Nav: Home

COVID-19 contact tracing apps: 8 privacy questions governments should ask

April 02, 2020

As part of their efforts to slow the outbreak of coronavirus, governments, research institutions and industry are developing contact tracing apps to record interactions between people. The apps warn users if one of the people they have been recorded as being in contact with is later diagnosed with COVID-19 so they can take appropriate steps like self-isolation.

Such apps could prove useful in avoiding long-term confinement measures. However they collect sensitive information like location data, Bluetooth-enabled proximity information, and whether individuals are infected.

Now, a new white paper by Imperial College London's Dr Yves-Alexandre de Montjoye has outlined eight questions that should be asked to understand how protective of privacy an app is.

Dr de Montjoye, of Imperial's Department of Computing, said: "We need to do everything we can to help slow the outbreak. Contact tracing requires handling very sensitive data at scale, and solid and proven techniques exist to help us do it while protecting our fundamental right to privacy. We cannot afford to not use them.

"Our questions are intended for governments and citizens to help evaluate the privacy of apps. They could also for app developers when planning and evaluating their work."

The questions were developed by a team including Imperial PhD students Florimond Houssiau, Andrea Gadotti, and ENS Lyon's Florent Guepin.

The questions

1. How do you limit personal data gathered by the app developers?

Dr de Montjoye (YDM): "Large-scale collection of personal data can quickly lead to mass surveillance. We should ask how much data the app gathers - like the whole disease trajectory and real-life social network of infected users."

2. How do you protect the anonymity of every user?

YDM: "Special measures should be put in place to limit the risk that users can be re-identified by app developers, other users, or external parties. Because location traces are unique, they might easily be linked back to a person."

3. Does the app reveal to its developers the identity of users who are at risk?

YDM: "The goal of contact tracing is to warn people who are at risk, so there's no need for app developers to know who these people are."

4. Could the app be used by users to learn who is infected or at risk, even in their social circle?

YDM: "Personal health data is very sensitive. Digital contact tracing should warn those who are at risk without revealing who might have infected them."

5. Does the app allow users to learn any personal information about other users?

YDM: "Having access to small amounts of information could help users identify who is infected, so apps shouldn't disclose information on a user's location or social networks to other users."

6. Could external parties exploit the app to track users or find out who's infected?

YDM: "Apps should consider the risk of external adversaries, including well-resourced ones. External entities could install Bluetooth trackers to cover a city, or install malicious code on phones, and record the identifiers that they observe in specific locations. This can be avoided by regularly changing and re-anonymising identifiers like location data."

7. Do you put in place additional measures to protect the personal data of infected and at-risk users?

YDM: "The app design may require revealing more personal information about users who are infected or exposed, but these are often the people who are more vulnerable and at risk. It's important to consider what additional measures can be taken to protect their information."

8. How can users verify that the system does what it says?

YDM: "Large-scale contact tracing is too sensitive an issue to rely on blind trust. Technical measures should be used to guarantee public scrutiny on the functioning of the app. Transparency of the system (app code, protocol, what is being broadcast, etc) is fundamental to guarantee privacy. This requires that the app be open source and app versions distributed on mobile app stores be verifiable, enabling developers to confirm that they're running the public, auditable code."

Privacy a 'crucial component' going forward

Contact tracing apps are being developed around the world and some are already available. If they are proven useful, governments, health authorities, and users will have to evaluate the different approaches and decide whether to adopt them. Privacy, say the researchers, is a crucial component in this decision.

Co-author Florimond Houssiau, also from Imperial's Department of Computing, said: "These questions are meant to be a starting point for an informed conversation on privacy in contact tracing apps."

The questions do not cover every potential vulnerability of contact tracing protocols, like security issues. Co-author Andrea Gadotti said: "Our questions focus on privacy, but the security side is equally important. This means, for example, encrypting the apps, evaluating how mobile malware could affect the app's behaviour, and assessing the resilience of the app developer servers against intrusion."

"Evaluating COVID-19 contact tracing apps? Here are 8 privacy questions we think you should ask." by Dr de Montjoye et al., published 2 April 2020.

Imperial College London

Related Privacy Articles:

COVID-19 contact tracing apps: 8 privacy questions governments should ask
Imperial experts have posed eight privacy questions governments should consider when developing coronavirus contact tracing apps.
New security system to revolutionise communications privacy
A new uncrackable security system created by researchers at King Abdullah University of Science and Technology (KAUST), the University of St Andrews and the Center for Unconventional Processes of Sciences (CUP Sciences) is set to revolutionize communications privacy.
Mayo Clinic studies patient privacy in MRI research
Though identifying data typically are removed from medical image files before they are shared for research, a Mayo Clinic study finds that this may not be enough to protect patient privacy.
Researchers uncover privacy flaw in e-passports
Researchers at the University of Luxembourg have discovered a flaw in the security standard used in biometric passports (e-passports) worldwide since 2004.
How cities can leverage citizen data while protecting privacy
In a new study, MIT researchers find that there is, in fact, a way for Indian cities to preserve citizen privacy while using their data to improve efficiency.
Cell-mostly internet users place privacy burden on themselves
Do data privacy concerns disproportionately affect people who access the internet primarily through cell phones?
Anonymizing personal data 'not enough to protect privacy,' shows new study
Current methods for anonymizing data leave individuals at risk of being re-identified, according to new research from University of Louvain (UCLouvain) and Imperial College London.
Study finds Wi-Fi location affects online privacy behavior
Does sitting in a coffee shop versus at home influence a person's willingness to disclose private information online?
Putting data privacy in the hands of users
MIT and Harvard University researchers have developed Riverbed, a platform that ensures web and mobile apps using distributed computing in data centers adhere to users' preferences on how their data are shared and stored in the cloud.
Social media privacy is in the hands of a few friends
New research has revealed that people's behavior is predictable from the social media data of as few as eight or nine of their friends.
More Privacy News and Privacy Current Events

Trending Science News

Current Coronavirus (COVID-19) News

Top Science Podcasts

We have hand picked the top science podcasts of 2020.
Now Playing: TED Radio Hour

Listen Again: Meditations on Loneliness
Original broadcast date: April 24, 2020. We're a social species now living in isolation. But loneliness was a problem well before this era of social distancing. This hour, TED speakers explore how we can live and make peace with loneliness. Guests on the show include author and illustrator Jonny Sun, psychologist Susan Pinker, architect Grace Kim, and writer Suleika Jaouad.
Now Playing: Science for the People

#565 The Great Wide Indoors
We're all spending a bit more time indoors this summer than we probably figured. But did you ever stop to think about why the places we live and work as designed the way they are? And how they could be designed better? We're talking with Emily Anthes about her new book "The Great Indoors: The Surprising Science of how Buildings Shape our Behavior, Health and Happiness".
Now Playing: Radiolab

The Third. A TED Talk.
Jad gives a TED talk about his life as a journalist and how Radiolab has evolved over the years. Here's how TED described it:How do you end a story? Host of Radiolab Jad Abumrad tells how his search for an answer led him home to the mountains of Tennessee, where he met an unexpected teacher: Dolly Parton.Jad Nicholas Abumrad is a Lebanese-American radio host, composer and producer. He is the founder of the syndicated public radio program Radiolab, which is broadcast on over 600 radio stations nationwide and is downloaded more than 120 million times a year as a podcast. He also created More Perfect, a podcast that tells the stories behind the Supreme Court's most famous decisions. And most recently, Dolly Parton's America, a nine-episode podcast exploring the life and times of the iconic country music star. Abumrad has received three Peabody Awards and was named a MacArthur Fellow in 2011.