back to article UK snubs Apple-Google coronavirus app API, insists on British control of data, promises to protect privacy

The UK has decided to break with growing international consensus and insist its upcoming coronavirus contact-tracing app is run through centralised British servers – rather than follow the decentralized Apple-Google approach. In a blog post just before the weekend, the CEO of the National Health Service’s tech unit NHSX …

  1. Anonymous Coward
    Anonymous Coward

    Oh, Grandma what big eyes you have.

    All the better to see you with, my dear!

    1. Martin Gregorie Silver badge

      Re: Oh, Grandma what big eyes you have.

      Apart from anything else, why should we ever trust sensitive data to the people who authorized the Care-Data clusterf*ck?

      This centralized approach smells very much like another attempt at the same thing. Once they have tracking data, what are the chances that they WON'T come up with some lame excuse to link in our medical records and then let some third party process the data "because our systems are overloaded with all this tracking" and monetize it "because that pays for a better NHS" or similar lame excuse.

      1. Barrie Shepherd

        Re: Oh, Grandma what big eyes you have.

        "..............what are the chances that they WON'T come up with some lame excuse to link in our medical records and then let some third party process the data "because our systems are overloaded with all this tracking" ......"

        I bet Crapita are already writing the Tender documents (together with their pricing response)

      2. EnviableOne Silver badge

        Re: Oh, Grandma what big eyes you have.

        and whos national data opt-out is incompatable with GDPR (which requires explicit consent)

        1. This post has been deleted by its author

  2. Dinanziame Bronze badge
    Holmes

    UK government thinks it's not a problem to spy on its citizens. I'm shocked, shocked! Well, not that shocked...

    1. Anonymous Coward
    2. Dr Paul Taylor

      The clocks were striking thirteen

      In which country did Orwell set his book?

      1. j.bourne

        Re: The clocks were striking thirteen

        1984 by George Orwell: TL:DR

        Orwells book is set in the fictional future country Airstrip One a state of Oceania. Winston Smith, the main protaganist lives in London. Oceania is at constant war with one or both of the other 2 superstates Eastasia and Eurasia...

        1. Boothy Silver badge
          Big Brother

          Re: The clocks were striking thirteen

          No, no, no, we are at war with Eastasia. We've always been at war with Eastasia.

          WAR IS PEACE, FREEDOM IS SLAVERY, IGNORANCE IS STRENGTH.

  3. Anonymous Coward
    Anonymous Coward

    Three steps to avoid this

    Any of those listed below will make this a roaring success (not)

    1) set BT to 'disable'.

    2) Do not install app.

    3) Leave phone at home when going for your daily walk or weekly shop.

    Goverments (not just in the UK) seem to assume that ALL of us have a phone glued to an appendage morning noon and night. This is clearly not the case if you are say over 50 years old which puts you into the age group that seems to get the plague more than others. Has anyone told BoJo (and other PM's/Presidents) about that?

    1. Anonymous Coward
      Anonymous Coward

      Re: Three steps to avoid this

      From my understanding they've developed a method with GCHQ that awesomely allows them to enable bluetooth -and anything else- on your device when they see fit. This was mentioned on the BBC article.

      They are literally, hacking your phone with this app :-D.

      Thus, the app can force itself to run in the background without being hindered by battery saving techniques or users disabling things, ensuring we are all carefully monito... eh, ensuring our safety.

      I'm going to get a lot of hate for saying this, but I for one will not be installing this NHS app. I would rather get corona and die at last... even if they make it mandatory by law, still not installing it.

      1. Anonymous Coward
        Anonymous Coward

        Re: Three steps to avoid this

        Issues such as being able to run in the background are already well known as it's a similar problem for things like fitness apps, you don't need GCHQ to work around that. Any battery management settings would still apply unless the user changes the settings for this particular app.

        The BBC article also doesn't say anything at all about them being able to enable 'enable bluetooth -and anything else- on your device when they see fit'. GCHQ no doubt have the technology for that but they aren't going to waste it on an app which will be installed by millions of people and undoubtedly disassembled and analysed closely.

      2. Headley_Grange Silver badge

        Re: Three steps to avoid this

        "I would rather get corona and die"

        This is not just about you and your personal choices. You might rather get corona and die but your choice affects other people who might be much more susceptible to dying from it and would prefer to live a bit longer. If a significant proportion of the population take your approach then susceptible folk are going to be confined to their homes for months or we'll all be locked down for a lot longer.

        1. Anonymous Coward
          Anonymous Coward

          Re: Three steps to avoid this

          It is my choice not to carry a smart phone - I've just bought spare batteries for my old Blackberry should HMG decide that they wish to do such a thing.

          I need privacy, not because my actions are questionable, but because the government's judgement and intentions are.

        2. Ben Tasker Silver badge

          Re: Three steps to avoid this

          "I would rather get corona and die"

          This is not just about you and your personal choices. You might rather get corona and die but your choice affects other people who might be much more susceptible to dying from it and would prefer to live a bit longer

          Agreed, but there's a more privacy sensitive option available and they've chosen to disregard it for no tangible benefit (as the article notes, their claimed benefits are going to fall flat once there's sufficient demand, and they'll end up automating anyway).

          Other countries have realised that the outcome of going the more privacy invasive way is reduced uptake. Why does our government (with it's fondness for data experts) think this will be any different - hell as "experts" they should probably realise that their very presence (and proven attitude to data protection) will make people more way not less.

          Sorry, but I'll not be installing it either.

        3. Doctor Syntax Silver badge

          Re: Three steps to avoid this

          "This is not just about you and your personal choices."

          No, it's about HMG's choices. Several European govts have opted for a choice that respects privacy. Germany even abandoned its first choice to do this. One then has to ask HMG why it made this particular choice.

          It might be simply the ruling ERG's xenophobia leading it to wish to do the opposite of Europeans. It might be an unthinking data-fetish.

          But from our PoV it's simply UK govt., having a long history of not being trustworthy in terms of privacy, doing yet another thing which is not trustable in terms of privacy and asking us to trust them. There's nothing to stop them reconsidering like the German govt. did but my expectations are low.

        4. Anonymous Coward
          Anonymous Coward

          Re: Three steps to avoid this

          So you propose that we are eternally monitored for a disease for which every 200 suffers has just one fatality?

          1. Anonymous Coward
            Anonymous Coward

            Re: Three steps to avoid this

            "a disease for which every 200 suffers has just one fatality?"

            A CFR (case fatality rate) of 0.5-1% is actually really rather high for an infectious disease (by comparison COVID-19 is approximately 3 times more infectious than the flu, and 10-30 times as lethal). Note that as the number of infections increases, so does the CFR as the ability of the health services to actually treat the sick descreases (just look at the grim situation Lombardy found itself in as the healthcare system became more strained).

            To put it another way, the US CDC forecast 96 million hospitalisations due to COVID-19 by August - do you think that the US healthcare system could have coped with that? (and that there'd be only 480,000 fatalities?).

            1. Mark 65

              Re: Three steps to avoid this

              Forecasts are mostly bullshit

            2. LittleOldMe

              Re: Three steps to avoid this

              "A CFR (case fatality rate) of 0.5-1% is actually really rather high..."

              I think you might be mistaking CFR for IFR. Case Fatality Rate is a measure of how many who are tested die. As we only test those who are suspected of having it, CFR tends to be much higher than Infection Fatality Rates which are probably more like 0.2%. I say probably, becuase until you test are large portion of society with a RELIABLE test (note current UK swab testing is not that reliable) you not going to know the exact IFR.

              Of course advertising such a high CFR and relying on peoples ignorance on the difference is a great way to make it look worse than it is and promote panic.

              I do know the difference. I do know that Apple and Google are more competent at software and privacy. I won't be installing the UK Gov app either. I would install the Google one if that choice is offered.

          2. Anonymous Coward
            Anonymous Coward

            Re: Three steps to avoid this

            If you're concerned about privacy but want to Do The Right Thing, just buy a burner phone; enter approx details that can't pin to you & just use whilst the country needs you to.

            Simples!

        5. Cederic Silver badge

          Re: Three steps to avoid this

          This is not just about you and your personal choices. You might rather get corona and die but your choice affects other people

          If he's willing to die for freedom then you can probably safely assume that he's willing to let others die for it too.

          If the Government wants everybody to use their invasive app then they should design it to be non-invasive.

      3. Anonymous Coward
        Anonymous Coward

        Re: Three steps to avoid this

        " I would rather get corona and die at last... "

        No you wouldn't. Trust me.

        1. Anonymous Coward
          Anonymous Coward

          Re: Three steps to avoid this

          I see AC OP and 4 downvoters haven't had any family members die of Covid-19. You have been the lucky ones.

          1. Anonymous Coward
            Anonymous Coward

            Re: Three steps to avoid this

            My mother died yesterday. I am the AC OP. I still stand firmly that I'm not installing that app.

            1. Cederic Silver badge

              Re: Three steps to avoid this

              *hugs*

        2. Mark 65

          Re: Three steps to avoid this

          Perhaps the person posting places a very high value on freedom and privacy within society

          1. Anonymous Coward
            Anonymous Coward

            Re: Three steps to avoid this

            Or it's just another example of common or garden internet blowharding?

            Anyway original AC's parent passed away of Covid-19 so we can no longer talk about this subject in this thread, during their period of grieving, I guess.

      4. Anonymous Coward
        Anonymous Coward

        Re: Three steps to avoid this

        Well you'd better keep the fuck away from my family then. I don't care if *you* die from Corona either, but if you come near me or mine with that attitude you won't need to worry about that.

