Categories
Issue 1 Understanding Science

How does privacy-protecting exposure tracking make sense?

🕒 4 min

I know you’re all sick of hearing about coronavirus, but hear me out: this is great news. A new update to iOS and Android has introduced coronavirus contact tracing. 

It’s a genius way to help solve one of today’s most pressing issues in a privacy-protecting and efficient manner. Contact tracing in iOS and Android works in a way that lets epidemiologists alert people when they might have been exposed to SARS-CoV-2 and tell them to self-isolate, all without anybody knowing who you were with, what you were doing, and where. 

If that sounds too good to be true, get ready for some computer science.

First, let’s discuss what contact tracing is: when someone gets infected by a virus that’s causing an epidemic, epidemiologists gather data about that person’s whereabouts. This was usually done via interviews, but interviews have several problems when you’re trying to stop (or at least slow down) a highly contagious pathogen: they take a lot of time and money, but more importantly, they rely on the patient’s ability to remember their encounters with other people. And if they were on a train, nobody can know who the people around them were.

To solve this, epidemiologists and governments have turned to computer scientists to find a solution. Now, it’s being implemented around the world.

COVID-19 Exposure Logging as a preference in iOS 13.5

But to know how we got here, you need to know where we started.

Since March, there have been widespread governmental attempts to implement contact tracing at scale using people’s phones. In Croatia -which I am using as an example here, but similar measures were discussed around the world – the government suggested tracking location histories of all citizens to enable contact tracing. However, after public outcry, they suggested tracking whether citizens in mandatory self-isolation have violated that measure.

So, in an attempt to help governments and epidemiologists implement contact tracing at scale, scientists from Google and Apple developed a tool they call Privacy-Preserving Contact Tracing, which made its way into iOS 13.5 and Google Play Services updates on Android, inspired by the work of university scientists on DP3T. Here’s how it works.

When you have your phone on you, your phone generates a Temporary Exposure Key every so often. It’s generated randomly and used to generate a Rolling Proximity Identifier when your phone changes its Bluetooth MAC address (think of this as an IP address, but for Bluetooth), which is sent out along with encrypted metadata about the person, which can only be decrypted if the person gets infected.

This means that your phone regularly sends out a string of random numbers – not tied to your identity – along with some more information about you. These random numbers change every 10-20 minutes, so there isn’t a way to track where you’ve been.

Your phone also remembers all the numbers it has sent out in the last 14 days or so. If you get infected, a doctor can provide you with a code to enter into your phone, which will upload those random numbers to a central database. 

Meanwhile, your phone remembers all those COVID-19 numbers it had encountered – and if it finds a match in the database (that is, if you had an encounter with someone who tested positive), notifies you and lets you know what to do next, as suggested by public authorities.

These strings of numbers sent out by your phone have no static or non-random parts, so they can’t be used to track you in any way (they don’t even use your location) – but they can be used to find out who got infected if they were with an infected person. If you don’t get infected, those numbers just don’t mean anything and get deleted after two weeks.

I am simplifying here: you can find the full spec on Apple’s and Google’s websites (or the base DP3T spec on GitHub). It’s really a interesting read if you’re into cryptography – and it’s definitely more secure than this simplified explanation. (For instance, if you test positive, your phone will actually put the Temporary Exposure Keys into the database and their time of validity, which will then be used to regenerate all your random identifiers to compare locally)

This is a brilliant way to help slow down this epidemic (and all future ones), while at the same time protecting your privacy in a time where that seems to be of little interest. Either way, it’s a terrific achievement from the scientists at Apple, Google and the universities involved and we should applaud them.

Do you agree? What are the possible cons of this approach? Is it really this good? Let us know and leave a comment below.

By Mario Borna Mjertan

Mario Borna Mjertan is a student of mathematics at the Department of Mathematics, Faculty of Science, University of Zagreb. He serves as Project Director for Znanstvenik u meni! and actively works on science popularisation projects such as ZUM, S3++ and other projects.

Leave a Reply

Your email address will not be published. Required fields are marked *