Improving Outcomes while Protecting Privacy During COVID-19: Contact Tracing Apps

In recent weeks my colleagues at CriticalBlue/Approov have been following the to build smartphone apps in the worldwide fight against COVID-19. Such apps are a powerful weapon in controlling the growth of infection by automating the scaling of the contact tracing process. race contact tracing By tracking interactions between people, the apps allow instant user notification for anyone who has recently been in close proximity with anyone later diagnosed with COVID-19. This allows immediate social distancing or self isolation measures to be instituted for that potential infected user, slowing the spread of the virus. These apps were not widely available during the initial phase of the pandemic, but they may still have a crucial role to play as we emerge from social lockdowns. We have some specific suggestions about how this can be achieved while maintaining anonymity. Contact tracing apps are primarily based on the of users, allowing historical interactions to be recognized and then communicated. Data may be extracted from existing app feeds or . collection of time and location data telecom provider location data Alternatively, a purpose built app that specifically tracks location may be employed. Such extreme measures may need to be taken to save lives, but this application of data tracking brings with it . Moreover, the location data collected may be of relatively poor quality, especially for indoor locations without GPS line of sight. huge issues of privacy Recently there have been numerous discussions about using for this purpose. This is a ubiquitous standard for short range communication that can, in principle, be co-opted to directly measure the proximity and duration between devices, and by extension their owners. Bluetooth It also has many advantages in terms of preserving privacy as explained in this great . Bluetooth tracking and COVID-19 tech primer In late March, the Singapore Government launched the app. This is an . It appears the app works by assigning each app user with sets of randomized IDs that are advertised over Bluetooth, and detected by other devices via scanning. TraceTogether opt-in Bluetooth tracing app The developers have thought hard about privacy, although it is still necessary for the app user to register their phone number with the Ministry of Health. We have also been thinking about this particular problem for some weeks and are now contributing our ideas on the topic. We hope they can help those working on these problems. We have posted a repository with a whitepaper. here In particular we have been thinking about how an improved privacy model allows a true peer-to-peer communication model where anonymity and full privacy is maintained throughout. There is no requirement to disclose contact information to any central authority. On a more practical implementation level, we are also suggesting the use of a standard called for Bluetooth communication. This is a way for devices to broadcast a fixed identity to phones that are moving near them. iBeacon The primary application is really for advertising purposes. A user can walk up to an iBeacon in a shop, for instance, and the detection of the proximity causes some notification to pop up on their phone. iBeacons are not really designed to transmit other data. However, they do have great software support on both iOS and Android, and allow beacon detection even when a phone is locked. We think they can be leveraged to help with the usability of these contact tracing apps. We also think that this type of technology can help with practical evaluation of . social distancing measures We are interested in speaking to any groups currently building privacy preserving contact tracing apps. We believe we can usefully contribute to building a Software Development Kit (SDK) that implements the protocol we have outlined. Of course, the success of such apps requires a high percentage of the population to be using the same app, or at least ones observing the same protocol or providing interoperability. We really welcome the efforts of to make this a reality. PEPP-PT Whatever protocol and approach ultimately proves the most successful, it will require some backend API endpoints that the apps communicate with. We have significant expertise in this area and could contribute to ongoing efforts. It can be easy to forget some of the basic principles of API security when rushing to build such a needed solution. API endpoints must scale to population-wide data collection while also being protected against malicious attacks by bad actors wanting to undermine the system. Given the likely relevance of these apps in the near future and their potential role in gradually allowing us to exit lockdown, we are really talking about issues of national security. Unfortunately, there is potentially a tradeoff between allowing anonymity in the app versus the measures that need to be taken to protect its backend components. We hope though that this consideration doesn’t push us into a world where personal privacy is severely compromised. We will publish more blog posts and resources as we learn more. Please take a look at our whitepaper. We welcome any and all feedback at the Approov repo. We hope to contribute to the fight against COVID-19. Privacy Preserving Proximity bluetooth-p6 (Featured Photo by on ) CDC Unsplash