Another week begins and, with it, of course, new news about the pandemic of the Coronavirus (COVID-19) – or, more precisely, about the virus-fighting technology developed jointly by Apple and Google.
Come on, then.
Germany is in
The first novelty came from Reuters: authorities of Germany they made a 180º turn over the weekend and decided, in the end, to adopt the tracking API created by the two giants – or at least something similar.
I explain: at the moment, Europe is fighting a kind of battle for two “approaches” to the COVID-19 tracking technology.
The first is centralized, which would give authorities in each country full control over user data – in other words, all citizens who download tracking apps on their smartphones would have their location data shared (anonymously) with public health agencies . This idea raises privacy issues, but, in principle, it would be more effective than the second option in detecting infections and the spread of the virus.
The second approach is decentralized, which is exactly the one defended by Apple and Google. In this idea, as we have explained here, all location data would be saved only on the user’s smartphone, and would be sent to the authorities (also anonymously) only if the person marks that he is infected with Coronavirus (in some official application of the authorities of health) and agree to send the data; then, the system would cross-check this information with that of other users to detect possible infections. This is a more “private” approach, but potentially less effective.
By the end of last week, Germany was placing itself fully in the first camp, advocating a centralized tracking of its citizens. Over the past few days, however, the government has changed its mind and announced that it will take a decentralized approach to tracking the pandemic.
It is not yet clear whether this approach will be exactly the API created by Apple and Google or some similar technology. The governments of Switzerland, Austria and Estonia are already developing a technology similar to that of the American giants, called DP-3T (Decentralized Privacy-Preserving Proximity Tracing, or Decentralized Proximity Tracking and Privacy Protector), so Germany can simply join nearby countries. Let’s follow.
UK is out
While Germany seems to have acquiesced to the ideas of Apple and Google, the United Kingdom is moving in the opposite direction. We had already talked, a few days ago, about the resistance of the NHS (National Health Service, the British universal public health service) in adopting the decentralized solution proposed by the technological giants; now, according to BBC, the hammer was hit.
According to the news network, the NHS decided to follow the path of tracking with its own software, which collects data from British citizens centrally. There is only one problem: today, neither iOS nor Android allow third-party applications to collect location data in this way, in the background – for an application of this type to work satisfactorily, users would have to keep their smartphones on and with applications open at all times.
Still, the public health agency said it had found a way to make its solution work «sufficiently well» without the endorsement of Apple and Google. As a spokeswoman for the NHS digital innovation division said:
Our engineers have found several central challenges for the app to meet public health needs and perform contact event detection well enough, including when the app is in the background, without unduly affecting the battery of the devices.
Still, the NHS’s own technology is moving forward. At least in some points, the approach comes close to that proposed by Apple and Google: like the technological giants, the British body will detect contact events only through the protocol Bluetooth, without resorting to GPS location services; the information will also be completely anonymous, with no possibility of being traced back to the user.
According to the NHS, its tracking app will be launched in the coming weeks.
Group points out “blind spots” in the API
Finally, another group pointed out possible flaws or points of ineffectiveness in the API developed by Apple and Google, according to the Financial Times.
a pool US companies are developing their own tracking technology, based on separate Bluetooth devices (such as bracelets, badges or key chains), to be used with their employees – thus reducing the possibility of infection within the workplace. And some of the companies involved in the development of the technology have said that the ideas of Apple and Google are noble, but flawed.
Michael Moran, executive at Microshare, for example, stated that the only way to get full coverage of possible contact events within a company is to have all its employees tracked. On a larger scale, tracking is flawed because it does not involve all citizens:
It’s really an impressive blind spot in the approach [da Apple e do Google] think that, in some way, there is universal adoption of smartphones. It just isn’t true. And, in fact, the most vulnerable populations on the planet are precisely those who do not have them [de forma generalizada].
Meanwhile, an executive at Locix stated that an efficient approach to the problem needs to take into account not only the people with whom you have been in contact, but also the places where you have been – the virus, after all, can remain on certain surfaces long after your vector leaves the site .
The fact is that, of course, it will be impossible to create tracking technology that 100% accurately detects all possible infection events – and with each new element you add to make this technology more “smart”, more issues related to privacy arise, as we have seen.
So, at least personally, it seems to me that Apple’s and Google’s approach has been reasonably sensible – without too forcefully invading user privacy, and without ignoring obvious pandemic tracking points. Do you agree?
via Cult of Mac, 9to5Mac [1, 2]