        Oh, and keep your tinfoil hat nailed on matey, longer nails are available.

        1. Rob 63

          Re: Three steps to avoid this

          Controlled by fear

        2. Mark 65

          Re: Three steps to avoid this

          Man, they’ve got control over you don’t they?

        3. Cave-Homme

          Re: Three steps to avoid this

          Definitely a coward, making threats and hiding behind AC.

  4. Anonymous Coward
    Anonymous Coward

    Oh no, the government isn’t filled with the Vote Leave criminals and this system has no ties to the companies involved in that. Palantir are just a very helpful society oriented organisation. The same with Faculty. How dare anyone question the motives here.

    1. Anonymous Coward
      Anonymous Coward

      Demonic Cummings' ectoplasm is all over this one.

    2. Anonymous Coward
      Anonymous Coward

      "[...] Vote Leave criminals [...]"

      Are you for real? You think voting to leave the EU makes someone a criminal? Wow. I was concerned that the EU's desire to centralise everything under their direct control MIGHT lead to a LESS oppressive version of "One Land, One People, One Leader" but obviously I was underestimating the situation.

      What's next, Re-education Camps to show the Leave voters the errors of our ways? Prison sentences if we don't confess the error of our ways and bow our heads to our Brussels-dwelling lords and masters?

      1. Anonymous Coward
        Anonymous Coward

        Re: "[...] Vote Leave criminals [...]"

        Learn to read. Vote Leave is the organisation that broke electoral law during the referendum. I did not say voting leave makes someone a criminal, it does make them thick, thick enough to lack basic comprehension of what I wrote.

        1. j.bourne

          Re: "[...] Vote Leave criminals [...]"

          Lack of understanding is not the fault of the student/pupil/person you are trying to convey an idea to. But of the person trying to the convey the idea. Either the idea isn't as valid/sound as they think it is, or they aren't up to the task of conveying it.

          Resorting to abusing your audience/student/pupil is rather like trying to beat knowledge into someone - less than productive: and revealing of your own lack of comprehension that your viewpoint however firmly held is no more than a faith, not an absolute truth.

        2. Cederic Silver badge

          Re: "[...] Vote Leave criminals [...]"

          Vote Leave and Leave.EU were both found in breach of electoral law.

          But so were five different organisations campaigning for 'Remain'.

          It is however defamation to suggest that the Cabinet is populated by criminals. You're lucky they're distracted right now.

          1. Anonymous Coward
            Anonymous Coward

            Re: "[...] Vote Leave criminals [...]"

            Patel is definately 300,034 974,000% a crim. The others just fall into the plausable idiot category.

            Still able to defend Leave.Eww! with a bit of whataboutery? Well done.

      2. Anonymous Coward
        Anonymous Coward

        Re: "[...] Vote Leave criminals [...]"

        >>What's next, Re-education Camps to show the Leave voters the errors of our ways?

        I bet Priti dreams about something similar for anyone who goes against her ideology.

        That and the death penalty for innocent people as a deterrent. All three hundred thousand, thirty four, nine hundred and seventy four thousand of them.

  5. nojobhopes
    Terminator

    Paranoid Android

    Of course "Pushing out updates to Android is notoriously challenging" (https://www.cnet.com/news/how-youll-get-apple-and-googles-contact-tracing-update-for-your-phone/). In reality lots of Android phones don't have the latest security fixes. So how are Google getting this tracking update onto all Android phones? Via Google Play services. Which doesn't work for vendors who produce Google-free AOSP Android phones (like cheap knock-offs and Amazon Fire devices). This proves the Android OS update approach is a bit broken.

    1. Saruman the White

      Re: Paranoid Android

      It also does not work if you simply don't download and install the app.

      I suspect that trying to force it on to everyone's phone without explicit permission (which is effectively granted by someone actively installing the application) is going to result in HMG being taken to court for breach of privacy.

      1. werdsmith Silver badge

        Re: Paranoid Android

        Or make them unpopular (for a change) like U2.

      2. Yet Another Anonymous coward Silver badge

        Re: Paranoid Android

        > is going to result in HMG being taken to court for breach of privacy.

        By whom ?

  6. Anonymous Coward
    Anonymous Coward

    <sarcasm>Surely they can already track you by the RFID chips that Bill Gates has installed into people via 5G.</sarcasm>

    1. Mad Dave

      Why the tags?

      1. Anonymous Coward
        Anonymous Coward

        <disaster_movie>.. Hang on a minute .. 5G *caused* the coronavirus outbreak when the network went live .. if I can just hack into the 5G network through this Huawei backdoor, then I can inject a script that propagates through everyone's cellphones to all nodes of the system, reversing the polarity of ALL the 5G Wi-Fi transmissions .. that will suck ALL the coronavirus back into the street lights, meaning it will be gone FOREVER! It's a long shot, but ..</disaster_movie>

        1. TheProf Silver badge
          Thumb Up

          <disaster_movie>

          That's got "Oscar©® Winner" written all over it.

  7. Anonymous Coward
    Anonymous Coward

    Difficult choice

    Trust Google, or trust Government IT?

    Neither, I think.

    1. fwthinks

      Re: Difficult choice

      ^ This is the crux of the issue - what does amaze me is the number of people who just automatically trust the statements from google/apple - especially given the history of them deceiving people and covertly collecting data. To me the supposed additional privacy of their solution is dependent on them being and remaining honest. It only takes a few people to start seeing dollar signs at the prospect of using all that personal data, for the privacy to disappear.

      I am very uneasy about the whole solution, irrespective of who manages the solution. However maybe us sensitive types are irrelevant in this discussion. Billions of people happily give personal data out on the internet every day. So maybe the critical mass requirements will be met by all the Facebook fans.

      However there are dire consequences both economically and personally if this pandemic continues to control our way of life for the next few months even years - so my view is that I would install the app if this goes some way to allowing us to return to normal sooner. The privacy consequences could become irrelevant if things turned bad.

      1. not.known@this.address Silver badge

        Re: Difficult choice

        And don't forget the Patriot Act. Whilst I don't have any particular reason to fear the US Government snooping on everything I do and everywhere I go, it doesn't mean I want to give the information to American companies who could be "forced" to hand the data over because US.Gov says so, any more than I want to give the information to our own mob.

        1. Barrie Shepherd

          Re: Difficult choice

          "And don't forget the Patriot Act"

          Or the CLOUD Act https://en.wikipedia.org/wiki/CLOUD_Act

    2. FrogsAndChips Silver badge

      Re: Difficult choice

      Privacy matters aside, at least I trust Google/Apple to bring an app to the market soon enough. Given gov.uk's track record in terms of delivering IT projects, if this app is a prerequisite to lifting the lockdown we'll still be in our homes by Christmas.

      1. JohnMurray

        Re: Difficult choice

        Which Christmas?

        1. Irongut Silver badge

          Re: Difficult choice

          Xmas 2024

      2. Flywheel Silver badge

        Re: Difficult choice

        Depends if your phone's firmware is up-to-date enough - I can see the spyware needing a certain (minimum) version to work: how many people do you actually know that will go through the alleged hassle of downloading/installing/rebooting? I'm surprised how many won't bother.

        1. Boothy Silver badge

          Re: Difficult choice

          Can't comment on the 'apps' yet for obvious reasons, but the API changes being done are meant to go back to phones at least as old as Android 6 from another article I've read. I've no idea about Apple.

          The Android API changes are being pushed via Google Play Services (like a lot of the other Android services these days), rather than as an actual OS OTA update, so it's not dependent on the manufacturers doing anything.

      3. John Brown (no body) Silver badge

        Re: Difficult choice

        While I agree with you 100%, if Google and/or Apple collected data via this API and it eventually leaked, the backlash would be immense. On the other hand, they can produce something like this to do the job properly while gov.uk IT projects are not only farmed out to the lowest bidder, politics keep moving the goal posts, so it's no wonder they come in late and over budget, if they even complete at all.

        1. mmccul

          Re: Difficult choice

          "I see you stopped by our booth on $PRODUCT recently. I realize the framework we are using to contact you was intended to track people who may have been exposed to a dangerous disease, but we decided to leverage this functionality to notify you that we are offering a sale on our product that you already said you were interested in by walking by our systems."

        2. Anonymous Coward
          Anonymous Coward

          Re: Difficult choice

          ", if Google and/or Apple collected data via this API"

          IF? Whole API and background services *exist* solely for collecting 'data'. For them to sell. Literally.

          "the backlash would be immense."

          So? Have either of actually *changed* anything after older "backslashes"? No?

          Neither doesn't give a f**k. That's the reality: It's *all about money*.

    3. TheSirFin

      Re: Difficult choice

      Worth having a listen to this podcast ........ really interesting to hear how both approaches work .... and not a surprise that the Gov have gone on the Slurping route ....

      https://www.bbc.co.uk/programmes/m000hgj3

    4. Paul Shirley

      Re: Difficult choice

      There's no comparison between the damage a profit driven private company will be prepared to do by abusing surveillance and the ability, willingness and mild consequences (and the ability to exempt themselves from them) a government or political movement has to abuse surveillance.

      The current malign, incompetent UK gov and majority of politicians infesting all parts of our supposed democracy are infinitely less trustworthy than the worst anyone believes of Google/Apple/Amazon etc.

      If tracking is needed, I'll go with the provider with less motive&ability to shit on my life through doing it.

