Comment Britain is falling asleep in another coronavirus disaster by not listening to global consensus and expert analysis with the release of the NHS COVID-19 contact tracking application.
On Monday, the British government explained in depth and in clearly written language how its iOS and Android smartphone app – being tested on the Isle of Wight – will work, and why it's a better solution for one by Apple and Google that other nations have decided to adopt. He also published a more technical explanation.
Unfortunately for people in the UK, although the explanation is consistent, calm, well reasoned and plausible, it is likely to be a repeat of the disastrous “collective immunity” policy which the government originally supported as a way to explain why he didn't do it. need to get into a national lock. This policy was also well motivated and well explained by a small number of very competent doctors and scientists who were just wrong.
Here's what's going on: there are basically two types of coronavirus contact tracking applications; those that are centralized and those that are decentralized. The first takes data from people's phones and stores it on a central system where experts are reliable to make the best use of the data, including providing advice to people as needed.
The second decentralized approach, as outlined by Apple and Google, gives users better control over their information and automatically alerts them without third party intervention. Apple and Google also banned applications that use their decentralized and anonymized API access location services to track and identify people, despite the pressure to do so. And they said they would only allow one app per country or state in the United States.
Both types use Bluetooth to detect other nearby phones also running the software. So when someone catches the coronavirus, people can be alerted if their phone is within 6 feet of that patient's phone for more than a few minutes.
Leave it to us
In his post, the National Cyber Security Center (NCSC) technical director, Dr. Ian Levy, explained in convincing terms why allowing health care experts to access all data is a good idea to push back the virus.
“The health authority can use risk modeling to decide which contacts are most at risk and then advise them to take action,” he noted, adding: “It is important to note that the health authority public health has anonymous data to help it understand how the disease appears. to broadcast, and has anonymous contact graphs to perform an analysis.
“Thus, the health authority could discover that a particular anonymous person seems to infect people very well. Although the system does not know who they are, dating them could be considered more risky and adjusting the risk of someone being infected by a particular dating appropriately. “
Data from the British contact search app COVID-19 could be kept for ‘research' after the crisis ends, MEPs said.
He used two famous epidemiological stories to prove the point: typhoid Mary and John Snow. Mary Mallon was a cook in New York in the early 1900s. She suffered from typhoid fever but showed no signs of it and eventually infected a number of households that were otherwise separated from the general population. No one could understand why they got sick until someone understood that Mary was the link.
Likewise, John Snow traced the source of a cholera epidemic in London in the 1850s to a water pump on Broadwick Street in Soho and removed it by removing the handle, although further research suggests that the epidemic was already ending at that time. . There is, incidentally, a plate and a pump in the same place, and the John Snow pub opposite where this journalist spent many happy hours.
The argument is that if the decentralized Apple-Google model protects people's privacy, it leaves the authorities blind. It puts a public health disaster beyond the reach of those who can help the most by analyzing the population. Meanwhile, the nuance of the centralized NHS method, where people's data is collected and analyzed together, is almost self-explanatory: we all know how important confidentiality is, but let's leave that to the experts, don't we? ? Ditch some data and save lives. Let’s not be too European about this.
So, uh, a problem …
But there's a problem with the NHS approach: it probably won't work very well on your phone and probably won't be terribly accurate at measuring the spread of the virus.
This is because the proposed system will only work as the British government claims if everyone does what they say: a classic failure of Whitehall's mindset that goes back to the trenches of the First World War and even further back in the days of big houses. and the men who knew better.
Despite what the NCSC has continued to imply, the application will not work, as it stands, on iOS or Android since version 8. The operating systems will not allow the tracking application to disseminate its ID via Bluetooth to surrounding devices when it is running in the background and is not actively used. Apple IOS prohibited and new versions of Google Android limit minutes after the app drops to the background.
This means that unless people have the NHS app running in the foreground and their phones wake up most of the time, the basic principle behind the whole system – that phones detect each other – does not will not work.
It will work if people open the app and leave it open and the phone unlocked. But if you close it and forget to reopen it, or if the phone falls asleep, the application will not broadcast its ID and no other phone around you will record that you have been nearby. There is even a practical video from someone in Australia who shows it (Australia has opted for a similar system with its COVIDSafe app.)
Because people seem interested, here is a video of the failure of the COVIDSafe app on the iPhone. It is literally impossible to broadcast the UUID necessary for the application to work without the screen on and the application in the foreground. pic.twitter.com/X5lpyeKL1A
– Joshua Byrd (@phocks) May 1, 2020
We can't say it any more clearly: on iPhones, apps unable to send their identifiers via Bluetooth when the software is in the background, and on new versions of Android, the identifiers cannot be transmitted after a few minutes in the background. And Apple and Google have refused to authorize the tracing application to send credentials in the background.
