actions that Donald Trump took, including an order that prohibits Americans from investing in Chinese companies believed to be linked to the military.

“Do you think China is waiting around to invest in its digital infrastructure or research and development? I promise you, they are not waiting,” Mr Biden said in a speech on Wednesday.

Mr Biden said China and the rest of the world “are racing ahead of us in the investments they have in the future”.

US gun violence: Biden takes action on ‘international embarrassment’

US President Joe Biden has issued an order targeting homemade guns, known as “ghost guns” because they are unregistered and untraceable.

“Gun violence in this country is an epidemic, and it’s an international embarrassment,” he said on Thursday.

The president is enacting new measures through an executive order, meaning he does not need approval from Congress.

It includes efforts to set rules for certain guns, bolster background checks and support local violence prevention.

America’s gun culture in charts
US shooting suspect identified as ex-NFL player
However, the president will have an uphill task. The right to bear arms is protected by the Second Amendment to the US Constitution and many people see gun control laws as infringing on this constitutional right.

Hours after the president’s address, a gunman killed one person and injured five others at a cabinet-making shop in Bryan, Texas. A state trooper was also shot and injured while taking the suspect into custody.

On Wednesday, five people, including two young children, killed in South Carolina. The suspect has been named as former NFL player Phillip Adams.

This followed two mass shootings in March, which left a total of 18 people dead – one in Boulder, Colorado and the other in Atlanta, Georgia.

What did Mr Biden say?
Speaking in the White House Rose Garden on Thursday, Mr Biden said 106 people are killed every day by guns in the country.

“This is an epidemic for God’s sake. And it has to stop,” he continued.

He also offered condolences to the family killed in South Carolina.

Mr Biden’s executive order gives the Justice Department 30 days to propose a rule that will help reduce the number of so-called “ghost guns”.

These guns are self-assembled, which means they do not contain a serial number and cannot be traced. Background checks are also not required to purchase the assembly kits.

“Anyone from a criminal to a terrorist can buy this kit and, in as little as 30 minutes, put together a weapon,” Mr Biden said.

Experts say that these homemade guns are increasingly being used in crimes. Over 40% of guns being seized in Los Angeles are ghost guns, according to federal firearms officials.

Mr Biden is also giving the Justice Department two months to come up with a rule on stabilising braces for pistols. Under the rule, a pistol used with a stabilising brace would be classified as a short-barrelled rifle, which requires much more stringent background checks under the National Firearms Act.

The Justice Department has also been asked to draft a “red flag law” which states can then use to create their own legislation. These laws authorise the courts and law enforcement to remove guns from people thought to be a risk to the community.

Should US police be able to seize guns
US gun sales have hit record high – why?
Getting further gun measures through Congress would be difficult. The US Senate is currently split 50-50 between Democrats and Republicans, with Vice-President Harris holding the deciding vote.

However, current Senate rules mean that in practice, 60 votes are needed to pass legislation, meaning some Republican support is required. Republicans have blocked significant gun control laws in the past.

After recent mass shootings, gun-control activists called on Joe Biden to impose new regulations on firearms. And like past presidents who have sought to address US gun violence, Biden confronts a hard reality.

There are not enough votes in Congress to enact even modest new gun laws. And the steps a president can take unilaterally are limited in scope.

Biden promised that he would do something about gun control, however, so on Thursday he gathered a sympathetic audience in the Rose Garden and unveiled a grab-bag of new actions.

He nominated a head of the Bureau of Alcohol, Tobacco, Firearms and Explosives – a vacancy Donald Trump never bothered to fill. He instructed his Justice Department to come up with new rules for homemade guns and more heavily regulate an attachment that makes handguns more accurate. He called for new gun-violence studies and draft legislation that states could pass.

In a tacit acknowledgement that the scope of these actions are limited, Biden assured his audience that “this is just a start”.

To go much farther, however, the political dynamic in Congress will have to change – and Biden, currently more focused on passing his infrastructure package, will have to expend more political capital.

