Another update on the use of coronavirus tracing apps all around the world and on crazy things happening on the ground in the containment zones of Europe.
Today on The Private Citizen, we are looking at what has been happening with regards to coronavirus tracing apps all around the world. I’ve also collected a number of stories of the madness that people now claim is “the new normal”.
The website is now brought to you by Netlify, which provides a great hosting service for static websites.
Contact Tracing Apps Around the World
After having discussed contact tracing apps in depth in episodes 15 and 16, here’s an update on how these kinds of apps are being rolled out across different countries. First off, it is interesting to note that Apple and Google will not allow location tracking by apps using their contact tracing framework, which has been renamed to Exposure Notification.
In a set of guidelines for the API, the companies said that developers will not be able to access or even seek permission to access location data using the app. That’s a welcome change as Android currently requires location access to be enabled to make always-on Bluetooth of the sort required by contact-tracing apps to work, even though GPS data is not used.
As expected, they will also enforce that there’s only one app per country in each of their app stores.
The new guidelines also state that only public health authorities will be able to use the API, and that only one app per country will be permitted into app stores.
It also seems I’m not the only one who thinks these apps are a bad idea. Here’s what infosec maven Bruce Schneier had to say on the concept of contact tracing apps:
The end result is an app that doesn’t work. People will post their bad experiences on social media, and people will read those posts and realize that the app is not to be trusted. That loss of trust is even worse than having no app at all. It has nothing to do with privacy concerns. The idea that contact tracing can be done with an app, and not human health professionals, is just plain dumb.
But …everyone still seems hell-bent on rolling these things out so let’s look in detail at what’s going on in different countries.
In Germany, “the app” is now being developed by Deutsche Telekom and SAP which were directly asked to do so by the government . It’s supposed to be open source, PEPP-PT isn’t mentioned anymore. This app is supposed to be ready by mid-June .
By then, all of this might well have blown over if the current trend of new cases holds.
Confirmed COVID-19 cases in Germany as of 13 May 2020 (Source: Robert-Koch-Institut)
The code for the app and the backend services will be published on GitHub. There’s some sparse documentation available in the repo right now.
The German government is emphasising that usage of the app should be completely voluntary. There are no concrete targets of how much of the population needs to install the app for it to be considered a valid method of fighting the spread of SARS-CoV-2. The government is of the opinion that masks and physical distancing are “much more important” measures to combat new infections.
There is no law planned to regulate how the app is used, but the Social Democrats (the junior partner in the governing coalition) have said that some laws may be required to specify how long data from the app is stored and what it can be used for. They are also of the opinion that laws might be needed to prevent discrimination based on data harvested in the app. Legal experts generally are of the opinion that a law is needed to govern what exactly “voluntary” means, because even though the government says nobody has to use the app, private businesses could require it when entering their premises which would de facto negate voluntariness.
This issue is specifically addressed in the GDPR, for example.
“Freely given” consent essentially means you have not cornered the data subject into agreeing to you using their data. For one thing, that means you cannot require consent to data processing as a condition of using the service. They need to be able to say no. According to Recital 42, “Consent should not be regarded as freely given if the data subject has no genuine or free choice or is unable to refuse or withdraw consent without detriment.”
In Switzerland, the local implementation of a contact tracing app is delayed . This app, based on the DP-3T model was supposed to be released this week, now the release is projected for “early summer”.
The Swiss parliament is demanding the creation of a legal framework on how an app like this can and will be used before signing off on its release. Elected officials have said that “the potential impact on civil liberties [of such an app] are huge”. The government now has to draft a law that could be debated in parliament in June. Baseline requirements are that usage of the app has to be voluntary and that personally identifiable data cannot be stored on centralised servers.
One of the leaders of the development team, Marcel Salathé, has said that the Swiss app will be using Apple’s and Google’s API. Salathé is professor for “digital epidemiology” at the Eidgenössische Technische Hochschule (EPFL) in Lausanne.
Australia tried to head off this problem and get the app out as soon as possible. As we talked about on the show before this has caused some issues. It’s now being discovered that those issues were even bigger than we originally thought.