      1. genghis_uk Bronze badge
        Facepalm

        Re: Difficult choice

        Missed this on my first pass through the comments.

        A more concise version of what I said many posts later - have an upvote!

  8. Felonmarmer

    So like every other aspect of the pandemic, the UK want's to do this differently from everyone else. How's that worked out so far?

    But also, studies suggest that coronaviruses (including preliminary information on the COVID-19 virus) may persist on surfaces for a few hours or up to several days. Doesn't this make the whole concept a bit dodgy? If this is being used to open up the lockdown, and a person going to work is confirmed to have an infection, there may be a trail of infected surfaces going back hours. They would need to track not only proximity at any point but a trail of movement corelated with time for each phone and match those trails with every other to see if you moved throught that trail within hours of the infected trail. Surely this would quickly escalate to flag a huge number of suspected cases quite quickly (every bus passenger on a bus for hours after an infected trail has travelled by that bus for example, and then track everyone of those passengers throughout a city?)

    1. Drat

      It is not about picking up everybody who may have been infected, it is about picking up enough people who may have been infected to reduce the R0 below 1

      1. Felonmarmer

        Aren't you going to have too many false positives though? If the idea is to uise to relax lockdown, then we could end up with as many at home on 14 day exclusion waiting for symptoms as currently off with the current lockdown measures?

        1. ibmalone Silver badge

          By the time this is actually available hopefully they will have better testing. I've also seen tiers of exposure proposed, again playing on the average rates and the principle that people who've been in each other's company for an hour are more likely to have transmitted it than people who passed in the street.

          That said, if they're proposing to massively increase the number of people self-isolating (as this would extend to those who were asymptomatic), are instructed to self-isolate rather than do so voluntarily (some powers in the coronavirus 2020 act * depend on being instructed to isolate or believing the person to be infectious) and have a central system where conceivably this information could then be shared to the police to enforce isolation, then it really is essential that there is a plan for supporting people isolating.

          And of course promising a gradual scope creep may not help public trust when public trust is what you really need.

          * as distinct from the The Health Protection (Coronavirus, Restrictions) (England) Regulations 2020 which are the ones about not gathering in groups, only being out for certain reasons etc.

        2. Doctor Syntax Silver badge

          This is the crux of any tracing system. It must have an effective testing regime to confirm putative contacts. In fact, to be useful, it would be nothing more than the front-end to a testing system and the current target, assuming it's ever actually met, is probably an order of magnitude short unless the infection rate is got down to manageable size before introducing such a system.

        3. JohnMurray

          Bearing in mind that the immunity gained from infection only lasts a few months, according to S Korea medics, this may well mean the elderly and vulnerable being domestically incarcerated for the remainder of their lives!!

          1. EnviableOne Silver badge

            immunity

            according to the studies i've read, the levels of antibodies in the system i the young are nigh on non-existant, so getting infected confers no immunity, however as the age of the infectee increases, the bodies specific responses are more triggered and anti-body counts and immunity persistance rise.

        4. Yet Another Anonymous coward Silver badge

          >then we could end up with as many at home on 14 day exclusion waiting for symptoms as currently off with the current lockdown measures?

          But many of them will be on zero hour contracts so it doesn't cost the economy anything for them to lock themselves up

      2. Anonymous Coward
        Anonymous Coward

        Stupid people can't understand this, there's something broken with their brain that makes them incapable of understanding that sometimes, it's ok for an enforcement measure to be <100% effective if it brings other social benefits. Doesn't compute for them. "But if just one life was saved, it would all be worth it!" makes perfect sense to them. They'll probably be found, shouting at someone on a moor miles away from anyone, for 'putting lives at risk' by 'flouting the restrictions' and sunbathing.

        1. Barrie Shepherd

          "Stupid people can't understand this, there's something broken with their brain that makes them incapable of understanding that sometimes, it's ok for an enforcement measure to be <100% effective if it brings other social benefits. Doesn't compute for them. "

          I think in this case it is the pseudo Law makers (Chief Cunstables, DPP, Ministers on podiums) who can't work out that a person driving to an isolated location and spending time on their own does not pose a threat to the virus spreading.

          1. JohnMurray

            They can work it out. As I told Mr Con-Stable when pulled-over at 2200z, coming home from work; "the biggest risk of infection I have is talking to you" (not impressed, warned about £60 fine). I'll bet the "coronavirus laws" are not rescinded as fast as they were imposed!!

            1. Jimmy2Cows Silver badge

              You made him look foolish. Always inviting trouble, that.

            2. Intractable Potsherd Silver badge

              My village should be an absolute hotbed of virus-laden people, and at least four should have died from it, because there has never been so much interaction between people walking around, chatting to people on their gardens etc - no masks, and rarely any gloves to be seen, and a lot of people have some funny ideas about how tall an Osman is! At any given time between 9am and 6pm you will come across at least four other people, often in family groups. However, as far as I am aware (and I'm fairly well connected to the people who live here), there hasn't been a single confirmed case, let alone a death, even amongst the key-workers or the elderly population.

          2. Jimmy2Cows Silver badge

            Broadly speaking, the issue isn't that one person does it, so much as when 2 million people think they're the only one doing it.

            Common sense should still apply, but that requires the ability to consider each situation objectively and not blindly apply the law with no thought for its intent. Naturally I don't have much hope in this.

            Also I suspect a lot of cops are bored, and have a compulsive need to nick someone, anyone, relatively frequently else they start feeling inferior and powerless. Thus any excuse, any possible infraction, is overblown to compensate.

    2. Anonymous Coward
      Anonymous Coward

      Maximal possible transparency

      You don't mean you actually touch surfaces outside your home do you? And when you have to, you do wear gloves and wash your hands afterwards, yes? And you never touch your face outside the house? So as long as you're following basic hygiene practices and don't actually work in a covid ward, you're not very likely to catch the virus off a surface.

      Yesterday, Boris (all-hail) said plans must be set out with 'maximum possible transparency'. So I'd like to see as much as possible of the source published, not just of the app but also the server-side code. I'd like to see detailed design documents. I'd like to see server logs published. And I'd like a really clear detailed explanation of why a centralised solution is seen as 'better'.

      And then I'll read all the reviews by Ross Anderson and by all the DP3T designers to see whether they support the NHSX design. And then I'll decide whether to install the app or turn my phone off for the duration. Always assuming it is made available of f-droid, of course :) I don't have the google store installed.

      1. Jimmy2Cows Silver badge

        Re: really clear detailed explanation of why a centralised solution is seen as 'better'

        Would that be one of those "grown-up" discussions, driven by the science? The kind where some jumped-up public servant basically says "because we're smarter than you" and then refuses to discuss it further? The typical sort of transparency we've seen of late.

  9. scrubber

    Automation

    Can I give it access to my banking app so it can just automatically withdraw the fine whenever I'm out too long or near too many people or not moving fast enough to count as exercise or whatever else they have decided that was not against the law is now against the law.

    1. Phil O'Sophical Silver badge
      Coat

      Re: Automation

      Maybe there's scope for a micropayment solution here, everyone who is detected as breaking lockdown rules is fined an amount per day, which is then shared-out between all the people who stay at home? Might encourage people to install it, greed always trumps privacy!

      1. Persona Silver badge

        Re: Automation

        Sounds good to me. My phone stays at home when I go out so I don't see how I can lose with your scheme.

      2. Anonymous Coward
        Anonymous Coward

        Re: Automation

        Another incentive would be to put people who install it to the front of the queue for vaccinations, when they become available for the great unwashed...

        1. j.bourne

          Re: Automation

          "Another incentive would be to tell people who install it that they are at the front of the vaccination queue when one becomes available." FTFY.

          After all - it'd be more beneficial to vacinnate the people that are out and about rather than the ones that will sit quietly at home waiting for a vaccine....

        2. Anonymous Coward
          Anonymous Coward

          Re: Queue for Vaccinations

          Not everyone has a mobile phone. My 92 year old Mother does not have one. She lives in her own flat and goes out to do her shopping.

          I guess that under your scheme she would not get vaccinated and .... [you fill in the blanks]

        3. John Brown (no body) Silver badge
          Coat

          Re: Automation

          "the great unwashed..."

          And the Great Unwashed should be right at the very back of the queue for not following proper hygiene guidance!!!

          Coat ----> The floor length plastic mac with a hood and a gas mask in the pocket, thanks.

  10. Drat

    Stupid Decisions

    The most important thing is to get enough people to use the app such that the contact tracking works. Farting around with additional functionality that might subsequently reduce the number of installs is idiotic

    1. monty75

      Re: Stupid Decisions

      It’s got scope creep baked right in!

      1. EnviableOne Silver badge

        Re: Stupid Decisions

        the unique ability for civil servants to scope creep a contract so it never gets delivered will never cease to amaze me....

    2. TheMeerkat Bronze badge

      Re: Stupid Decisions

      Well, I have no plans to install it.

    3. Anonymous Coward
      Anonymous Coward

      Re: Stupid Decisions

      Emitting a farting sound when in proximity might be the only feature needed to make this work

  11. KitD

    Correction

    > As an alternative to all of this, the NHS proposes using a centralized approach, in which everyone's whereabouts and any other information is simply uploaded to a government-owned database and analyzed there.

    The NHS system doesn't upload your "whereabouts". They were going to use GPS but that was discounted pretty quickly. It uses a very similar system to the Apple/Google (actually D3PT) system, and, in its basic operation, it uploads only the random tokens to the central servers when you get ill. The difference is that searches by other handsets for matching tokens happens on the central servers, not on the handsets. The advanced operation, which is opt-in, also uploads other medical & PII data & (AIUI) location, when you get ill, which is where the privacy worries are.

