By Chris David and Franklin Aguilar
What’s the best way to stop a pandemic or communicable disease? Doctors and health officials have many tools at their disposal, but during the outset of a disease (lacking a vaccine or effective medical treatment, as with coronavirus COVID-19) options are limited. Contact tracing may be the only effective means of halting the spread.
The process of contact tracing attempts to identify everyone that has come into contact with an infected person, warn potentially exposed persons and stop the disease before it can spread further.
Smartphone contact tracing may be the next step.
What is it?
In reality, tracing all people that an infected person may have contacted is time consuming, arduous and maybe even impossible. With a highly communicable disease like COVID-19, even a brief interaction can spread the virus to a new host. But what if there were a way to use technology to aid in tracking infected people and notifying those that may have been exposed?
Enter smartphone contact tracing, also known as “digital contact tracing”.
Both Apple and Google (whose mobile devices make up the majority of the smartphone market) announced that they will include functionality for contact tracing in their operating systems.
How does it work?
Without going into too much technical detail… These days all smartphones include a wireless technology known as Bluetooth.
Bluetooth signals are designed to be low-power, short range, and normally only travel less than 100 ft. Using random numbers, the contact tracing framework on each smartphone will create a unique identification code, which the phone will broadcast periodically over Bluetooth radio. The contact tracing framework will also scan periodically for other unique identifiers within range and will store these IDs in a local log.
Assuming that everyone is carrying their smartphones with them at all times (a reasonable assumption in this day and age), the end result is a log of all devices/people that you have been in contact with during the day.
Every so often your phone will transmit your log of contacts to a central server and compare all the IDs with a list of known infected people. Your phone will show an alert in case you have been near a known-infected person. And in the case that you become infected, you will be able to flag your ID, and all people that have been in contact with you will be notified.
Digital Contact Tracing sounds like a brilliant idea. But as for security and privacy, many questions remain.
Who controls the central server where the contact tracing logs are stored and processed? What about false positives and intentional misuse of the system? Hackers, advertisement companies, authoritarian regimes and anyone sufficiently motivated could deanonymize the data and use the contact logs to track users and their daily activities.
Using Digital Contact Tracing, could a government identify all people that took part in a political demonstration?
Both Google and Apple have indicated that the contact tracing framework will be part of the operating system and available as an API (application programming interface), meaning that apps and services running on your phone might be able to scrape up the data for their own uses.
In fact, for the contact tracing function to work at all, apps must have the ability to do so. So who controls the apps and services that interact with the framework?
In terms of the security and privacy of Digital Contact Tracing, all we have so far are vague guarantees that data will be handled anonymously and fingers-crossed affirmations declaring that developers, hackers and governments won’t abuse the power. But the ability to identify users, all the places they frequent and the people they see is just too valuable not to be abused.
Do you want this feature?
Smartphone vendors are forging ahead with the idea. But we at ComputerKick disagree on whether the system will be worth the potential downfalls and abuse.
What about you? Do you think Digital Contact Tracing will slow the spread of infectious diseases, or will abuse and security flaws undermine public trust? Do you want this feature on your phone?