South Africans have a healthy mistrust towards our government.

I say healthy because time and time again, the ANC has proven to be a criminal enterprise masquerading as a political party, and public trust has all but completely eroded.

Perhaps that’s why there’s so much scepticism surrounding the release of the COVID Alert SA app, with many South Africans saying it is just another case of the government trying to track and control us, farm our data, and other similar concerns.

Ironically, most of those sentiments were shared on Facebook and Twitter, where you’ve already surrendered every shred of privacy you’re concerned about in the first place.

It didn’t help that a certain South African musician then lampooned the app, which, even if it was ‘satire’, only further fuelled the flames of mistrust.

(If you want an explanation as to why that musician’s social media post fell short of being disinformation, read this from the Daily Maverick.)

There is nothing wrong with being sceptical, but if you ask the experts, this is one instance where privacy and spying concerns are unfounded.

Before we get to that, here’s the app’s explainer video:

The success of this system relies on buy-in across the board, but that hasn’t really been the case thus far.

On the government’s official COVID-19 site, privacy concerns are addressed:

The app uses Bluetooth signals to exchange ‘random codes’ (random numbers that change every so often) with other COVID Alert SA app users. This happens when their smartphones are within 2 metres of each other for more than 15 minutes. It’s like the devices have given each other a digital handshake. The random codes exchanged at the time of the ‘digital handshake’ are stored in a log on each phone for two weeks.

At no stage is the identity and location of the device users required for this exchange to happen. All that the COVID Alert SA app tracks is the proximity of smartphone devices to one another and how long they are in contact.

You can read more on that here.

MyBroadband points out that one bone of contention has to do with the permissions asked by the app, which include pairing with Bluetooth devices and running at startup.

Mobile app expert Alastair Hendricks has dismissed many of the common concerns in this great Twitter thread, but here’s the gist of what was covered:

[He] said Apple and Google collaborated to create a secure, privacy-preserving way to log exposures between devices using Bluetooth.

He explained the implementation uses random IDs that can’t be used to identify a user or their location.

Instead, your phone periodically checks all the random IDs associated with positive COVID-19 cases on a server against its own list…

Commenting on why the app launches at startup, he said it’s much more effective if it’s always logging possible exposures.

He added that the app is incredibly privacy-focused and does not include any third-party tracking libraries.

This was backed up by Sensepost CEO Dominic White, who debunked a misinformation video that has been doing the rounds.

You can see his thread here. Answering a question below that thread, White also pointed out that apps like Facebook, Instagram, and “even Takealot are *significantly* more invasive as apps”.

Yup – look at one item of clothing, once, and it follows you around the internet forever.

There’s also Emma Sadleir, the founder and chief executive of the Digital Law Company, and somebody who is seen as a leading expert on privacy and data in South Africa.

She recently spoke with BizNews founder Alec Hogg about the app. You can listen to the interview in full here, but let’s pull a few quotes:

 From a privacy law point of view, I don’t see any reason that people should be nervous that big brother is watching us and that this is going to have huge privacy concerns…

The app doesn’t collect any personal information. It doesn’t collect your name, it doesn’t collect your email address, your phone number. No location is collected or stored. All it does is that it tells you if within the previous 14 days you’ve come into contact with somebody who has voluntarily disclosed that they have tested positive. It doesn’t tell you who that person is. It doesn’t tell you exactly where that exposure took place. It just tells you that on a specific day you came into close contact with somebody who was tested positive…

I downloaded the app and I didn’t have to give them my first name, my surname, my phone number or my email address. I just downloaded the app…It’s really just your phone – which has your Bluetooth enabled – came into contact with somebody else’s phone – which has their Bluetooth enabled – and they have self-reported that they have tested positive.

To finish, Emma says this:

I really do think that people should download this app. I think it’s a good step because we all want to get back to normal life and this is a step towards that…

It’s selflessness, but it’s also allowing me to be selfish because it allows me to go on with my normal life and be exposed to people that I don’t know, with the comfort of knowing that I will be notified if there is any potential exposure. For me, it’s a no brainer. Exposure notification and early exposure notification is really absolutely critical to how we contain this epidemic going forward. The technology is there and let’s use it.

Finally, tech journalist and MyBroadband Editor At Large Jan Vermeulen and data privacy researcher Murray Hunter both spoke with CapeTalk presenters about the app and how it works.

You can listen to both of those interviews here.

Look, I get it – we’ve grown so tired of our government’s shortcomings that we don’t trust them in the slightest, and the same can be said for the big tech companies that govern our everyday online lives.

Nobody’s forcing us to get on board with COVID Alert SA, but when expert after expert tells us that we need not be afraid, maybe it’s time we listened.

Or don’t – it’s a free country.

For those who do want to download the COVID Alert SA app, you can do so here.

[sources:govza&mybb&biznews&capetalk]