Australia’s “COVIDSafe” contact-tracing app was rushed to market in the knowledge it would perform poorly on some devices and without agreements in place to let actual contact-tracers use the data it collects. As a result, no collected data has been used in at least 10 days since its launch.
Meanwhile, security researchers have alleged the app has serious flaws – one of which can broadcast the names of devices running the app – and one has criticised Australia’s government for not offering a formal method to point out such problems.
Australia’s government, meanwhile, continues to tie increased adoption of the app to future lightening of social distancing regulations. Over five million Australians have downloaded the app at the time of writing, however with iPhones the majority of the national phone fleet COVIDSafe’s efficacy is currently questionable.
In America, no specific apps seem to be in development. And a recent poll seems to suggest not many people will install them anyway.
The 82 percent of US adults who have smartphones are exactly split on the issue, according to poll data released today by The Washington Post and University of Maryland. Half of the poll respondents said they probably or definitely would use a contact-tracing app, and the remaining half said they probably or definitely would not. While a majority of respondents (57 percent) expressed a reasonable amount of trust in public health agencies, less than half (47 percent) said they trust health insurance firms, and only 43 percent said they trust tech firms such as Google or Apple.
Overall, the poll indicates that only 41 percent of American adults have both the technological capacity and the will to use a contact-tracing app. That’s a problem, as research suggests that digital tracing would have to reach about 60 percent of the population to be most effective.
The “research” they are quoting comes from the Oxford paper already discussed on the show and is only a very rough estimate.
Meanwhile in the UK, the NHS group responsible for developing the UK’s contact tracing app (NHSX), has released the app’s source code. Unsurprisingly, people have questions.
Developers who have examined the blueprints have not been entirely mollified, and have called out several potential problems. For example, the apps, which are supposed to be pro-privacy, use Google Analytics and the Firebase Analytics framework, configured in a way to allow personalized web advertisements. Also, they generate a private key that’s not private because it gets created on a remote server rather than on the user’s device. And they link to insecure HTTP resources.
While the NHSX apps appear not to track user location, consistent with NHSX representations, it’s claimed the Android version requests location permissions that are unnecessary and could be used after an update to track user location. In an analysis on Thursday, Reincubate, a UK-based developer tools software biz, said that the inclusion of the ACCESS_FINE_LOCATION in the Android app is necessary for using Bluetooth. The iOS version, the company says, does not request location permissions.
Overall, Reincubate considers the apps to be relatively well-behaved, respecting platform rules and not storing sensitive data. The firm observes that they utilizes some clever workarounds to remain active and attentive for proximate devices – at the likely expense of battery life. Other programmers – noting that, for the iOS version, Bluetooth discovery may fail when two locked devices come in range – disagree, characterizing the workaround as a violation of Apple’s rules.
The app is currently being tested on the Isle of Wight and is “due for release in the coming weeks”.
It’s now becoming clear that the government’s approach to eschew the Apple/Google API in favour of centralised data storage was probably the wrong decision. Last week it was reported that a switch to Apple/Google API might be imminent.
The UK may be rethinking its decision to shun Apple and Google’s API for its national coronavirus contacts tracing app, according to the Financial Times, which reported yesterday that the government is paying an IT supplier to investigate whether it can integrate the tech giants’ approach after all.
Yesterday the FT reported that NHSX, the digital transformation branch of UK’s National Health Service, has awarded a £3.8M contract to the London office of Zuhlke Engineering, a Switzerland-based IT development firm which was involved in developing the initial version of the NHS COVID-19 app.
The contract includes a requirement to “investigate the complexity, performance and feasibility of implementing native Apple and Google contact tracing APIs within the existing proximity mobile application and platform”, per the newspaper’s report. The work is also described as a “two week timeboxed technical spike”, which the FT suggests means it’s still at a preliminary phase – thought it also notes the contract includes a deadline of mid-May.
