I'd like to thank the people that help make this country safer by installing and using this app.
Your sacrifice benefits us all, including people like me that aren't letting it anywhere near our own devices.
Campaign groups have written to the UK Prime Minister warning GCHQ and its digital arm, the National Cyber Security Centre (NCSC), will have the capacity to re-identify the phones of people who have installed the nation's coronavirus contact-tracing app. In an open letter to Prime Minister Boris Johnson [PDF], the groups say …
Contact tracing is needed until a vaccine is available so installing the app is a reasonable thing to do for the greater good of everyone. But the government needs to guarantee everyone's privacy and mandate that all data collected and related to this app is completely and permanently erased once we finally have the upper hand on the current situation.
But that's not going to happen is it?
Still yet to see a solid answer to a simple question
If someone I may of briefly passed in the street gets Covid19, then what?
Do I self isolate because of that 2 second interaction, where the chance of catching are close to zero. Or do I just ignore it?
If the former, expect cities to grind to a complete halt in a few days.
If the latter, what is the point of the app?
The intention (not sure how well it has been implemented) was for only "significant risk" contacts to be recorded, which are those lasting 10 minutes or longer (*). It cant tell whether said contact is outside or indoors, which I would have thought was quite relevant.
(*) This is unlikely to be welcomed by those who throw a tantrum if someone walks past them without leaping into the road to ensure their 2 meter bubble.
The apps (this and those based on the Apple/Google API) record the length of contact and the response is based on that so the contact length could be set for, say 2 minutes. That's been said a number of times.
What's not been said is how it deals with multiple short contacts. There's no particular duration at which you suddenly become infected if you're in contact a second longer; it's a matter of increasing probability. On that basis multiple short contacts should eventually raise the probability over whatever threshold is set for the long contact. But does the tracing add up all your 2 second contacts so that 60 of those are equivalent to a 2 minute contact?
Since COVID-19 stays infectious for two weeks and the R0 is hovering around 1, that suggests that an average two weeks' worth of contact is needed to pass the disease on just once. Assuming, wildly, that people spend two hours per week shopping and during their time at Tescos are usually within 2m or so of four other people, two weeks' worth of contact is 16 person-hours or 960 person minutes.
The chance that you catch COVID-19 from them during your 2-minute proximity is therefore around 1 in 500. Furthermore, since swab testing is reported to suggest that around 1 in 400 of us have the disease, your chance of catch it from one random 2-minute encounter is about 1 in 200,000.
Supposedly they're setting the threshold at 10minutes to begin with. Most close 10min encounters aren't going to be 'walked past 20 different people with COVID for 30sec each' and they like, they're going to be encounters in small indoor areas or vehicles where transmission is easier, or stopping and talking at each other in the street (which produces lots of fine virus-laden spray), or at the very least sharing a semi-enclosed area like a bus-stop for 10 mins. Many encounters of at least 10 minutes will be way longer (imagine some kind of long tailed distribution) and involve more risky activity.
Essentially the contact time serves as a good proxy for the intimacy of the contact in addition to it's actual duration.
A lot of the actual transmission is between people living together not even attempting to distance, but the app isn't really needed for that. It has to capture the next most likely class of transmission events.
Not sure where you get your figure of 1450. So far, worldwide, 14% of closed cases have ended in death, so you'd need about 200 undiagnosed cases for each case to justify that figure.
Furthermore, in the UK, the official death toll is currently 36042. The estimated excess mortality is in the range of another 20k, so probably at least 50k UK brits have died already: if the UK population is just under 68 million that's already more than 1 in 1360, and I suspect we are nowhere near the end of the UK death toll.
Most importantly, even if you a right, I think it's perfectly reasonable to have privacy-compliant* contact tracing on a temporary basis to save thousands of lives. YMMV.
*obviously this does not include the UK proposed app
To add to this, yesterday Hancock gave figures from the ONS antibody survey (otherwise unpublished) indicating about 4.4million across the whole UK have antibodies, using a test which is deemed very accurate. Against the official death total of 36K that points to a case fatality rate of 0.82% with the caveat that both figures are likely to be underestimated, but not by huge margins. Similar to estimates from other countries and far, far above 1 in 1450.
(But of course optimists want to believe the madcap models thrown together by creative 'scientists' on twitter which show we'll have heard immunity by next Tuesday around 3pm - and who can blame them).
"in the UK, the official death toll is currently 36042. The estimated excess mortality is in the range of another 20k, so probably at least 50k UK brits have died already:"
Just to keep things in perspective, how does this compare to a normal Influenza year? Additionally, there is significant evidence that 'cause of death' determinations here in the USA are literaly being "padded" for COVID-19 as the CAUSE of death, rather than something else like heart failure or a stroke. Although it is believed that COVID-19 _CAN_ (and probably HAS) resulted in stroke and heart failure, it does not identify it as a direct cause simply to have the virus test positive in a patient that dies.
