In brief:
- Apple and Google's coronavirus tracing app is causing a stir among governments who want greater control.
- The app places restrictions on user data and GPS access.
- In the UK, the NHS contact tracing app has security flaws, prompting experts to call for decentralization.
Governments spanning 23 countries are seeking access to Apple and Google's collective contact tracing technology. However, privacy features imposed by the two tech giants are frustrating authorities worldwide.
Wednesday marked a watershed moment for the Apple-Google tool. Developed to stem the virus by identifying and testing potential coronavirus carriers, the system is highly sought after, with multiple US states along with 22 counties worldwide applying to gain access to the tech.
Coronavirus pandemic sparks push for data privacy in healthcare
The global coronavirus pandemic has changed our day-to-day lives in just a few short months. Around the world, people are adapting to a new way of life, isolating themselves from friends and family to help fend off an invisible enemy. On a wider scale, economies are feeling the strain, and governments are under immense pressure to counter the effects of dramatic societal changes. In large part, this pressure comes from ensuring that healthcare services are able to cope with the unprecedented inc...
Nevertheless, restrictions on collecting GPS location data and personal information are causing a headache for some governments. Instead of using phone numbers and GPS, Google and Apple's solution harnesses Bluetooth to trace users who remain in proximity for five minutes. Officials maintain that the app could be made more efficient by tracking users locations, enabling authorities to identify viral hotspots.
Is decentralization the solution?
While disgruntled governments lament the perceived limitations, they hold little alternative. Contract tracing apps developed elsewhere, have produced their fair share of problems—namely a lack of adoption and a litany of security issues.
In the UK, the NHS's contact-tracing app—developed in conjunction with GCHQ's National Cyber Security Centre (NCSC)—introduced some significant privacy defects. Following a thorough security audit, researchers concluded that app data could be easily exploited.
As a solution, the analysts advocate for the system to be decentralized. At present, the app's contact matching takes place via a central server. The researchers argue that this process could be decentralized to take place on a users phone instead, minimizing the latent risks.
According to the BBC, the NCSC is aware and dealing with the concerns raised. Nevertheless, the researchers continued to urge for legal provisions to restrict both data usage, as well as the length of time the information can be stored for.
Swiss health authority hatching decentralized coronavirus tracing app
Switzerland's Federal Office of Public Health (FOPH), has confirmed that it's working with a group of prominent European privacy experts to develop a decentralized coronavirus contact tracing app by May 11. The app will use the Decentralized Privacy-Preserving Proximity Tracing (DP-PPT, or DP3T) protocol, which has been designed by around 25 academics from research institutions across Europe, including the Swiss Federal Institute of Technology, ETH Zurich and Belgian KU Leuven. According to the...
This isn't the only privacy snafu facing developers of contact tracing apps. In France, over 140 cybersecurity experts have signed a public warning about the privacy implications of covid tracing solutions.
"All these applications involve very significant risks with regard to respect for privacy and individual freedoms," reads the warning. "One of them is mass surveillance by private or public actors."
Discovering an equilibrium between privacy preservation and efficiency is vital. For now, it seems, the Apple-Google tool is managing to strike this balance—whether the world's governments like it or not.
