On Friday 10. April 2020 22.09.06 Sebastian Silva wrote:
Thanks for sharing!
I just passed it on to a government mailing list in my country (Peru).
I did a quick search and found an article by the Singaporean government explaining their logic, which I shared also.
https://www.tech.gov.sg/media/technews/six-things-about-opentrace
Some of the insights are interesting in various blog posts. For instance:
"Aside from the technical challenge, using location data for contact tracing also raises serious privacy and data security concerns. If users are hesitant to download the app for fear of inadvertently revealing their movements, its ability to link the dots would be greatly diminished."
https://www.tech.gov.sg/media/technews/tracetogether-behind-the-scenes-look-...
This is in agreement with the European Data Protection Board advice:
"Contact tracing apps do not require location tracking of individuals users. Their goal is not to follow the movements of individuals or to enforce prescriptions. [...] Collecting an individual’s movements in the context of contact tracing apps would violate the principle of data minimisation. In addition, doing so would create major security and privacy risks."
https://edpb.europa.eu/sites/edpb/files/files/file1/edpbletterecadvisecodiv-...
Interestingly, the ACLU has a white paper on the topic which includes the following remarks:
"In addition, the location data typically generated by cell phones is not precise enough to identify epidemiologically relevant contacts, i.e. such as those within the requisite distance or with the relevant type of exposure. We reject these privacy-unfriendly TACT proposals outright because they do not strike the right balance between effectiveness, necessity, and intrusion."
https://www.aclu.org/report/aclu-white-paper-principles-technology-assisted-...
(The ACLU document is a solid summary of a number of different concerns and, of course, favours Free Software, advocates reproducible builds and release archiving, amongst other things - see the "Auditable and fixable" section.)
In contrast to this, the Norwegian agency and partners seem to have fixated on the recognised limitations of Apple products:
"– Vi mener at lokasjonsdata er et nødvendig supplement til Bluetooth både for å validere data før utsending av varsler (for å hindre falske varsler) og spore nærkontakter som man ikke finner ved Bluetooth. Lokasjon vil også gjøre det mulig å ha forskjellige algoritmer for nærkontakt på forskjellige steder."
("We believe that location data is a necessary supplement to Bluetooth both for validating data before sending alerts (to prevent false alarms) and to trace others that cannot be found with Bluetooth. Location data will also make it possible to have different algorithms for proximity detection in different places.")
https://nrkbeta.no/2020/04/16/personvernrad-i-eu-mener-norsk-app-bryter-med-...
I find it rather interesting that location information is supposedly so helpful in the absence of Bluetooth signals. As the Singapore group openly admits...
"While GPS works well in wide, open spaces, it fares poorly when it comes to indoor and highly urbanised settings, said Mr Jason Bay, Senior Director of Government Digital Services at GovTech. “If you are one floor down in a building, your GPS location could look the same as someone in the floor above you because of signal reflections and multipath propagation effects,” he explained."
Indeed, precise indoor positioning (which is arguably most important in this situation) is a notorious problem with plenty of different, imperfect solutions despite being a lucrative area of research. I think I trust the person talking about reflections and propagation effects while giving an understandable example of false positives, as opposed to the person being vague about "different algorithms" and keeping their options open to the maximum.
It should be said that location information is already used for surveillance, tracking, "analytics" and so on, with such data being traded for commercial advantage. This should not automatically make its use acceptable because "no- one has any privacy anyway" or that there is an opportunity to normalise such activities in another realm. Moreover, there is a real risk that such solutions applied in this realm could cause panic situations and impact the wellbeing of the population.
Meanwhile, a preliminary report was delivered about aspects of an official review of the Norwegian "app". Some extracts:
"Posisjonsdata som breddegrad, lengdegrad, nøyaktighet, hastighet, høyde og nøyaktighet på høyde blir periodisk lagret i en ukryptert lokal database på telefonen."
("Position information such as latitude, longitude, [geographic?] accuracy, speed, height and height accuracy are periodically stored in an unencrypted local database on the telephone.")
"Det brukes permanente og enhets-spesifikke identifikatorer mellom enhetene. Dette vil potensielt åpne for muligheter til å utlede andres identitet eller smittestatus."
("Permanent and unit-specific identifiers are used by devices. This could potentially make it possible to extract the identity or infection status of others.")
"Tilgangsstyring, logging av tilgang, prosedyrer for sletting og aggregering av data i Azure er enda enten ikke påbegynt eller ferdig implementert. Denne funksjonaliteten er avgjørende for å kunne vurdere om personvernet er godt nok ivaretatt i løsningen."
("Access control, access logging, processes for deletion and aggregation of data in [Microsoft's cloud solution] Azure are either not yet established or finalised. This functionality is critical in assessing whether privacy is safeguarded in this solution.")
https://www.regjeringen.no/globalassets/departementene/hod/fellesdok/rapport...
Noting that this report was filed about a week ago, maybe some progress was made since then before launch. I don't think anyone knows why the agency responsible and their partners did not decide to build on other efforts. Reassurances from the politicians don't really count for so much when one reads this...
"Rett etter skjøt statsminister Erna Solberg inn at denne løsningen vil bidra til å gi nordmenn «mer frihet, raskere»."
("Immediately after [the health minister's insistence of the legal compliance of the solution], the prime minister, Erna Solberg, shot in with the observation that the solution will help give Norwegians "more freedom, more quickly".")
This being a government that attempted to introduce emergency legislation curtailing the powers of the legislature, described as "madness" by one legal expert [1]. But, of course, only foreign people can be autocrats and dictators!
Sorry for the long message!
Paul
[1] https://www.nrk.no/norge/regjeringen-legger-frem-ny-korona-lov-som-gir-krise...