In any case, "protect the vulnerable" is an obvious thing. Yet I do not see a phone contact app that makes arbitrary "decisions" based on distance and time to say "you are infected" or "you are not infected" would help protect the vulnerable at ALL.
Automatic contract tracing (secure and respecting your privacy like the Apple / Google api) is actually perfect when the number of infections goes down.
If you rely on lockdown, 66 million people must keep distancing forever, or the infections will shoot up again. But if you were down to say 1,000 currently infected, and these came close to 20,000 people, that would mean just 20,000 self isolating and everyone else can go on doing what they want.
"Contact tracing is needed until a vaccine"
Don't rely on a vaccine working. We've been trying to develop a vaccine for various other coronavirus for many decades, such as the 'common cold', SARS, MERS. None of them have worked. They all still sneak in through the nose, mucus membrane.
Your gran's advice to wash your hands and not pick your nose is still best advice.
My advice, put toilet paper up your nose, wear a face mask, and gloves and awful smelling hand sanitiser after you've washed your hands. My hand sanitiser is part patchouli oil, which I loathe the smell of it but it keeps my hands away from my face and reminds me I still have a sense of smell.
Oh, and try not to be poor, like age that is a killer factor.
I'm reluctant to fact check using the US CDC (see later *), but:
No vaccine for MERS claim:
"Currently, there is no vaccine available to protect against MERS."
@SARS, also true, there is no vaccine
So yes, SARS and MERS are controlled by stopping transmission. We do not use vaccines for these and do not use an app.
@"My hand sanitiser is part patchouli oil, which I loathe the smell "
If you wear a surgical mask, you scratch your nose through your mask. No need to beat yourself up with stinky oils, or leave that nose unscratched!
* CDC US data is tainted now. Trump appointed a deceiver to mash their data and advice up.
This turd with the smile here:
"White House economic advisor Kevin Hassett helped devise a "cubic model" that forecasted coronavirus deaths hitting zero by May 15. It immediately sparked a massive backlash among economists when the model was posted Tuesday on the Twitter account for the Council of Economic Advisors."
He fitted a curve that gave him the result he'd been asked to deliver, and that was used to get States to open up their quarantines before they'd tackled community spread. Effectively ensuring a second wave of death in the USA. Just in time for the election.
A lie that kills people, served up with a big grin. Twat.
@ Danny 2
"Don't rely on a vaccine working"
I don't rely on anything that doesn't exist, there is some evidence that the COVID-19 may be able to resist a vaccine but there's also evidence that a vaccine might work. Fact is, we will not know for certain for at least a couple of years so contact tracing and sanitary precautions are the only defense we have right now.
So, you rate the probability of significant harm due to GCHQ knowing where you've been as greater than the probability of significant harm due to undetected contact with infectious individuals.
I don't know how to calculate the odds of those two hypothetical outcomes. I do know that COVID-19 is an unpleasant and dangerous disease, and that I have been nowhere that would be of concern to GCHQ. I'll take the tracking, thankyou.
"A man well-known for intrusive digital surveillance via surreptitious methods has been left baffled by the lack of public uptake in his new app, according to sources this morning.
The government’s Covid-19 tracking app has so far failed to acquire enough downloads to make the data meaningful, for either its primary, or secret secondary purpose.
“It’s true that I manipulated ‘big data’ that people didn’t realise they were giving to me in order to get Britain out of the EU,” explained the prime minister’s special advisor Dominic Cummings..."
Some scepticism may be required, but https://bylinetimes.com/2020/05/20/dominic-cummings-billion-dollar-brainchild is a bit of a worrying read.
There's not a lot GCHQ don't know about you anyway, so pointless worrying about that problem.
People with an aversion to being snooped on have a very high and inflated opinion of themselves.
Like we really care what they are up to :)
I am personally in the 'Greater Good' camp on this one ... like most people.
It doesn't matter if you're personally concerned about privacy issues or not. The fact that others are and therefore won't use it makes the app less useful than it could be. If you're for the greater good then surely you're for a functional app that the greatest number of people are willing to install?
"People with an aversion to being snooped on have a very high and inflated opinion of themselves."
No, the problem is when AGGRESSIVE government law enforcement people decide "they want to get you", and can ENTRAP you based on information they've collected on you, that ordinary people can be in DANGER of being locked up for the rest of their lives, over "process crimes" and things they may have only marginally been involved in. This is why EVIDENTIARY RULES need to be put into place AND enforced within the government itself, to protect the PEOPLE _FROM_ THE GOVERNMENT. (Right, General Flynn?)
I don't think anyone wants to go BACK to the kinds of governmental abuses that resulted in the creation of the Magna Charta (and subsequent documents), which were made, in order to help put a stop to the abuses. Parliament making a law to roadblock the abuses is "a good start".
So yeah back to the article - this is why you do NOT want your personal data hoovered up by government agencies, ever, EVEN simple "contact tracing". You think private companies tracking you is bad? GDPR helps put a stop to THAT. But private companies can not JAIL you. Governments CAN.
The app is pretty useless now considering it should have been tested and ready to be installed BEFORE Boris decided to tell people to go back to work a week ago. So now we will be over 2 weeks of people moving about possibly infecting others with no way to contract trace and no app until June.
Just look at the 1000s of people cramming on to UK beaches, beauty spots, parks etc because we are having the hot weather who could be spreading the virus right now.
Other countries have had an app ready for their citizen to install weeks ago but as usual the UK had to do something different and go for a data slurping centralised model which is not fit for purpose.
well, the demand for ventiators is not as high as what was initially projected. New York started giving away their extra ventilators a month ago, and so did other U.S. states. The USA got on board with this a while ago with some emergency production orders, and Ford started building them. Now the USA is giving them to other countries on an 'as needed' basis, so Dyson probably thought there was no need, we have plenty now.
(hopefully not too 'off topic' for the discussion on the article)
@ bombastic bob "and Ford started building them"
I would love to have been a fly on the wall when Ford started talking to the FDA about their first time medical devices building... we make FDA 510(k) approved devices and it's not simple and easy but as a result I do trust the FDA.
The thing is you can't just make a "medical device" - you have to prove to the FDA that the device works and that any fault in the device, or any fault in anything connected to the device, will not harm the patient.
"1000s of people cramming on to UK beaches, beauty spots, parks etc because we are having the hot weather who could be spreading the virus right now."
The evidence is becoming much stronger that the chances of catching the virus outdoors are very, very low - approaching zero, in fact. This comes from looking at rough sleepers (virtually no transmission) and known clusters (all bar one indoors, and, interestingly, associated with noisy environments including choirs, concerts, and nightclubs). Essentially, being indoors with people singing and/or shouting seems to be the optimal way to catch this thing. Being outdoors is probably the safest place.
Most UK rough sleepers have been brought indoors. We've actually almost ended it.
Turns out that if you actively offer all rough sleepers somewhere to stay, they tend to accept and do a lot better. Shocking, I know.
One of many lessons I expect we'll completely forget by September or so :(
The main challenge with contact tracing is keeping the relevant sensors always on to detect the presence of others. Most iOS and Android end users won't care about the impact to battery life and filesystem storage but I do. My vote is to have every single device forcibly install an optional contact tracing database function as a critical system update which is enabled by default BUT with a simple off switch for those wishing to save their device resources rather than the 'greater good' of society. If 99.9% of users choose to accept the tracking then fine but at least provide an off switch, similar to those weird folks who don't even use a smartphone :)
"The existing legal framework for the app, currently being trialled on the Isle of Wight, is inadequate to protect people from misuse of their data, as noted by the Joint Committee on Human Rights."
Australia has a two page Act to cover this;
Take that and add a "cannot be accessed via RIPA" clause and it's done and dusted.
Importantly it also addresses third party coercion or abuse;
9 Coercing the use of COVIDSafe
(1) A person must not require that another person:
(a) download COVIDSafe to a mobile telecommunications device; or
(b) have COVIDSafe in operation on a mobile telecommunications device; or
(c) consent to uploading COVID app data from a mobile telecommunications device to the National COVIDSafe Data Store.
(2) A person must not:
(a) refuse to enter into, or continue, a contract or arrangement with another person (including a contract of employment); or
(b) take adverse action (within the meaning of the Fair Work Act 2009) against another person; or
(c) refuse to allow another person to enter premises; or
(d) refuse to allow another person to participate in an activity; or
(e) refuse to receive goods or services from another person; or
(f) refuse to provide goods or services to another person;
on the ground that, or on grounds that include the ground that, the other person:
(g) has not downloaded COVIDSafe to a mobile telecommunications device; or
(h) does not have COVIDSafe in operation on a mobile telecommunications device; or
(i) has not consented to uploading COVID app data from a mobile telecommunications device to the National COVIDSafe Data Store.
One of the downsides of a tracing approach is the balance between the number of false positives and false negatives - set the threshold too low and people are being sent to self-isolate needlessly which will quickly bring it into disrepute but set it too high and people who weren't alerted go down with the virus which will also quickly bring it into disrepute.
I see that they're now trialling something more akin to a spot test which, if it's available on a large enough scale, be able to screen out the false positives. That could be a game changer for the whole scheme. But it still doesn't overcome the problem with being asked to trust our privacy to people who have repeatedly shown themselves to be untrustworthy.
All the counties that have gotten this under control have effectively deployed such apps. It’s been months since this requirement for controlling the pandemic has been know, yet so many western countries like the UK, US and Canada still haven’t properly deployed this. Not sure why every country needs to completely reinvent the wheel on this. It’s not rocket science folks. Thousands of lives are at stake along with trillions in GDP lost while we have to keep the economy shut down. We need to be working around the clock until this is properly deployed.
Also, the system doesn’t need to be perfect and catch every infection. The way epidemic math works, all you need is for it to be good enough to keep R (growth rate) below 1.0 to win. That’s why even moderate use of this app is beneficial because it helps lower R in a way that doesn’t hurt our economies while helping bring us closer to R < 1.0. People really need to get over the fact that it’s not going to be a perfect system.
And when properly deployed it will reduce infections and so increase everyone’s freedom since we’ll be able to open more things up sooner. So lack of privacy means more freedom in a sense. I’ll take it! And btw if done properly there shouldn’t be a privacy issue.
Thailand did contract tracing by interview, the app is new, and is in untested rollout, i.e. you cannot even assert "effective deployment", and given the epidemic was already tackled it had nothing to do with fixing it. Nobody relied on an app to do contact tracing or fix this epidemic.
@"It’s been months since this requirement for controlling the pandemic has been know"
UK went with the "Masks shouldn't be worn because erm, [random bollocks excuses]" for most of that time. The countries that succeeded, e.g. Austria did masks early on. UK just needs to fix its quarantine protocols. The requirements were at best undermined by a shortage-of-masks, dressed up as a fake excuse as to why only heathcare workers should wear them. But also political hubris and toadying to Boris.
UK has bad community spread. It appears to me, that someone in the UK thinks they can substitute lockdown for "app that tracks everyone". That somehow community spread can be turned into contact-tracing spread, if you simply track enough people, so you can open earlier.
Don't do this.
The interactions graph starts to become noisy very very quickly with anything beyond tiny sets. It becomes noise, it is worthless. This will not work. There are so many door handles you could catch it from, so much contaminated air in public spaces like buses, that you need to get the basics of lock-down in place.
The asymptomatic infectious mean you would be filtering your graphs down to false targets. The wind blowing makes your graphs worthless.
UK has mass surveillance, so you won't fix the privacy concerns by tweaking an app. It's a ready-built authoritarian state just waiting for its dictator to arrive.
I think its bit bollocks, Google has all your location data already, coupled to an advertiser ID, coupled to your pay store details, telephone number, the names and telephone numbers of everyone in your address book, if they want they can pull any file from your phone.
GCHQ has your location data too.
You might shake down Google to see all the data its pretending it does not have anyway of linking, and call time on that bollocks.
You might shake down GCHQ to unveil the extent of its surveillance during times of need.
Once this is over, see the mass surveillance engine you created and then dismantle it, so that people can trust an NHS app on their phone again. But that is for later not for now.
Mobile devices are by their very nature easily trackable -- the system needs to know where every device is at all times for it to work. We can demand privacy, even pass laws , but it doesn't alter the fundamental fact that at any instant the system will know exactly where each device is. Keeping intelligence and law enforcement agencies from this cache of information is like trying to keep a hungry cat from a bowl of catfood. It won't happen; all that protects us is that most of us are boring and its not cost effective to treat us as anything but noise.
So, if you are worried about privacy then you have to learn to switch the things off. Real, 100%, boot from cold to restart, off. All other usage implies that you're giving up intelligence to someone -- GCHQ, maybe, but certainly the myriad of 'analytics' firms. If you really need to communicate confidentally then in addition to properly set up encryption you're going to have to skip around public WiFi hot spots like some WW2 Reisitance operator trying to keep one step ahead of the Gestapo.
My employer, a Russell Group University with GCHQ connections, is demanding we install the app on our personal mobiles or we won't be allowed on campus.It's a neat trick, failure to attend for work, even though they are preventing it, is also a failure to honour your contract of employment which means they can dismiss you without paying redundancy. Thankfully I don't have a mobile phone of my own, SWTSMBO holds the contract, so my employer has to supply me with a phone, with app. This is a grand clusterfuck in the making.
Biting the hand that feeds IT © 1998–2020