    But the basic operation is really no less safe than normal smartphone operation.

    1. Richard 12 Silver badge

      Re: Correction

      If you have a list of timestamps of when a large number of handsets were near each other and a rough distance between them, you only need a tiny number of GPS position fixes on a handful of phones to determine the exact location (within a few metres) of everyone else.

      It's completely stupid, and exactly what I expected from the current crop of Big Brother control freaks in power.

      1. KitD

        Re: Correction

        Firstly, no one mentioned timestamps. You don't need them. Only the last 14 days worth of encountered tokens.

        Secondly, location & cell data is already happily donated free-of-charge to Google/Apple anyway. If the spooks were that minded, there are much easier ways of gathering it.

        1. ChipsforBreakfast

          Re: Correction

          Location and cell data alone is too coarse, especially indoors. It needs to be combined with a more fine-grained dataset to accurately identify gatherings & contacts.. hence Bluetooth.

          Add the two and you have a near-perfect surveillance system that can tell you who met who, where and for how long...a dictator's wet dream!

          1. Anonymous Coward
            Anonymous Coward

            Re: Correction

            ... wet dream for Google and Apple too. Legal way to spy on people on *everything*.

        2. Ben Tasker Silver badge

          Re: Correction

          > Secondly, location & cell data is already happily donated free-of-charge to Google/Apple anyway.

          That's pure whatabouterry.

          It's quite possible someone's willing to make the trade-off and let Google/Apple have this data because they trust them not to fuck up. It's just as possible that they don't trust the state not to fuck up.

          It's not just about deliberate mis-use, it's about competence and perceived motivations. Govt historically doesn't do too well in either of those categories.

          > If the spooks were that minded, there are much easier ways of gathering it.

          There are, but if you're involving a 3rd party (i.e. Google/Apple) there's a much higher chance of someone disclosing that you've been accessing it. That risk is greatly reduced if you own the database and the system feeding into it, particularly when people are expecting that system to feed back the information you need

          1. Ben Tasker Silver badge

            Re: Correction

            As a timely reminder of the kind of fuckery we're talking about incompetence wise, El Reg brings us Nine million logs of Brits' road journeys spill onto the internet from password-less number-plate camera dashboard.

            People are more willing to trust Google and Apple because they at least appear competent.

          2. Anonymous Coward
            Anonymous Coward

            Re: Correction

            "There are, but if you're involving a 3rd party (i.e. Google/Apple) there's a much higher chance of someone disclosing that you've been accessing it. "

            Corporation have trade secrets and that information definitely is one of those. You'll never get it. Even less that who they sold your information to.

            1. Ben Tasker Silver badge

              Re: Correction

              Because private secrets never get leaked?

              If spooks are hitting up a privately held database, it doesn't matter whether that private company considers it a secret, it's still more likely that information will leak than if the database is held by the spooks themselves.

              The only way for 3 people to keep a secret is if 2 of them are dead etc

        3. matt 83

          Re: Correction

          How can you keep "14 days worth of encountered tokens" without having timestamps associated with the tokens?

          How else would you know when the "token encounter" is more than 14 days old?

        4. Richard 12 Silver badge
          Facepalm

          Re: Correction

          "Last 14 days" requires timestamps, or you couldn't work out which were 15 days ago.

          Yes, in theory they could be cropped to 1-day precision.

          Prove that the timestamps are no tighter than 1 day precision, then prove that there is no way of creating more precision from the metadata, eg when data was sent to the server.

          Then prove that Priti Patel would never, ever decide to use the data for unexpected purposes, and further prove that she would be executed if anyone in her dept did so. Repeat for every minister.

          (She's on record as being in favour of capital punishment, so she should be ok with that.)

          Sorry, but this type of thing is simply unacceptable. It is very quickly near-real-time tracking of everyone.

          1. EnviableOne Silver badge

            Re: Correction

            if this is going to be used for contact tracing and case linkage, you're gonna need to have atleast 28 days of data to ensure the 14 days of history from an encounter with someone within the last 14 days, thats if you expect testing to be on the spot, currently we are looking at 48-72 hrs for a result after the terst, so your gonna need 31 days of encounters....

            pile this with the range of bluetooth and the number of bluetooth enabled devices in the avarage built up area (not under lockdown) and this is going to eat storage

        5. Brangdon

          Re: timestamps

          The Google/Apple scheme changes the token every 15 minutes. This means the app knows to within 15 minutes when an encounter with an exposed person happens. I expect the NHS scheme is the same. If not, and it only changes the token once a day, that makes tracking easier.

          1. Anonymous Coward
            Anonymous Coward

            Re: timestamps

            "The Google/Apple scheme changes the token every 15 minutes."

            Yes and when the token is stored permanently to Google/Apple servers, it doesn't mean a thing: Pure smokescreen. Storing an token with your 'advertiser-id' doesn't cost anything, basically.

            And it's definitely sellable item with connections to other tokens.

      2. Anonymous Coward
        Anonymous Coward

        Re: Correction

        Exactly, the spooks at GCHQ are already salivating at the prospect of having tens of billions of datapoints of metadata, contacts, signal strength estimates, GPS fixes, wifi beacons to correleate and build into a little map with 70 million blinking points all with names and phone numbers and hobbies and interests and contact-indications between dots and likely clusters of association. This is WHY it NEEDS to remain decentralised.

        1. EnviableOne Silver badge
          Black Helicopters

          Re: Correction

          i refer you to the bulk interception warrant granted under the security services exception to GCHQ previously.

          They already know where you are....

        2. Anonymous Coward
          Anonymous Coward

          Re: Correction

          You believe Google and Apple aren't already salivating after getting the same data *for free, to sell*?

          Why? Because they definitely are and "decentralising" *isn't helping an iota*.

    2. Anonymous Coward
      Anonymous Coward

      Re: Correction

      " They were going to use GPS but that was discounted pretty quickly. It uses a very similar system to the Apple/Google (actually D3PT) system, and, in its basic operation, it uploads only the random tokens to the central servers when you get ill. "

      Pure smokescreen as google/apple *will* upload GPS coordinates in real time anyway. Adding the tokens to the stream is totally trivial.

      So it's all about your health data also fed to Google, in real time. Regardless of what NHS is doing as Google spying happens under the hood, as Android service you can't stop or disable.

  12. Chris G Silver badge

    Taking back control

    See title.

    Is this just just another example of the UK wanting to steer it's own course?

    Alternatively, such an app with the additional information that people 'may' want to add later on, would be an 'added value' were the NHS to be sold off at a later date.

    I saw yesterday that Tony Bliar's so called think tank believes that in the face of this pandemic, forgoing privacy is a goid thing.

    But then he thought destroying entire countries instead of just their despotic leaders was a good thing too.

    1. Pascal Monett Silver badge

      Re: Is this just just another example of the UK wanting to steer it's own course?

      Don't think so. It is, however, another brilliant example of the UK doing the reverse of the EU. Last week, Germany decided for the decentralized approach, so obviously this week, the UK goes for the centralized approach.

      Duh.

      Now, the fact that the UK wants its own app has nothing to do with that and everything to do with ensuring that the snouts in the trough are proper British snouts, not icky, virus-infected furriners.

      1. Persona Silver badge

        Re: Is this just just another example of the UK wanting to steer it's own course?

        another brilliant example of the UK doing the reverse of the EU

        I think there is good reason for different countries to follow different paths. The situation in Italy is very different from the situation in Germany.

        1. Dr Dan Holdsworth
          Boffin

          Re: Is this just just another example of the UK wanting to steer it's own course?

          No, the situation is not different at all. In both countries you have an infectious virus that spreads through close contact with infected individuals, and the infected individuals can spread virus before clinical symptoms of disease.

          The circumstances of transmission are identical.

          Therefore, the contact-tracing system needs to be very similar as well.

    2. Barrie Shepherd

      Re: Taking back control

      "I saw yesterday that Tony Bliar's so called think tank believes that in the face of this pandemic, forgoing privacy is a goid thing."

      That is a very good reason for thinking it's a BAD thing!

  13. Anonymous Coward
    Anonymous Coward

    > “The data will only ever be used for NHS care, management, evaluation and research,” the blog post stated

    Oh, a blog post on the internet said it? Then it must be 100% correct and legally binding!

    1. Hugo Rune
      Pirate

      Just like the IWF list that is now used for the Pirate Bay et al.

    2. EnviableOne Silver badge

      but i joined the National data opt-out, so they can't use my data for research (yet another field added to the big database in the AWS CLOUD)

  14. Anonymous Coward
    Anonymous Coward

    I wonder if they have considered data poisoning countermeasures - for instance if a device were to in parallel also harvest the bluetooth identifiers it sees and randomly announce a few of them at the same time it sees a new one, the data gathered by any such app would be inaccurate, and useless if done en-masse.

  15. Tony W

    "Details" are irrelevant

    Most people who object to this would also object to anything with Google or Amazon's name on it.

    The rest of responsible people will sigh and install. Those worried will think, we can uninstall when it's all over.

    Hopefully there will be enough non-compliers that non-compliance will not automatically mark individuals as supsicious, even when combined with other data. The many who are not completely following the lockdown rules will be in no hurry to install.