The specific technical issue that appears to be causing concern relates to a workaround the developers have devised to try to circumvent platform limitations on Bluetooth that’s intended to wake up phones when the app itself is not being actively used in order that the proximity handshakes can still be carried out (and contacts events properly logged). On this, the FT quotes one person familiar with the NHS testing process who told it the app was able to work in the background in most cases, except when two iPhones were locked and left unused for around 30 minutes, and without any Android devices coming within 60m of the devices. The source also told it that bringing an Android device running the app close to the iPhone would “wake up” its Bluetooth connection.
Britons will not be able to ask NHS admins to delete their COVID-19 contact-tracking data from government servers, digital arm NHSX’s chief exec Matthew Gould admitted to MPs this afternoon. Gould also told Parliament’s Human Rights Committee that data harvested from Britons through NHSX’s COVID-19 contact tracing app would be “pseudonymised” – and appeared to leave the door open for that data to be sold on for “research”.
A group of nearly 175 UK academics has criticised the NHS’s planned COVID-19 contact-tracing app for a design choice they say could endanger users by creating a centralised store of sensitive health and travel data about them. In the open letter published this afternoon, the 173 scholars called on NHSX, the state-run health service’s app-developing and digital policy quango, to “publicly commit that there will not be a database or databases, regardless of what controls are put in place, that would allow de-anonymization of users of its system.”
In Iceland, up to 40% citizens have been using a GPS-based app for about a month now. As it turns out, it isn’t helping.
Rakning C-19, which launched in early April, was hailed as a way to “make the tracing of transmissions easier” at the time. It tracks users’ GPS data to compile a record of where they have been, allowing investigators—with permission—to look at whether those with a positive diagnosis are potentially spreading the disease. And it gained traction quickly: according to MIT Technology Review’s Covid Tracing Tracker, it has the largest penetration rate of all contact trackers in the world, having been downloaded by 38% of Iceland’s population of 364,000.
But despite this early deployment and widespread use, one senior figure in the country’s covid-19 response says the real impact of Rakning C-19 has been small, compared with manual tracing techniques like phone calls. “The technology is more or less … I wouldn’t say useless,” says Gestur Pálmason, a detective inspector with the Icelandic Police Service who is overseeing contact tracing efforts. “But it’s the integration of the two that gives you results. I would say it [Rakning] has proven useful in a few cases, but it wasn’t a game changer for us.”
In Singapore, which is essentially an autocratic one-party state, there was a contact tracing app (TraceTogether) in play early on. This is the app that Australia’s solution is based on. Now, the police state in Singapore is cracking down with measures akin to what China implemented when they started to lift the lockdown.
Singapore will from May 12th require all businesses to adopt a system that checks visitors into and out of their premises using their smartphones, and has already made using the system compulsory before entering some venues. Called “SafeEntry”, the system is designed to enhance Singapore’s coronavirus contact-tracing capabilities and requires visitors to either scan a QR code or allow their phones to be scanned to record a barcode in the national e-services app. That scans are taken when visitors enter and exit a premises.
Singapore’s Ministry of Health says the service logs names, national identity numbers (or the equivalent for long-term residents) and mobile phone numbers, plus the time a user entered and exited a venue. The resulting data is uploaded to a cloud service where, the Ministry says, it will only be used “by authorised personnel for contact tracing purposes, and stringent measures are in place to safeguard the data in accordance with the Government’s data security standards.”
Singapore seems to be a great example of how a voluntary app is launched, then “experts” (who are probably close to the government) suggest it should be made mandatory because of low adoption rates and then an essentially mandatory app is launched. This is exactly the kind of scenario I have been warning about since I started reporting on this topic.
India, the most populous democracy in the world, is going in a similar direction.
India has made use of a COVID-19 contact-tracing app compulsory in some parts of the nation.
The country yesterday extended its national lockdown for two weeks from today. But the extension is not total: regions that have experienced no new cases at all or none in the last 21 days will be designated “green zones”. But locales with known cases or insufficient data will become “red” or “orange” zones subject to ongoing stay-at-home orders and extensive restrictions on business activity. And in Red or Orange zones, according to the new Order from the Ministry of Home affairs, “The local authority shall ensure 100% coverage of the Aarogya Setyu App among residents of the containment zones.”
