Privacy

UK Rejects Apple-Google Contact Tracing Approach

The United Kingdom’s plans to launch a smartphone application to track potential COVID-19 infections won’t include Apple and Google.

The country’s National Health Service has designed its own mobile software to do contact tracing of people exposed to the coronavirus, the BBC reported Monday.

The NHS reportedly found that its own tech, which runs in the background on Apple’s iPhone, works “sufficiently well.”

One hangup with some contact tracing apps is that they work only when a phone is active and the app is running in the foreground, which can sap battery life.

The NHS app conserves battery life by waking up the software in the background when a phone encounters another phone running the app.

However, the Apple-Google engine may conserve even more power, because it doesn’t have to wake up link to another device running it.

Apple and Google earlier this month released APIs to help developers, including nation states, create contact tracing apps for the Exposure Notification system they’re collaborating on.

The companies plan to incorporate the system into future versions of their mobile operating systems, iOS and Android.

Centralization vs. Decentralization

With its app, the NHS chose a centralized model for its data collection and storage.

When the app senses another version of itself on a phone it makes note of it and sends the information to an NHS computer server. If someone using the program tests positive for COVID-19, that information is sent to the server, which then alerts every app user who had contact with the person of their exposure to the virus.

Apple and Google have set up a decentralized framework for their mobile contact tracing solution.

As with the NHS app, when phones running a tracing app are within proximity of each other, they exchange information in the form of a key code. Users let the app know when they become infected.

The app then updates an online database with the codes of the contacts of the infected person. That database is downloaded to phones periodically so users of the app are kept current about whether they’ve been exposed to the virus.

Apple and Google say their decentralized method preserves an individual’s privacy better than a centralized method. They contend that the method makes it more difficult for a hacker or the state to track individuals and their social interactions, because data is stored on their phone and doesn’t leave it without the owner’s permission.

The NHS contends that by centralizing the data, it can obtain more insight into the spread of COVID-19, which can help it further refine its app.

Dynamic Tension

There is a tension between the NHS and Apple-Google camps, noted Alain B. Labrique, director of Johns Hopkins University’s Global mHealth Initiative in Baltimore, Maryland.

The tension is between a centralized data repository controlled by the government and a system that makes data available only to individuals.

“When data is only available to individuals, it takes away the potential for abuse,” Labrique told TechNewsWorld.

“In many countries there’s a popular concern about giving government granular access to not just where you’ve been but who you’ve been in contact with and for how long,” he said.

Protecting that kind of data during a pandemic comes with some disadvantages.

“As a public health authority, the more information I have about contacts, the more capability I have to address the pandemic effectively,” Labrique explained.

Not all countries are going the centralized route. Switzerland, Estonia, and Austria’s Red Cross have endorsed decentralization, as has Germany, after considering a centralized approach.

“Countries that are accepting the decentralized approach are also accepting a tradeoff,” Labrique said. “They’re willing to sacrifice some level of control in order to get another tool out there that people can use to fight back against coronavirus.”

Location Protection

The centralized approach adopted by the NHS has the potential for abuse, even though data collected by the program may be anonymized, said Omer Tene, chief knowledge officer of the International Association of Privacy Professionals in Portsmouth, New Hampshire.

“In a big data context such as this, even anonymized information can be attributed back to individuals, sometimes through crossing with other available databases,” he told TechNewsWorld.

“Under the Apple-Google approach, as well as a solution by a group of European scientists known as ‘DP-3T,’ there is no central database and instead data is stored on users’ devices,” Tene noted.

Both the NHS and the Apple-Google solution employ Bluetooth technology rather than collecting geolocation data, he pointed out. [*Correction – May 5, 2020]

“Location data can be incredibly revealing and sensitive, showing where people live, work, which doctors they go to, who they associate with, and so forth,” Tene continued. “For contact tracing, location is not needed as it’s enough that two individuals were close to each other … for one of them to pass the virus on to the other.”

More Nations Adopting Apps

Smartphone contact tracing apps have been rolled out in a number of countries, including China, Israel and Singapore.

Australia released its contact tracing app on Sunday. Within hours of its release, more than a million Aussies had downloaded the app.

The software, which is based on a similar program used in Singapore, uses Bluetooth wireless technology to gather data from other phones running the app when it comes within 1.5 meters (4.2 feet) of them. When someone with a phone running the software is diagnosed with COVID-19, all users of the app who had contact with the infected user for 15 minutes or more receive an alert telling them they’ve been exposed to the virus.

Only state health authorities will be able to access the data gathered by the app. Not even law enforcement officers with a court order will be able to access the data. What’s more, data will be erased from the phone every 21 days, or if the app is removed from the device.

In order for the app to be effective, it’s estimated that 40 percent of the country’s population must use it.

“The main problem is that contact tracing apps are only effective if broadly adopted and standardized,” Tene said.

“For example, Singapore’s TraceTogether app was downloaded by just 13 percent of the population, meaning that in any interaction between two random passersby there’s only a 1 percent chance they both use the app,” he said. “Obviously that’s insufficient to allow people to have confidence that their encounter with a patient will be flagged.”

*ECT News Network editor’s note – May 5, 2020: Our original published version of this story stated the following: “The NHS app has an edge over the Apple-Google solution when it comes to protecting location data, he (Tene) continued. ‘The NHS app is based on Bluetooth proximity tracking as opposed to GPS or cellular location. That is a much more privacy friendly approach, since it doesn’t require collection of geolocation data,’ Tene explained.” Following publication of our story, Tene offered this clarification: “Deploying a BT based solution is a strength of the NHS app and not a relative strength compared to the Apple-Google solution because that too is Bluetooth based.”

John P. Mello Jr.

John P. Mello Jr. has been an ECT News Network reporter since 2003. His areas of focus include cybersecurity, IT issues, privacy, e-commerce, social media, artificial intelligence, big data and consumer electronics. He has written and edited for numerous publications, including the Boston Business Journal, the Boston Phoenix, Megapixel.Net and Government Security News. Email John.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by John P. Mello Jr.
More in Privacy

What's your outlook for the business climate in 2025?
Loading ... Loading ...

Technewsworld Channels