Presentational grey line
What has the reaction been?
Mr Biden’s proposed measures have been praised by gun control group Everytown for Gun Safety.

“Each of these executive actions will start to address the epidemic of gun violence that has raged throughout the pandemic and begin to make good on President Biden’s promise to be the strongest gun safety president in history,” group president John Feinblatt said.

He added that the Biden administration’s decision to treat ghost guns “like the deadly weapons they are will undoubtedly save countless lives”.

The National Rifle Association (NRA), the biggest gun rights lobby group in the US, described the measures as “extreme” and said it was ready to fight.

Texas Governor Greg Abbott labelled Mr Biden’s order as “a new liberal power grab to take away our guns”, promising not to allow this in his state.

Later on Thursday, Mr Abbott also tweeted that he had been working with public safety and law enforcement officials in the state over the shooting in Bryan. He promised any help needed to prosecute the suspect and offered prayers for the families of victims.

NHS Covid-19 contact tracing app to share QR code venue check-ins

England and Wales’ contact tracing app will soon ask users to share details of venues they have checked in to, if they test positive for the coronavirus.

The update to the NHS Covid-19 app will be deployed ahead of shops reopening in both nations on 12 April, as well as outdoor hospitality in England.

The authorities will be able to use the information to tell other visitors if they need to be tested for the virus.

But the system has been designed to protect users’ anonymity.

“The app has been designed with user privacy in mind, so it tracks the virus not people, and uses the latest in data security technology to protect privacy,” said a spokeswoman for the Department of Health and Social Care.

Automatic checks
Until now, the QR barcode-scanning facility only came into use if local authorities themselves flagged a location as being a virus hotspot by other means.

This would then trigger a process whereby each phone could check if it had been at one of the affected venues on the dates concerned, and send the owner an alert.

But the facility has rarely been used, despite more than 106 million check-ins.

In March, Sky News reported that “capacity issues at a local level” were blamed for this, with overburdened health protection teams unclear about what they were supposed to do.

The decision to automate the system via users’ own actions could help address this.

People might have reservations about disclosing where they have been and when.

To address this, the Department of Health has said a “privacy-protecting” approach is being taken.

The app will only share venue history data if users opt in.

And rather than any names or other personal details being disclosed, the software will simply inform the system when an infected user had visited the locations.

Depending on the thresholds set – for example how many infected users visited the same place on the same day – other app users can then be told to either monitor their symptoms or immediately get a test, whether they feel ill or not.

It is not intended that the check-in tool be used alone to force others to self-isolate.

“People shouldn’t be worried about this as effectively they aren’t being asked where they were, but rather where an unidentified person testing positive with Covid was,” commented Prof Alan Woodward, a security expert from the University of Surrey.

Further details will be revealed in a forthcoming revision to the app’s data protection impact assessment (DPIA) document.

Centralised Scotland
Privacy advocates have, however, raised concerns about a parallel system being run in Scotland.

Users there are being asked to use a new app – Check In Scotland – to register at venues.

It is separate to the Protect Scotland contact-tracing app, and thus not bound to the same privacy-preserving measures demanded by Google and Apple, which provide some of the technology involved.

Check In Scotland uploads the name, email address and mobile phone number of each user to a “secure” centralised database along with the time of their visit to each venue.

The justification given is two-fold:

“a genuine concern” that users might delete their logs of visited venues prior to a warning being received
to allow Test and Protect workers to make direct contact with those judged to be at risk of contagion from sharing a venue with an infected person
Users are told the data should only be used to try to combat the virus.

But the DPIA acknowledges that the information could, in theory, be disclosed for other purposes if demanded via a court order or ministerial direction.

Some experts are concerned this leaves the door open to it being “misused”.

“The concern is that this infrastructure, once in place, is unlikely to go away because the coronavirus will be with us for a long time,” said Prof Michael Veale, a lecturer in digital rights at University College London.