There have recently been several proposals for pseudonymous COVID-19 contact tracing, including from Apple and Google. The UK’s National Health Service (NHS) is working on just such a system and Ross Anderson, Professor of Security Engineering at the University of Cambridge’s Department of Computer Science and Technology, is one of a group of people being consulted on the system’s privacy and security.
How the proposed system from Apple and Google is designed to work:
Contact tracing in the real world is not quite as many of the academic and industry proposals assume.
First, it isn’t anonymous. Covid-19 is a notifiable disease so a doctor who diagnoses you must inform the public health authorities, and if they have the bandwidth they call you and ask who you’ve been in contact with. They then call your contacts in turn. It’s not about consent or anonymity, so much as being persuasive and having a good bedside manner.
I’m relaxed about doing all this under emergency public-health powers, since this will make it harder for intrusive systems to persist after the pandemic than if they have some privacy theater that can be used to argue that the whizzy new medi-panopticon is legal enough to be kept running…
Anyone who’s worked on abuse will instantly realise that a voluntary app operated by anonymous actors is wide open to trolling. The performance art people will tie a phone to a dog and let it run around the park; the Russians will use the app to run service-denial attacks and spread panic; and little Johnny will self-report symptoms to get the whole school sent home…
On Friday, when I was coming back from walking the dogs, I stopped to chat for ten minutes to a neighbour. She stood halfway between her gate and her front door, so we were about 3 metres apart, and the wind was blowing from the side. The risk that either of us would infect the other was negligible. If we’d been carrying bluetooth apps, we’d have been flagged as mutual contacts. It would be quite intolerable for the government to prohibit such social interactions, or to deploy technology that would punish them via false alarms. And how will things work with an orderly supermarket queue, where law-abiding people stand patiently six feet apart?
Bluetooth also goes through plasterboard… The bluetooth app will flag up not just the others in the room but people in the next room too…
I recognise the overwhelming force of the public-health arguments for a centralised system, but I also have 25 years’ experience of the NHS being incompetent at developing systems and repeatedly breaking their privacy promises when they do manage to collect some data of value to somebody else. The Google Deepmind scandal was just the latest of many and by no means the worst. This is why I’m really uneasy about collecting lots of lightly-anonymised data in a system that becomes integrated into a whole-of-government response to the pandemic. We might never get rid of it.
MacDailyNews Take: There is much, much more about potential problems with COVID-19 contact tracing systems in the full post, much of which are similar to concerns we’ve mentioned in our previous takes on this issue:
As long as this UK NHS COVID-19 app can be cleanly deleted and tracking stopped by users at any time, we see no problem with having an app that allows those who want to use it to opt-in. The problem is that if it is made a requirement to be allowed to “work,” there MUST be an end date or the risk of privacy intrusion will be too high a price. — MacDailyNews, April 12, 2020
No location data is truly anonymized. It can be cross-matched with other publicly-available data to identify and track individuals. The idea of any government requiring cellphone tracking to monitor its citizens’ movements, regardless of the reason, is chilling. — MacDailyNews, April 2, 2020
Beware COVID-19 tracking: Emergency powers can outlive their emergencies.
Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety. — Benjamin Franklin
Lastly, Apple should be careful here. Google has an awful reputation regarding user privacy. Apple must be wary of tarnishing (or destroying) the reputation for user privacy that they’ve carefully built over many years with a system that not only involves Google, of all companies, but that also has a slew of obvious privacy issues.
[Atribution: 9to5Mac. Thanks to MacDailyNews Reader “Fred Mertz” for the heads up.]
Ben was a pretty smart dude.
Nice to read a simple, lighthearted and positive (uh… maybe not the best choice of words during a pandemic) comment about one who paved the way for the future by “thinking different.”
We can’t have our cake and eat it too. We want technology to help in the fight against and control of covid-19, but we want privacy. We want social distancing, but we want to go to school or work. We want freedom of movement, but the government wants or needs to enforce “shelter in place” suggestions/ policies.
Covid-19 cares nothing about technology, privacy, Trump, school, work, the press, Democrats, earning a salary, paying for living expenses, Republicans, freedom, laws, policies, etc….
Covid-19 cares only about a hospitable environment to flourish… a nice, warm, breathing, human, respiratory system.
Period .
The China virus cares most if you’re 70+ and sick, it cares about you A LOT then, not so much if you’re a healthy child, teenager, young or middle-aged adult, so basically the vast majority of people working or in school. I don’t want any of the intrusive things you listed except social distancing from the leftist control freaks whose neurotic desires you’re projecting.
