A Covid-19 tracking app, backed by Government funding and King’s College London, has been forced to issue a grovelling apology after using the data it gathered to promote fashion face masks designed by Samantha Cameron’s label, in a potential breach of data protection laws.
Launched in March 2020, the Zoe Covid Symptom Study app is used by participants who regularly report on their health and symptoms and whether they have tested positive for the virus or not.
In August, the app received a £2m grant from the Government to support its data collection and at the time had 4 million users. In sharp contrast, the NHS Test & Trace system has cost £12bn, and the app has been downloaded 10 million times – although there are no figures on how many people have since deleted it.
Anonymised data from the Zoe app is analysed in collaboration with King’s College London researchers to help track infections across the UK, as well as identify who is most at risk and where high-risk areas are.
But an email marketing blitz sent to those who have signed up to the study landed over the weekend, promoting a range of Cefinn face masks, and featured a photograph of “SamCam” modelling the brand’s Rust Circle Geo Print mask, priced at £25.
The email stated: “We are proud to announce that we have partnered with womenswear brand Cefinn to bring you a collection of beautiful limited edition silk face coverings.
“100 per cent of sales from the sale of Cefinn masks will go toward funding the groundbreaking research that is being conducted at King’s College London to understand the long-term effects of Covid-19.”
Cue a major backlash on Twitter, with comments ranging from “I was horrified”; “it has completely undermined the credibility in the work”; “how could they be so stupid?” to “it feels incredibly inappropriate”; “disgraceful but all too believable” and “this is appalling”.
In response to one Twitter user, the firm said: “We apologise for any offence caused. Please rest assured that your data was not shared with anyone, and that the intention behind this campaign was to raise money (100 per cent of the sales).”
In another reply, the firm gushed: “We apologise for the mishandling of this fundraising activity and eroding of your trust. We are listening to all of the voices who have shared feedback and will learn from this mistake.”
A follow-up email included a message from Tim Spector, professor of genetic epidemiology at King’s College London, who is leading the research. He wrote: “I wanted to get in touch today to apologise for the email you received on Saturday from us about the face coverings.
“We have listened to the valuable feedback that we’ve received from you, our contributors, and now understand that this wasn’t the right thing to do. We thought selling donated masks for charity would be a good opportunity to raise money for long Covid research. However, we did not consider the implications of working with a commercial company.
“I want to personally apologise for this, and assure you that all of us here at the Covid Symptom Study will learn from this experience. Without you, our loyal contributors, none of our scientific discoveries or hotspot detection would be possible. We are incredibly grateful for your commitment.
“We also want to reassure you that we haven’t shared your personal details with any commercial companies, and we never will. This email was, as always, sent by Zoe, the healthcare company behind the app.”
It is not known whether the incident has been reported to the Information Commissioner’s Office. The email is potentially a breach of both GDPR and PECR for both unfair use of data and for sending unsolicited marketing.
Oi Graham, no! IT man cuffed for PPE spam email push
Bristol firm pummelled for ‘profiteering from Covid-19’
Denham plays ‘good cop, bad cop’ in ICO rule shake-up
ICO warns supermarkets over Covid-19 data retention
Regulator gives the green light for mobile data tracking
ICO pledges ‘light touch’ over coronavirus privacy fears
‘Alarmist’ and ‘exploitative’ coronavirus mask ad axed