DPIA
- Diarmid Mackenzie
Some examples of DPIAs…
DPIA for Australia's COVIDSafe app (derived from SIngapore’s Trace Together - not GAEN)
https://www.health.gov.au/sites/default/files/documents/2020/04/covidsafe-application-privacy-impact-assessment-covidsafe-application-privacy-impact-assessment.pdf
DPIA for Irish App (GAEN)
https://github.com/HSEIreland/covidtracker-documentation/blob/master/documentation/privacy/Data%20Protection%20Impact%20Assessment%20for%20the%20COVID%20Tracker%20App%20-%2026.06.2020.pdf
DPIA for German App (in German)
https://www.coronawarn.app/assets/documents/cwa-datenschutz-folgenabschaetzung.pdf
(also 5 annexes which are linked from here:Â https://github.com/corona-warn-app/cwa-documentation )
This is also interesting: a generic DPIA for GAEN apps (plus some comments about centralized Bluetooth Apps as well)
https://www.researchgate.net/project/Data-Protection-Impact-Assessment-for-COVID-19-Contact-Tracing-Apps
(download here:Â https://www.fiff.de/dsfa-corona)
Sectiond 7 & 8 have an extensive discussion of potential privacy risks, and mitigations that the authors believe are necessary when deploying any Bluetooth DCT app.
Â