There’s money to be made on Soylent Green!
Sorry, I’m unclear which of the intrusive things I listed project neurotic desires. Could you be more specific? Thank you!
One star? I guess you can’t be more specific.
Didn’t you mean “the virus from the place that shall not be named”?
You call it China virus on purpose as you appear to want to stir crap. You talk about ‘leftist control freaks’ as if people not h right are never worried about coming into contact with infected people.
If you want a hint buddy, just stop talking in general. We are tired of fakespeak….of trashy talking…of making everything political. In case you haven’t noticed, people are dying everywhere. There are heroes dying everywhere to stem the flood.
And in the face of this, there are still people who do not care (like those idiots from the Dallas Cowboys) which trivializes all what people have been sacrificing voluntarily, both economically, socially and in terms of human life.
Is monitoring as good or bad thing? I think we all agree that it can be both and as such, key measures need to be put in place to prevent it from becoming a bad, misused tool.
All I ask is that you use your head and discuss things. Stop with the hate speak….we have had enough of that.
It is a virus . It originated in China. China lied and people died. The Communist Chinese have yet to be held responsible for the global plague they’re have inflicted
He may be off base a little but I will never have a problem with anyone ever referring to it as the China virus or The Wuhan virus. They deserve the shame tenfold.
I’m wondering if you have a false premise in your argument here… That is, you can’t have – AND – privacy. Actually, it’s not one or the other, rather, it can be both, just takes time to figure out.
Considering we are in the edge of destroying our livelihoods and families and and and (which brings more subsides, more stress, cancers, drug use, drunk driving, divorce), can at risk people shelter in place and get the rest of us going again please do we can get it, get the antibodies and move on?
Less than .5% of my state has even been tested! Only 4 people showed positive yesterday and yet we are destroying our country, for what again?
Time to move on.
The problem is that most at-risk people do not consider themselves in that category. They are, by and large, poorer folk who do not have access to the average level of medical care. They do not realize how much risk they have until they are already infected. Many of them cannot self-isolate because they share living quarters. Others can only “shelter in place” in an assisted living facility where the virus will spread like wildfire after it is brought in by carers who pick it up in the community where social distancing has been prematurely dropped.
How much do we actually lose if we lose, say 100K poor, uneducated, obese, elderly, unhealthy and how much do we gain in terms of easing the burden on government welfare, healthcare, eldercare, homelessness, etc.?
Before you reply, if you’re brave enough to do so, know that abortion – the murder of babies in order to ease the burden on underprepared mothers and the welfare state – will be used against you.
And I am guessing that you support an expanded military, an end to social safety-net programs, and the death penalty but call yourself pro-life.
Wait until apple and google show the technology before you condemn it.
I agree with Ken. I also agree with the ‘cake’ guy above. Some tradeoffs are going to be necessary (for the technology and app) and for other aspects of beating down this pandemic.
Weird talking about a virus ‘caring’. If it were indeed a living organism that cared at all it would not be killing anyone as it is self defeating for its own life cycle. So death is an undesirable side effect of its transmission. We don’t yet know the overal effects on the younger yet, plenty are in fact dying especially in the over thirties and only time will tell what if any long standing damage may be caused as all infections cause some degree of bodily damage even if much of that is the imune system fighting it. Only longer term studies will start to give us true and insightful answers as to how much this will effect our lives into the future.
I meant ‘care’ as in ‘to be concerned with,’ or ‘to have interest in or regard for.’ I meant that the virus acts without these ‘qualities,’
You all assume you can ‘beat down’ this virus. News for you, it is here to stay. Is there a cure for flu? No. Flu shots make you sick and you still get the flu. China killed our way of life without firing a shot. Better to arm yourself and wait for the apocalypse because it is on our doorstep right now. folks. Hoard away because soon you wont have the chance.
Two people get on a train in Chicago. One person’s iPhone goes off saying you are near an infected someone who’s identity shall remain anonymous. Just sayin’…
A new, novel mechanism will have to be put in place to guarantee a sunset to modern day intrusions and trackers but, since the promised sunsetting of Bush’s highly intrusive US Patriot Act sunset is overcome every year by reauthorising it. Any legislator who wants to vote no is blackmailed or bribed into a yes. Same thing regarding covid 19 contact tracing I bet.
John Dim-gler, very very dim, about as many brain as a dim sim
Personal attacks? Like your hero, Nero?
Like Dim-gler, you deserve it, Larry Trotter. Your magic wand can’t save you this time.