Contact tracing apps: Take the time, do it right
Concept seems a doddle yet proving to be anything but
Containing the spread of the novel coronavirus requires a way to quickly and accurately find people who might have been exposed to others who have tested positive for infection. If we can’t do that properly, it’s going to be much harder to return to a life less restricted as we risk further waves of infections.
That’s the contact tracing we’ve been hearing so much about. What better way to do it than having an app doing that for us, running on what most of us carry around much of the time, namely powerful smartphones?
At first glance, using smartphones for contact tracing seems a nobrainer. The devices are tied to individuals, can communicate with central servers and each other and are able to accurately record where people are at any given time.
Nevertheless, it’s better for now to temper expectations around contact tracing apps. As Prime Minister Jacinda Ardern noted on Monday, contact tracing apps aren’t silver bullets and we can’t rely on them entirely.
Contact tracing apps are in use elsewhere in the world, but Ardern is right: such apps are not an easy tech solution to a very complex problem.
To start with, since enforced installations of contact tracing apps isn’t a popular option outside repressive regimes, people have to be persuaded to install the apps on their devices in large enough numbers for them to be effective.
It boils down to trust. That allimportant trust is a fragile and complex thing with nuances that go beyond the obvious and understandable worries around erosion of people’s privacy, round the clock surveillance and concerns as to what will happen with the sensitive data collected from the devices.
Getting that right and navigating today’s strong, built-in smartphone privacy and security protections isn’t easy. This is especially so if there’s not the time to test tracing apps over several months as you would do in normal software development.
We can see some of that over in Australia where the Government and health authorities have released the Covidsafe app for Apple’s iOS and Android phones. It’s been a bumpy and confusing ride so far.
Covidsafe uses the Bluetooth wireless protocol to communicate when devices are within a metre and a half of each other for 15 minutes or longer. Using Bluetooth is the practical way to do this, but it also feels uneasy because the wireless protocol was not originally designed for privacy and has had many yawning security holes.
Back to the trust thing, the Aussie Government has yet to release the source code for Covidsafe. Without reviewing the code it was difficult to figure out if the app is as secure and privacy-preserving as promised.
No source code was no problem for several programmers who ripped into Covidsafe and verified that it is based on Singapore’s TraceTogether app, to the point that they use the same Bluetooth Low Energy station identifier.
The good news is that it looks like the Covidsafe app itself ticks the necessary privacy boxes. What remains a concern is the data collected by the app is stored on the Amazon Web Services cloud, meaning it could potentially be accessed by United States authorities under its bilateral agreements with Australia.
The Australian Government has denied that this can happen, and this week introduced legislation to strengthen the privacy provisions for Covidsafe to give people confidence in installing the app.
Unfortunately the Covidsafe app itself isn’t without problems. The Android variant seems to work fine but on Apple iPhones, Covidsafe isn’t a happy app. On iPhones, users complain that the app has to sit in the foreground with the device woken up or it won’t work properly, which could be due to a coding bug a programmer discovered.
Other Apple users say Covidsafe drains the battery fast, and it’s not clear that the iOS app can speak to its Android counterpart.
Diabetes Australia says it has had reports from users experiencing connection problems with their continuous glucose monitoring systems after installing Covidsafe.
While the issue is being investigated, Diabetes Australia is for now recommending that concerned users uninstall the app.
Perhaps more disappointing for the four or so million people who have downloaded Covidsafe, the app isn’t actually operational yet.
ABC reported that the information collected by the app won’t be passed on to contact tracers as the states and territories are still working out how the system will operate.
So yes, contact tracing apps are really difficult to get right. It should become easier soon however. Apple and Google are both finally coming to the party with their joint privacypreserving contact tracing effort which should sort out some of the abovementioned technical issues.
Apple and Google have written a new privacy-preserving Bluetooth protocol to use with the contact tracing and detecting which means data can be sent securely with strong encryption and without leaking unnecessary information that could be used to identify users.
There’s quite a bit to digest in the Google and Apple specs, but the focus is on giving contact tracing app users not just strong privacy and security, but control as well. People with the app installed can turn it off at any time, and Google and Apple can disable the exposure notification system on a regional basis when it’s no longer needed.
The system can measure the distance between devices via reading the Bluetooth signal strength, and also the amount of time the smartphones have been in contact with each other in five-minute increments, stopping at 30 minutes for privacy reasons.
Location information via GPS or other systems is not collected and sent to authorities and no, Apple and Google don’t get any user data from contact tracing apps to monetise.
Because Apple and Google are the totally dominant smartphone players, the specs which are based on input from Western privacy watchdogs and public health authorities will become the standard for developing contact tracing apps.
Don’t expect slick, bug-free apps based on the specs to appear in a hurry though. First, the specs are drafts currently, with final versions appearing sometime this month.
Second, only apps from public health authorities can be submitted to Google and Apple.
Authorities that can assemble the resources to build apps and submit them will be strictly vetted and tested to ensure they meet Google and Apple’s privacy and security requirements before popping up in their app stores . Which is good, but it takes time and might put off some governments that don’t share Apple and Google’s privacy stance.
There are no shortcuts here. Contact tracing apps will be helpful, but the Aussie experience shows it’s better to take the time to make sure that they work safely and well.