Immuni is the official exposure notification app of the Italian government, developed by the Extraordinary Commissioner for the COVID-19 Emergency, in collaboration with the Ministry of Health and the Ministry for Innovation Technology and Digitalization. The app is developed and released in full compliance with the protection of the user’s personal data and with current legislation, including the law-decree of April 30, 2020, n. 28.
In the fight against the COVID-19 epidemic, the app aims to notify users at risk of carrying the virus as early as possible—even when they are asymptomatic. These users can then self-isolate to avoid infecting others, minimising the spread of the virus and speeding up the return to normal life for the majority of the population. By being alerted early, these users can also contact their general practitioner promptly and lower the risk of serious consequences.
Since June 2021 the App is one of the access points to get the EU Digital COVID Certificate, a digital document implemented at EU level to facilitate safe free movement of the European citizens during the pandemic. The Certificate is a digital proof that a person has either been vaccinated against COVID-19, received a negative test result or recovered from COVID-19. The EU Digital COVID Certificate, released by the Ministry of Health, in compliance with EU standards contains a QR code with a digital signature to protect it against falsification. Through a specific Verifier App the QR code can be validated and authenticated.
The system is based on Bluetooth Low Energy technology, which is designed to be especially energy-efficient, and it doesn’t collect any geolocation data, including GPS data. The app does not (and cannot) collect any data that would identify the user, such as their name, date of birth, address, telephone number, or email address. Therefore, Immuni is able to determine that contact has taken place between two users without knowing who those users are and where the contact occurred.
Here is a list of some of the measures by which Immuni protects the user’s privacy:
• The minimum amount of data is collected—only data which is strictly necessary to support and improve the exposure notification system.
• The Bluetooth Low Energy code transmitted by the app is generated randomly and does not contain any information about the user’s smartphone, let alone the user. In addition, this code changes several times every hour, protecting user privacy even more.
• The data saved on the smartphone is encrypted.
• The connections between the app and the server are encrypted.
• All data, whether stored on the device or on the server, is deleted when no longer relevant, and certainly no later than December 31, 2021.
• The Ministry of Health is the body that collects the data and decides for which purposes to use it. The data is used solely with the aim of containing the COVID-19 epidemic or for scientific research.
• The data is stored on servers in Italy and managed by public bodies.
Immuni does not and cannot diagnose. Based on the user’s history of exposure to potentially contagious users, it makes recommendations about what to do next. However, the app is not a medical device and is certainly not a substitute for a doctor.
Immuni is a valuable tool in the fight against this horrendous epidemic, and every single user increases its overall effectiveness. It is strongly recommended to install the app, use it correctly, and encourage friends and loved ones to do likewise. However, nobody is compelled to use it. It is entirely the individual’s choice.