Contact Tracing and Privacy

To be sure, contact tracing for infectious diseases is not new. This practice is vital for combating contagious viruses and has been around for a very long time, so why the controversy about it now?

In bygone eras, if you were afflicted with an infectious disease, you would likely sit down with your doctor and discuss who you have recently been in contact with. This method, as you can imagine, is only what we might call rough order of magnitude contact tracing since it is dependant on your being able to recall and identify those that you may have infected. 

In today’s world, we have at our disposal all the tools and technology needed to conduct medical contact tracing at a much more granular level. Using the technology already baked into our cell phones, it is possible to identify nearly everyone with whom you have been in close proximity. You don’t need to know them nor remember them; your phone will do that for you. 

This technological capability proffers significant benefits in fighting infectious diseases. You could be notified, via a cell phone app, that you have been in proximity to someone that has later be diagnosed as positive for the disease. You could then take the appropriate precautions and seek medical advice. 

But what about your privacy and the privacy of those with whom you have come in contact?

With good reason, nearly everyone grows a little anxious at the thought of having data about their location and movements tracked and stored. Big tech and big government would find it almost impossible to resist the urge to use this data for purposes other than what it is intended and without our knowledge and consent, if possible. 

This is precisely where we find ourselves at this moment. We have an urgent need to implement widespread contact tracing to stop the progress of COVID-19, and we have the technology to do so. We are at an impasse, however, unless we can solve the privacy issue.

The good news is that a suitable solution is being developed and should be ready for primetime very soon. 

To better understand the privacy issues that are relevant to contact tracing, Brilliance Security Magazine spoke with Professor Nigel Smart co-founder of Unbound Technology, a company specializing in mitigating cryptographic risks by deploying distributed cryptographic solutions. 

Unless you watch privacy issues closely, you are likely unaware of a dramatic struggle that has been taking place between two competing contact tracing ideologies. One side promoting a centralized method and the other a decentralized system. In the end, the issue comes down to privacy.

This drama has unfolded mostly in Europe with competing claims of which countries are on board with each of the two competing platforms. In one corner, we have a German-led initiative, called Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT), promoting the more centralized approach. In the other corner sits the privacy-first competitor, Decentralizing Privacy-Preserving Proximity Tracing (DP-3T).

Professor Smart explained that both of these platforms are built to utilize the Bluetooth capabilities of cell phones. In each scenario, your cell phone exchanges a bit of data with people that you come in contact with. This data is logged on your phone.

With the PEPP-PT centralized platform, the data collected about the phones you have been in proximity to is, if you become sick, transmitted to a central system. This central system then, based on specific criteria, decides who is in danger of having been infected and sends them a warning message.

From a privacy perspective, the rub here is that the centralized system knows who you have been near and when. It is easy to imagine many use cases where the existence of this data could be a threat to individuals.

With the DP-3T decentralized method, once a person has been diagnosed positive for the disease, they activate their app to send data about what phones they have been near to a server managed by their healthcare provider. Other users of the app can automatically and periodically compare their own logged data against the data uploaded by known infected persons to see if there are any matches. This does not disclose their movements and the comparison is made on their phones. 

In this case, only the logged data of infected persons ever leaves their phone, and it does so in a manner that prevents them from being identified by anyone outside of their health system who, presumably, already knows who they are. 

At this point in the ideological struggle, it is sufficient to say that PEPP-PT sprang to the center of the ring first and gained a headstart. It appears that several countries implemented this solution. But within the last two weeks, the tides have turned, and every indication is that the decentralized technology promoted by DP-3T will be the ultimate winner. 

The turning point was the alignment of Google and Apple (affectionately called Goople) behind the decentralized method of contact tracing. It would seem that bringing out these two big guns has decided the bout. This TKO is good news for privacy advocates. 

Goople has decided that DP-3T is the way to go, and without their support, PEPP-PT is left with the necessity of requiring cell phones remain unlocked for apps based on this technology to work. 

Google and Apple are likely to come up with their own flavor of privacy-first contact tracing. In the US, there is the additional complication posed by a disparate medical healthcare provider system, unlike many European countries where there is only one option. 

Undoubtedly those that are hyper-concerned about privacy will find even the privacy-first solution unacceptable, but with the proper controls, this solution is our best bet for large-scale contact tracing.

The following infographics give additional details to how the DP-3T platform provides contact tracing.

Steven Bowcut is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Instagram, and LinkedIn.

Below is an informative one-page comic that presents the high-level relevant points about how Privacy-first Contract Tracing works.

Here is a 19 page comic PDF that gives more detail about Privacy-first Contact Tracing