|Apple and Google pledged to shut down its coronavirus contact-tracing tool after the pandemic is contained to address privacy concerns. / Photo by r.classen via Shutterstock|
Apple and Google pledged to shut down its coronavirus contact-tracing tool after the pandemic is contained to address privacy concerns, American tech news site The Verge reports.
The plan to shut down the contact-tracing system
The two tech giants have launched the contact-tracing system in a joint effort to help the governments and health agencies reduce the spread of Covid-19 using the users’ Bluetooth technology. Central to the design of their technology are security and privacy.
A representative from Apple said that the changes in their proposal were made after both companies received feedback about how the technology may be improved and about its specifications. In line with this, representatives from both Apple and Google pledged to disable the service once the virus has been sufficiently contained although it remains unclear how health authorities will come up with such a determination.
Even the engineers who worked on the contact-tracing technology also stated that the application programming interface (API), which comprises a set of procedures and functions in the creation of the app, was not designed to be maintained indefinitely.
Old vs. new encryption specification
Encryption is a code used to hide the content of data and is a fundamental tool to keep users safe online. It is a set of procedures used to encrypt and decrypt messages to avoid the risk of someone intercepting the message or data in the middle before it reaches the database or receiver.
During the contact-tracing app’s initial release, daily tracing keys are used and connected to the central database whenever a user reports their positive diagnosis. But some changes have been introduced since then to ease privacy concerns. For instance, the tracking keys will now be randomly generated under the new encryption specification instead of being mathematically obtained from the user’s private key. The daily key is now called the “temporary tracing key” and the long-term tracing key is no longer found in the new encryption specification.
Certain protections were also established around the metadata under the new encryption specification. Aside from the random codes, gadgets used will broadcast which version of the tool is running and their base power level, which is often used in calculating the proximity of the device. Engineers designed the new system in a way that the encrypted data cannot be decoded while it is in transit.
Exposure notification system
Apple and Google have also changed the name of the project. Instead of calling it a contact-tracing system, they prefer to call it an exposure notification system after the changes to the encryption specification were done. The tech giants said that the name change shows that the system can be used to broaden the contact-tracing efforts by the health authorities.
The exposure notification framework has two user roles: affected user and potentially exposed user. In the first framework, when a user is suspected or confirmed diagnosis of Covid-19, the framework will identify the user as “affected” and then share the diagnosis keys to inform the other users of their potential exposure. In the second user role called potentially exposed user, the framework determines whether the temporary exposure keys that are observed by the user are indicative of a positive Covid-19 diagnosis. If so, then the app will retrieve more information, including the duration and data from the framework. The app cannot, however, do the sophisticated work of determining the clusters of infection and interviewing the subjects.
The new encryption specification changes, though, do not answer how the health authorities will verify the positive diagnoses to prevent false positives and trolls in the system. Engineers explained that they deemed it best if local authorities have the respective verification systems that they can align with their exposure notification system.
It also remains a lingering question whether the project will be used by public health agencies. The two tech firms gave no further details on their partnership but said they had discussed the system with stakeholders, including the public health agencies.
|The UK app designer NHSX, who is also the digital arm of NHS, said that privacy has already been built into the app. / Photo by No-Mad via Shutterstock|
The UK released its contact-tracing app
UK’s publicly funded healthcare system National Health Service has shunned Apple and Google’s decentralized app and rolled out an app to track the spread of Covid-19 in Britain. Business news platform CNBC reported that local government and healthcare workers in Britain have already trialed the NHS app. It also uses low-energy Bluetooth signals to create a log of NHS app users who have been in proximity to each other and records whenever someone develops a cough, fever, or both so other users will be alerted.
Privacy campaigners in the UK mentioned that the Apple and Google model app protects users’ privacy and limits how much information the authorities can see but this is not the case with the app introduced by the NHS, which allows authorities to access all data and change it whenever they see fit.
The UK app designer NHSX, who is also the digital arm of NHS, said that privacy has already been built into the app. For example, the users’ postcode will be the sole personal data stored by the app. The rest, users will have to opt-in should they wish to share their location data. NHSX’s chief executive Matthew Gould said he could not provide the definitive list, though, of who would be able to access the data.
Health and fitness apps
As of March 2020, there are other health and fitness apps downloaded from the Google Play Store worldwide. The Home Workout – No Equipment app was downloaded approximately 2.6 million times to mobile devices worldwide. Coronavirus – SUS app was downloaded 2.17 million times, Samsung Health 1.81 million times, and Lose Weight App for Women - Workout at Home 1.61 million times, according to database company Statista.
On the other hand, the most downloaded apps on the Apple app store in France after the coronavirus outbreak are Plato with 201.8 thousand downloads during confinement, Zoom Cloud Meetings 166.3 thousand, Houseparty 106.5 thousand, TikTok 93 thousand, and Skype 66.3 thousand. The survey period was between March 27 to April 3, 2020.
In the fight against the pandemic, an important epidemiological goal should be to determine and break the chains of infection the soonest time possible. Using an app to achieve this goal requires the app to be voluntary and guarantee a high level of IT security while meeting data protection standards.