The Australian federal government has recently [released an app](https://www.health.gov.au/resources/apps-and-tools/covidsafe-app) to assist in combatting the coronavirus pandemic, urging all Australians to download, install, and run it. I feel uncomfortable with the project on a number of different fronts, and wanted to put them into writing to understand them better. First and foremost; I don't trust our power- and privacy-grabbing federal government not to use this to infringe on our rights in some manner. With the amount of abuses of power with regards to [warrantless metadata requests](https://www.zdnet.com/article/australian-enforcement-agencies-angling-for-metadata-review-on-telco-cost-recovery/), [unlawful detention](https://www.abc.net.au/news/2019-10-21/two-australians-held-in-immigration-detention-in-last-12-months/11622198), [demanding backdoors in encrypted communications](https://www.wired.com/story/australia-encryption-law-global-impact/), spying on innocent journalists and citizens, [illegal AFP raids on government dissenters and media offices](https://www.theguardian.com/australia-news/2020/apr/15/high-court-rules-afp-warrant-for-raid-on-news-corp-journalists-home-was-invalid), we can't trust them not to modify the app later for nefarious purposes or abuse the data with which we give them, especially as there are so many methods of deanonymising data if you have enough connecting information. Secondly; our government has a huge and terrible failure rate for IT projects, with the [census](https://www.zdnet.com/article/census-2016-among-worst-it-debacles-in-australia-labor/), [MyGov](https://theconversation.com/mygovs-ill-timed-meltdown-could-have-been-avoided-with-elastic-computing-134665), [Centrelink robodebt](https://www.theguardian.com/australia-news/2020/mar/27/robodebt-government-admits-it-will-be-forced-to-refund-550m-under-botched-scheme), and [MyHealthRecord](https://www.healthcareit.com.au/article/my-health-record-system-data-breaches-rise) being huge four huge mistakes in four years worth hundreds of millions of dollars. I can't trust them not to fuck this up and leak data, capture more than is necessary, or just fail to work. And we are already seeing this; the hospitals have no way of using it in their contact tracing procedures, it requires at least a 40% uptake to be partially usable, it [barely works on iOS devices without killing the battery](https://www.abc.net.au/news/science/2020-05-01/covidsafe-contact-tracing-app-rollout-issues-iphone-wifi-bugs/12202876) and it [interferes with some medical devices including app-based insulin pumps](https://www.facebook.com/ADEAAUS/posts/2924750094267220/) (Update 2024-09-09: No archive of original link, found alternative). It also requires a higher-end or newer device, locking out a lot of elderly and low income folks who stand to need/benefit from it the most. Lastly, it's not contact tracing anyway, it's exposure notifications, a remediation system (also not a preventative!) of untested nature with no evidence and the potential to provide a false sense of security that opens us up to more risky behaviour.