Wednesday, 25 Nov 2020

Users who modify TraceTogether tokens could be breaking the law

SINGAPORE (THE NEW PAPER) – Some users are allegedly breaking open their TraceTogether tokens, removing the battery and even swapping the QR code with that of another device.

But doing so is not only a crime, it also puts Singapore at risk.

In response to queries from The New Paper, a Smart Nation and Digital Government Group (SNDGG) spokesman said it was aware of online forums where users claim to have modified the token.

“Any deliberate or mischievous act to tamper the token is a criminal offence under the Computer Misuse Act,” he said.

More than 400,000 tokens have been collected since distribution began last month.

The spokesman said TraceTogether has helped cut the time to identify close contacts from four days to less than two days. But tampering with the token can hamper contact tracing.

On Oct 20, the multi-ministry task force said checking in with TraceTogether will be mandatory by year-end, with cinemas having started on Monday.

Currently, the tokens can be collected at 38 community centres but they will be available at all 108 community centres by end-November.

A thread on online forum HardwareZone last Tuesday discussed how to modify the tokens. A user encouraged others to print QR codes from other tokens to stick on their own.

The thread, which has gained traction with over 780 posts as of Monday, saw other users discussing how to block the Bluetooth signal to prevent it from working as intended.

Many of them appeared to be against the use of the tokens.

More on this topic

Some people had raised concerns about location tracking and surveillance when the tokens were announced in June.

But the authorities have reassured the public that the tokens do not collect location data and are used only for contact tracing.

GovTech Singapore also invited four experts to a teardown of the token in June to check the inner workings of the device.

One of them, Mr Roland Turner, the chief privacy officer for analytics company TrustSphere, told TNP that people should not be worried about using the token.

“TraceTogether keeps the information that it collects on the device until you are diagnosed, and purges anything more than 25 days old,” he said.

“This means more than 99.9 per cent of data collected never enters government hands.”

Noting the success of TraceTogether in fighting Covid-19 depends on people’s cooperation, he added: “Like frequent hand-washing, TraceTogether can gain widespread use and high effectiveness only if the population wants to do it.

“It is worth taking every feasible step to encourage this.”

Lawyer Joshua Tong from Kalco Law said those who tamper with the tokens may run afoul of several laws.

“If there is physical damage or alterations to the tokens, one may be liable for an offence of mischief simpliciter,” he said.

The offence carries a jail term of up to two years, a fine, or both.

If the mischief disrupts a public health service, one can be charged with mischief causing disruption to a key service, which carries a jail term of up to 10 years, a fine, or both.

“This is because the TraceTogether tokens provide a service… (that) is critical to maintaining public health by combating the pandemic,” he said.

More on this topic

Under the Computer Misuse Act, unauthorised access to computer material carries a jail term of up to two years, a fine of up to $5,000, or both.

Those who make unauthorised modifications of computer material can be jailed for up to three years, fined up to $10,000, or both.

Infectious disease specialist Leong Hoe Nam said those who tamper with the token are irresponsible and put others at risk.

He said: “Manipulating the token is akin to sabotaging your country. Why are they so thick-headed?”

Sign up for our daily updates here and get the latest news delivered to your inbox.

Get The Straits Times app and receive breaking news alerts and more. Download from the Apple App Store or Google Play Store now.

Source: Read Full Article

Related Posts