ENDEMIC Covid-19 will soon be upon us even though the government has yet to commit to a date. Epidemiologically, endemic is defined as when a disease exists at a predictable level that does not require society defining interventions.

The MySejahtera app was an important component of the response to the early part of the pandemic when the prevalence of infection was within manageable numbers and tests were rapid and widely available. However, the emergence of the Omicron variant has made many of the Covid-19 precautions look increasingly irrelevant and set for the scrap heap. 

Though much of the country continue to diligently use MySejahtera, the shortening of the observation and surveillance period for fully vaccinated and asymptomatic people has dramatically reduced the app’s relevance.

The public has not received any explanation or honest answers about the limitations and implications of the MySejahtera app. 

For example, no one has demonstrated that the MySJ Trace function that uses Bluetooth to trace close contacts of those who have tested positive for Covid-19 make for imperfect proxies for coronavirus exposure. Have the authorities seen an increase in false positive cases since its introduction in December 2021? It is not surprising if it is so. 

Even among true contact events, most will not lead to transmission. Studies suggest that people have, on average, about a dozen close contacts a day, yet even in the absence of social distancing measures, the average infected person transmits to only two or three people in the entire course of the disease. 

Fleeting interactions, such as crossing paths in the supermarket, will be substantially more common and substantially less likely to cause transmission. If the app flags these lower-risk encounters as well, it will cast a wide net when reporting exposure. If it does not, it will miss a substantive fraction of transmission events. 

The MySejahtera app cannot offer assurance that going out is safe just because no disease has been reported in the vicinity. It can reduce the spread of disease among the population but does not confer direct protection on any individual. 

There have been concerns raised that the MySejahtera app could serve as a vehicle for abuse and disinformation while providing a false sense of security to justify lifting of restrictions and reopening of the economy and travel in and out of the country.

Its potential for malicious use, given this current climate of disinformation and political manipulation, is real and possible. Imagine a political operative who wants to dampen voting participation in a given constituency or a business owner who wants to stifle competition. Either could falsely report Covid-19 cases without fear of repercussion. An entire township could shut down by false reports of  infections in every neighbourhood. There are a great many vulnerabilities underlying this platform that have yet to be explored.

There is also a real danger that if the MySejahtera app were to remain mandated for public, work and social engagements, it will turn some individuals into social pariahs who are restricted from accessing public and private spaces or participating in social and economic activities. 

This will have an impact on those already hardest hit by the pandemic, such as people living in densely populated neighbourhoods and apartment buildings – characteristics that are also correlated to the lower income groups – as they are likelier to experience  false positives due their proximity to one another.

As for the protection of personal data on MySejahtera or for any other app for that matter, it is a myth. Take, for example, Grab services, which are touted to be safe, practical and convenient. And why is it safer? Because the app is tracking and recording your every move.

People should be more concerned about consent. The privacy policy of all apps, including MySejahtera, that we download onto our mobile phones is based on the myth that people read these notices and make informed decisions about how their data will be used. Privacy notices are filled with legal jargon that often grant the app’s originators free rein over our data and the MySejahtera app is no exception. 

The lawmakers should be blamed for the lack of guidelines on data privacy. They should be demanding for judicial oversight and sunset provisions to guard against mission creep and set limitations on secondary use and data retention. 

Except for explaining how long the data is retained in the app, the politicians have given the public no assurances and guidelineson whether the MySejahtera app adopts commonly accepted practices such as security auditing, bug bounties, and abusability testing to identify vulnerabilities and unintended consequences of a potential global cyber attack.

At the end of the day, no technology, no matter how intelligent it is, is going to get us out of this unprecedented threat to our health and economy. At best, it helps on the margin. The least the government can do is to ensure that the app does no harm to the rakyat.

The government should only retain and keep MySejahtera in reserve in case a new variant emerges pending new or more effective vaccines that can completely halt the virus’ transmission. 

Otherwise, it should cease using the MySejahtera apps when the country officially moves into the endemic stage. – April 1, 2022.

* FLK reads The Malaysian Insight.

* This is the opinion of the writer or publication and does not necessarily represent the views of The Malaysian Insight. Article may be edited for brevity and clarity.