    1. ibmalone Silver badge

      Re: "Details" are irrelevant

      Or sigh and install it in the full knowledge that they'll find some way to make it permanent later (or "voluntary" but essential for everyday life in some way) and that as an individual whether you choose to install it not or not will make very little difference either to the course of the pandemic or the gradual erosion of freedom.

    2. MattWPBS

      Re: "Details" are irrelevant

      No, I'll happily install one using the Google/Apple API, but I have doubts about the NHSX app. It's partly that I trust Google and Apple keeping an eye on each other, it's partly that they've designed it to avoid a centralised data store that can be abused, it's partly that I don't have enough faith in the British government to swiftly build a tool containing this much personal information in one place, without screwing up somewhere along the line and accidentally exposing it.

      More worried about cock up than conspiracy.

      1. Yet Another Anonymous coward Silver badge

        Re: "Details" are irrelevant

        >It's partly that I trust Google and Apple keeping an eye on each other

        It's mostly that the Eu will crucify Apple and Google if they cheat and use this to steal people's data.

        As in all their assets in Europe confiscated, all their Eu executives being led out in handcuffs

        If the UK government choose to cheat and use it to track people - they will pass a law exempting themselves and it will be a small story in Private-eye

      2. mmccul

        Re: "Details" are irrelevant

        They don't need to steal data to monetize this. They've built a way of recording who spends time at a booth or in a particular section of a store. Then they can send those people targeted advertisements, "oh, we don't actually record this location data, your phone just calculated that it was near this advert system, and thus pulled the relevant advertisements".

        Why does the message have to be just "you may have been exposed to COVID-19" instead of "buy our product"?

      3. Anonymous Coward
        Anonymous Coward

        Re: "Details" are irrelevant

        ". It's partly that I trust Google and Apple keeping an eye on each other,"

        Only in US framework of operation. Meaning it's totally legal to collect *anything* from your phone and sell it to anyone.

        Both hate privacy as much as a corporation can hate. Up to bribing Congress to abolish it.

  16. John Robson Silver badge

    What’s the point when they’re not testing people...

    No way that’s going on my phone.

    Get widespread testing sorted and I’ll think about the EU one.

  17. FeepingCreature

    All these things they say they need centralization for

    Customized messages, additional data reporting: all of that can be done just as well using the decentralized model, by having the app store the information on the phone and report it when it finds a contact.

    The only thing centralization helps with is doing analysis without a match and without asking the users.

    1. Anonymous Coward
      Anonymous Coward

      Re: All these things they say they need centralization for

      "The only thing centralization helps with is doing analysis without a match and without asking the users."

      Correct. And that's why Apple and Google install an OS update which does collecting for you. API is just for the *user interface* of said collecting. You can bet there's no option to stop it.

  18. Anonymous Coward
    Anonymous Coward

    Seems sensible to me

    I don't see anything daft about keeping the data under UK control. At least the UK legal system has some control on it.

    I trust Apple and Google and their US TLAs much less

    The Australian version has been closely inspected and it allows their government to determine in about 2 hours if you disabled the tracking.

    1. Doctor Syntax Silver badge

      Re: Seems sensible to me

      "I don't see anything daft about keeping the data under UK control. At least the UK legal system has some control on it."

      The UK legal system has bugger all control over HMG's abuse of data. The only legal system that had any hope of such control was the EU's. Why do you think the ERG tendency now running HMG wanted to take back control? You didn't really think it was you who would be getting control did you?

  19. BigAndos

    I don't totally trust google or apple but I suspect their solution is at least more likely to work than an NHS totally home grown solution. NHS doesn't have the best track record with IT projects.

    1. Anonymous Coward
      Anonymous Coward

      It'll be the Crapita-19 app.

      1. Doctor Syntax Silver badge

        More likely the Crapita >=21 app.

      2. Barrie Shepherd

        "It'll be the Crapita-19 app."

        It'll be the Crapita£-£19£ app.

        Fixed it.

        1. Anonymous Coward
          Anonymous Coward

          For years I got letters from a GP in a town I moved away from, about the assisted fertility program for somebody with the same surname and initial as me.

          I tried to contact them to stop, but the secretary at the GP said that doctors "didn't do data protection act".

  20. Anonymous Coward
    Anonymous Coward

    Lots of little beacons.

    Regardless of what the official apps do, if I were a huge data hungry organisation with apps installed on billions of phones worldwide, I'd be working on getting my app to also harvest this beacon data too.

  21. mr.goose

    I wonder if Mr Cummings had any input with regard to the system that was chosen?

    1. Phil O'Sophical Silver badge
      Coat

      So it can measure cummings and goings?

      1. mr.goose

        lol. Quite so. Many a true word, and all that... :-)

      2. Anonymous Coward
        Anonymous Coward

        Jennifer Arcuri has an app for that.

        1. Anonymous Coward
          Anonymous Coward

          calculator?

      3. Barrie Shepherd

        "So it can measure cummings and goings?"

        Mainly to the massage parlour I'd suspect!

    2. Flatlander

      Marc Warner associate of Dominic Cummings and brother of Ben Warner.

    3. Lotaresco Silver badge

      "I wonder if Mr Cummings had any input with regard to the system that was chosen?"

      I don't know why you got downvoted. It's clear that Cummings and Ben Warner are involved via SAGE. Warner used to be the commercial principal for Faculty which, surprise, surprise has now been given an NHSX contract as has the US company Palantir. Both companies were involved in Cummings' data gathering to push Brexit through via social media.

      Details here

      It's also noteworthy from that article that Deliveroo and Uber were falling over themselves to blab details of their trips to the database. So even if you don't have a smartphone there are other ways of tracking your movements and contacts. I'm halfway expecting to hear of someone having their front door kicked in because they live alone but ordered two pizzas.

  22. monty75

    "To declare yourself infected, you need to enter a special code from a healthcare provider after testing positive"

    So it solves the trolling problem but introduces a bottleneck around the testing capacity which is part of the problem it's supposed to solve. What about the large number of people who contract the disease but have relatively mild symptoms requiring some bed rest and recouperation? Are we expecting everyone who has a bit of a cough to make their way to a testing centre "just in case"?

    1. ThatOne Silver badge

      > Are we expecting everyone who has a bit of a cough to make their way to a testing centre

      Well, what would be the alternative? Everyone who feels under the weather claims a Covid-19 infection? That would be extremely counterproductive.

      But I agree it all depends on testing, testing a lot and testing often. Ideally people marked infectious would had been tested so, and everybody they met according to the app would go to get tested too.

      That's literally millions of additional tests, tests the system can't and won't handle. Which is the reason this app thing will never be anything more than a fig leaf, it assumes an ideal situation which simply doesn't exist. In reality it will be solely based on assumptions, presumptions (and other -sumptions) and as trustworthy as reading tea leaves.

      1. Anonymous Coward
        Anonymous Coward

        "But I agree it all depends on testing, testing a lot and testing often."

        Yes. And that is not going to happen. Just because there aren't enough tests and *all* current tests are faulty as hell: 30% false negatives is basically worthless.

        Which means whole idea of application spying on you is rendered invalid. Of course both Google and Apple knows this, they are only interested of *all the data* they can now legally collect.

        Tokens, wifis and bluetooths nearby, everything. Mapped to your advertiser-id, of course: Truly anonymous data is worthless to both.

    2. John Brown (no body) Silver badge

      "Are we expecting everyone who has a bit of a cough to make their way to a testing centre "just in case"?"

      That's one of the reasons for ramping up the home testing kits. Whether that will ramp up quickly enough to be useful is another kettle of fish. If you think you have symptoms, you request a home test swab kit and send it off, meanwhile isolating while you await the results. As of now, 7 hours after you posted, testing has been made available to those over 65 and those who are working but can't do so at home (and their household). Although again, i emphasise, home test kits are currently in low supply and may or may not ramp up quickly enough, but anyone covered by the new rules and feels fit enough to drive can try to book a drive-through test too. (and again, that could be problematic)

      1. ThatOne Silver badge
        Devil

        > testing has been made available

        Really available or politically available?...

        I mean, can people really get tested if they need to, or is it one of these ongoing "we have everything under control, don't worry your pretty little heads about it" statements, meant to placate the great unwashed for a short while?

        1. John Brown (no body) Silver badge

          Well, I did pepper my post with caveats :-)

          Having said that, testing, testing and more testing seems to be pretty much the world-wise agreed method to getting past this, so yes, they will be really available, eventually (note that caveat :-))

    3. EnviableOne Silver badge

      We are expecting everypme to get tested who might posibly have it.

      in order for the whole system to work, people need to be tested, even if they dont think they have it, and tested more than once, seeing as the current test only tells you if you had it at the point of testing.

      the testing regieme needs to be geared up substantially, and the issuing of a declaration token with a result is trivial.

  23. Anonymous Coward
    Anonymous Coward

    Google/Apple's solution stops just before the line where things become "creepy". The centralised NHS version barges right past that line.

    I won't be installing this unless they make it a legal requirement.

    1. ChipsforBreakfast

      I won't be installing it even IF they make it a legal requirement. The phone will go in the bin first.

      1. Anonymous Coward
        Anonymous Coward

        newer Nokia Androids have removable battery

        for around £80, you can remove the battery when needed, that's also not currently a crime

        https://www.amazon.co.uk/Nokia-5-71-Inch-Android-Sim-Free-Smartphone/dp/B08519M1PT/

        maybe other better deals available, this just first thing I found

  24. Anonymous Coward
    Anonymous Coward

    Promises to Project Privacy

    Quote: "....those in charge think it will work better....."

