Data Management and Privacy Policy of COVID-19 Contact-Tracing Apps: Systematic Review and Content Analysis
Why this work is in the frame
A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.
Bibliographic record
Abstract
BACKGROUND: COVID-19 digital contact-tracing apps were created to assist public health authorities in curbing the pandemic. These apps require users' permission to access specific functions on their mobile phones, such as geolocation, Bluetooth or Wi-Fi connections, or personal data, to work correctly. As these functions have privacy repercussions, it is essential to establish how contact-tracing apps respect users' privacy. OBJECTIVE: This study aimed to systematically map existing contact-tracing apps and evaluate the permissions required and their privacy policies. Specifically, we evaluated the type of permissions, the privacy policies' readability, and the information included in them. METHODS: We used custom Google searches and existing lists of contact-tracing apps to identify potentially eligible apps between May 2020 and November 2021. We included contact-tracing or exposure notification apps with a Google Play webpage from which we extracted app characteristics (eg, sponsor, number of installs, and ratings). We used Exodus Privacy to systematically extract the number of permissions and classify them as dangerous or normal. We computed a Permission Accumulated Risk Score representing the threat level to the user's privacy. We assessed the privacy policies' readability and evaluated their content using a 13-item checklist, which generated a Privacy Transparency Index. We explored the relationships between app characteristics, Permission Accumulated Risk Score, and Privacy Transparency Index using correlations, chi-square tests, or ANOVAs. RESULTS: We identified 180 contact-tracing apps across 152 countries, states, or territories. We included 85.6% (154/180) of apps with a working Google Play page, most of which (132/154, 85.7%) had a privacy policy document. Most apps were developed by governments (116/154, 75.3%) and totaled 264.5 million installs. The average rating on Google Play was 3.5 (SD 0.7). Across the 154 apps, we identified 94 unique permissions, 18% (17/94) of which were dangerous, and 30 trackers. The average Permission Accumulated Risk Score was 22.7 (SD 17.7; range 4-74, median 16) and the average Privacy Transparency Index was 55.8 (SD 21.7; range 5-95, median 55). Overall, the privacy documents were difficult to read (median grade level 12, range 7-23); 67% (88/132) of these mentioned that the apps collected personal identifiers. The Permission Accumulated Risk Score was negatively associated with the average App Store ratings (r=-0.20; P=.03; 120/154, 77.9%) and Privacy Transparency Index (r=-0.25; P<.001; 132/154, 85.7%), suggesting that the higher the risk to one's data, the lower the apps' ratings and transparency index. CONCLUSIONS: Many contact-tracing apps were developed covering most of the planet but with a relatively low number of installs. Privacy-preserving apps scored high in transparency and App Store ratings, suggesting that some users appreciate these apps. Nevertheless, privacy policy documents were difficult to read for an average audience. Therefore, we recommend following privacy-preserving and transparency principles to improve contact-tracing uptake while making privacy documents more readable for a wider public.
Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.
Full frame distilled prediction
Teacher imitationNot calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.
Codex and Gemma teacher scores by category
| Category | Codex | Gemma |
|---|---|---|
| Metaresearch | 0.004 | 0.001 |
| Meta-epidemiology (narrow) | 0.001 | 0.001 |
| Meta-epidemiology (broad) | 0.005 | 0.000 |
| Bibliometrics | 0.001 | 0.002 |
| Science and technology studies | 0.000 | 0.000 |
| Scholarly communication | 0.000 | 0.001 |
| Open science | 0.002 | 0.003 |
| Research integrity | 0.000 | 0.001 |
| Insufficient payload (model declined to judge) | 0.000 | 0.000 |
Machine scores (provisional)
The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.
Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.
score_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it