To continue, when they actually address the privacy and security implications of the design, they call out the possibility of a replay attack "when an outsider intercepts a communication and fraudulently delays or resends it...there is no known significant mitigation for replay attacks and yet they are not identified in the DPIA."

Firstly, surely there's a known mitigation here - replay attacks involving a delay can be mitigated by including a cryptographically signed timestamp in your beacon messages. Secondly, the damage from an attacker sending false negatives and false positives seems small compared to the privacy implications of deanonymization attacks (e.g. attacker listens for the beacons in several buses, offices or shopping centres, later identifies which ones were reported covid-positive, groups those into clusters each likely associated with an individual, and cross-references the location data with identifying data from another source). Why call out one but not the other?