    *

    1. Where is there mention of INDEPENDENT testing to ensure that the app actually guarantees anonymity? The app could be scooping up things as simple as the phone number! The app could be "phoning home" some or all of the time! How do we actually know what the app is doing?

    2. "better" for which constituency? The people carrying the smartphones.....or someone else, say, based in Cheltenham?

    3. And about those "promises to protect privacy" --- how are those promises ever validated? By whom?

  25. ChipsforBreakfast

    Not on my phone

    Sorry, but no. I do not trust our government with this level of access to my personal movements. I also see very few advantages and lots of potential disadvantages to this for the end user. Remember this is the same government that lied through it's teeth about PPE supplies, actively broke the law regarding data retention and continues to sidestep privacy regulations at every possible opportunity.

    How long do you think before the back-end data is processed to determine who's phone is seeing the most bluetooth signals regularly and the cops sent to 'remind' them about social distancing? I give it a month, perhaps two and of course it'll all be for our own good.

    Central control of alerts also raises another, more sinister spectre. What if the number of alerts being sent were controlled to suit a political agenda. Too much spread this week week making the govt. look bad.. let's just stop sending alerts for a few days. Need to scare a few more people this week.. let's send a batch of alerts out for no good reason.

    'Personalised messaging' is pure nonsense and nothing but a smokescreen to deflect criticism. It'll never happen in any meaningful form and it's perfectly possible to design such a system without the need to store data centrally anyway.

    It's an odd world indeed when two of the world's worst invaders of privacy are a better option than those who's job it is to protect it!

    1. genghis_uk Bronze badge

      Re: Not on my phone

      This app will go on my phone when they remove it from my cold, dead fingers!

      People are comparing the NHS (read UK.Gov) app with Google / Apple but there are fundamental differences in their abuses of privacy.

      Google/Apple are corporations - they want to use your private data to make money through adverts etc. Hardly laudable but understandable and if they can send targetted ads based on something they manage to trawl from contact tracing, well, I can ignore those along with all of the other crap they send me.

      UK.Gov having a database of loosely anonymised data is a completely different story. This month it is to ensure our 'safety'. Next month they add our NHS records (no more anonymity), the month after, as has been mooted, the police are using the data to enforce lockdown, shortly after that DWP are stopping your benefits as they determine that you were not looking for a job hard enough. Next you are pulled in under caution because your data shows you were in the same places as a suspected criminal and you have to provide proof of your activity... Welcome to Britain 2021... Only slightly tin-foil hat but not too much of a stretch. 20minutes into the future.

      It could be that quick - assuming they don't completely screw up the implementation... oh, actually, nothing to worry about because they WILL screw up the implementation!

      1. Anonymous Coward
        Anonymous Coward

        Re: Not on my phone

        "Google/Apple are corporations - they want to use your private data to make money through adverts etc. Hardly laudable but understandable and if they can send targetted ads based on something they manage to trawl from contact tracing, well, I can ignore those along with all of the other crap they send me."

        Semi-false. Corporations in USA has to share everything with NSA and NSA shares a lot of data with UK intelligence/Police.

        So from state snooping point of view it doesn't really matter if it's NHS or Google spying on you: Authorities *will* get anything they want. With Google the route is just one step longer.

        *And* you get spammed to death.

    2. jelabarre59 Silver badge

      Re: Not on my phone

      How long do you think before the back-end data is processed to determine who's phone is seeing the most bluetooth signals regularly and the cops sent to 'remind' them about social distancing? I give it a month, perhaps two and of course it'll all be for our own good.

      And how do they differentiate your Phone bluetooth from every other sort of bluetooth? So in your household you each have a phone, a tablet, a laptop (and even newer desktops), and in the house are two or three gaming consoles, a couple of media streaming devices, etc. All these have their bluetooth signatures, and perhaps the corresponding controllers, bluetooth headsets etc get counted here too. Suddenly there's a crowd of 25-30 "people" reported in your house.

  26. gnasher729 Silver badge

    It's not about privacy and gathering everyone's data really.

    I think the real explanation is that whoever came up with the NHS's solution is now totally butt hurt that all the hard work they have done can instead be done with about a dozen API functions. Apple's API is so simple, I could put an iOS app together in two weeks time (unfortunately Apple has said that they will only accept apps from official health services). And I have colleagues who could built an Android app in the same time frame.

    I bet someone has to justify a multi million pound bill to the NHS, and that's the real problem.

    1. Anonymous Coward
      Anonymous Coward

      "Apple's API is so simple, I could put an iOS app together in two weeks time "

      When you do all the work in the OS, API needed to ask the results from OS is totally trivial. Also, when OS does the spying, you can't stop it any way.

      Very handy for data slurping companies like Google and Apple, isn't it?

  27. ArchieTheAlbatross
    FAIL

    Fear not people...

    The Apple/Google hybrid (now there is a terrifying thought), is not being adopted in the UK because of the very high Not Invented Here factor, a major reason for non-adoption by any British government.

    Also the proposed NHS app will, like any other government sponsored IT project, have to be passed through the civil service Department of Fucking Things Up, who will hand development responsibility to one of the usual suspects, thus ensuring the app will land sometime in 2022, if at all, and over-run it's budget by at least three times.

    Relax!

    1. EnviableOne Silver badge

      Re: Fear not people...

      Relax App Hancock is in charge, it wont work

      1. Yet Another Anonymous coward Silver badge

        Re: Fear not people...

        They put Chris Grayling in charge and the app actually gives you the virus.

    2. Lotaresco Silver badge

      Re: Fear not people...

      "The Apple/Google hybrid (now there is a terrifying thought), is not being adopted in the UK because of the very high Not Invented Here factor, a major reason for non-adoption by any British government."

      The primary reason for turning down the Apple/Google app is that it has a high level of independently verified privacy. It doesn't use a central database. Data is stored only on the phone and that is in the form of unique tokens. There's no central register of tokens and each phone creates a new, different token for every phone it interacts with. Even if you had access to all of the tokens on all of the phones with the app you could not trace the movements of an individual easily.

      The secondary, but very important, reason is that the Tory party won't be getting funding from Apple or Google. By handing the contracts to friends, relatives and past collaborators the government ensures that the cash goes to an organisation that has either made donations to the party in the past or that will make donations in the future. See also Dyson.

  28. Klimt's Beast Would

    Here in Belgium...

    There's no mention of going down the app route (yet). So keep an eye out on how we do.

    This brings up another question though, what happens when (if) we travel?

    Will you have to prove you have downloaded the national (EU?) app before you are allowed in (and vice-versa)?

    Lots of stuff not being said.

    (Am surprised that clingfilm is still in stock....;) )

    1. David Shaw

      Re: Here in Belgium...

      Hello Belgium, typing from Italy here, we can't yet see any travel, there are few planes, zero hotels

      lockdown is being relaxed week by week starting next week, but the best offer is a travel within the same region (in my case Lombardy), and only occasionally to the neighbouring region (eg Piedmont) - if we go to Piedmont (which I can see from my window) then I will need all the certificates to travel, something to convince the military police (carabinieri), flying squad (pol-strada), police (polizia), local police (polizia locali, urbani, regionali, communale), tax-police (guardia di finanza) and forest police (really), any whom of which might demand WHY you are outside the home region?

      I suppose as Italy has double the number of police-type officials than the UK, I can see why UK might be going for invasive digital technologies, UK plod don't do road-blocks, rather a lot of reliance on bulk-personal-datasets with fuzzy boundaries, rather overshared in teh past.

      Italian beaches are getting ready to open, in Marche, Liguria etc - but it might just be for local consumption (from that actual region) law isn't yet clear, but might need 14 days iolation/quarantine after travel, there was a mention that any post-holiday isolation would be taken from annual holidays, and not paid otherwise.

      back to Apple, has anyone else noticed how iOS devices are continuing to broadcast a Wi-Fi sharing hotspot from a fruity device with a SIM, even if said hotspot is turned OFF in Mobile Data, and OFF in Family Sharing. it is able to be turned ON, remotely, by any other apple device or Desktop that has same Apple ID... sounds like it is OFF in the same way that 'hiding' an SSID in Wi-Fi has little effect upon security.

      at least their ultra-wide-band beacon in the newer iPhones is probably off, maybe

      1. Doctor Syntax Silver badge

        Re: Here in Belgium...

        "UK plod don't do road-blocks"

        I've not been far enough away to check on that for myself but I do read reports of people being stopped on the motorway (they also say it helps them spot county lines dealers) and using drones.

        1. John Brown (no body) Silver badge

          Re: Here in Belgium...

          Yes, not road blocks as such, but I did see on the local news at the start of the lock down, Police in York city centre waving down cars and checking on them. I was especially aware of that because that first week I was still working and had to pass through Nth Yorks. There did seem to be more Police out and about, but I didn't see anyone being pulled over on a 300 mile round trip

          1. Yet Another Anonymous coward Silver badge

            Re: Here in Belgium...

            >"UK plod don't do road-blocks"

            Only for extreme threats - like striking miners

      2. Lotaresco Silver badge

        Re: Here in Belgium...

        "something to convince the military police (carabinieri), flying squad (pol-strada), police (polizia), local police (polizia locali, urbani, regionali, communale), tax-police (guardia di finanza) and forest police (really), any whom of which might demand WHY you are outside the home region?"

        As a fellow Italo-Brit I have to say that you forgot the polizia penitenziaria, the polizia postale and the vigili urbani. No doubt there are many others.