The NHS insisted that its engineers work around this problem “good enough“by waking the application after it is detected running on a nearby phone emitting an identifier: the software is prevented from sending its identifier when it is in the background, but it can listen passively to identifiers of the applications still authorized to broadcast. However, this assumes that there are a sufficient number of phones running the tracking application nearby which always broadcast to keep enough applications of people awake: there must be a critical mass d users when we are all supposed to be socially distant. If two or more people cross paths and their applications have stopped broadcasting, the software will never know that they have come into contact.
And it could be a battery hog, which can cause people to stop the app, preventing the app on other phones from waking up.
What Levy doesn't say is that he – and the NCSC and the British government – assume that when people move, and are therefore close to each other, they are probably on their phone or have recently opened the application. It is an assumption that they have no choice but to do otherwise because they do not get the data. On the other hand, the Apple-Google solution followed by Germany, Austria, Switzerland and Ireland, among others, will make it possible to permanently record the identifiers of the phones in the background, due to their integration into the operating system. be more precise and more respectful of the battery life.
The other big problem with the UK approach is that, although it insists that it will keep the data private and that the location data will not be stored or attached to individuals, the truth is that it does not will work as promised only if this data is not kept private and located. data is stored and attached to individuals.
Levy tried several times to circle this circle, which led to ridiculous claims. He boldly stated in the chips that the app “doesn't have personal information about you, it doesn't collect your location and the design works hard to make sure you can't determine who became symptomatic”, and that “it only contains anonymous data and communicates with other NHS systems through confidentiality gateways.”
But what is literally the first thing the app does when you install and open it? It asks for your postal code and registers the exact brand of your phone.
Levy explained that a “large random number” is also generated, which is related to copying the contact finder application to your phone. This 128-bit ID is what the application on a phone exchanges via Bluetooth with itself on a nearby phone when they arrive in range. This exchange includes when exactly the identifiers were encountered, how long the phones were close to each other and the signal strength, allowing the distance to be calculated. This is the data that is ultimately shared with the NHS, whenever you want.
The data exchanged is also encrypted so that the NHS can decrypt it but not other users. We understand that these identification numbers are generated on the server side and constitute the unique fingerprints of users in the centralized system.
Levy also noted that “currently” only “the first part of your zip code” is taken and stored “primarily for NHS resource planning.” He continues: “Nothing identifying and no personal data is taken from the device or the user.”
Does it matter?
Presumably, the purpose of this type of explanation is to comfort the vast majority of Britons who do not understand how the entire Internet economy works by connecting large databases.
As long as you can rely on only one piece of data per user – like a “random big number” – everything else can be logged. And if you also have a postal code, it becomes 100 times easier. Have you ever heard of Facebook? It is worth billions only because it is able to connect the dots between the datasets.
Indeed, it may be possible to determine who associates with whom from the application identification numbers. Keep in mind that the Apple-Google decentralized approach produces new identification numbers for each user every day, which prevents identification, in particular with the prohibition of location tracking.
Levy also ignored the fact that as soon as someone agrees to share their information with the UK government – claiming to feel unwell and pressing a big green button – 28 days of application data is transmitted to a central server from where they can never be retrieved. This data, containing all of the unique identifiers you encountered during this period and when and how far you were, becomes the property of the NCSC – as was its executive director Matthew Gould. forced to admit to deputies Monday. Gould also admitted that the data will not be deleted, UK citizens will not have the right to request its deletion, and that it may or will be used for “research” purposes in the future.
And then there is the sizeable problem that any approach can violate privacy and human rights laws, anyway, as a law firm has pointed out. informed:
Oh yes, and “the British government's announcements for the sharing of health data between the private and public sectors seem to be wrong. This means that such data sharing is potentially not in accordance with legal requirements.”
Take it out
What Gould and Levy don't admit is that they expect the vast majority of UK citizens to opt in, download the app, and share their data anyway, no matter what, for the sake of civic duty.
As long as they can overcome the objections and fend off the critics and launch the application, they will get what they honestly believe is a better end result for the country because the data will be in the hands of the experts. And they could – could – be right. But they could also be completely wrong.
At the heart of this UK decision to build on the belief that a central authority is going to be a better solution, whatever the trade-offs, is that central planning will work better for COVID-19.
But will he do it? So far, the clear evidence is that better population control has been more successful in stopping the spread of the coronavirus than a more relaxed attitude. as a result the most affected countries in the world.
But does population control work beyond locking? When the economy is open, will a centralized approach where hotspots can be identified and addressed from a command post be more effective than a decentralized approach where individuals are left to decide for themselves ?
We may find out. Although if people can't be persuaded to download the app in the first place because they don't want their data to float on government servers for the next 100 years, then the question is moot anyway. The government continues to play a giant chicken game with our lives. ®
Office 365 client-to-client migration tips