Wednesday, May 6, 2020

How to do Contact Tracing while Respecting Privacy -- and avoiding the Hunger Games?

With the pandemic continuing, the agreed-upon model for dealing with this (until and if a vaccine can be developed) is a combination of social distancing, stepped-up testing for exposure, and contact tracing.

Following the vectors for infection is a key way to get those infected to self-quarantine. Using smart phones as a tool has been shown by South Korea to be effective. But any system that uses our ubiquitous smartphone to track locations and contacts could bump up against privacy needs, and create surveillance problem. Of course, surveillance of infected persons could also save millions of lives — and put us back on tract to get out to work, and restart the economy. Thus is born a paradoxical challenge: to build a comprehensive tracking system without it becoming a tool of oppression.

South Korea has shown to be effective in the management of the viral outbreak and spread of the novel coronavirus disease COVID-19. One area is South Korea’s enormous virus testing program. Another is the country’s use of surveillance technology, notably CCTV and the tracking of bank card and mobile phone usage, to identify who to test. The central part of the South Korean strategy is simple: test as many people as possible. But if patients can’t be located, testing capacity doesn’t matter. This is where smart city infrastructure comes in, with the goal of working out where known patients have been and test anyone who might have come into contact with them. South Korea uses contactless payment transactions to plot a card user’s movements on a map. Smartphone data is also used, because phone locations are automatically recorded when devices connect to up to to three transceivers (for triangulation). Facila recognition with CCTV cameras also enable authorities to identify people who have been in contact with COVID-19 patients.

Does this sound like a technological panopticon? To many westerners, such tracking could be anathema to the philosophy of individual privacy. Apple and Google have mapped a possible solution, obfuscating smartphone data enough to obscure individuals, but proving enough data to enable vector mapping of infected persons.

Abuse by authorities of raw location data could reveal sensitive information about anyone — from political dissent to journalists' sources. The big tech companies are looking to enable contact tracing systems without mass surveillance. We will soon see apps that notify potentially exposed users without revealing location data to the government. In some cases, personal information and health privacy laws means keep an infected individual's test results private while still warning anyone who might have entered their physical zone of contact.

The best way to protect geolocation data from abuse, is not to collect it in the first place. Or so suggests Stanford computer scientist Cristina White, working on the project. Covid-Watch uses Bluetooth as a kind of proximity detector. The app constantly pings out Bluetooth signals to nearby phones, looking for others that might be running the app within about two meters, or six and a half feet. If two phones spend 15 minutes in range of each other, the app considers them to have had a "contact event." They each generate a unique random number for that event, record the numbers, and transmit them to each other.

GPS location tracking will likely play a role in contact-tracing apps, too, with all of the privacy risks that come with sharing a map of users’ movements.

Read more here

No comments:

Post a Comment