        Due to an unfortunate decision to return to the UK to cope with family matters I'm now stuck in the septic isle unable to drive home. I'm getting to the point where I'm tempted to issue a certificate from my own company declaring that I'm a courier, complete the paperwork for France and Italy and drive home delivering essential agricultural supplies.

  29. Anonymous Coward
    Anonymous Coward

    Then they have the same problem as France

    Apple doesn't seem all that willing to change restrictions on apps running with bluetooth in the background except for what their contact tracing API allows.

    1. gnasher729 Silver badge

      Re: Then they have the same problem as France

      What I hope Apple will do: They will accept the NHS / GCHQ app for review, like any other app. Reportedly GCHQ has helped getting around some of the restrictions created by Apple to ensure end user's privacy. Apple will hand the app straight to its developers to analyse how this is done, and all their hacks won't work on the next iOS release anymore.

  30. batfink Silver badge

    How does this work with public transport then?

    So, if perchance I were to take the nice jam-packed public transport system to my place of work, I would be in Bluetooth range of everybody in my carriage, plus perhaps some of the neighbouring one, depending on where I stood (sat? hah!). When I debark said carriage, I would then wander through the passageways towards the exit in company of hundreds of other people. All the other commuters would have the same experience. So, even a very small number of infected people on this train is going to trigger proximity alerts for a hell of a lot of others.

    I'd guess that there will be a timer on this, so merely passing an infected person will not trigger an alert?? Even so, the average commute will probably be longer.than the timer.

    Looks like it's going to be a bugger of a walk from now on.

    1. Doctor Syntax Silver badge

      Re: How does this work with public transport then?

      You still have the same risk whether you're alerted or not. Your real problem in such a situation is getting false alerts but at putting yourself at a higher risk.

    2. John Brown (no body) Silver badge

      Re: How does this work with public transport then?

      The public transport isn't going to be crowded. The app isn't going to banish the social distancing guidelines. Bluetooth does about 10 metres in good circumstances, the latest more like a max of about 60 metres, but the latest BT that can get that far also has the ability to switch into low power mode, reducing range, and estimating distance from signal strength.

      None of that is going to work well at judging a 2m/6' social distance gap, but it's better than not being able to travel at all.

      1. Anonymous Coward
        Anonymous Coward

        Re: How does this work with public transport then?

        "The public transport isn't going to be crowded."

        Where did you get that idea? Here in North they already cut 2/3 of buses 'because there's not so many people' and the remaining 1/3 is literally packed full. Like not even inches free space.

        Only poor people use those because it's obvious every bus is contaminated by now.

  31. madman2

    All Your Base Belong Us

    Given who appears to be involved I'd say it was way more suspect than Vote Leave and Cambridge Analytica.

    https://twitter.com/carolecadwalla/status/1254895075953389571?s=20

  32. Doctor Syntax Silver badge

    "If we make any changes to how the app works over time, we will explain in plain English why those changes were made and what they mean for you."

    "We've changed how the app works to share all the data already collected with anybody in govt, local govt and those who want to buy it. What it means to you is that all the data has been shared; you can delete it from our servers if you want to but it's too late. We said we'd tell you about changes, that's what we're doing now."

    1. Yet Another Anonymous coward Silver badge

      List of personnel cleared for access to NHS location data:

      You and me, Darling, obviously. Field Marshal Haig, Field Marshal Haig's wife, all Field Marshal Haig's wife's friends, their families, their families' servants, their families' servants' tennis partners, and some chap I bumped into the mess the other day called Bernard."

  33. Doctor Syntax Silver badge

    Of course Hancock wants his own version of an app. He even had his own personal app and we can all remember how well that stood up to scrutiny.

  34. hairydog

    Fingerprints

    If you want an example of how ridiculous an idea can get accepted, look at fingerprint retention.

    If your prints are recorded by the police but you were not guilty of the crime being investigated, the EU forced the UK to bring in a system that deletes the record after a time. How long that time is depends on how serious the offence was.

    So we have a situation where if you didn't commit a minor crime, your prints are deleted faster than if you didn't commit a more serious crime.

    This makes perfect sense only to anyone who doesn't understand the meaning of the word "didn't", but it seems to have been generally accepted.

    So what will be accepted for misuse of this data at a later date?

    1. Doctor Syntax Silver badge

      Re: Fingerprints

      "your prints are deleted"

      Are you sure? I thought this was one of those things, along with DNA record deletion, that was just too difficult and continues to be just too difficult however often they get rapped over the knuckles for it.

      1. Yet Another Anonymous coward Silver badge

        Re: Fingerprints

        No you could request your records be deleted and the Police must comply unless they have a reason not to - such as they don't feel like it.

        IIRC they were allowed to keep your records if you were a "person of interest", requesting that your records be deleted was cause for suspicion and made you a "person of interest"

        .

  35. Anonymous Coward
    Anonymous Coward

    It's not just a matter of trusting their ethics...

    Just today, El Reg reported on a Sheffield ANPR database being exposed with no password on the internet (WTF is it doing on the internet anyway?)

    This data will likely be leaked, or, if someone deems it valuable enough, it will be hacked.

    1. Doctor Syntax Silver badge

      Re: It's not just a matter of trusting their ethics...

      "WTF is it doing on the internet anyway?"

      But it's not on the internet, it's just in the cloud. What? Do you mean the cloud's on the internet? Nobody told us that before.

  36. Anonymous Coward
    Anonymous Coward

    Is this how freedom dies?

    I can't install the app because my freedom, the freedom of my friends and family, my future family and that of all of society is too precious to throw away. This is just the thin end of the wedge.

    https://www.youtube.com/watch?v=AWDNArKWfns

  37. Anonymous Coward
    Anonymous Coward

    NHSX: A department invented out of nowhere last year, with no budget, experience, competence, expertise or data, headed by an ex-FCO spook/wonk.

    Faculty AI: A company re-invented last year and given, on a non-competitive basis, a huge "data science" contract with NHSX, whose founder just happens to be the brother of Dominic Cummings's pet astrophysicist.

    Palantir: Need absolutely no introduction.

    These are the three organisations behind this app. Do yourselves all a favour and stay as far the fuck away from it as you can.

  38. ColinPa

    if I was malicious....

    There are always people who want "have fun" either maliciously, or because it is a challenge.

    If I wanted to be subversive how easy would it be for me to produce false data?

    Do we need to factor this in to the high level requirements and design of the end to end solution, and see how this drives the implementation?

    Could I have a phone outside a supermarket capturing data of people walking past, and then broadcast "I have the lurgy", and sit back and watch?

  39. Anonymous Coward
    Anonymous Coward

    I won't be installing this

    Palantir will be processing the data (https://www.bbc.co.uk/news/live/uk-scotland-52353589?pinned_post_locator=urn:asset:2efdda90-8497-4d8a-abc9-4de529515097).

    But it's OK, they will only process it and totally won't pass it on to their CIA backers. Absolutely not. How very dare you suggest such a thing!

  40. GraemeMRoss

    NHS Track Record in IT Projects

    Off course the track record for NHS IT projects fills me with complete confidence that this app (and the server infrastructure) will be delivered in a very timely (and within budget) timescale.

    Going by the past track record it should be available by September (2030) with only a small 500 million cost overrun...

    One other thing... everyone has been very careful to say "the NHS as developing...." do they really mean that or should they be saying "the Government is developing... (and will be controlling)".

    Two very different things.

  41. Anonymous Coward
    Anonymous Coward

    is it just me

    Or does this whole thing (both the apps themselves and the arguments about the apps) feel like a combination of politicians creating a distraction from real problems and tech companies desperate for good PR claiming their technology can be used for something actually beneficial to society (like Elon with his silly submarine).

  42. steviebuk Silver badge

    Watching from the bunker

    "Your privacy is crucial to the NHS, and so while these are unusual times, we are acutely aware of our obligations to you."

    Until we decide we need someone else to manage it because its too expensive so we'll outsource it to Crapita who'll eventually leak the whole fucking database to the world. And then we'll hear "Your data security is important to us. Lessons have been learned." The lessons a low down member of the team had been warning us about for months and we constantly told them "Be a yes person and shut up or fuck off".

    This was always the issue when I was in the NHS, the management.

    Lbry are doing well with their decentralised YouTube alternative, so why don't they do the same with this app?

    How long before they piss away millions on it only to scrap it for a decentralised version.

    1. Doctor Syntax Silver badge

      Re: Watching from the bunker

      "while these are unusual times, we are acutely aware of our obligations to you."

      If they're aware of their obligations these are indeed unusual times.

      No, silly me. They always were aware, they just didn't feel inclined to follow them.

    2. Ken Hagan Gold badge

      Re: Watching from the bunker

      It sounds like pissing a few million into the pockets of a few friends is the most likely explanation for this decision. The good news is that as soon as the contracts are signed the money is as good as pissed, so HMG can then rethink and go for the free solution like everyone else.

      1. Anonymous Coward
        Anonymous Coward

        Re: Watching from the bunker

        "and go for the free solution like everyone else."

        it's definitely not free. Anyone who uses it literally sells their privacy to Google/Apple. And then they sell everything they can find to anyone who has money.

        Only a fool believes it's free even if it wasn't money you paid it with.

  43. steviebuk Silver badge

    Later

    WHEN there's a breach we'll find out the database was never encrypted or, more likely, the Bluetooth data won't be encrypted and easily intercepted and manipulated.

