SINGAPORE - Some 1,155 users of national contact tracing programme TraceTogether have requested to opt out of the programme and for their data to be removed from its server, Minister-in-charge of the Smart Nation Initiative Vivian Balakrishnan has revealed.
In a written answer to Workers' Party MP He Ting Ru (Sengkang GRC) on Monday (May 10), Dr Balakrishnan, who was replying on behalf of Prime Minister Lee Hsien Loong, said these users represented 0.021 per cent of the population above the age of six.
He also said that as at the end of last month, 4,923,054 individuals were on board the TraceTogether programme - approximately 92 per cent of the population aged above six.
The TraceTogether programme, which identifies people in close contact with a Covid-19 patient via a Bluetooth-enabled app or token, came under the spotlight earlier this year when it was revealed that its data could be used for criminal investigations, despite earlier assurances that it would be used solely for contact tracing.
The public backlash prompted the Government to enact legislation to restrict the use of contact tracing data, including data obtained under SafeEntry, to investigations of seven categories of serious crimes such as murder, terrorism, rape and armed robbery.
Dr Balakrishnan said that TraceTogether app users who apply to deregister will be sent an SMS confirming that their request has been received.
For users returning the token, the officer receiving the token at the community centre will provide confirmation of the deregistration on the spot.
When a user deregisters, all registration data, including his NRIC and contact number, is deleted from the TraceTogether server within three to five working days. Consequently, any data previously exchanged with other TraceTogether devices cannot be decrypted any longer.
Upon uninstalling the TraceTogether app from his phone, a user's previously collected data will also be permanently deleted from the smartphone, and all data is deleted from TraceTogether devices automatically after 25 days, said Dr Balakrishnan.
But he pointed out that if a user had previously been identified as a close contact and uploaded his or her data to the Government's server for contact tracing purposes, these records are retained.
"This is essential for public health reasons. Notwithstanding this, Subsection 82(9) of the Covid-19 (Temporary Measures) Act allows the minister to specify a date, once the pandemic is over, after which all personally identifiable contact tracing data must be deleted as soon as reasonably practicable," added Dr Balakrishnan.