Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

Dutch Government Pauses Coronavirus App Over Data Leak Fears

The Dutch government has temporarily disabled its coronavirus warning app amid data privacy concerns for people who have the app installed on phones using the Android operating system.

The Dutch government has temporarily disabled its coronavirus warning app amid data privacy concerns for people who have the app installed on phones using the Android operating system.

Health Minister Hugo de Jonge announced late Wednesday that the CoronaMelder app will stop sending warnings for 48 hours while the government checks if users’ data is secure.

The Dutch app uses “exposure notification” technology developed by Google and Apple that generates random codes that can be exchanged by phones whose users are close to one another for long enough to possibly transmit the virus.

The Dutch health ministry says that it is possible for other apps on Android phones to access data about whether its user’s had been infected and its contacts with other phones.

“The privacy of users is always a priority. While Google must solve the problem, I can limit the consequences. That’s why we’re taking this decision,” De Jonge said in a statement.

Most EU nations have designed contact tracing apps around the same technology, the European Commission said. The Commission said that it has informed controllers of national apps in the 27-nation EU “so that Member States take the necessary steps if necessary.”

According to the Dutch health ministry, Google informed the government Wednesday it has fixed the issue. The government halted messages from the app for 48 hours to check if the leak has been fixed.

In a statement emailed to The Associated Press, Google said it has been “rolling out a fix for an issue where random Bluetooth identifiers used by the Exposure Notification framework on Android were temporarily accessible to a limited number of pre-installed applications.”

Advertisement. Scroll to continue reading.

The tech giant said that the rollout began several weeks ago and it expects the fix “to be available to all Android users in the coming days.”

Google said that random Bluetooth identifiers “on their own have no practical value to bad actors, and it is extremely unlikely that developers of pre-installed apps were aware of the inadvertent availability of those identifiers.”

The company added that it has no indications that any data from coronavirus exposure apps was accessed inappropriately.

Related: Security, Privacy Issues Found in Tens of COVID-19 Contact Tracing Apps

Related: European Virus Tracing Apps Highlight Battle for Privacy

Related: COVID-19 Contact Tracing Apps: Effective Virus Risk Management Tools or Privacy Nightmare?

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem