back to article Legal complaint lodged with UK data watchdog over claims coronavirus Test and Trace programme flouts GDPR

Open Rights Group has instructed lawyers to lodge a complaint with the UK's data watchdog over the rollout of the Test and Trace system because it says the system breaches the General Data Protection Regulation (GDPR). In addition to the Information Commissioner's Office (ICO), the digital rights body's lawyers have also …

  1. Yet Another Anonymous coward Silver badge

    Conspiracy time?

    When countries like Singapore/Korea and Oz/NZ come out of this quickly with effective tracing and testing - the UK govt can blame it's total failure of test/trace on a bunch of Guardian reader social justice types using European GDPR legislation to block vital tracing app.

    1. Spanners Silver badge
      Flame

      Re: Conspiracy time?

      No. They can blame it on a number of things, including

      1. The government deciding to "go it alone" instead of with Apple and Google.

      2. A centralised model instead of a more secure decentralised one.

      3. Letting politicians decide on software instead of people who actually knew about it.

      4. Ignoring the law instead of doing it properly.

      Those overlap but it is the fault of the people in charge - not the developers themselves or the people trying to stop some of their mistakes.

      1. Yet Another Anonymous coward Silver badge

        Re: Conspiracy time?

        All reasonable points.

        Now imagine you are Cummings writing a press notice for the Daily Mail

        1. The commentard formerly known as Mister_C

          Re: Conspiracy time?

          Now imagine you are Cummings updating your blog.

          FTFY

          1. John Smith 19 Gold badge
            Unhappy

            "Now imagine you are Cummings updating your blog."

            That should read

            "Now imagine you are Cummings backdating your blog."

            FTFY

          2. Iad Uroboros's Nemesis
            WTF?

            Re: Conspiracy time?

            Not only that but they (Cummings really) are apparently selling our NHS and NHSX data to Palantir.

            Secret deals done by our government and Cummings with Palantir and NHS data, including that NHSX app: https://www.opendemocracy.net/en/opendemocracyuk/we-must-be-told-what-cummings-and-palantir-are-doing-nhs-data/

            Carole Cadwalladr (who exposed Cambridge Analytica) and (I'm really surprised) The Daily Telegraph are also over this. I'm a bit behind the times as this was reported 2 weeks ago: https://twitter.com/carolecadwalla/status/1261961893461229569?s=20

            1. Robert D Bank

              Re: Conspiracy time?

              to me that is the real rub with this App, the fact it was designed to be monetised from the start. It seems there was more focus on that than making it attractive, trustworthy and beneficial to people.

              1. Tom 7

                Re: Conspiracy time?

                The thing that worries me most is they seem hell bent on making everything that would help stem the vaccine fail. Its hard to tell if its not just utter incompetence on their part which is pretty much a given but it could still be they want their imaginary herd immunity and are just pretending to do things but making sure they fail, all while feeding their mates bank accounts.

                1. Anonymous Coward
                  Anonymous Coward

                  Re: Conspiracy time?

                  From experience of dealings with the government, it is most likely "utter incompetence on their part".

      2. Chris G

        Re: Conspiracy time?

        @Spanners

        You can add to your list;

        The old boys/girls network appointing the wrong people and companies to roll this out.

      3. Loyal Commenter Silver badge

        Re: Conspiracy time?

        You missed:

        5. Contracting the work out to a private company with no open tender process. A company which just happens to be linked with Cummings and his mates*.

        6. Retaining data on people's movements for ten years with no clear rationale.

        *The link between DC and the owner of this company, who is the brother of DC's other non-scientist mate who sits with him on the SAGE committee is publicly available information - I'm going on memory for the details here, so I'd encourage readers to look it up themselves.

        1. Tom 7

          Re: Conspiracy time?

          20 years IIRC.

      4. Warm Braw

        Re: Conspiracy time?

        The app has largely been abandoned, so the issue of Apple/Google etc is now moot.

        Trace & isolate is now essentially a CRM system operated by home-based customer service reps - they get assigned a few people to follow up who've tested positive and attempt to get a list of contacts and their details. You can even enter your own information yourself.

        There are a number of concerns about the data collection. One is that the data is shared with a significant number of organisations and stored for up to 20 years (the privacy statement seems to have been amended since I last read it which is a worry if it's dynamic). Another, possibly larger concern, is that local public health officials are not currently able to make use of the data for local outbreak control. By the end of the month, they expect to have access to the total number of cases/contacts in their local authority, but not the postcode-level information that would allow them to implement targeted lockdowns.

        So although this information is being stored, it may, in fact, be of no use for the purpose for which it is being gathered. In other words, another knee-jerk reaction to accusations of poor preparedness with no real thought as to the practical implementation. We know Boris doesn't do detail - or indeed anything, but it seems none of the rest of them does either.

        1. Cuddles

          Re: Conspiracy time?

          "The app has largely been abandoned"

          No it hasn't - https://www.bbc.co.uk/news/uk-52931232

          1. Adair

            Re: Conspiracy time?

            Reading the article one would have to say, 'Yeah, maybe'. It's hardly a ringing confirmation of readiness and committment. It could just as easily be a 'got-to-keep-on-keeping-up-appearances-until-it-all-blows-over-so-the-boss-doesn't-end-up-looking-like-an-idiot' whitewash.

            Time will tell.

      5. Anonymous Coward
        Anonymous Coward

        Re: Conspiracy time?

        They'll blame lack of uptake in the fact that people asking for tests is going down, since they don't want to be told *and their friends/family* to isolate for 14 days. I know people who ARE isolating as they think they have symptoms but they aren't telling the Track and Trace team. Equally, I know plenty of people who have told friends not to share numbers and details.

        You can blame DC on his trip to Barnard Castle for his wife's birthday, and his trip[ to his second home in Durham (he part owns that farm) for lack of anything coming out from the government.

        1. Anonymous Coward
          Anonymous Coward

          Re: Conspiracy time?

          You know plenty of selfish people! If someone i knew tried that I would dob them in and publicly call them out - maybe a nice black cross on their door. Presumably they are cheating on their taxes, pirating videos and shop lifting regularly as well.

          1. Jimmy2Cows Silver badge

            Re: Conspiracy time?

            You sound incapable of critical thinking, with a tendancy for strawman arguments and to conflate unrelated issues.

            How about, instead of selfishness, perhaps they just don't feel inclined to provide all their contacts (and recursively their contacts' contacts) to an privacy-be-damned, ineffective programme which seems to really exist just to:

            a) look like the government is doing something

            b) harvest data and give it to Palantir

      6. John Smith 19 Gold badge
        Gimp

        But think of the <s>children</s> patients

        Another crisis.

        Another opportunity for data fetishists to get their hands on your data.

        20 years retention? WTF.

        There is no such thing as grossly disproportionate to a data fetishist

        1. LucreLout

          Re: But think of the <s>children</s> patients

          20 years retention? WTF.

          Quite. I get that they may have some need of it during the pandemic, and that the pandemic may last a few years. But 20? Hmm....

          Lets even allow for some beneficial analytics to be done to help manage or improve responses to future pandemics by whatever government of the day we have when they come, surely that can be done and properly peer reviewed in a couple of years, so lets say that gets us to 5 years (3 pandemic, plus 2 analysis).

          I'm at a loss to what they could possibly be doing with the data for the 1

          1. Random Handle

            Re: But think of the <s>children</s> patients

            >Quite. I get that they may have some need of it during the pandemic, and that the pandemic may last a few years. But 20? Hmm....

            The data will be of value in preparing for future pandemics - flu hasn't gone away and Covid has arrived closely on the heals of two other potential horrors.

            Palantir etc can clearly see the commercial value in a huge transmission dataset, particularly one where populus and uk gov do the intensive and expensive leg work for them.

            Would be nice if someone was arguing for maintaining a freely available resource which doesn't breach individual privacy for academics and public health to pour over. Maybe next time.

            1. a pressbutton

              Re: But think of the <s>children</s> patients

              20 years...

              If the data is used to track and trace people you came in contact with, the useful life of that data for the purpose it is gathered is surely less than 4 weeks.

        2. logicalextreme

          Re: But think of the <s>children</s> patients

          I haven't looked into the details of this one specifically, but I suspect that number is derived directly from the standard length of time archives have to be kept for for clinical studies and trials (twenty years). It's an absolute embuggerance for the people holding the data, but it's not like healthcare tech is riddled with people who are good at security either.

      7. Roland6 Silver badge

        Re: Conspiracy time?

        >No. They can blame it on a number of things, including

        Missed the fundamental problem:

        The UK government, with its exemplary record on respecting privacy etc. :¬) wanting to process yet more information on its citizens.

        In some respects the UK government could have proposed the Apple/Google approach and still have people complaining about the UK government snooping on them and the amount of information being collected and retained, not respecting the process of GDPR (which this legal complaint is about).

      8. LucreLout

        Re: Conspiracy time?

        1, 2, 3, 4

        Ok, sure, but you've missed the biggest reason this was always going to be a cluster fuck. The person in charge. Dido. I mean, really, after TalkTalk this is unacceptable.

        1. monty75

          Re: Conspiracy time?

          What's the point in being married to a Tory MP if you don't get to stick your snout in the public sector trough every now and again?

          1. Tom 7

            Re: Conspiracy time?

            The Tory party - LinkedIn for the totally talentless.

        2. logicalextreme

          Re: Conspiracy time?

          I don't think I'd seen the nickname at the end of the article before. I enjoyed it tremendously.

      9. not.known@this.address
        WTF?

        Re: Conspiracy time?

        You-all don't trust the British Government but you do trust Apple and Google? And you think you are fit to comment on what can and cannot be done to try to stop people dying of a global pandemic.

        Doubting the honesty and integrity of the Government is understandable, but trusting Apple? Trusting Google? Keep drinking the Kool-Aid, guys. And I know someone who is selling a bridge, happen you're interested.

        1. FatGerman

          Re: Conspiracy time?

          You miss the point. We have reached the terrifying point where we trust private companies - FORRIN private companies - more than we trust our own government. I'd hand over my first born to Apple or Google before I'd let Boris and his pals have even as much as my fingerprints.

        2. gnasher729 Silver badge

          Re: Conspiracy time?

          If you have an iPhone or Android phone, like 90% of the population, you have to trust either Apple or Google anyway. Apple specifically only wants your best: your money. They want you to buy iPhones, iPads and maybe an Apple Watch or a Mac. They don’t need your data for that. They definitely don’t need your location data. They really don’t want your personal data so they don’t have to waste their time handing it to the FBI.

          Their API is just an advertisement “look how clever we are, we can warn you if you come to close to someone with Covid without collecting any data”. It’s a good advertisement. They wouldn’t do anything to counteract that message. It doesn’t make any business sense.

          1. ThinkingMonkey

            Re: Conspiracy time?

            "They [Apple] really don’t want your personal data so they don’t have to waste their time handing it to the FBI."

            Maybe Apple doesn't particularly WANT your data but they do hand it to the FBI.

            Small excerpts from their "Legal Process Guidelines" PDF:

            1) "Apple will provide content in response to a search warrant issued upon a showing of probable cause."

            2) "Apple has a centralized process for receiving, tracking, processing, and responding to legitimate legal requests from government, law enforcement, and private parties..."

            3) etc.

      10. Gordon 10
        Headmaster

        Re: Conspiracy time?

        Minor quibble to the Original reply. Track and Trace is the process - in which the App plays a small(ish) part. The trace and trace "database" is likely to be several orders of magnitude bigger than that of the track and trace app.

      11. Gonzo wizard

        Re: Conspiracy time?

        They can't blame it on anything except their own decision not to conduct the DPIA in the first place. There are, flatly, no excuses. They instigated the whole thing, this should have included all the required GDPR mitigations and actions.

        But of course this runs counter to their desire to be like a banana republic - wing it without a care for the law, which only applies to the little people.

    2. H in The Hague

      Re: Conspiracy time?

      "... the UK govt can blame it's total failure of test/trace on a bunch of Guardian reader social justice types using European GDPR legislation to block vital tracing app."

      Hardly. UK data protection legislation predates EU legislation in this field. As far as I'm aware the GDPR only resulted in relatively minor changes to the UK Data Protection Act. (Though that didn't stop a lot of folk claiming that the changes were massive and that you had to buy their expensive consultancy services to cope with them.)

      ---------------

      Incidentally, may I quote from one of my earlier posts:

      [GDPR runs to] 78 pages, with wide margins, so about 50 standard pages.

      The UK ICO's GDPR guidelines are about three times longer. And the Data Protection Act, which transposes the GDPR to UK legislation runs to 354 pages: http://www.legislation.gov.uk/ukpga/2018/12/pdfs/ukpga_20180012_en.pdf.

      --------------

      Even more incidentally, "it's total failure" should be "its total failure".

      --------------

      Oh, and the countries you refer to also have data protection legislation, e.g.:

      https://www.dlapiperdataprotection.com/index.html?t=law&c=AU

      https://www.dlapiperdataprotection.com/index.html?t=law&c=NZ (about to be updated)

      By the way, although I do read the Guardian occasionally I'm more of an FT reader (and pay for that).

      1. Cynical Pie
        Coat

        Re: Conspiracy time?

        Slight red herring there on document length (albeit very slight) as GDPR doesn't include data being processed for law enforcement and national security purposes.

        The 2018 DPA includes both GDPR and the EU Law Enforcement Directive that does the Data Protection stuff for the rozzers and the security services.

        That said the 2018 DPA is poorly drafted and a bugger to use!

        1. H in The Hague

          Re: Conspiracy time?

          "Slight red herring there on document length"

          Thanks for the additional info.

      2. Roland6 Silver badge

        Re: Conspiracy time?

        >Incidentally, may I quote from one of my earlier posts:

        [GDPR runs to] 78 pages, with wide margins, so about 50 standard pages.

        The UK ICO's GDPR guidelines are about three times longer. And the Data Protection Act, which transposes the GDPR to UK legislation runs to 354 pages: http://www.legislation.gov.uk/ukpga/2018/12/pdfs/ukpga_20180012_en.pdf.

        And your point is what?

        I have a requirement for a track and trace application. - 1 line

        This gets translated into requirements - multipage docuemnt

        These get translated in to specification - multiple multi-paged documents

        Which in turn get translated into code - thousands of lines of code, dozens of modules, libraries etc...

      3. Bo Lox

        Re: Conspiracy time?

        By the way, although I do read the Guardian occasionally I'm more of an FT reader

        Not much of a difference between the two these days, the FT is now full of Guardian-style "woke" opinion pieces rather than hard facts.

    3. Anonymous Coward
      Anonymous Coward

      That's simply not true

      Singapore is not coming out of it quickly, its the failed man of Asia. They blew it with the migrant camps.

      You know those apps aren't used worldwide even in successful countries right?

      Thailand, no internal case, the Thai MorChana tracing app:

      https://play.google.com/store/apps/details?id=com.thaialert.app

      "100,000+ installs"

      These things, they don't have a lot to do with fighting Corona Virus.

      Wear the mask, avoid touching shared surfaces and when you do, clean your hands. This fixes the virus.

      Telling people they may have the virus, that doesn't fix the virus. Why waste time on a distraction that simply distracts from the core Corona Virus fixes?

      1. Palpy

        Re: Wear the mask etc fixes the virus.

        No it f*cking doesn't. Contact tracing is integral to controlling the spread and therefore the rate of infection. You write that health organizations "waste time" telling people that they have been in contact with a known carrier when, parsed scientifically, contact tracing saves lives.

        Can 'ee no unnerstan, laddy? It were demonstrated far back in epidemiological history, y'know. Track the carriers, and you track the epidemic.

        Now, there is a huge and obvious conflict between privacy and contact tracing. As huge and obvious as the nose on me face, which nose is in fact the size of that of the honorable Throat-Warbler-Mangrove. It really is a knotty problem, identifying disease carriers and tracking those they have been in significant contact with. Huge privacy problem. Huge invasion of privacy.

        So sorry. No easy solution is conceivable. Not to my limited intelligence, anyway. At the same time, I see the importance of making privacy safeguards absolute and inviolable. F*cksocks.

        No acceptable answer possible.

        And that said, so many people are so much smarter than I am that I suspect some very bright spark will figure out how to mesh privacy and contact tracing in an acceptable manner. I wait.

        1. Anonymous Coward
          Anonymous Coward

          App != Contact Tracing

          @"Contact tracing is integral to controlling the spread and therefore the rate of infection."

          They *do* contact tracing. The *app* as contact tracing was launched later and has not been taken up, so its not useful for contact tracing.

          @"And that said, so many people are so much smarter than I am that I suspect some very bright spark will figure out how to mesh privacy and contact tracing in an acceptable manner. I wait."

          Pen and paper, ask the person where they went, publish any places where contact likely to be sustained.

          I know its old fashioned, but it works.

        2. Anonymous Coward
          Anonymous Coward

          What to do if you're contact trace positive

          So, you get informed that you may have been in contract with someone C+.

          What to do?

          Well wear a mask, minimize interactions with other people, wash your hands. Then jump into a time machine and go back in time to when you had the C+ interaction and start doing those things from that point in time.

          Time machines haven't been invented? OMG.

          World: Maybe we just do the mask-wearing/hand-washing/minimizing-contact ALL THE TIME till its gone.

          UK: Quick boffins invent a time-machine! Make sure it includes a tracking app because GCHQ wants that added.

          USA: Call it a terrorist virus and blame the deaths on political opponents. "Antifa-Virus" killed you mum Karen, lets sterilize New York and California with my mighty army! To the bunker!

          1. Palpy

            Re: What to do if you're contact trace positive... Huh?

            Reading over the comments from the three ACs above*, I must quote Captain Hastings: "Good Looord!"

            If you know you have been exposed, you quarantine. That is a bit different from "minimize contact with other people", yes?

            "That's a lag measure, it has nothing to do with prevention." Contact tracing has nothing to do with prevention! Oh, please stop, too much joke!

            Contact tracing is all about preventing the spread of the disease. You might read up on the seminal contact tracing research, https://www.ph.ucla.edu/epi/snow/snowcricketarticle.html: John Snow traced infection by interviewing patients and plotted cases on a grid until he found the source. By removing the source of infection, he prevented the spread of cholera in the Broad Street neighborhood of London. Similarly, if we know who is carrying the SARS-CoV2 virus and who has been exposed, we can use that knowledge to prevent them spreading it to other people.

            It's all about preventing the spread of disease, m'dear AC.

            This is basic stuff. Freshman-level health class, though I suppose many people learn about it in grammar school. Obviously some people don't learn it, though.

            "Science. It works, bitches": https://xkcd.com/54/

            * Yeah, I suppose the three ACs are really one, and he's a troll. Oh well. Perhaps the masses really are ineducable...

            1. Anonymous Coward
              Anonymous Coward

              Re: What to do if you're contact trace positive... Huh?

              @"If you know you have been exposed, you quarantine. "

              Nah. You want to talk it up, but that's not what happens. You go home avoid contact, wear a mask outside, wash your hands. Fauci *self* quarantined, he wasn't taken in a hazmat to a hospital.

              A typical notification I received was "7-11 Bang Tao Beach, Phuket, one of the cashiers has Covid19, were you there from (date to date), if you develop symptoms (listed) contact (telephone number). In the meantime (standing advice like wearing a mask etc.)."

              The point about doing the basic protocols like wearing the mask, minimizing contact and washing your hands is it doesn't need a time machine.

              @"It's all about preventing the spread of disease, m'dear AC."

              Yeh, and the point at which you could potentially spread the disease was 11 days earlier and no time machine is invented, so you should do the protocols anyway.

              Wear your mask, wash your hands, avoid unnecessary contacts, and since you were doing that 11 days before the report, you have saved 11 days of infectious disease spreading.

              @"This is basic stuff. Freshman-level health class"

              Indeed. So I wonder why you pretend otherwise?

              @" and he's a troll."

              Wear the mask, avoid unnecessary contact, wash your hands if you touch shared surfaces, don't listen to Danny2/Palypy here he's a troll.

              1. ibmalone

                Re: What to do if you're contact trace positive... Huh?

                @"If you know you have been exposed, you quarantine. "

                Nah. You want to talk it up, but that's not what happens. You go home avoid contact, wear a mask outside, wash your hands.

                No. You do not go outside. You might still wear a mask and avoid contact with other people in your household, but you don't leave. This is what sensible countries have been implementing anyway. (Let's not waste time wondering what the UK is doing this week.)

                @"It's all about preventing the spread of disease, m'dear AC."

                Yeh, and the point at which you could potentially spread the disease was 11 days earlier and no time machine is invented, so you should do the protocols anyway.

                If you've been a contact of someone who had the disease then the point is that if you have caught it from them then you have not had it for long and are likely in the presymptomatic stage, you may not even be spreading it yet. If you got it in the past week then how were you spreading it 11 days earlier? (Without the use of that time machine.)

                "Face coverings" (not surgical masks, most countries are having people use improvised masks) are slightly better than nothing, but they're far inferior to not being anywhere near other people.

          2. Intractable Potsherd

            Re: What to do if you're contact trace positive

            Evidence is building up that between 40 and 80 per cent of the worlds population is not susceptible to the virus - https://unherd.com/2020/06/karl-friston-up-to-80-not-even-susceptible-to-covid-19/

            1. Anonymous Coward
              Anonymous Coward

              Re: What to do if you're contact trace positive

              No.

              unherd.com

              https://whois.domaintools.com/unherd.com

              "Domains By Proxy, LLC "

              35 changes on 35 unique IP addresses over 13 years

              None of that is true.

              1. Intractable Potsherd

                Re: What to do if you're contact trace positive

                ... and your point is??

            2. Intractable Potsherd

              Re: What to do if you're contact trace positive

              Did any of the downvoters actually look at the article, or just knee-jerk click? The people making the claim are eminent statisticians with peer reviewed papers due out.

        3. Anonymous Coward
          Anonymous Coward

          Re: Track the carriers, and you track the epidemic.

          That's a lag measure, it has nothing to do with prevention. Ah! "You were in contact with C-19 +ve person 3 days ago, now you've breathed on 400 other people, please confine yourself for 14 days"

          Yh, that'll work. D'oh!

          1. Anonymous Coward
            Anonymous Coward

            Re: Track the carriers, and you track the epidemic.

            Yes, that's the point. You do the basic now, so that in 11 days when someone you came into contact with is diagnosed C+ and you get notified, you haven't spread it in the last 11 days.

            Yeh indeed Doh!

            A basic mask has two layers, the outer blue layer repels water, it is to repel the droplets from other people. The inner white layer is to absorb your droplets. It is to stop you spreading the virus to other people.

            You would have to be an utter moron to not wear one during an epidemic.

        4. Anonymous Coward
          Anonymous Coward

          Re: Wear the mask etc fixes the virus.

          The mortality rate of COVID is now established a bit higher than flu. Are we going to have contact tracing for flu too? And what about contact tracing to warn people that they are in the vicinity of a political undesirable sometime in the future? Once these things start they simply escalate.

          1. Anonymous Coward
            Anonymous Coward

            Re: Wear the mask etc fixes the virus.

            quote: "The mortality rate of COVID is now established a bit higher than flu.

            Stop spreading fud, it's a lot higher than flu and we already know that.

            Flu goes completely unchecked, we don't lock it down, we don't ask people to isolate, therefore the number of people catching flu every year is huge compared to COVID 19, and only a few of these end up in hospital.

            Some figures: Flu (i.e. Influenza) infects around 1 billion people each year, and around 290,000 to 650,000 die from it each year, so that's less than 0.1 mortality rate. (WHO figures).

            For COVID 19, we've already had almost 400,000 confirmed deaths, and that's with much much fewer people infected. Around 7 million confirmed cases so far, but there are a lot of untested people out there that recovered etc.

            Even if that 7 million was only 10% to 20% of the real figure (which is what some current studies seem to indicate), that means somewhere between 35 to 70 million people have been infected so far world wide, which gives us a mortality rate of between around 5 and 11%. Although obviously this figure will likely change as we start doing things like antibody testing to see who's had it.

            In other words, a mortality rate around 50 to 100 times worse than flu. Even if we doubled the number of estimated infections to 140 million, it's still 25 times worse than flu!

        5. crayon

          Re: Wear the mask etc fixes the virus.

          Contact tracing is too late for most countries now (maybe useful for Antarctica - yes, pedantics, that's not a country).

          In order of importance:

          - screening at borders and quarantining,

          - contact tracing

          - wearing masks (to limit spreading by asymptomatic carriers who got past border checks)

          - hand hygiene

          - and distant last, social distancing

          All of these were implemented in Asia right from the very start, and the results speaks for themselves. HK sitting on the doorstep of China did not even close it's borders (they left 1 crossing open) only has 4 deaths attributable to covid19 - and all of them from the start of the pandemic when not much was known about the nature of the disease. It is densely populated yet didn't have to implement a hard lockdown - some types of businesses were closed, and later on bars (because of antisocial behaviour by foreigners carousing around Lan Kwai Fong flouting social norms).

    4. werdsmith Silver badge

      Re: Conspiracy time?

      South Korea passed a temporary law to get the privacy stuff out of the way. Population accepts the circumstances justify this. Don't know about NZ, but we are donkeys as usual.

    5. JohnMurray

      Re: Conspiracy time?

      I think you'll find that behind their incompetence there lurks a dark soul, full of malice, that couldn't give a sh** about peoples data security (or people). After all, just look at their record ! They *could* have had a contract-tracing app, a secure one, operating fully by now, instead they chose to use their deliberately insecure one, with that talktalk a***hole running it. Says it all.

    6. JohnMurray

      Re: Conspiracy time?

      Yet Another Anonymous coward = Monsewer Cummings ?

    7. Tom 7

      Re: Conspiracy time?

      If you were capable of reading the big words in the Guardian you might find interesting infromation pertaining to the utter morons in charge of this imaginary app: https://www.theguardian.com/world/2020/jun/05/tory-mp-bob-seely-attended-lockdown-barbecue-with-journalists

      1. werdsmith Silver badge

        Re: Conspiracy time?

        The Guardian is not a reliable source for good information, it’s the the equivalent gutter rag to the mail for the other end of the political moron spectrum.

        It seems that Dopey Bob was entrapped, having been invited by the journalists on the pretence of discussing some matters, but the plan was to create a story about an MP ignoring social distancing.

        Bob was a dope for walking into it, but it locally it does seem to have backfired on the people involved. Hopefully the public are getting wise to and sick of the media ordure.

        By the way, Seely is not in charge of the app.

    8. Anonymous Coward
      Anonymous Coward

      Re: Conspiracy time?

      It gets worse, my employer a Russell Group University with a top class computer science department and a number of GCHQ contributors, is insisting staff and s-too-dense install the gov't on their phones or they won't be allowed on campus, goes hand-in-hand with the Microsoft tracking already enabled...

  2. Version 1.0 Silver badge
    Facepalm

    So what's the problem?

    Facebook and Google track and trace people all the time - this program would win approval if advertisements were being delivered instead of vaccines. Cambridge Analytica sailed away for all their tracking issues but now we're concerned? I guess the problem is that you can't deliver a vaccine via peoples phones.

    1. Loyal Commenter Silver badge

      Re: So what's the problem?

      There's a reason any sane person disables as many ad-trackers and cookies as possible, and that reason is to provide as little personal data as possible to the likes of Google and Facebook. Compared to governments, ad-spewers are relatively benign as they are only interested in profit. Governments have the power to legislate against their own people, and the thought of being tracked by the sort of people linked to Johnson, Cummings, Cambridge Analytica et al sends a shiver up my spine. Their interests almost certainly do not align with mine, in the same way that those of a reef shark do not.

      1. Version 1.0 Silver badge
        Facepalm

        Re: So what's the problem?

        I completely agree, I feel the same way but I'm not going to fool myself into believing that these companies can't track me just because I said "no tracking". Sure, we can object to this but they all find their way around our objections ... Facebook tracks people who have "visited" Facebook friendly sites but never signed up for Facebook - it's just data collection in their eyes.

        You can say no tracking, you can live on a VPN, delete cookies when you close the browser, and they can still track you - these companies are not dumb, this is how they make their money by selling our data so they are not going to stop no matter what you think.

        1. Sir Runcible Spoon

          Re: So what's the problem?

          "they are not going to stop no matter what you think."

          That doesn't appear to be a valid reason to stop fighting it every step of the way though, but that's just my opinion.

    2. Barrie Shepherd

      Re: So what's the problem?

      "So what's the problem?"

      The problem is that this is a Public Health data, something which my be very personal.

      Historically data about your health matters are personal and not shared outside of the medical practitioners who need access for your treatment.

      The Government has refused to put any legislation around the Track & Trace activity to limit the reach of what the data may be used for or who can legitimately (for health reasons) access it.They intend to retain the data for 20 years! Why?

      The data will be passing across the sight of at least three private organisations and will be viewed by employees of those organisation. Those employees will be using their own personal computers with, apparently, no audit of security. In other words the whole activity may have more holes than my kitchen sieve.

      Then consider that, without legislation prohibiting it, the data will be available to any Tom Dick or Harry who has been granted access to data under the RIPA laws.

      At least Australia rushed through very simple legislation to prevent abuse of the data or access for any other purpose than fighting Corona. I would urge those of you interested to read though the page and a half to see what abuses the Australian Government felt may occur if the tracking data was not protected

      https://www.legislation.gov.au/Details/F2020L00480

      1. Woodnag

        legislation to prevent abuse of the data or access for any other purpose

        Legislation prevents nothing. It's a vehicle to punish transgression, at most.

      2. Claverhouse Silver badge

        Re: So what's the problem?

        They intend to retain the data for 20 years! Why?

        Going by form, reaching back beyond WWI's DORA, the British government's mode engaging with data --- Official Secrets Act ! The 100 Year Rule ! --- is to hug it close and never let it go.

        .

        In practice though, they will need to hold on for the initial 20 yrs to safeguard us all from future viruses, then reset for another 20 yrs whenever each 20 year span is up.

    3. James Anderson

      Re: So what's the problem?

      So where is the ink between track and trace and vacine development.

      Vacines are developed in laboratories using a few samples of the vairus taken from a few patients.

      No amount of data on how many people have been infected where will speed up or slow down the painstaking process of finding something that will fool your immune system into producing anti-bodies for a virus that is not here (yet).

      Having said that the proposed implementation of test and trace is laughable -- a ridiculous call centre trying to trace contacts rather than switching 'leccy companies.

      Its all an excuse to end lock down early and get the economy going again albeit with another 20,000 deaths.

      I am so glad I can watch the unfolding disaster from a safe distance.

  3. mark l 2 Silver badge

    "Jim Killock, executive director of Open Rights Group, said: "The ICO must act to enforce the law. The government is moving too fast, and breaking things as a result. "

    From the way this government has reacted to COVID19 I definitely would not ever say they were moving too fast with their test and trace, as they should have had this up and running back in the beginning of March and then perhaps we wouldn’t be approaching 40,000 deaths from the virus in the UK.

    We still don't have this app ready yet and yet millions have been encouraged to go back to work and all shops will be able to open in another 10 days.

    1. Wibble

      They changed how death certificates are issued; only reviewed by one doctor who doesn't need to physically examine the body.

      Some argue that the 40,000 includes lots of people who died with Covid, not because of Covid (i.e. infirm, weak people).

      The only figure that will really count is the "excess deaths". But it's all nigh-on impossible to determine this accurately.

    2. julian.smith

      What's the problem with reopening?

      The UK is a massive failure with coronvirus - huge death toll (probably understated) - European league leaders in Deaths per Million

      About 2,000 new cases per day

      No effective incoming testing / quarantine

      What could possibly go wrong?

      The good news is that it's only Brits who will die, that's species improvement

      Who cares? Your wretched government sure doesn't.

      1. John Smith 19 Gold badge
        Unhappy

        "European league leaders in Deaths per Million"

        Not quite.

        That would be Belgium. The UK is still in 2nd place.

        But they are working hard on moving up the ranking.

        But don't let the facts spoil a good rant.

        1. werdsmith Silver badge

          Re: "European league leaders in Deaths per Million"

          We can’t have any facts. Counting and classification is not consistent so these pathetic league tables and media stirred international competitions are just a waste of space.

  4. ratfox
    Paris Hilton

    GDPR?

    I thought Brexit had happened?

    1. genghis_uk

      Re: GDPR?

      Not yet it hasn't... We may have technically left but we are in the 'transition period' where everything really stays the same while they argue what they should have sorted out before we even had a referendum.

      That aside, GDPR is enshrined in UK law, just as all of the EU laws are. We will need to rewrite our laws to repeal the EU bits before we can say we are 100% EU free - but, as most of it is required to do any form of trade with the EU that isn't going to happen any time soon. Something else that has never been made clear unless you follow it.

      Oh heck, I replied to a Brexit post - cue the downvotes... It is bound to upset someone!

      1. Kientha

        Re: GDPR?

        Also, the UK government had committed to retaining GDPR or something functionally identical to it despite Brexit

        1. Doctor Syntax Silver badge

          Re: GDPR?

          Not only committed but actually written it - more or less - into the current DPA. It's the less that's the concern here. Govts tend to lend themselves wriggle room in legislation. At a guess they'll either defend themselves on those grounds or insist it's not covered because they're doing things manually. Even if they are that latter won't wash; manual data processing is data processing.

        2. John Smith 19 Gold badge
          Joke

          "UK government..committed to retaining GDPR or something..it despite Brexit

          Traitors. Remoaners.

          How dare they. The Daily Heil (before it changed editor) told us we would take back control of all our laws. The House of Commons would have full sovereignty.

          I am disgusted and feel betrayed and am generally frothing at the mouth at this near treasonous behavior. This is not the Brexit I voted for.

          (signed) Major Old-Fart. DSO, DSC,DSP & bar (Retd)

      2. Anonymous Coward
        Anonymous Coward

        Re: GDPR?

        We will need to rewrite our laws to repeal the EU bits

        It's been done, that was part of the Brexit preparation. Data protection equivalent to, or stronger than, GDPR was specifically included to ensure that trade with the EU could continue.

    2. yogibear

      Re: GDPR?

      Whether the date is taken as 1st Jan or 31st of December or some yet-to-be-determined date isn't the UK (or the parts that remain) still going to conform to GDPR?

      1. Anonymous Coward
        Anonymous Coward

        Re: GDPR?

        Yes.

    3. Pascal Monett Silver badge

      Re: GDPR?

      Indeed. By the time this thing is put into production, GDPR should not be a concern in the UK anymore.

      Not for UK Gov failures, ahem, projects anyway.

      1. Anonymous Coward
        Anonymous Coward

        Re: GDPR?

        GDPR is part of UK law, and is not going away.

  5. Scott Broukell

    Is it just me, or should we all be a little worried when Dido Harding talks about 'sharing data' ? - just saying.

    1. batfink

      As soon as I saw that Dido Harding was going to be in cahrge, I knew my data was going to be in safe hands.

      Unfortunately not hers.

    2. yogibear

      I always see an extra letter in that name.

    3. SW10
      Go

      Relax, she’s rebranded to Baroness Dido Harding now - totally different bottle of chips

    4. gnasher729 Silver badge

      With Dido Harding in charge, you _know_ your data will be shared. With everyone she wants to share it with, and then with everyone she doesn’t want to share it with.

  6. Graham Cobb Silver badge

    Last month's solution?

    Do epidemiologists even recommend Track and Trace apps any more? It feels like last month's solution. I am sure it would have been useful in the previous phase but it looks like Coronavirus is here for a long duration now. Tracing isn't a scalable solution for management of the virus for the next decade.

    Assuming that society evolves to minimise airborne transmission (presumably masks), the primary vector is going to be either intimate personal contact or touching shared surfaces. Neither of which will have much use for a tracing app. It is looking like it is too late to be an effective tool, and is now just turning into a technological solution looking for a problem.

    And the limited tracing resources that will be available are going to be overwhelmed for the next year by 1st workplace outbreaks, and 2nd crowd outbreaks (concerts, football matches, etc). It is clear the government cannot disallow either of those in the long term and neither is helped by an app.

    Any epidemiologists here who can explain what I have missed?

    1. Version 1.0 Silver badge

      Re: Last month's solution?

      Epidemiologists put a lot more faith in accurate testing than inaccurate tracking. A daily test method for everyone would virtually eliminate Covid-19 in a couple of months.

      1. Anonymous Coward
        Anonymous Coward

        Re: Last month's solution?

        A daily test method for everyone

        67 million accurate, reliable tests per day? Not practical.

        1. Doctor Syntax Silver badge

          Re: Last month's solution?

          Let's try somewhere in the middle. Don't just tell the traced contacts to lock themselves away. Assume that some, possibly many, will be false positives.

          Treat the tracing as simply a presumptive test, i.e., one that has to be backed up with a better test. Only require the contacts to self-isolate in the first instance until a test result is available and then continue or not based on that.

          Look to get quick turn-round. Instead of the mega-hubs where the test processing starts next morning distribute the processing so that it can be carried out closer to the subjects.

          Look into tests that are supposed to give quick results on inexpensive equipment. Even if they also give false positives (but not false negatives) they can act as a second level test before sending samples for a more definitive test. But testing contacts is key, otherwise when the complaints start coming in in a few weeks time the whole thing will blow up in HMG's face.

          If that leaves any spare capacity start looking at random testing. If there are asymptomatic cases giving rise to contacts relying on symptomatic cases only will take forever.

          1. Anonymous Coward
            Anonymous Coward

            Re: Last month's solution?

            Only require the contacts to self-isolate in the first instance until a test result is available

            I'm not sure that they will, though.

            If I woke up feeling under the weather, with symptoms that might be COVID-19, I'd self-isolate, but we know that others will think "It's not so bad", or "I feel dreadful, but I have to open the shop", etc. The chances of such people self isolating when they feel OK, just because someone from the government phoned them to say "you might have been in contact with a person with coronavirus", are even lower.

            1. Doctor Syntax Silver badge

              Re: Last month's solution?

              Hmm. NHS website says contacts are advised to self-isolate.

              gov.uk says "must" self-isolate.

              The M word implies it's a legal requirement but is it?

        2. Chris G

          Re: Last month's solution?

          Russia is currently managing 200,000 tests a day at the moment.

          1. yogibear

            Re: Last month's solution?

            >Russia is currently managing 200,000 tests a day at the moment.

            So on average each person has a test every 2 years.

            Do you think that's enough to keep track of how the infection is spreading and whether someone has been infected?

          2. Wibble

            Re: Last month's solution?

            > Russia is currently managing 200,000 tests a day at the moment.

            Has the other one got bells on it?

            Still struggle to understand how our "Dear Leader" can include tests in the post and say that with a straight face. Unless, of course, he's a liar.

    2. James Anderson

      Re: Last month's solution?

      Compare and contrast with Spain.

      In early March they had the worst statistics of any country in Europe thousands of new cases and hundreds of deaths per day.

      After 12 weeks of strict and strictly enforced lock down we now have tens of deaths per week and several consecutive days with no deaths reported.

      With a committed government, a competent civil service and a properly funded health service the pandemic can be beaten.

      Its a pity that the UK has a gifted comedian for a prime minister, a shambles of a civil service, and a health system that was failing long before the pandemic struck.

  7. iron Silver badge

    Not to worry, some enterprising young hacker will release the data long before Dido does.

  8. yogibear
    WTF?

    Bluetooth? Really?

    Having read a little about using Bluetooth for measuring distance it seems that you can't, in any reliable way. So pairing is the means used to detect 'proximity'. Class 2 BT (as used by mobiles, I believe) must have a minimum range of 10 metres. My cheap mobile can pair reliably with a speaker over more than 16m, 8 times the social isolating distance. The area covered is 8-squared = 64 times the 'safe' proximity area.

    Am I missing something or does this mean that a BT app can register people in shops on opposite sides of the street as being in 'close proximity', but have no idea that an infected person can briefly smear the virus on a shop door or supermarket shelf which can then be transferred to umpteen others?

    Are TPTB really unable to think through some basic GCSE level science? Hopefully I'm missing something obvious, otherwise the whole app thing raises serious questions about effectiveness, motive, competence, etc.

    1. Martin Gregorie

      Re: Bluetooth? Really?

      Are TPTB really unable to think through some basic GCSE level science?

      Of course. They're barely numerate and critical thinking is quite beyond them.

      What do you expect from a bunch who studied politics and little else at uni before working as a researcher for a member of the party of their choice until they'd earned enough brownie points to be given a crack at a safe seat?

      I have no beef with studying languages and humanities, but the idea that somebody can become an MP with essentially no practical work experience outside of politics really sticks in my craw.

      Lets face it: the proportion of members of the House of Lords with experience outside the political sphere vastly exceeds the proportion of MPs with useful non-political experience. It wasn't always like this in Parliament. Unfortunately.

      1. Anonymous Coward
        Anonymous Coward

        Re: Bluetooth? Really?

        Surely this is all about the r number - it's not perfect, but then waiting for a perfect sytem isn't really an option. If wearing masks takes R from 1 to .85 wear a mask. If track and trace takes that R from .85 to .65 then track and trace. At an R of 1 we have to live (or die!) with this virus for ever. If we* model a group of 1000 infected people assuming you are infectious for 10 days, at 0.85 we 'eliminate' the virus in 460 days. At 0.65 we eliminate it in 160 days. At 0.5 its gone by day 100.

        If you look at numbers infected/dying agter a year assuming about 2.5% die, with an initial group of 1000 at R 1 it's 37000/925, at r 0.85 6650/166, at 0.65 it's 2860/70 and at r 0.5 it would be 2000/50.

        Quite small changes in r drop deaths significantly. a drop from 1 to 0.99 would drop deaths seeded by 1000 initial cases from 925 to 775 - so that's 150 lives saved by some trivial action. scaled to current Uk cases that might 1% drop in R would equate to 6000 fewer deaths.

        *IANAE

        1. yogibear

          Re: Bluetooth? Really?

          Yeah but, no but... 2 buts...

          But 1

          'eliminate' only applies if the number of infections gets to zero. Theoretically it never will by -ve exponential growth (n x .65 x .65 x etc), which will 'tend to' zero but never reach it. Moving from theory to practicality there would be a point when there are 0 or 1 infections left, and an increasing probability (though never certainty) of hitting 0 eventually, after which it would stay there.

          However, this depends upon absolute adherence to whatever results in .65 or .85. by *everyone*, *always*, without exception. Good luck with that.

          But 2

          R is a secondary measure (dependent variable), calculated from actual infections. It is not a primary measure (independent variable). Thus R never 'controls' or 'achieves' anything. It simply summarises the current state of transmission in a simple, single number. Whilst politicians can sometimes manage a single number without getting too confused, understanding the subtleties of the number and its origin and significance it too difficult and demanding for most of them (ditto most journalists, media, etc). Most dropped struggling with difficult abstract concepts when they dropped maths for classics in their teens.

      2. KBeee
        FAIL

        Re: Bluetooth? Really?

        It's a damning statement when you say (quite correctly in my opinion) that the unelected House of Lords would be less clueless than the elected House of Commons. FFS, Prince Charles and the Queen could run the bloody country better than the shower in The Commons! I'm pretty sure half the MPs think they know about Personal Protective Equipment cos they all got degrees in PPE.

    2. Paul Shirley

      Re: Bluetooth? Really?

      You read the signal strength and make very bad guesses about how that maps to proximity. If Bluetooth was in any way predictable or reliable that might work. Might even be able to self calibrate by tracking beacons move in and out of range. If it was predictable.

      My experience of Bluetooth between phones is serial, random failure. Radio reception usually defies understanding in the busy environments this needs to work in. Seems designed to fail, theatre not solution. The UK version is so inept probably best to have it die quickly before wasting more human resources.

  9. Anonymous Coward
    Anonymous Coward

    How is this better than leaving it up to individuals?

    Sorry, I'm confused about what good a track-and-trace program actually is. If I test positive, I either call the people with whom I've been in close (< 2 meters) contact for longer than ten minutes (or however long is deemed "long enough" to transmit) and tell them they should consider getting tested, or I spill these names to health service/ gubmint employees so they can call my contacts and tell them they should consider getting tested. It all depends on my memory (usually crap) in both cases, and the second option assumes I am willing to share the names of my associates (not entirely warranted). Aside from side-stepping the possibility that some patients will simply not follow through with making the calls, and opening the possibility for health employees to pry for the contacts' details, how is government doing this an improvement? Clearly I'm missing something.

    1. EBG

      Re: How is this better than leaving it up to individuals?

      What you are missing is that government has pulled a fast one by getting the phrase "test and trace" locked into the debate. The correct phrase which I think you'll find people like WHO use, is "test, trace and isolate". Even if some tacky app is made to work, it's f-all use without enforcing isolation on the contacts. We have failure designed in, irrespective of the IT.

    2. Roland6 Silver badge

      Re: How is this better than leaving it up to individuals?

      >I either call the people with whom I've been in close (< 2 meters) contact for longer than ten minutes (or however long is deemed "long enough" to transmit)

      There is no 'safe' time, just a level of risk.

      So it seems 6 sec at 1 metre is comparable to 1 minute at 2 metres.

      Add into this airflow (indoors/outdoors) and whether the person is facing or looking away and it all gets rather complicated.

      So yes, when I develop symptoms that correspond to CoViD19, I would contact those people I know. However, if the contact tracking is working effectively, I would receive notification that someone I had contact with a few days back had tested positive before I had developed symptoms or begun to feel unwell. If I self isolate at this point, that's potentially up to 5 days where I'm not out spreading SARS-COV-2...

  10. Mike 137 Silver badge

    "PHE and the NHS confirmed that a DPIA has not been conducted..."

    Naughty and unlawful, but conducting one will probably make little difference. Under Article 35 of the GDPR the arbiter of the necessity, proportionality, risks to data subjects and risk control measures is the party intending to process the data. Not the ideal basis for objective evaluation.

    1. SloppyJesse

      Re: "PHE and the NHS confirmed that a DPIA has not been conducted..."

      The DPIA would essentially force them to 'show their working'. They would need to justify things like the 20 year data retention period.

      Most of the DPIAs I've seen have been very specific and rigorous, but that's probably because companies are very aware they would be a key document in any GDPR investigation. This is unlikely to be a consideration for ministers or civil servants so you're right, it probably won't make any difference.

  11. SloppyJesse

    Re: How is this better than leaving it up to individuals?

    The DIY approach relies on the infected individual

    * Having time and energy to contact others (they're ill, after all)

    * Being able to judge what is a 'contact'

    * Knowing all contacts

    * Having available contact methods for them

    The organised program is meant to address these.

    * A medical professional interviews the infected and makes clinical judgements as to what contacts need to be traced

    * The program does the legwork leaving the individual to get on with being ill/recovering

    * They have more power than an individual to identify people (Virgin trains are not going to give you the names of everyone in carriage D on the 7:53 from New Street, but they should to the program) and get in contact.

    Having a centralised program also creates epidemiological data for monitoring.

    That's the theory. Whether England's world-beating program delivers is TBD.

    1. JohnMurray

      Re: How is this better than leaving it up to individuals?

      From day 2 of infection they're capable of spreading the infection.

      On day 5/6/7, they start feeling ill.

  12. Anonymous Coward
    Anonymous Coward

    The tracking is important, the tracing, nope.

    As one who has literally built some of these "apps", thus the anonymous as it is still under security embargo, I have the real skinny on this. TL;DR; the UK app is being built by the usual committee of no-hopers and academics so is, of course, mostly bollocks. Political virtue signalling at its finest. I'd point out that those of us who really know are really not popular with these guys. Not academic enough. Not political enough. Might steal some budget that should be spent on stuffed-shirts.

    So, from what we know, firstly tracing tells you little beyond "your family probably need to be tested and isolated". Everything else will immediately lead to a 100% population lockdown for the obvious reasons, so can be ignored, and is clearly a violation of privacy. So don't do it.

    Tracking where you went can be fully and completely anonymised, and is available in scary detail via cell-tower ping and handover data. I'm guessing MI5 and co are desperately trying to avoid mentioning that they are tracking (and I speculate ever so slightly in the case of the UK) every single mobile device at all times, down to a 10m^2 area. Sometimes better with a bit of clever Kalman filtering and in heavily overlapping cells. But I digress. The point is, this data is available right now, and requires exactly zero things to be done to gather it.

    All you need to do (heh) is get permission from the user to find out where they have been, to convert that "technical" data into useful data. GDPR covered.

    To get the permission we can, I dunno, promise not to keep it (fantasy island I know, but bear with me).

    You find out where they have been as coordinates for some historical period, e.g. 14 days.

    You mark the coordinates as potentially on an infection trail, with modelling for how it remains infectious.

    Then you erase the device data, thus erasing the GDPR problem as there is now no [direct] personalised data (I know I'm simplifying).

    This is basically what South Korea did though they took the additional step of notfying anyone else who was in one of these hotspots, and perhaps not quite so hygienically.

    See, no GDPR problems, no stupid interviews, location only, you could put it on a map (and we do!) and people can then request (giving permission!) to intersect their movements with the hotspots, and be given a risk assessment. Again, the identifying request data can be thrown away, and the useful aggregates kept.

    This is good enough, proportional, privacy compliant, and works like a champ. Instead we have something obviously stupid, illegal and destined to fail. Full steam ahead!

    1. Roland6 Silver badge

      Re: The tracking is important, the tracing, nope.

      Up vote for a really helpful and insightful post.

    2. Sir Runcible Spoon
      Thumb Up

      Re: The tracking is important, the tracing, nope.

      I'm pretty sure that most commentards could have guessed most of this, but it's always nice to see that our cynicism is well founded - thanks for posting.

  13. You aint sin me, roit
    FAIL

    The evil spin on statistics...

    No sooner does the UK Statistical Authority lambast the government for the lack of quality in testing reports than this is used repeatedly by ministers to obscure information even more!

    Nadhim Zahawi did it during Question Time, Widow Dido did it, Grant Schapps on breakfast news...

    "Do you have the figures?"

    "Of course we have the raw figures but we need to polish them before we release any data to the public, in accordance with the UK Statistical Authority."

    Polish?! That ain't what he said! He wanted accuracy, appropriateness, and availability. Not spun or manipulated, which is what we've been getting!

    By hiding behind the UK Statistical Authority they delay having to admit they are bullshitting us and don't have a clue.

  14. John Savard

    Move Fast and Break Things

    While one may disagree with the tactics of some Internet companies that fail to respect laws, whether copyright law or laws meant to protect taxi drivers, a pandemic happens to be an emergency, and not moving fast enough means thousands more people will die.

    1. yogibear

      Re: Move Fast and Break Things

      >a pandemic happens to be an emergency, and not moving fast enough means thousands more people will die

      Moving in a knee-jerk, Brownian motion direction, even very fast, also means that thousands more will die.

      MPs, media and many others do this very well. It lets them be seen to be doing 'something', which is what matters, innit.

  15. Anonymous Coward
    Anonymous Coward

    And that's before we consider some of the contractors doing the work.

    Serco comes to mind for example. I wonder how many tracers they've recruited? And how many have been retained?

    Not saying anything. Just asking questions.

  16. TrumpSlurp the Troll
    Facepalm

    You need electronic tracking of some sort.

    Noted by some above, ignored by others.

    Phoning someone up and asking them to identify their contacts is more or less pointless if they have been in a shop or on public transport (just two of the many obvious cases).

    Electronic recording of close(ish) contacts, such as with low power BT recording beacons, is not reliably accurate to identify close contact but it seems the best available at the moment.

    Yes, mapping every cell phone into a massive central database linked to personal identity could do much the same but there may be minor privacy issues in that approach.

    The BT approach at least gives a nod to maintaining anonymity.

    Writing it off because of obvious edge cases is not a sensible approach, although much loved by techies. If it offers even 75% accuracy it is far better than an outsourced call centre which has all the failings detailed up stream.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like