In this document, we analyse the potential harms a large-scale deployment of the Luca system might cause to individuals, venues, and communities . The Luca system is a digital presence tracing system designed to provide health departments with the contact information necessary to alert individuals who have visited a location at the same time as a SARS-CoV-2-positive person . Multiple regional health departments in Germany have announced their plans to deploy the Luca system for the purpose of presence tracing . The system's developers suggest its use across various types of venues: from bars and restaurants to public and private events, such religious or political gatherings, weddings, and birthday parties . Recently, an extension to include schools and other educational facilities was discussed in public . Our analysis of the potential harms of the system is based on the publicly available Luca Security Concept which describes the system's security architecture and its planned protection mechanisms . The Security Concept furthermore provides a set of claims about the system's security and privacy properties . Besides an analysis of harms, our analysis includes a validation of these claims.