Regardless of the approach taken, experts have reiterated the need to ensure citizens’ privacy is at the forefront of development plans

Split opens up in Europe on privacy control for Covid-19 contact-tracing apps

ANALYSIS A sharp divide has emerged among European countries about how to safeguard privacy in developing Covid-19 contact-tracing apps.

Switzerland, Austria, Estonia, and most recently Germany have opted for a decentralized approach preferred by privacy activists, while France and the UK have adopted a centralized approach.

Smartphone-based contact-tracing apps offer a mechanism to alert individuals who may have been in contact with someone who subsequently develops symptoms or tests positive for Covid-19.

The technology is viewed as a tool that could allow governments to safely ease the population-wide lockdowns that are currently in place across much of the continent.

Privacy by design

Various competing frameworks for building contact-tracing apps have been developed.

Some security experts have questioned the effectiveness of the whole approach, expressing concerns about the likely uptake and reliability of the technology.

Likewise, scientists who do see merit in the approach to addressing an urgent public health need have nonetheless called for apps to be “privacy preserving by design”.

COMMENT Coronavirus contact-tracing apps are worse than useless – Schneier

Privacy concerns have been expressed about systems that track the geographical location of mobile users (a system in place in Israel) or apps that rely on a centralized architecture.

Less intrusive, decentralized alternatives make use of Bluetooth signals to log an app user’s proximity to other devices that have the software installed.

Earlier this month, Google and Apple announced the development of an API to support Bluetooth-based apps for contact tracing and based on a decentralized architecture. Contact-matching happens locally on phones.

Germany’s Health Minister Jens Spahn announced on Sunday (April 26) that the country would switch and adopt a “decentralized” approach to digital contact tracing, Reuters reports.

The decentralized approach backed by Apple/Google and adopted by Germany means that Bluetooth ‘handshakes’ between mobile devices are logged on individual devices rather than on a central system.

Users could voluntarily share their phone number and details of their medical symptoms while omitting functionality which would allow tracking.

World governments are taking different approaches to contact-tracing app development

The decentralized approach also offers practical advantages. Thanks to Google and Apple’s native support, decentralized contract-tracing apps could run in the background, reducing the drain on a mobile device’s battery.

The UK, by contrast, is going for a more centralized model rather than the Google/Apple approach.

The Daily Swig is reliably informed that NHSX has a team building its own app, rather than endorsing any other product.

Experts from the UK’s National Cyber Security Centre are advising NHSX to help build the app, which is expected to begin trials within around two or three weeks.

Matthew Gould, chief executive of NHSX, the health service’s digital innovation unit, appeared before the Commons Science and Technology Committee Select Committee on Tuesday (April 28) to outline its approach.

An earlier blog post by NHSX provides further background on the technical choices under consideration.

France has also adopted a centralized approach for development of its contract-tracing app, running foul of rules by Apple that mean apps that rely on Bluetooth are only allowed to run in the background if they don’t upload data from devices.

Social graph

Both the UK and French approach to contact tracing centrally records the de-anonymized ID of someone who is infected, as well as the IDs of all those with whom the infected person has been in contact.

Privacy advocates worry that this facility would enable – through mission creep – a form of surveillance.

The surveillance risk arises because the technology creates a ‘social graph’ of who someone has physically met over a period of time.

The fear is that given access to the social graph, a bad actor (state, private sector organization, or hacker) could spy on citizens’ real-world activities.

Earlier this week, the Council of Europe warned about the possible side effects of digital contact tracing applications in the prevention of the Covid-19 pandemic.

The international organization called for safeguards against the privacy risks posed by contact-tracing apps.

“Strict legal and technical safeguards would need to be in place to mitigate the risks to the protection of personal data and privacy,” according to the Council of Europe.

“If these applications are deployed, it should be for a limited duration only and solely on a voluntary basis.”

It added: “These applications should include specificities ‘by design’ to prevent or minimize risks, e.g. to ensure that location data of individuals are not used, that no direct identification is possible or that re-identification is prevented.”

RELATED Scientists lobby government to build privacy into coronavirus contact-tracing apps