Contact Tracing Apps – Protect Your Privacy or Let Reduced Privacy Protect You
Despite concerns revolving around privacy and state surveillance, many authorities have adopted contact tracing infrastructures to ensure public safety. Is it possible to have the best of both worlds?
As several countries begin to ease lockdown measures, many authorities are introducing contact traceable technologies to control the spread of the novel COVID-19 virus. TraceTogether is one of the notable contact tracing applications which has been developed by the Singaporean Government to allow digital tracing to take place seamlessly. Germany has also released the Corona Warn-App. In many other countries, they are also working on building their own contact tracing mobile application.
Contact tracing mobile applications and wearables are designed to automate the tracking process of individuals who have been in close proximity with those who were tested positive for COVID-19. Essentially, these technologies are the modern solution for the authorities to understand and disrupt the virus transmission path in order to limit its spread. The basic principle of these technologies is to protect public safety without further compromising daily lifestyles and activities.
However, the implementation of such technology has caused many to worry that the recovery of this pandemic might come at the hefty cost of their personal privacy. To address the concerns of the citizens, EDPB has released a statement to ensure that privacy regulations such as European GDPR are still being enforced throughout the implementation of contact tracing measures.
To address the issue of data privacy, many organisations have shifted from centralised to decentralised approach. In fact, tech giants like Apple and Google have also adopted the decentralised approach by leveraging on bluetooth signals, which can be illustrated in their sample code published here.
The key differences in the applications have been outlined in the white paper by experts from universities such as University College London and University of Oxford.
In the centralised approach, a central server is used to estimate a user’s exposure to COVID-19. The central server holds a long-term pseudo-identifier for every user and uses it to derive ephemeral pseudo-identities (EpHIDs) that are pushed to the smartphones.
In the decentralised approach, proximity tracing process is supported by a backend server that distributes anonymous exposure information to the app running on each phone. The backend server serves solely as a communication platform and does not perform any processing.
How the decentralised system enforces privacy and security settings:
- Ensures data minimisation
Central server only observes anonymous identifiers of COVID-19 positive users without any proximity information as ephemeral identifiers broadcast via Bluetooth are generated on users’ smartphones.
- Prevents abuse of data
Central server collects the minimum amount of information so that it minimises the likelihood that the data collected are used for other purposes. In fact, the technology can only be used to trace citizens who have been tested positive within a small geographical area.
- Data retention
Data on the server and in the apps will be removed after 14 days. Estimation of exposure is computed locally on the mobile device.
With concerns revolving around privacy and state surveillance, most privacy experts recommend decentralised contact tracing infrastructure such that ephemeral IDs are stored locally on device and can only be uploaded with consent, after the user is tested COVID-19 positive.
In a quest to resume back to normality, we agree that the situation calls for the need for such measures to take place in order to control the spread of the virus. However, it is strongly encouraged for all to understand the application and implication of the technologies before they adopt it.