By John Carlo Ayende

PHOTO: Getty Images

With the continuous rise of COVID-19 cases around the world, the host country China released “My2022” phone application to quickly monitor the health conditions of all the participating athletes in the upcoming 2022 Winter Olympics in Beijing. However, it is concerning that the app can go beyond just checking the athletes’ health as it possesses “security vulnerabilities”.

The International Olympic Committee (IOC) reacted to reports that the app is mandated to be used by athletes to hack their personal and medical data. IOC believed that it had “no critical vulnerabilities” and it underwent several tests before release.

"The 'My2022' application is an important tool in the toolbox of the COVID-19 countermeasures. The 'My2022' app supports the function for health monitoring,” IOC released in a statement.

However, a report released by the University of Toronto’s Citizen Lab revealed a “simple but devastating flaw” that allows the hackers to gain access to users’ private information including passport, travel, and demographic information, as well as used to keep an eye on every participant by transforming the app as a “surveillance tool” to be controlled by the Chinese government.

In addition, Athleten Deutschland claimed that the IOC is “irresponsible” for mandating the use of a phone app to monitor every athlete’s health condition.

"We should not be naïve and lightly dismiss scenarios that are unimaginable to us. Instead, the organizers and the IOC should be prepared for all conceivable scenarios - be it possible manipulation of Corona tests, surveillance, and espionage, or reprisals against vocal athletes."

Aside from cybersecurity issues, it is also found that the app contains “politically sensitive” keywords including Uygur and Tibetan languages.

"We don't know whether they intended for it to be inactive or whether they intended for it to be active, but either way, it's something that … can be enabled at the flick of a switch," said Citizen Lab’s author Jeffrey Knockel.

With the rising issue, the United States, Netherlands, and Germany have come up with the decision to not use or bring their devices into the competition to prevent cybersecurity speculations.