Creating herd immunity...
...to privacy
Pan-European group plans cross-border contact-tracing app – and promises GDPR compliance
A European consortium based in Switzerland plans to this week launch an opt-in location-detecting app to expedite contact-tracing those who have encountered coronavirus carriers. The new group, named Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT), promises a GDPR-compliant app that sounds a lot like Singapore’s …
-
-
-
Monday 6th April 2020 06:42 GMT Anonymous Coward
Re: Creating herd immunity...
As some people can tell you (some older ones here can): Sometimes you wish you were dead if you don't have any privacy. It's easy to do one liners about something you don't know anything about while you lived your life on a fluffy pillow.
Also, think about this if you do the Kool-Aid:
WHO, not so long ago: "China handled the epidemic very well".
Western governments: "Of course we are not China. Of course these kind of draconian methods are not possible in civilised countries. The government of China is bad. Very bad."
And now a (potentially obligatory in the future? Wait for it...) tracking app? Would it be because governments are really, genuinely, deeply concerned with whether I live or die? The value of my life? My contribution to society?
Ah, that's why...
-
-
-
Monday 6th April 2020 06:35 GMT Splurg The Barbarian
Re: How can location knowledge maintain privacy?
They did. Although only if you are sharing location history, although aren't location history and permissions not absolutes to Google.
How much of that was for altruistic reasons.and how much to say, look what we can do with this data for you, don't legislate, you need this type reasons.
The public by and large do not care. They have been brainwashed, by the likes of Facebook, Google, hell almost every manufacturer of a device connected to the internet that its normal.
-
-
Monday 6th April 2020 07:38 GMT fpx
Optional, Anonymous and Effective? Choose Two. At Most.
The media keeps hyping contact-tracing app as the miracle solution to the pandemic. They keep telling us how it will be optional and anonymous, when it really can be neither.
If it existed, the app would become a prerequisite to living normally again. You would like to dine in this restaurant? Show me your app. That would hardly be optional, else I could conveniently uninstall the app once it shows a potential exposure.
It can not be anonymous, because as the pandemic winds down, you really want to follow up on those contacts that were potentially exposed but that did not get tested. Once there are numbers like "x people had their status turn red but did not show up for testing" there will be enormous public pressure to de-anonymize those walking bio-terrorists.
At present, the app also just can't be effective. Living in a big city, just going out for a walk and shopping, we cross paths with hundreds of people, and with the current number of cases (symptomatic or not), there will be enormous numbers of false positives (i.e., you crossed path with a person that was later tested positive, but did not get infected) and false negatives (i.e., you crossed path with a Cov-positive person that was never tested because he was not symptomatic, or did not have a mobile phone with the app running at a time, but still got infected).
-
Monday 6th April 2020 12:44 GMT Olius
Re: Optional, Anonymous and Effective? Choose Two. At Most.
Fair enough - if you've been close enough to someone with Covid in the last 5 days that you could have caught it (and you haven't had and recovered from it yourself), then I don't want you in my restaurant.
Life isn't going to return to normal until we have a vaccine, a cure, or incredibly cheap and instantly-working test for both whether a person has it and whether they have had it. This is something a lot of people need to accept, but may not have even realised yet.
In the meantime, tracking who might have it is the only weapon we have in the toolbox (other than hiding in the toolbox)
-
-
Monday 6th April 2020 08:07 GMT Anonymous Coward
Whenever I read the solution to all evils is an app...
... I know we are all doomed.
My sister and my mother don't even have a smartphone. My mother phone doesn't even have Bluetooth. How do they think to track them? Making smartphones mandatory? Fining people around without one, or with Bluetotth/WiFi/Data turned off?
Some people should stop to believe the whole world is alike the one within their little horizon.
Meanwhile, the real issue is there are no ways to detect infected people before they can infect others because there are not enough resources to test enough people. A family friend of ours died of covid-19. Her lone son, with a mild disability, living with her, was not tested and was left alone in quarantine for fourteen days, because tests were kept for "better people" (who usually included football players and politicians, but not doctors and nurses...) - and the carrier who infected her was probably not identified for the same reason.
And they're telling me the solution is an "app"?? Clueless idiots trying to make people believe they have "the situation under control".
-
Monday 6th April 2020 10:42 GMT Pascal Monett
"the app detects other devices with AarogyaSetu installed"
Only if BlueTooth is enabled, I'll wager.
I only enable BlueTooth when I'm in my car to get hands-free communications, so it won't work. And if you think I'm going to enable BlueTooth just because I'm leaving my house, think again.
I've been quarantined for three weeks already, this is going to be my 4th. I don't have the bug, and I'm not meeting anyone so I still don't have the bug.
I don't need the app and I won't install it.
-
Monday 6th April 2020 12:19 GMT Anonymous Coward
Re: "the app detects other devices with AarogyaSetu installed"
>Only if BlueTooth is enabled, I'll wager.
You've hit the nail on the head here. We did a bit of a thought experiment in our team about how we'd do this. Building a data model that (mostly) preserves privacy is relatively easy. You don't need to record who a person is, or where they've been, just that some unique identifier has been in proximity to some other unique identifier at a given time - three fields. That also has the benefit of being perfect for population-scale storage and retrieval in any number of key-value database technologies (e.g. HBase, Cassandra), and likewise can be naturally managed for retention.
To make this work you'd need to have Bluetooth constantly broadcasting and handshaking. This would destroy your phone's battery life. So people wouldn't do it. Hypothetically you can do some of this with Bluetooth LE, but that has device ID scrambling baked into the spec, so it's potentially not even viable. Google used to have whole frameworks for managing this back when beacons were cool (e.g. Google Nearby) but that's apparently now abandonware, and many devices are now engineered explicitly to prevent you doing this - BLE's address randomisation being a good example.
tl;dr the data and privacy are easy, getting people to comply is hard, and the reality is the government can just procure non-private data direct from the telcos and Google and Apple.
-
Thursday 9th April 2020 17:20 GMT Anonymous Coward
Re: "the app detects other devices with AarogyaSetu installed"
Instead of bleating about how it's all too difficult, why don't you chaps all go and read about Singapore's version - TraceTogether - that has been working well for quite a while now and helping significantly. I understand that's the basis of the DP3T design.
-
-
-
Monday 6th April 2020 13:52 GMT FeatherTin
Game (nearly) over in the UK
From an article on the BBC on 31.March :
"My favourite restaurant might ask me to show that I was low-risk before allowing me into a crowded place, and I think that would be a perfectly reasonable price to pay for this step towards returning to normal life," Prof Michael Parker told the BBC.
…
"And while he said that the general public should not be compelled to use the app to begin with, he did not rule this out if the majority failed to do so."
"The key question is - does it require everyone to do it for it to be effective?" Prof Parker explained.
(seen from https://tin-feather.github.io/TinFeather/posts/a-lightbulb-moment/)
We have Palantir and NSO pitching to governments around the world. And now these guys... who set up in Switzerland. Outside GDPR.
Call me skeptical.
Biting the hand that feeds IT
