Singapore has confirmed its law enforcers will be able to access the country’s COVID-19 contact tracing data to aid in their criminal investigations. To date, more than 4.2 million residents or 78% of the local population have adopted the TraceTogether contact tracing app and wearable token, which is one of the world’s highest penetration rates.
This figure is double that of the adoption rate just three months ago, when TraceTogether had clocked 2.4 million downloads or about 40% of the population. A recent spike likely was fuelled by the government’s announcement that use of the app or token would be mandatory for entry into public venues in early-2021, when it was able to distribute the token to anyone who wanted one.
Introduced last March, TraceTogether taps Bluetooth signals to detect other participating mobile devices — within 2 metres of each other for more than 30 minutes — to allow them to identify those who have been in close contact when needed. In its efforts to ease privacy concerns, the Singapore government had stressed repeatedly that COVID-19 data would “never be accessed unless the user tests positive” for the virus and was contacted by the contact tracing team. Personal data such as unique identification number and mobile number also would be substituted by a random permanent ID and stored on a secured server.
Minister-in-Charge of the Smart Nation Initiative and Minister for Foreign Affairs, Vivian Balakrishnan, also had insisted the TraceTogether token was not a tracking device since it did not contain a GPS chip and could not connect to the internet. He further noted that all TraceTogether data would be encrypted and stored for up to 25 days, after which it would be automatically deleted, adding that the information would be uploaded to the Health Ministry only when an individual tested positive for COVID-19 and this could be carried out only by physically handing over the wearable device to the ministry, Balakrishnan said.
In addition, “only a very limited, restricted team of contact tracers” would have access to the data, the minister had said, noting that this was necessary to reconstruct the activity map of the COVID-19 patient. All public sector data protection rules would apply to the data held by the Health Ministry, he added, including abiding by the recommendations of the Public Sector Data Security Review Committee.
