Cybersecurity considerations were raised at the UN’s COP27 weather talks about an official smartphone app that would have carte blanche to monitor locations, conversations and photographs.
Some 35,000 more people are expected to attend the two-week weather convention in Egypt, and the app has been downloaded more than 10,000 times on Google Play, adding through French, German and Canadian officials.
Egypt’s Ministry of Communications and Information Technology developed the app for summit delegates.
It’s meant for attendees to navigate the convention seamlessly, but “the Egyptian government would possibly have militarized the app and now has the ability to monitor all summit attendees,” David Bader, an expert in knowledge science and cybersecurity, told Al. Jazeera.
Analysts warn that the COP27 app can monitor user movements and communications, and is capable of reading users’ encrypted emails and messages, recording phone conversations, and even scanning the entire device for sensitive information.
Bader then noted that the developer claims the app doesn’t collect data: “Surprisingly, the app has the uncanny ability to identify the user’s name, phone number, and email address, all of the user’s emails, with the ridiculous explanation of the ‘app. ‘functionality’ and its images for ‘account management’.
“Would you need a stranger for your personal photos, let alone a foreign government?Bader said, warn that there may be more clandestinity with the app.
Most apps ask for permission to access facets of a smartphone, adding GPS location or cameras for social media, but users deserve to be careful, said Kevin Curran, a professor of cybersecurity at the University of Ulster.
“You have to ask yourself if those permissions are necessary,” Curran said, describing the COP27 app as “very intrusive. “
“In this case, it is difficult to identify irrefutable evidence. What we can’t do is if the Egyptian government is using it to gather knowledge,” Curran told Al Jazeera.
He noted, however, that the app can continue to provide user data even after the weather convention ends on Nov. 18.
According to an investigation of the app through the US media organization Politico, it can monitor communications even when the device is in standby mode.
Egypt’s ambassador to COP27, Wael Aboulmagd, denounced the speculation, telling reporters that a full cybersecurity assessment and “I said how unlikely it would be, either physically or technically impossible” to use the app so intrusively.
Since it’s available on Google Play and the Apple Store, those companies would “never allow that” because of security protocols, he added.
“A cybersecurity assessment was done and she absolutely refuted it,” Abulmagd said.
But Bader cautioned that delegates with the app on their phones remain vulnerable. “Information can only be accumulated on their positions on climate change, but also on industry negotiations, political activities and military operations,” he said.
– Joe Lo (@joeloyo) November 10, 2022
Some rights activists have criticized Egypt’s resolution to host COP27, bringing to light a long history of cracking down on political dissent. It is estimated that tens of thousands more people have been imprisoned.
Several participants shared that the weather conference’s Wi-Fi blocks websites such as Human Rights Watch and independent Egyptian media outlet Mada Masr, as well as Al Jazeera.
For those concerned about the COP27 app, cybersecurity experts proposed a “disposable phone” or secondary device, knowing that your conversations and other communications can be monitored.
Those who already have the app uninstall it first, they say.
– Alexandria Villaseñor is in the #COP27! (@AlexandriaV2005) November 7, 2022