On Monday the EU data protection watchdog called for the development of a single COVID-19 contact-tracing app that would be coordinated at European level.
As it stands the spread of coronavirus over the past weeks has seen governments forced to develop and roll-out new technologies at a speed that previously would have been inconceivable.
Starting with the Chinese government’s app that color codes citizens according to risk level, numerous countries, including Singapore, Israel and Russia, have now developed their own coronavirus mobile apps. Inevitably many of these have thrown up a whole host of questions around mass surveillance and the infringement of data protection laws. This begs the question: is it possible to develop an app that can both effectively limit the spread of the disease and ensure user privacy?
Is GPS data the way forward?
Various options exist for governments looking to develop apps that can help limit the spread of coronavirus. Potential technologies include Bluetooth, GPS, cellular location tracking and QR codes.
Each poses its own set of advantages and disadvantages when it comes to both the practicalities of contact-tracing citizens, alongside the clear privacy concerns raised by the EU and data protection campaigners.
The technical requirements for a contact-tracing app include the need to operate at close range, in order to accurately determine whether the user has come into close enough contact with an infected person to now be at risk.
In South Korea, citizens who have been ordered to quarantine must download a government app which uses GPS to track their movements and reports to the government if they leave their designated quarantine area. However, this model isn’t particularly useful for anything else.
For tracing contact between individuals, the use of either cellular location data or GPS is a non-starter. The accuracy level for a contact-tracing app would need to be down to a couple of meters, whereas GPS would only be able to provide accuracy down to the nearest 10 to 20 meters and would be less effective inside buildings. Cellular location data is even less precise.
An app that used cellular location data would also pose significant privacy concerns, as tracking could be applied unilaterally. This could bypass the need for user consent and violate citizens’ data protection rights.
How are affected nations rolling out app-based tracking tools?
Countries including China, Russia and Hong Kong have developed surveillance technologies based on the use of QR codes. In China’s case, the government monitors individual citizens by forcing them to scan their QR code when entering shops, subways and other public buildings. The app then sends the user’s location and an identifying code number to a central server.
In Hong Kong’s case, anyone entering the country is given a wristband with a unique QR code that they must scan and calibrate with the country’s StayHomeSafe app. Because overseas arrivals are required to quarantine themselves in their homes for 14 days, the StayHomeSafe app can then use a geofencing technology to alert the government if they attempt to leave their home.
While effective for snooping on, and restricting the movement of, citizens, a QR code-based system is useless when it comes to determining whether someone has been in close contact with an infected individual or if they’re following social distancing measures in public. Even in Russia, a country with a long history of mass surveillance, the mayor of Moscow recently backed down on plans to implement a QR code tracking system, saying that this measure should only be a last resort.
Currently the most promising solution, and the one which the EU currently proposes, is to track citizens using Bluetooth. Bluetooth operates effectively at close range and would allow governments to develop an application that users could easily opt in or out of simply by turning their Bluetooth on or off.
Opt-in could be built around granting users the ability to return to normal life as soon as possible, provided they use the app and respect social distancing measures. This would comply with the European Data Protection Board (EDPB)’s statement that restrictions of freedom during the pandemic are acceptable, that is if they are strictly limited to the emergency period.
How would a Bluetooth contact-tracing app work in practice?
Rather than sweeping cellular monitoring, a solely Bluetooth-enabled app would operate on a system of individual anonymous codes. If someone were to test positive for COVID-19 their anonymous code would be sent to other relevant users, so that those who had been in close proximity to them could be warned.
Bluetooth has been the technology of choice for the Singapore government’s contact tracing TraceTogether app, which has played a significant part in the country’s successful response to the virus. Meanwhile, in the UK, the National Health Service’s digital transformation arm NHSX is also planning to launch a Bluetooth-based contact tracing app.
TraceTogether works by sharing temporary identifiers and information about phone models and signal strength between users’ devices when they come into contact with each other. If someone is diagnosed with Covid-19, they can upload their data to Singapore’s Ministry of Health, who decrypt the information and send out alerts to other app users who have been in contact with them.
As well as contact-tracing, a Bluetooth function could hypothetically also help measure whether users were respecting social distancing guidelines in public. Bluetooth, unlike any other form of cellular data, is able to function with a reasonable degree of accuracy at the 2m mark, if applied effectively by the relevant authorities, this would potentially allow for a slightly faster return to normality.
Of course, Bluetooth technology still has its limitations. On Apple devices an app generally needs to stay in the foreground to work properly, and battery drain may become an issue. However, when compared to other options, most countries seem to be coming to the conclusion that Bluetooth is their best bet.
Ensuring privacy-by-design
Just because we are living in extraordinary times does that mean that we can forget about data protection rights. A Bluetooth app would also need to ensure ‘privacy-by-design’, one of the requirements laid out by the EU data protection watchdog.
As stated in the Chaos Computer Club’s recently published post on contact tracing apps, it is “not sufficient to rely on organisational measures, “trust” and promises”, when dealing with the issue of user privacy.
Laws, which ensure a return to normality once this crisis is over, are absolutely essential to ensure that such mass surveillance could not be abused by the powers that be.
A Bluetooth app for one could operate without any centralised database, allowing fully anonymous contact tracing, which is another key element of ‘privacy-by-design’. If all the app does is share anonymous user codes between devices, there’s no need for lists of contacted codes to ever leave users’ phones.
The legislative path ahead of us
The EU watchdog has specified that a single European app would be “not here to stay after the crisis”. Tracking would need to be phased out, along with the other necessary restrictions we have seen placed on our personal freedom in the interest of public health.
At this juncture, it is important for both the EU and other nations to legislate first to ensure this happens, and then to launch the application once this legal clarity has been provided.
Governments worldwide should also commit to open-sourcing any contact tracing apps, as Singapore is planning to do with its TraceTogether app. This enables users to see exactly how data is being used, and for privacy professionals to ensure that this data is not being used maliciously.
While Bluetooth is by no means a perfect solution, and the team behind the TraceTogether app soon discovered that Bluetooth signal strength varied by up to 10,000 per cent between phones, it certainly seems to provide the most effective and most privacy-centric option for the time being. There have also been some promising breakthroughs recently. The MIT Media team behind COVID-19 contact-tracking app Private Kit: Safe Paths has resolved the Android and iOS interoperability issue it was facing, for example. The app is now being piloted in countries including the U.S., Italy, Spain, India, and the UK.
Bluetooth also seems to be the way forward that gives users the most control over their data in these unusual times. At the very least, it should help us prevent the potential privacy nightmare that might arise if governments were to monitor our location data by teaming up with the likes of Google.
Vittorio Bertola is Head of Policy and Innovation at Open-Xchange.