(no title)

--

- The APP gets full set of permissions, GPS, camera, locations, phone access, settings

- All collected data is sent in full to the state-associated agency, no encryption, plain HTTP

- Some shady foreign SaaS is used for face recognition (identix.one)

- Developed by a contracting firm, and paid by the state

- MAC/IMEI are disclosed via an identification QR code