Any business owner who doesn’t let someone in for not having the COVIDSafe app could get slapped with a $63,000 fine and up to five years in jail, under proposed legislation.

It means bouncers won’t be able to check people’s phones to see if they have the app, and police won’t be able to move people along for not having it either.

Attorney-General Christian Porter Christian Porter described the draft legislation as the final step in a “triple lock” of privacy protections, which also includes the app’s own functionality and biosecurity laws.

The same penalties will also apply to anyone who uploads or collects data without a user’s consent, and anyone who stores the data outside of Australia.

After the pandemic, the government will be forced to delete all data, according to the draft legislation which will be put to parliament next week.

“The draft bill clarifies the enforcement mechanisms for the penalties that are already in place against misuse of data from the COVIDSafe app,” Porter said in a statement.

“In addition to the protections provided by the biosecurity determination, this bill puts in place a clear process outlining how the government will satisfy its obligation to delete all COVIDSafe data from the national COVIDSafe data store once the pandemic is over.”

The government has previously said around 40% of the population would need to download the app for it to be effective, and Scott Morrison himself said “millions and millions” of Aussies would have to have it before lockdown restrictions are lifted.

While the government has been able to address most privacy concerns surrounding COVIDSafe, it has not released the source code, meaning it can’t be publicly scrutinised. This is standard practice for many privacy-related apps.

As of Monday, the app has been downloaded 4.5 million times.