Tag Archives: NHS

Android, Contributed, Editorial, Health, iOS, Mobile

Is Privacy Our Sole Concern With Contact Tracing Technology?

Leave a comment

This week the Guardian reported an alleged ‘standoff’ between the NHSX (the digital innovation arm of the NHS) and tech giants Google and Apple regarding the deployment of contact tracing technology aimed at curbing the spread of the Covid-19 virus. The debate is on two predominant issues; first, the base technology to be used and second, how the data will be stored.

Sidestepping the first issue which sees Google and Apple aiming to implement their feature directly on a device’s operating system while the NHSX version requires a downloadable dedicated application, this article will focus on the issue of privacy arising from the second issue.

In essence, Apple and Google have insisted that if there is to be any collaboration between the NHSX and them for the purposes of contact tracing the storage of all data will have to be decentralised. The NHSX, on the other hand, is pushing for centralised storage of data.

What’s the difference?

Before deciding on one system or another, it’s best to understand the basics of the distinction between these systems.

A centralised system has a single storage point and controller of the data collected. The central controller of the data may grant access to other users but remains ultimately responsible for the system as a whole. A centralized system is relatively easy to set up and can be developed quickly. Such a system is very useful where continuous modifications to the parameters of the system are expected or where the use of the data needs to be adapted for different purposes.

In contrast, a decentralised system has multiple controllers of data all of whom collect and store copies of the data on their respective systems. This system allows for quicker access to data and less risk of downtime as a fault with one controller will not necessarily affect the others.

The third form known as a distributed system in which there is no single central owner at all and instead gives collective ownership and control to each user on the network is unlikely to be used by either party.

Each system has its advantages and disadvantages and to make a decision between a centralised and a decentralised system the NHS and the tech giants will need to take into consideration a range of issues including:-

  1. The overall effectiveness of the technology;
  2. The adaptability of the system to the shifting demands of research;
  3. The cost of deployment and maintenance;
  4. Whether or not the system is a security risk for the user;
  5. Whether there are compliance concerns.

Why is a decentralised system so important?

Google and Apple have been clear that the reason for a proposed decentralised system is to avoid the risk of mass government surveillance presently or in the future. This is a genuine concern as the data being collected will be directly related to a user’s location and medical history. Although not absent from criticism, this position is the preferred option and has been supported by academics and numerous civil rights groups including the Electronic Frontier Foundation and the American Civil Liberties Union. 

Still, the European position is split with the seven governments supporting the project known as the Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) which proposes a centralised repository of data and a growing following for the Decentralised Privacy-Preserving Proximity Tracing (DP-3T) advocating a decentralised system.

The NHS itself may not be intent on surveillance however being publicly funded draws immediate speculation to its government links. In addition, both the NHS and the UK government have had a poor record of handling large scale IT projects such as the failed £11bn National Programme for IT, scrapped in 2011 and the plans for a paperless NHS by 2018 which could not even take off.

What about the NHS position?

Unfortunately, the focus on privacy risks coupled with the NHS’s bad track record in the field of technology projects have detracted from the core issue at hand – What does the NHS need right now to curb the spread of the Covid-19 virus?

Ross Anderson, an advisor to the NHS on its contact tracing application highlighted the problem with a decentralised system:-

…on the systems front, decentralised systems are all very nice in theory but are a complete pain in practice as they’re too hard to update. We’re still using Internet infrastructure from 30 years ago (BGP, DNS, SMTP…) because it’s just too hard to change… Relying on cryptography tends to make things even more complex, fragile and hard to change. In the pandemic, the public health folks may have to tweak all sorts of parameters weekly or even daily. You can’t do that with apps on 169 different types of phone and with peer-to-peer communications.

(https://www.lightbluetouchpaper.org/2020/04/12/contact-tracing-in-the-real-world/)

The Covid-19 virus took approximately 2 months to infect 100,000 UK residents and the spread has shown few signs of a slowing infection rate. Time is critical in this situation and correspondingly, flexibility in adapting to the constantly changing nature of the infection is a necessity. Decentralised systems do not allow for rapid evolution.

In addition, we should consider that unlike centralised systems, decentralised systems are often unencrypted. While trying to prevent a government from carrying out surveillance, the Google and Apple system may inadvertently open itself up to more security problems than expected. In fact, they have themselves admitted this risk stating that nothing is “unhackable”.     

As a second consideration, the API that Google and Apple will release will likely have strict limitations on the type of data that may be collected. For example, the NHS would not be able to gather a list of every person a user has been in contact with based on user proximity. Instead, it will utilise a more manual version of contact tracing involving sending every phone in the system a list of other phones that have been reported as contagious, and asking the user whether they have “seen this user” Such a system relies heavily on user verification which is often incorrect or simply disregarded.

