1

In several countries, contact tracing apps have been introduced as a way to prevent the spread of
COVID-19. These apps work by identifying the people who have tested positive from the COVID-19,
prompting the people to share the information, locating the individuals who have been in close contact with
them and then notifying the people. But such monitoring of the people by the contact tracing apps compromises
with the privacy of the people because the personal data of the people can fall into the wrong hands and can
used for maleficent activities. These apps use GPS or Bluetooth to detect the proximity of an individual with
another. Bluetooth Low Energy (BLE) enables the mobile of a person to broadcasts the information with unique
ID. Different apps works in different ways but all of them follow the same basic steps. However, this process
sounds so feasible and doable but the case is not that simple as it looks because being monitored by these apps
for 24 hours raises the question of privacy of people and potential abuse. These apps stores log of the ongoing
locations and timestamps of a person with the help of GPS in the devices, hence compromising with the privacy
of peopleby revealing their whereabouts and travels over a period of time. A balance should be maintained
between privacy and security because poor implementation of standards of security can put the private data of
the people at risk. Some of apps which uses GPS are SafePaths , Hamgen and AarogyaSetu app.

There are two different type of approaches used by these apps. In centralized approach, public health
authorities are able to analyse the information of the people by checking the log of their devices which is
uploaded to a central server. However, through this process the privacy of the people is invaded because their
location and the information of the other people with whom they have met is stored in the servers. NHS
COVID-19, TraceTogether and COVIDSafe are some of the apps which uses this centralized approach.

In decentralized approach, minimum amount of information of a person is uploaded on the servers and
the log remains on the mobile device. Users who have tested positive, their IDs are downloaded anonymously
by the apps and the same information is matched with the logs stored on their devices.PrivateTracer is one of the
apps which uses decentralized approach.

There are four types of challenges that people face related to the privacy and security of these apps:

1. If the process which uses the Bluetooth Low Energy by the apps in broadcasting the data
packets in order to identify other devices is not set properly, the device of a person can get
hacked by interlinking various devices and their respective identification packets.
2. Sensitive information like contacts logs and encryptions keys which are stored by contact
tracing apps should be kept encrypted and stored in an application called sandbox rather
connecting them with shared locations. Still with the sandbox approach, a hacker can hack the
device if the hacker gets physical access.
3. Devicesofpeople can be targeted with the attacks like “man-in-the-middle” at the intercept of
the traffic,if the communication with the backend of the server of an application is not
encrypted properly.
4. When the information, such as diagnoses of the user and contacts logs, is submitted to the
servers, authentication must be performedbecause if the proper authorization is not done,
servers can receive fake health reports which undermines the reliability of the system.

Tracing apps should be downloaded from the official stores only, as there are many fake apps has been
reported during the pandemic because these fake apps are made by the mischievous people which can
gain access to the devices of the people and apps related to security solution should also be installed by
the users to scan the applications and protect the device from the malware.
 2

Answer 2.

To abide by codes of ethics is an essential characteristic of professionfor the members. These

codes are established as the Code of Professional Conduct and is the part of the regulations of the
society which are applicable to every member of ACS working in the field of information and
communications technology. The ACS code of ethics agree with the argument that “Codes guide the
members of a profession in ethical choices” because these codes are relevant to standards of
professional legislation and if the codes are not abided then the failure can be used as grounds for a
claim of professional negligence.

For example,

Answer 3

Attitudes, dispositions and character traits that enable the people to pursue ideals like Honesty,
courage, generosity, fidelity, self-control and prudence. These virtue ethics can be considered
for resolving ethical dilemmas related to ICT.

For example, one of the dilemmasthat a person can face of reporting the
inappropriate behaviour but not doing it because it can affect the friendship between them that
they have developed in past few years. In this case, the related issues should be raised directly
with the colleague and should be corrected. If still, the unprofessional activities of the
colleague are continued, then that person should find out if the complaint can be anonymously
done. This step can have dual benefits in which the identity of concerned will be not be
disclosed and the issue can also be resolve.

Another example can be, suppose a person is procrastinating the project and suddenly
the deadline of the project is upon that person. Now that person can be facing the dilemma
that on asking of submitting of the project by his officials, he should tell a lie or should be
truthful. In this case the employee should take the responsibility of his doings and should tell
his officials the honest reason behind the delaying of the project because in workplaces, lies
have a way of coming out over time.

Another case can be, suppose anemployee is in department whose new manager is a
relative of the boss but the appointed manager is not qualified enough for that position, now
the employee can face the dilemma that if the employee should raise the question or accept it.
The solution of this dilemma is not easy because ultimately, the officials of the company have
made their decision and going against their decision can risk the image of the employee. Only
way the issue might resolve by complaining anonymously.
3