"The existing legal framework for the app, currently being trialled on the Isle of Wight, is inadequate to protect people from misuse of their data, as noted by the Joint Committee on Human Rights."
Australia has a two page Act to cover this;
https://www.legislation.gov.au/Details/F2020L00480
Take that and add a "cannot be accessed via RIPA" clause and it's done and dusted.
Importantly it also addresses third party coercion or abuse;
9 Coercing the use of COVIDSafe
(1) A person must not require that another person:
(a) download COVIDSafe to a mobile telecommunications device; or
(b) have COVIDSafe in operation on a mobile telecommunications device; or
(c) consent to uploading COVID app data from a mobile telecommunications device to the National COVIDSafe Data Store.
(2) A person must not:
(a) refuse to enter into, or continue, a contract or arrangement with another person (including a contract of employment); or
(b) take adverse action (within the meaning of the Fair Work Act 2009) against another person; or
(c) refuse to allow another person to enter premises; or
(d) refuse to allow another person to participate in an activity; or
(e) refuse to receive goods or services from another person; or
(f) refuse to provide goods or services to another person;
on the ground that, or on grounds that include the ground that, the other person:
(g) has not downloaded COVIDSafe to a mobile telecommunications device; or
(h) does not have COVIDSafe in operation on a mobile telecommunications device; or
(i) has not consented to uploading COVID app data from a mobile telecommunications device to the National COVIDSafe Data Store.
Biting the hand that feeds IT