    I never have my Bluetooth on. Only recently got Bluetooth headphones so only put it on when cooking and turn it off when done as it uses up the battery.

  44. heyrick Silver badge

    We will always comply with the law around the use of your data

    What, like the police?

    The potential for mission creep is off the scale. Walk on by...

  45. Gavin Park Weir

    Both

    Given the resources to create the app, processes, roll out, response etc are small in comparison to the national cost of extending current restrictions, why not develop both in parallel? There will be lots of parts of the process that are common: internation with testing and health teams, messaging reporting etc.

  46. j.bourne

    Why are we even bothering to discuss?

    Given the state of the last several large scale NHS IT projects - Why even debate this? Base on past experience it's unlikely that anything will come of it. Even if something does - the app will probably only work on one specific version of android or Apple (not both) - and crash at regular intervals - fail to upload complete logs to the servers or notify the wrong people to self-isolate. and It won't be able to do that for at least 2 years.

    1. gnasher729 Silver badge

      Re: Why are we even bothering to discuss?

      Please not that an app using the Apple / Google API will automatically be compatible with all other apps that do so. So if travelling is allowed again, people using _any_ app using the Apple / Google API will automatically have the same protection when they travel to a foreign country, but not if one of the two phones involved uses the NHS app.

      Especially important when tourist travel is working again.

  47. pastim

    On my android mobile the Bluetooth MAC it is different every time I reboot the phone, and wifi and mobile data are usually off. So how do they associate that 'ID' with me?

    1. Anonymous Coward
      Anonymous Coward

      "So how do they associate that 'ID' with me?"

      Phone number, IMEI, any personal data in the phone combined and eventually those lead to Google advertiser ID. Or Apple ID.

      Totally trivial.

  48. Mike 137 Silver badge

    Choices

    I'm not particularly partisan about who tries to snoop on me. Google or government - it's all one really, particularly as governments increasingly embrace the corporations as service providers.

    Apart from which, if you don't have a smart phone you're obviously a non-person. This is just one more example of similar assumptions, including dissemination of government pronouncements on Twitter. "Everyone" (everyone who counts at all that is) is by definition an up to the minute techno-freaking social networker. If you aren't for whatever reason (and there are some damned good reasons) you're an outcast in the eyes of the powers that have forgotten they're there to serve us all.

  49. Spicer

    All of a sudden Huawei phones became more appealing !

  50. Gonzo wizard Bronze badge
    FAIL

    No thanks

    I've seen who's running it. The brother of Ben Warner, who in turn is a friend of Dominic Cummings. No tender process. £250m. Nice work if you can get it. Nice data set too. Shame about the privacy. I won't use it. Would happily use the Google/Apple solution because they've build a system with privacy at its heart, not the mass collection of individual real-time fine grained location data.

    I wonder what the cost of adopting the Google/Apple solution would have been? I wonder if Ben's brother has the ability to turn around a solution and test it on the myriad of handsets that exist. I wonder what will happen if the solution isn't delivered or, worse still, doesn't work?

    1. gnasher729 Silver badge

      Re: No thanks

      Gonzo: I've seen the Apple version of the API. Creating an app with that takes a good developer a few weeks at most. The cost of running it is basically zero, because Apple and Google pay for it.

      1. Anonymous Coward
        Anonymous Coward

        Re: No thanks

        "The cost of running it is basically zero, because Apple and Google pay for it."

        No they aren't. *You* pay it as loss of privacy and Apple/Google *earn billions* by selling that private data to anyone who has money.

        No such thing as 'free' in this game.

    2. Phil Endecott Silver badge

      Re: No thanks

      Are you serious about the 1/4 billion £ bit?

      That’s shocking if true.

    3. Anonymous Coward
      Anonymous Coward

      Re: No thanks

      "Would happily use the Google/Apple solution because they've build a system with privacy at its heart, not the mass collection of individual real-time fine grained location data."

      What? Both actively *hate* privacy and neither will *ever* have any privacy at all.

      Baking it into OS is exactly and literally "mass collection of individual real-time fine grained location data".

      To be sold and distributed to authorities at will, of course.

  51. Roger B

    I'd read the other week that NHSX were teaming up with Palantir to create the app and no one seemed to bat an eyelid, insane, but yet another day when I'm glad I don't own a mobile phone.

  52. Pat 11

    what evidence it would even work?

    Sure, is a privacy nightmare, but there seems to be Ann assumption that it will work. Would it? Won't it be so full of errors (which will multiply) that is not worth doing?

  53. Horizontal
    Facepalm

    Another Gov/NHS IT disaster...

    ... On the horizon.

    Given that both the NHS and government have a history of expensive IT f@#£-ups, i can only see one outcome of this covid-19 tracking app...

    ... It'll still be in development in 10years time and over budget by £bn's. ;-)

  54. NIck Hunn

    Why did they take this approach?

    It's the baked-in Government approach which killed the NHS patient data scheme and almost every other Government IT project / disaster, which is to impose central control. For more on that, read Richard Bacon and Christopher Hope's book "Conundrum - Why every Government gets things wrong."

    What’s worse, is that it seems to be being designed by monkeys. When I spoke to some of the developers a few weeks ago, they weren’t aware of the fact that Bluetooth LE has been designed to be untraceable. So spurning the knowledge of a small group of experts within Apple and Google and the Bluetooth community who actually know how BLE works in phones does not appear to be a great design decision.

  55. NIck Hunn

    Why it won't work

    As others have pointed out, it's not going to work. Take the example of going to work in London after lockdown is eased. Bluetooth just loves propagating in metal boxes like the tube, escalators and buses, so you can expect 50 - 100 contacts to be logged on your trips in and out of work each day. If you've just caught Covid, you'll do that daily trip five times during the infectious, presymptomatic stage, which means 500 or more people will have you logged on their phone. On day six, when you self-isolate and get yourself tested, they’ll all get a message telling them to self-isolate and get a test.

    With a working population of 6 million in London, we’ll see more than one new infection each day. If the infection rate is 0.01%, which is optimistically low, then that’s 600 infected people going to work, meaning 300,000 people with the tracing app will be told to self-isolate on day 6, or whenever the test results come through.

    This is very Noddy maths. There will be quite a number of repeat contacts, as most people do the same journey each day, but that will be balanced by the new infections that join the spreading team on days 2,3,4,5, etc. However, it’s a good enough finger in the air check to alert you to the fact that we would need around a quarter of a million home-administered tests EVERY DAY. Otherwise, those 300,000 people sent home will be sitting around at home for three or four days to get their test results. Only a few hundred are likely to be infected, but if it takes four days for them to be cleared, the app will have locked down a quarter of London’s workforce.

    It gets worse. Once they have the all clear and get back to work, it’s probably only going to be a few days before one of their new contacts is tested positive and they’re sent home again. After a couple of cycles of that, I can’t see users continuing to use the app.

    Tracing and isolating is really important, but it starts with having massive home-testing available. A tracing app will make that much more effective, but you need the organ-grinder first, not the monkey, however much our politicians may identify with the latter.

  56. Anthony 14

    Let's take our own, bespoke route.

    What p*sses me off about all of this is that you've got two of the top 5 tech companies creating a privacy-first solution that can be adopted and deployed quickly and easily, which is exactly what we need, yet NHSX for all its wisdom thinks it's a good idea to go with its own solution. It shows a dangerous lack of maturity in the digital transformation arm of the NHS. Nevermind the privacy implications of a centralised database.

    Grr.

    1. Anonymous Coward
      Anonymous Coward

      Re: Let's take our own, bespoke route.

      "top 5 tech companies creating a privacy-first solution"

      *Data slurping first -product.

      There, I corrected it for you.

      Because if you believe a second Apple or Google *ever* put "privacy first", you're nuts. Google has repeatedly told us "Privacy is dead" and that's their operating motto. Every day.

      1. reubs007

        Re: Let's take our own, bespoke route.

        Not to be naïve but I do think Apple is more trustworthy than Google. It’s business is built on hardware sales rather than flogging targeted advertising. A matter of degrees admittedly.

  57. KevinFanch

    You can easily stop tracking

    I don't know about the government app but you can easily stop Google and Apple from tracking you especially important after they forcefully install contact tracing on your phone. The best way is to switch to /e/ from e foundation. It is ungoogled android which does not send any data to Google but still lets you use android apps. It is great for privacy.

    1. Anonymous Coward
      Anonymous Coward

      Re: You can easily stop tracking

      " The best way is to switch to /e/ from e foundation"

      Yes and that's "easily"? Just swap the OS, takes only few days of work?

  58. Wibble

    Run both applications?

    Can't both be run in parallel? The GCHQ sponsored centralised database one for those who don't care about privacy issues (numbed brains from years of Facebook/etc.); and run the decentralised version for those who do care.

    It will then be the problem of "the centre" to do the data merge when someone catches the plague and reveals their contacts.

    (Assuming that it logs the Bluetooth ID of all mobile devices and doesn't need to run some "alright mate" protocol -- or they mod the centralised version to take the anonymous data which isn't revealed until the "reveal" command is given)

    1. Wibble

      Re: Run both applications?

      Assumption wrong. Apparently it relies on a key-exchange "alright mate" protocol.

      https://www.macrumors.com/2020/04/28/apple-google-contact-tracing-api-development/

  59. reubs007

    Following the science!

    I’m surprised they didn’t trot out the usual BS about this app ‘following the science’. That’s the blanket excuse for screwing up every other aspect of our CV19 response. Next time can we follow another country’s science?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020