Reports have suggested the UK will pursue a centralised data collection approach for its COVID-19 contact tracing app, despite the well-publicised security and privacy risks.
Last week, the National Health Service (NHS) published a blog entry which pointed towards some element of centralised data collection, though the choice was seemingly been offered to the consumer. It now appears this is not the case.
“This anonymous log of how close you are to others will be stored securely on your phone,” Matthew Gould and Geraint Lewis of NHSX, the technology unit of the NHS, wrote in the blog post.
“If you become unwell with symptoms of COVID-19, you can choose to allow the app to inform the NHS which, subject to sophisticated risk analysis, will trigger an anonymous alert to those other app users with whom you came into significant contact over the previous few days.”
Details are of course still thin on the ground, but the BBC is now reporting the NHS will pursue a centralised approach, collating data on NHS servers for analysis and to send out notifications. There are of course advantages to this approach, models can be adapted quicker and additional analysis can be performed, but the question which remains is whether this outweighs the risk to security and privacy; Google and Apple clearly do not think so.
While a centralised approach proposes the collection and storage of all relevant data on NHS servers, an API created between Google and Apple would do the analysis on devices.
Using Bluetooth once again, the decentralised API would store the interaction between device on the user’s device, only sending a key indicating whether that specific user is infected or not to the cloud. Devices would reference the cloud database regularly and should the on-device logs match an infected key, alerts would be sent to other devices which have been logged as contact traces.
The decentralised approach has been embraced by Germany, though this was a surprise, however French authorities has gone the same direction as the UK is seemingly heading. The one which flies in the face of expert advice.
An open letter from cybersecurity specialists and other data scientists has slammed the centralised approach employed by France and, allegedly, the UK.
“All these applications in fact involve very significant risks with regard to respect for privacy and individual freedoms,” the letter states. “One of them is mass surveillance by private or public actors, against which the International Association for Research in Cryptology (IACR) committed itself through the Copenhagen resolution.
“This mass surveillance can be carried out by collecting the graph of interactions between individuals, the social graph. It can intervene at the level of operating systems (OS) of mobile phones. Not only OS producers could reconstruct the social graph, but also the State, more or less easily depending on the solutions proposed.”
The letter has been signed by hundreds of French cybersecurity experts from a range of academic institutions and private research organisations. Support to this position has also been pledged by hundreds of non-cybersecurity technologists also. It is a very comprehensive list of academic experts all condemning the centralised approach as an unneeded risk and an action which undermines privacy principles.
Although the details of the NHS application have yet to be revealed, it does appear the team is heading down the same route as the French. The pursuit of simplicity and flexibility has been deemed more important that the grave warnings to security and privacy offered by experts in the field.
Hopefully the collection of data on centralised servers does not act as too much of a red flag to the hacker community, most of which do not too many invitations to have a crack at stealing information which can be used for nefarious means. Aside from the risk to privacy, collecting millions of datasets of personal information in a single place could be viewed as somewhat of a treasure trove.