Secret documents detailing the future plans for the Government’s coronavirus contact tracing app were left open to the public in an NHS security blunder.
An online document relating to the app’s Data Protection Impact Assessment included hyperlinks to files hosted on Google Drive, some of which were inadvertently left public.
The documents, believed to be written last month, show that users may soon be asked to share precise location data as well as their health “status”, according to a report from Wired UK.
Among the files was a document titled ‘Product Direction: Release One’, which was marked as “official” and “sensitive”, Wired reported.
It points out concerns from officials from both the NHS and the Department of Health around the app’s reliance on unverified diagnoses and that it could be left open to abuse and lead to “public panic”.
Access to them was granted through links included in published guidance on the NHS’s privacy protection policies regarding the app.
The documents have since been set to private and are no longer available to view.
A spokesman for the NHS said the app had been designed to “protect users’ privacy” while tackling the spread of infection.
“It does not track location or store any personal information; the app only asks for the first half of a user’s postcode, and if any changes are made in future versions of the app they will be fully explained to users and uptake will remain entirely voluntary,” the spokesman said.