Experts warn of 'mass violation of rights' as contact-tracing data collected in pubs sold on
Experts have warned of a “mass violation of rights” after customer data collected by pubs and restaurants has reportedly been sold on to third parties.
Contact-tracing data required by the NHS Test and Trace scheme has been harvested by tech companies on behalf of hospitality venues since they reopened in June, according to The Times.
Although the government states that the information can only be kept for 21 days and must not be used “for any purposes other than for NHS Test and Trace”, some firms are reportedly selling it on.
A number of the data collection firms have reportedly created privacy policies which allow them to store users’ data for up to 25 years and share it with third parties.
The practise was described as a “real scandal” by experts shortly after it was revealed as they called on the government to crack down on the companies.
University of Oxford professor Carissa Veliz tweeted: “In case public trust regarding #privacy wasn't low enough...
Read more: Missing 16,000 coronavirus tests glitch 'caused by large Excel spreadsheet file'
“Scandals like these are the product of decades of allowing an unethical business model that depends on the mass violation of rights to thrive unfettered. Haven't we had enough? #PrivacyIsPower”
Lawyer and TedX speaker Dana Denis-Smith tweeted: “Why isn’t this a surprise how many people read T&Cs on apps esp as they rush to eat out?”
Blogger Jennifer Howze said: “This is a real scandal and we should not be forced into sharing our personal data by govt!”
Harriet Sergeant, a researcher at the Centre For Policy Studies, tweeted: “Pubs and restaurants sell on our contact-tracing data under so called ‘privacy policies’. And that’s just what we know about.”
While Gaurav Malhotra, director of software development company Level 5, told The Times: “If you’re suddenly getting loads of texts, your data has probably been sold on from track-and-trace systems.”
So-called “quick response” QR barcodes have reportedly allowed companies to gain access to names, addresses, telephone numbers and email details.
QR codes have been widely adopted by the hospitality, leisure and beauty industries as an alternative to pen-and-paper visitor logs.
Currently the government requires these venues to collect the names and contact details of customers to help with the NHS Test and Trace programme.
Coronavirus: what happened today
Click here to sign up to the latest news, advice and information with our daily Catch-up newsletter