COVID19-Tracing/-Tracking App in Singapore under GPL-3.0

• Previous message (by thread): COVID19-Tracing/-Tracking App in Singapore under GPL-3.0
• Next message (by thread): COVID19-Tracing/-Tracking App in Singapore under GPL-3.0
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Friday 10. April 2020 22.09.06 Sebastian Silva wrote:
> Thanks for sharing!
> 
> I just passed it on to a government mailing list in my country (Peru).
> 
> I did a quick search and found an article by the Singaporean government
> explaining their logic, which I shared also.
> 
> <https://www.tech.gov.sg/media/technews/six-things-about-opentrace>

Some of the insights are interesting in various blog posts. For instance:

"Aside from the technical challenge, using location data for contact tracing 
also raises serious privacy and data security concerns. If users are hesitant 
to download the app for fear of inadvertently revealing their movements, its 
ability to link the dots would be greatly diminished."

https://www.tech.gov.sg/media/technews/tracetogether-behind-the-scenes-look-at-its-development-process

This is in agreement with the European Data Protection Board advice:

"Contact tracing apps do not require location tracking of individuals users. 
Their goal is not to follow the movements of individuals or to enforce 
prescriptions. [...] Collecting an individual’s movements in the context of 
contact tracing apps would violate the principle of data minimisation. In 
addition, doing so would create major security and privacy risks."

https://edpb.europa.eu/sites/edpb/files/files/file1/edpbletterecadvisecodiv-appguidance_final.pdf

Interestingly, the ACLU has a white paper on the topic which includes the 
following remarks:

"In addition, the location data typically generated by cell phones is not 
precise enough to identify epidemiologically relevant contacts, i.e. such as 
those within the requisite distance or with the relevant type of exposure. We 
reject these privacy-unfriendly TACT proposals outright because they do not 
strike the right balance between effectiveness, necessity, and intrusion."

https://www.aclu.org/report/aclu-white-paper-principles-technology-assisted-contact-tracing

(The ACLU document is a solid summary of a number of different concerns and, 
of course, favours Free Software, advocates reproducible builds and release 
archiving, amongst other things - see the "Auditable and fixable" section.)

In contrast to this, the Norwegian agency and partners seem to have fixated on 
the recognised limitations of Apple products:

"– Vi mener at lokasjonsdata er et nødvendig supplement til Bluetooth både for 
å validere data før utsending av varsler (for å hindre falske varsler) og 
spore nærkontakter som man ikke finner ved Bluetooth. Lokasjon vil også gjøre 
det mulig å ha forskjellige algoritmer for nærkontakt på forskjellige steder."

("We believe that location data is a necessary supplement to Bluetooth both 
for validating data before sending alerts (to prevent false alarms) and to 
trace others that cannot be found with Bluetooth. Location data will also make 
it possible to have different algorithms for proximity detection in different 
places.")

https://nrkbeta.no/2020/04/16/personvernrad-i-eu-mener-norsk-app-bryter-med-viktig-personvernprinsipp/

I find it rather interesting that location information is supposedly so 
helpful in the absence of Bluetooth signals. As the Singapore group openly 
admits...

"While GPS works well in wide, open spaces, it fares poorly when it comes to 
indoor and highly urbanised settings, said Mr Jason Bay, Senior Director of 
Government Digital Services at GovTech. “If you are one floor down in a 
building, your GPS location could look the same as someone in the floor above 
you because of signal reflections and multipath propagation effects,” he 
explained."

Indeed, precise indoor positioning (which is arguably most important in this 
situation) is a notorious problem with plenty of different, imperfect 
solutions despite being a lucrative area of research. I think I trust the 
person talking about reflections and propagation effects while giving an 
understandable example of false positives, as opposed to the person being 
vague about "different algorithms" and keeping their options open to the 
maximum. 

It should be said that location information is already used for surveillance, 
tracking, "analytics" and so on, with such data being traded for commercial 
advantage. This should not automatically make its use acceptable because "no-
one has any privacy anyway" or that there is an opportunity to normalise such 
activities in another realm. Moreover, there is a real risk that such 
solutions applied in this realm could cause panic situations and impact the 
wellbeing of the population.

Meanwhile, a preliminary report was delivered about aspects of an official 
review of the Norwegian "app". Some extracts:

"Posisjonsdata som breddegrad, lengdegrad, nøyaktighet, hastighet, høyde og 
nøyaktighet på høyde blir periodisk lagret i en ukryptert lokal database på 
telefonen."

("Position information such as latitude, longitude, [geographic?] accuracy, 
speed, height and height accuracy are periodically stored in an unencrypted 
local database on the telephone.")

"Det brukes permanente og enhets-spesifikke identifikatorer mellom enhetene. 
Dette vil potensielt åpne for muligheter til å utlede andres identitet eller 
smittestatus."

("Permanent and unit-specific identifiers are used by devices. This could 
potentially make it possible to extract the identity or infection status of 
others.")

"Tilgangsstyring, logging av tilgang, prosedyrer for sletting og aggregering 
av data i Azure er enda enten ikke påbegynt eller ferdig implementert. Denne 
funksjonaliteten er avgjørende for å kunne vurdere om personvernet er godt nok 
ivaretatt i løsningen."

("Access control, access logging, processes for deletion and aggregation of 
data in [Microsoft's cloud solution] Azure are either not yet established or 
finalised. This functionality is critical in assessing whether privacy is 
safeguarded in this solution.")

https://www.regjeringen.no/globalassets/departementene/hod/fellesdok/rapporter/200409_forelppig_rapport_ekspertgruppe_sporingsapp.pdf

Noting that this report was filed about a week ago, maybe some progress was 
made since then before launch. I don't think anyone knows why the agency 
responsible and their partners did not decide to build on other efforts. 
Reassurances from the politicians don't really count for so much when one 
reads this...

"Rett etter skjøt statsminister Erna Solberg inn at denne løsningen vil bidra 
til å gi nordmenn «mer frihet, raskere»."

("Immediately after [the health minister's insistence of the legal compliance 
of the solution], the prime minister, Erna Solberg, shot in with the 
observation that the solution will help give Norwegians "more freedom, more 
quickly".") 

This being a government that attempted to introduce emergency legislation 
curtailing the powers of the legislature, described as "madness" by one legal 
expert [1]. But, of course, only foreign people can be autocrats and 
dictators!

Sorry for the long message!

Paul

[1] https://www.nrk.no/norge/regjeringen-legger-frem-ny-korona-lov-som-gir-krisefullmakter-1.14950955

• Previous message (by thread): COVID19-Tracing/-Tracking App in Singapore under GPL-3.0
• Next message (by thread): COVID19-Tracing/-Tracking App in Singapore under GPL-3.0
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]