Google and Apple have joined forces to issue a common API that will run on their mobile phone operating systems, enabling applications to track people who you come “into contact” with in order to slow the spread of the COVID-19 pandemic. It’s an extremely tall order to do so in a way that is voluntary, respects personal privacy as much as possible, doesn’t rely on potentially vulnerable centralized services, and doesn’t produce so many false positives that the results are either ignored or create a mass panic. And perhaps much more importantly, it’s got to work.
Slowing the Spread
As I write this, the COVID-19 pandemic seems to be just turning the corner from uncontrolled exponential growth to something that’s potentially more manageable, but it’s not clear that we yet see an end in sight. So far, this has required hundreds of millions of people to go into essentially voluntary quarantine. But that’s a blunt tool. In an ideal world, you could stop the disease globally in a couple weeks if you could somehow test everyone and isolate those who have been exposed to the virus. In the real world, truly comprehensive testing is impossible, and figuring out whom to isolate is extraordinarily difficult due to two factors: COVID-19 has a long incubation period during which it is nonetheless transmissible, and some or even most people don’t know they have it. How can you stop what you can’t see, and even when you can detect it, it’s a week too late?
One promising approach is to isolate those people who’ve been in contact with known cases during the stealth contagion period. To do this is essentially to keep a diary of everyone you’ve been in contact with for the last week or two, and then if you eventually test positive for COVID-19, alert them all so that they can keep from infecting others even before they test positive: track and trace. Doctors can do this by interviewing patients who test positive (this is the “contact tracing” we’ve been hearing so much about), but memory is imperfect. Enter a technological solution. Continue reading “Google And Apple Reveal Their Coronavirus Contact Tracing Plans: We Kick The Tires”→
As governments around the world grapple with the problem of tracing those who have had contact with a person known to have been infected with the COVID-19 virus, attention has turned to the idea of mobile apps that can divulge who a person has been near so that they can be alerted of potential infections. This has a huge potential for abuse by regimes with little care for personal privacy, and has been a significant concern for those working in that field. An interesting compromise has been struck by Iceland, who have produced an app for their populace that stores the information on the device and only uploads it with the user’s consent once they have received a diagnosis. We can all take a look, because to ensure transparency they have released it as open source.
On signing up for the scheme a central server stores the details of each user as well as their phone number. When the epidemiologists have a need to trace a person’s contacts they send a notification, and the person can consent to their upload. This is a fine effort to retain user privacy, with depending on your viewpoint the flaw or the advantage being that the user can not have their data slurped without their knowledge. Iceland is a country with a relatively small population, so we can imagine that with enough consent there could be effective tracing.
We installed the Android version on the Hackaday phone to have a look, but unfortunately it seems to need to be in Iceland to be of use enough to explore. We would be interested to hear from our Icelandic readers, to hear their views. Meanwhile readers can juxtapose the Icelandic app with another proposal for a more anonymised version.
As we continue through the pandemic, whether we are on lockdown or still at work, there is a chance for all of us that we could still pick up the virus from a stray contact. Mapping these infections and tracing those in proximity to patients can present a major problem to infection control authorities, and there have been a variety of proposals for smartphone apps designed to track users’ contacts via the Bluetooth identities their phones encounter. This is a particular concern to privacy advocates, because there is a chance that some governments could use this as an excuse to bring in intrusive personal surveillance by this means. A group of academics from institutions across Europe have come together with a proposal for a decentralised proximity tracing system that allows identification of infection risk without compromising the privacy of those using it.
Where a privacy-intrusive system might use a back-end database tracking all users and recording their locations and interactions, this one uses anonymised tokens stored at the local level rather than at the central server. When a user is infected this is entered at app level rather than at server level, and the centralised part of the system merely distributes the anonymised tokens to the clients. The computation of whether contact has been made with an infected person is thus made on the client, meaning that the operator has no opportunity to collect surveillance data. After the pandemic has passed the system will evaporate as people stop using it, rather than remaining in place harvesting details from installed apps. They are certainly not the first academics to wrestle with this thorny issue, but they seem to have ventured further into the mechanics of it all.
As with all new systems, it’s probably good to subject it to significant scrutiny before deploying it live. Have a read. What do you think?
We are all watching our authorities as they race to respond to the pandemic in an effective manner, and we hope that should they opt for an app that it does an effective job and they resist the temptation to make it too intrusive. Our best course of action meanwhile as the general public is to fully observe all advised public health measures such as self-isolation or the wearing of appropriate personal protective equipment.
We ran an article on Solid this week, a project that aims to do nothing less than change the privacy and security aspects of the Internet as we use it today. Sir Tim Berners-Lee, the guy who invented the World Wide Web as a side project at work, is behind it, and it’s got a lot to recommend it. I certainly hope they succeed.
The basic idea is that instead of handing your photos, your content, and your thoughts over to social media and other sharing platforms, you’d store your own personal data in a Personal Online Data (POD) container, and grant revocable access to these companies to access your data on your behalf. It’s like it’s your own website contents, but with an API for sharing parts of it elsewhere.
This is a clever legal hack, because today you give over rights to your data so that Facebook and Co. can display them in your name. This gives them all the bargaining power, and locks you into their service. If instead, you simply gave Facebook a revocable access token, the power dynamic shifts. Today you can migrate your data and delete your Facebook account, but that’s a major hassle that few undertake.
Mike and I were discussing this on this week’s podcast, and we were thinking about the privacy aspects of PODs. In particular, whatever firm you use to socially share your stuff will still be able to snoop you out, map your behavior, and target you with ads and other content, because they see it while it’s in transit. But I failed to put two and two together.
The real power of a common API for sharing your content/data is that it will make it that much easier to switch from one sharing platform to another. This means that you could easily migrate to a system that respects your privacy. If we’re lucky, we’ll see competition in this space. At the same time, storing and hosting the data would be portable as well, hopefully promoting the best practices in the providers. Real competition in where your data lives and how it’s served may well save the Internet. (Or at least we can dream.)
This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter.
Smart speakers have always posed a risk to privacy and security — that’s just the price we pay for getting instant answers to life’s urgent and not-so-urgent questions the moment they arise. But it seems that many owners of the 76 million or so smart speakers on the active install list have yet to wake up to the reality that this particular trick of technology requires a microphone that’s always listening. Always. Listening.
As it stands on the modern Internet, your data is no longer your own. Your emails, photos, and posts all live on servers owned by large corporations. Their policies give them access to your data, which is mined to generate advertising revenue. And if you want your data back, there are innumerable hoops to jump through. Want it deleted entirely? Good luck.
Sir Tim Berners-Lee, as the original creator of what became the Web, has drawn issue with the current state of play. To move the ball on the issue, he’s been working on a design for decentralized internet and the efforts have led to the establishment of the Solid project. The goal is to rectify online privacy and ownership issues and give users greater control over their personal data.
The big question is how do you do that? When SOLID was announced last year there were few if any details on the approach taken by the program. But since then, more details have surface and you can even take an early version of the program for a spin. Let’s take a look.
About a year ago, Zachary McCoy took a bike ride around his neighborhood in Gainesville, Florida. It may have been forgettable to him, but not to history. Because McCoy used an app to track his mileage, the route was forever etched in the Google-verse and attached to his name.
On the day of this ill-fated bike ride, McCoy passed a certain neighbor’s house three times. While this normally wouldn’t raise alarm, the neighbor happened to be the victim of a burglary that day, and had thousands of dollars worth of jewelry stolen. The Gainesville police had zero leads after a four-day investigation, so they went to the county to get a geofence warrant. Thanks to all the location data McCoy had willingly generated, he became the prime suspect.