June 10, 2020 - The last few weeks have seen caution and uncertainty as areas around the globe move to lift coronavirus-related lockdown restrictions. Restrictions have varied between regions, and reopening measures are carefully crafted to include safety measure meant to reduce the risk of infection. For example, many grocery stores require a face mask upon entering and only allow a certain capacity of customers inside at any given time. (The CDC website has general information for the United States, and your local government can provide region specific information)

Even with these measures in place, the risk of infection is not decreased to zero. Experts have stated that managing the spread of the virus before we have a vaccine needs to involve identifying infected individuals, identifying who they have come in to contact with, and ensuring that they stay isolated until they are no longer contagious.

Contact Tracing

The current method of identifying who infected individuals have come in to contact with is called contact tracing and is done manually. That is, a government or healthcare staff member interviews the infected individual, taking note of all contacts that the individual recalls, and contacting those people to notify them of a potential exposure.

The prominent concerns that arise from this methodology include:

  • What if someone doesn’t remember all of the contacts that they had?
  • With an outbreak as large as COVID-19, is this manual process scalable as is?
  • What is the delay between diagnosis and the notification of potential exposure?

How about going digital?

These concerns can be addressed by automating the process, where an individual does not need to remember every person who they come into contact with… technology will do that for them. And a manual contact-tracer does not need to call each individual who has potentially been exposed… technology will alert those people for them. This solution has been called digital contact tracing, and the apps that implement it are often called exposure notification apps. This automated solution could complement manual contact tracing and mitigate some of the scalability concerns.

How does it work?

User’s will download the app to their smartphone. Once launched, the smartphone will send Bluetooth beacon messages to nearby devices (i.e. close enough to potentially cause exposure). Each device will also record the anonymous values they observed (i.e. the values from people they’ve had exposure to). In the event that someone is positively diagnosed with COVID-19, a public health authority will provide a key that allows the person to report their diagnosis in the app. Periodically, each device will download the list of positive infections and check to see if they observed any of the same identifiers. If so, they may have been exposed.

Is this safe?

We have all seen examples of technologies infringing on user privacy, so it is an important question to have at the top of our minds. Fortunately, industry-leading cryptographers, security experts, and public health experts have been involved in privacy-preserving exposure notification initiatives from the start.

Note: importantly, it is possible to implement an exposure notification solution without protecting the privacy of the user. Check this tracker to see which apps do protect the privacy of their users.

Low Level Technology

At the lowest level, cryptographers designed the protocol which devices use to communicate to preserve privacy. This means that the Bluetooth beacons sent out are anonymous (not-identifiable), they are not traceable to the device which beaconed them, they don’t share any personal data, and they don’t share location. This is the foundational element, however using a privacy-preserving protocol is not the only piece of the puzzle. If the user interface asks personal questions for example, that would mean a breach of privacy even though a safe protocol was chosen.

Application Features

This is why it is important to make sure that privacy is addressed at the application level as well. For many of the privacy-preserving apps, the user is (typically) able to opt-in, deciding when to report their infection and when to participate in the ecosystem. No account creation or personal information is required to sign up or to start using the app. Location data is not collected via GPS, though some apps may be linked to specific countries or regions (this is reasonable - the public health agency has to sponsor the app, so coarse location information such as country will be known. However).

Operations

At the operational level, only non-identifiable information is stored and processed by the servers. Apple and Google have agreed to sunset (stop technical support) for technology once the crisis has been managed. The two tech companies also place restrictions on any apps implementing this technology entering the app stores. The apps are not allowed to ask for certain (over-reaching) permissions from devices, they must be partnered with an official public health agency, and they must use Apple and Google’s privacy-preserving protocol APIs (rather than another protocol which Apple and Google may not have vetted for privacy and security).

Organizations

The TCN Coalition is a global team of technologists, public health experts, and privacy advocates. The group’s mission is to support organizations in developing privacy-first apps that have the trust of the public. They advocate for the privacy concerns of users by connecting experts, guiding groups through implementation, and providing feedback and advising to congressional proposals. Crimson Vista’s Ellie Daw has been leading one of the working groups in the TCN Coalition, knowing that groups like this can be the bridge between citizen privacy, technology teams, and policy. As new issues come about in the digital contact tracing development movement, the TCN Coalition continues to hold priorities and advise organizations toward privacy-preserving choices.

Legislation

In the United States, congress members have proposed legislation to ensure privacy for citizens, realizing that digital contact tracing solutions can be beneficial in helping to manage the spread of COVID-19 and navigating lockdown restrictions. Such legislation will prevent mis-use of the technologies, impose requirements so only legitimate apps are deployed, and protect the privacy of citizens by ensuring only certain data is collected in certain ways.

In conclusion?

Navigating the coronavirus crisis has been a challenge in many ways, and in order to continue to manage the spread we need to scale contact tracing abilities considerably. Digital solutions can help the effort to scale these processes, but in order for user’s to feel comfortable using them, they must preserve privacy. The good news is that we have many of the puzzle pieces required to realize this vision, from low level technologies to high level feature development and even legislation.

If you have further questions about this technology, please see our projects page on privacy-preserving exposure notification, contact us!