Key location data which may be used for developing population flow maps and anticipating the further spread of the virus will likely not be made available under Google and Apple’s current proposal. It is also important to note that data from contact tracing could be used beyond the scope of curbing the spread of the virus i.e. for decisions on directing the flow of emergency aid, development of temporary healthcare facilities, deployment of healthcare equipment and personnel.   

What has been going on elsewhere?

Contrasting the UK’s situation, the Asian experience, having less stringent data protection regulations, have taken remarkably different approaches to Europe in general.

Hong Kong, for example, introduced the mandatory use of an electronic wristband connected to a smartphone application to enforce quarantine for arrivals from overseas. Users refusing to adopt this requirement are refused entry into the country.

South Korea won praise for both tracking and publishing data relating to affected person’s travel routes and affected areas, the data being collected through the government’s application as well as numerous independent applications. Residents also receive numerous location-based emergency messages and are not allowed to opt-out of this function.

China’s measures, which have come under considerable question, see a private entity collaboration through the Alipay Health Code. Citizens are given a ‘traffic light’ status that determines the restrictions that will be imposed on them. Although the exact basis for determining a person’s status is not known the status has widespread application including restriction of access to certain public facilities and payment systems.

Privacy concerns of these measures aside, all these countries have seen a considerable reduction in the spread of the Covid-19 virus. While it would be premature to suggest that this is solely attributable to the contact tracing measures implemented there is no doubt that the quick and extensive deployment of the technology has contributed to the battle against the virus’ spread which begs the question:

Is privacy getting in the way?

In 1890, Brandais and Wallace, pioneers of modern day privacy wrote:-

…To determine in advance of experience the exact line at which the dignity and convenience of the individual must yield to the demands of the public welfare or of private justice would be a difficult task…

The UK and indeed Europe are at this juncture and need to decide on the cost of the compromise as the death toll and infection rate continue to increase. History reminds us that the greatest privacy and surveillance violations occurred when the world was focused on a raging war and in fact it is times like this that we must be most vigilant about rights.    

Android, iOS, Mobile, News

Google & Apple at Odds with UK’s NHS over Contact Tracing

Leave a comment

Last week, two of the biggest tech companies, Google and Apple, announced that they would be working together to help address the COVID-19 pandemic. Specifically, the companies announced a cross-platform API that would allow for better contact tracing. The companies also mentioned that they would be working with government bodies, non-government organisations (NGOs) and other orgranisations to develop the APIs.

That effort may have just hit its first snag in the United Kingdom (UK). in report published by The Guardian, the NHSX, the digitization arm of the National Health Service (NHS), and Google and Apple are at an impasse. The main issue seems to be related to the way data is collected and access to the data. In their announcement, the two tech companies were adamant that the development of their API will keep user privacy intact. This would mean that the data that is collected in a decentralised way; limiting what data is visible and what can be done with it. The NHS, however, is looking to collect data with a centralised database.

While the two approaches seem to a menial issue when it comes to the bigger picture, a decentralised approach to collecting data will allow better user privacy by limiting who has access to the data. Essentially, this will keep the data within the same device. However, using the NHS’s approach of having a centralised database, the data can then be viewed in aggregate. It also means that data is continuously communicated over the internet which can lead to more security concerns.

That said, with the new APIs begin developed by Google and Apple for Android and iOS, these contact tracing applications would be able to run in a more power efficient way. With the current restrictions on the way device features are used on the operating systems, the NHS’s app would be rendered near useless as it would need to be “active” to be able to use features like Bluetooth. This would mean that the apps would, in essence, force devices to maintain an open Bluetooth connection to help do the contact tracing. The fact that the app would need to be active to effectively contact trace, introduces a potentially huge backdoor for hackers and malefactors to take advantage of. However, using the approach being used by the APIs, this wouldn’t happen. It would use operating system access to trigger the Bluetooth when needed.

It seems that the NHS was hoping that these limitations would be eased up on for contact tracing purposes. However, Apple and Google are adamant in maintaining their limitations. In fact, Google has gone on record to say that the limitations are being maintained to prevent the abuse of functionality; in particular for surveillance purposes. On the other hand, the limitations also pose a data collection conundrum for bodies like the NHS. The extra data that they get from their approach would allow tracking of population flows, “near misses” and even contacts from those who have opted to share their data.

Malaysia and Singaore have released their own contact tracing apps in the Apple App Store and Google Playstore. The MySejahtera app and TraceTogether respectively have been deployed by the governments in those countries to help with managing the spread of the SARS-CoV-2, the coronavirus causing the COVID-19 disease. However, the apps have seen limited adoption among the general public. The TraceTogether app is already known to use Bluetooth to Bluetooth communication to help with contact tracing. The data collected by the app is stored in a centralized server similar to how the NHS wants to implement its app. This could be one of the factors of the app’s limited adoption.