Decentralized Privacy-Preserving Proximity Tracing

As we continue through the pandemic, whether we are on lockdown or still at work, there is a chance for all of us that we could still pick up the virus from a stray contact. Mapping these infections and tracing those in proximity to patients can present a major problem to infection control authorities, and there have been a variety of proposals for smartphone apps designed to track users’ contacts via the Bluetooth identities their phones encounter. This is a particular concern to privacy advocates, because there is a chance that some governments could use this as an excuse to bring in intrusive personal surveillance by this means. A group of academics from institutions across Europe have come together with a proposal for a decentralised proximity tracing system that allows identification of infection risk without compromising the privacy of those using it.

Where a privacy-intrusive system might use a back-end database tracking all users and recording their locations and interactions, this one uses anonymised tokens stored at the local level rather than at the central server. When a user is infected this is entered at app level rather than at server level, and the centralised part of the system merely distributes the anonymised tokens to the clients. The computation of whether contact has been made with an infected person is thus made on the client, meaning that the operator has no opportunity to collect surveillance data. After the pandemic has passed the system will evaporate as people stop using it, rather than remaining in place harvesting details from installed apps. They are certainly not the first academics to wrestle with this thorny issue, but they seem to have ventured further into the mechanics of it all.

As with all new systems, it’s probably good to subject it to significant scrutiny before deploying it live. Have a read. What do you think?

We are all watching our authorities as they race to respond to the pandemic in an effective manner, and we hope that should they opt for an app that it does an effective job and they resist the temptation to make it too intrusive. Our best course of action meanwhile as the general public is to fully observe all advised public health measures such as self-isolation or the wearing of appropriate personal protective equipment.

6 thoughts on “Decentralized Privacy-Preserving Proximity Tracing

  1. This project is awesome and gives some hope to the privacy minded like me.

    The main adoption barrier i see are :
    – This is an opt-in system
    – Government can easily ask telco for data, which already covers about anyone and has no opt-out option.

    1. Government can ask telco, telco can hand over… these days the only time I leave the house alone is when I’m doing shopping.

      State Government introduced a AU$1000 fine for anyone caught using their mobile phone whilst in operation of a vehicle.
      State Government also said that vehicle operators on learners permits or P1 driver’s licenses may not use a phone “for any purpose”.
      State Government failed to declare what counted as “using” a phone.
      State Government also failed to declare what the rules were for an unlicensed operator of a non-motorised vehicle.

      Consequently, I now leave the phone at home when out doing my shopping. According to telco data, I never leave the house on the week-end. My bicycle’s GPS and APRS track-logs say otherwise.

  2. If I read this correctly, this relies entirely on individual willingness to self-report when the “please call hotline” message comes up. Some might balk because they were somewhere they weren’t supposed to be, and the resulting scrutiny they may suffer after The Call may reveal life-destroying secrets.

    Even if you (eventually) decide to call the hotline, who knows how many people you’ll meet and infect in the meantime?

    Much better for the app to support VoIP functionality, so that the relevant authorities can call you directly (and EARLY) without revealing your mobile number. In the throes of a pandemic, the needs of the many shouldn’t be thwarted by the wants of the few.

  3. As nosugr says, the problem here is adoption, it’s unlikely an app can be forced upon citizens (nor be compatible with all devices), alternatives based on existing mobile tracking for emergency services are far more likely to be effective and cannot be opted-out (apart from not having a mobile or not taking your device with you), then there is Google location data that can be subpoenaed by a government.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.