In the recent development Google and Apple are going to release decentralized contact tracing framework. Using Bluetooth and cryptography for anonymised identifiers, it would be possible to trace contact with people who tested positive and upload the list without compromising privacy. It’s close in design to open-sourced DP-3T model. Other project with pan-European aspirations is called PEPP-PT, which has centralized approach with privacy trade-offs. Despite boisterous claims of 40+ partners, only few names appear in the materials released. And few people already disassociated from the project citing lack of transparency. Detailed and updated post about the progress and pitfalls of PEPP-PT can be found here.
Many experts pointed out possible flaws of the contact tracing apps in general.
Ashkan Soltani tweeted: “This type of approach is likely to generate significant FALSE POSITIVES and FALSE NEGATIVES — which is highly problematic when this data is (eventually) used to make decisions that will affect citizen’s freedoms — voluntarily or not.”
The Bluetooth RSSI (received signal strength indicator) is not that reliable. There are walls, invisible for the signal. Also, the virus can remain on surfaces for extended period of time, so the exposure is unknown variable. Old and poor people could face discrimination for not having a smartphone. Around 2bn people don’t have a smartphone and updating old OS’s would be more than difficult.
Post from the product lead of the Singapore TraceTogether: “If you ask me whether any Bluetooth contact tracing system deployed or under development, anywhere in the world, is ready to replace manual contact tracing, I will say without qualification that the answer is, No”.
The possible abuse cases are detailed here by Signal CEO @moxie
We should expect software updates in mid-May to support contact tracing. Apps will be able to use the contact tracing API, which supposed to by used only by public health authorities. What constitutes a legitimate public health agency and how they’ll protect the data from unrelated government use?
In the coming months contact tracing feature will be “baked” into operating systems, which is even more troubling (no sunset clause) and apps built in the future could exploit this. We still have to see the final product, but this is deeply concerning, as we won’t have a choice anymore -apart from using dumbphone – iOS and Android are installed on almost 100% of smartphones. Building apps for different (malicious) purposes is a strong possibility, considering permanent solution offered by Google and Apple. On the other hand both companies can leverage their position to provide healthcare platforms, sucking in more personal data.
Another problem is hacking. Someone with malicious intent could “solve” hashed database by hashing all the possible times and locations on a map. That could allow obtaining raw timestamped location data. There may be a method to prevent this (like separate hashing and storage servers), well beyond my ability to explain. That just proves the point, how hard it is, to keep the data anonymised. In-depth privacy considerations and trade-offs can be found here and here. I would also like to add that most of the countries/telecoms require personal data to obtain phone number and most of the apps are putting this identifier as necessary permission to use the software.
Seems like this is another tech solutionism, where we lose our privacy for little or misguided security. We would face big rate of false positives and negatives (not every contact is infection, big percent of asymptomatic cases and other factors mentioned above) and possible discrimination from the system. Maybe it is better to stick to manual tracing supported by technology and expand testing.
ISRAEL: A proposal by Defense Minister Naftali Bennett to have Military Intelligence and the controversial private intelligence firm NSO Group assist the government in tracking carriers of the coronavirus, in an effort to better predict outbreaks, appeared to be dead in the water following a discussion on the matter in the Knesset Monday.
According to the defense minister, Unit 8200 — equivalent to the United States’ NSA — and NSO, a private company that has reportedly sold surveillance software to human rights-violating regimes around the world, have developed a program based on artificial intelligence that could give a score out of 10 to every person[…] However, the software would require personal medical, location and other data from large swaths of the population, raising major privacy concerns, particularly due to the involvement of a private intelligence firm[…] Critics of the program argued that the Shin Bet in particular should not be tasked with such a sensitive program as it is not subject to the country’s transparency laws.
Update as of 7th of May
More countries have deployed apps, and as mentioned before they are different by design – centralised are those who send the info from the phones to the remote servers (solution chosen for example by UK and Norway) and decentralised, backed by Google and Apple and countries like Germany.
Norway app uses Bluetooth and GPS data and send it to the server where it’s stored for 30 days. Centralised approach is to “benefit from faster and more accurate infection tracking, as well as better understanding the impact of various measures and research to understand future epidemics.”
There is no word about battery impact and any problems the other apps are facing in developers FAQ
Australia also chose centralised solution. Upon installation you’ll be asked to provide name (pseudonym), age range, postcode and phone number. Anonymised IDs change every two hours and consent is needed to upload the contact data to Amazon Web Services server.
Quote form the Guardian:
“The government has said it will mean police will not be able to get the data, even with a warrant, and court orders will not be able to force the government to hand over the data, but it is not explicitly outlined in the draft legislation that warrants and court orders do not apply. The registration data will remain on the government server until the end of the pandemic, once it is declared over by the health minister, or if you ask for it to be deleted.”
There are many unsolved technical issues. Expats with international number had problems with installing the app. You have to keep it open as it won’t work in the background on Apple devices (for now).
CIO at the Dep. of Health, Daniel Keys also said:
“What we see is that the more things you have open, the more interference is possible within the signals of the Bluetooth and the reduction in the Bluetooth strength, which also affects accuracy.”
United Kingdom has trialed app on Isle of Wight; the app also uses central database, The government mentioned they may change the tack to increase take-up by changing to decentralised approach. What’s interesting UK is claiming 60% as a number to render this solution effective (after Oxford Institute research), while Australian PM said 40% is sufficient. According to Financial Times, the app have been installed by about third of population of Isle of Wight and people were getting alerts about contacts with infected people even though they haven’t left the house. There are concerns about possible misuse detailed by Privacy International.
One of the most troubling developments is happening in India, where all employees and travelers have to install the app. It’s the only democracy which made it mandatory. India has no national privacy law and no limitations about design and use of the data (apparently the app has been built along the lines of data privacy bill that is currently in the parliament). The code is still not been published. It wont be “compatible” with API developed by Apple and Google as it uses location tracking. There are also several flaws in the design (can be found here).
Island launched its app in early April and it got 38% adoption (of 364.000 population). […]despite this early deployment and widespread use, one senior figure in the country’s covid-19 response says the real impact of Rakning C-19 has been small, compared with manual tracing techniques like phone calls. – has been reported
Somewhat limited map of restrictions of civil rights that are realised with digital technologies – Pandemicbigbrother
Analysis of development of contact tracing apps country by country – Digital Rights Tracker
Spreadsheet from MIT Technology Review, with details how the apps work policies etc. in 27 countries (as of 15/05).