Random Madness from the Containment Zones
So what else has been happening in “the new normal” out there? Amnesty International says “digital surveillance to fight COVID-19 can only be justified if it respects human rights”. Meanwhile I’m over here trying to imagine digital surveillance that respects human rights. Isn’t surveillance by itself contrary to human rights like the right to privacy and the right to live your life unmolested by the government?
Meanwhile, in larger parts of Germany, restaurants and massage parlours have to log anyone who enters the premises and keep the data for three weeks. You must agree to provide the data or you can’t enter the premises. Remember what the GDPR says about consent? Some people argue all of this doesn’t violate the GDPR if the records are kept manually. While that might be technically correct, it makes no fucking sense whatsoever. Ever heard of the spirit of the law versus the letter of the law?
At least the German federal state of Hesse has given up on its plan to use Palantir software for its coronavirus task force. They dropped the plan because the situation turned out not to be as critical as everyone predicted, not because of criticism. Of course, Palantir would have provided the software for free. The software is apparently in active use in the UK.
Apple has reopened its stores in Germany and announced beforehand that they would take everyone’s temperature before letting them in . This is, of course, a data privacy issue in Germany, as discussed previously on the show when a German supermarket chain tried to do it. Predictably, Apple is now under investigation by federal-state-level data protection officers.
In other news, we are now shooting at inner-European borders again.
Polish media reported yesterday the case of a man attempting to illegally cross the Czech border at the town of Pilszcz, a few kilometers from the Czech city Opava. Identified as a German resident of the Czech Republic, the man drove to a crossing patrolled by Polish forces from the 10th Logistics Brigade of Opole Czytaj, left his car, and apparently attempted to enter the country on foot. When he didn’t respond to verbal instructions from the Polish officials, two warning shots were fired and he was ultimately apprehended.
Madness also reigns for the inhabitants of Laufen (Germany) and Oberndorf (Austria), which are essentially one city cut in half by the river Salzach. The closed border has caused all kinds of hardships .
Barry Williams wrote in response to an email of his that I read on episode 17:
School attendance is compulsory in Australia, I just work in an area where many students do not attend school for days, weeks, months at a time. We do all we can to report on this and try to get them to school. Except when the government says no it’s fine you can stay home and “home study” then say actually it’s fine you should come to school, but if you want to stay home that’s fine also.
He also sent an email in response to episode 18:
Firstly thanks for teaching me how to pronounce Xiaomi, I keep meaning to look it up but I am lazy. I know Huawei put out a video just on how to pronounce their name. Secondly I do wonder if it would be worth buying a cheap Xiaomi phone and then flashing a custom rom and hoping there is no spywhere in the hardware or irreplaceable firmware. Definitely not bulletproof but could be an option.
I’m a huge fan of your work. I was a late starter listening to podcasts and only started listening to LO near the end of its run, however, I did go back and listen to the back catalogue. I even listened to GNR, which although I’m not into Warhammer and such, the presentation still made it a great listen. I am currently enjoying The Private Citizen, and believe that privacy is one of the few areas of our life that we can still keep to ourselves and should not be for sale. As such, I prefer encrypted communications whenever possible, even if it only serves to help shelter other encrypted communications via anonymity through obscurity, and information I share is free to be used. Keep up the great work.
Bennett Piater, who’s German and lives in Austria but has US citizenship, comments:
I am equally dismayed at the cavalier attitude with which our societies are abandoning their freedoms and rights. Albert Mohler often says that given the choice, people will always choose security over freedom, and therefore a society requires security in order to remain free. Suffice to say that he is not at all happy with the current governmental overreach either!
I’m beginning to think that the founders were correct in their assessment that a population needs to be armed to resist tyranny in the long term. Not that I like violence, but a government should not be given a free pass to forget that it is supposed to serve its constituency.
I’ve thought a lot about these things, and I have come to the conclusion that too much liberal and leftist (not the same in my book) political theory still subscribes to the enlightenment view of a generally good humanity. Listening to journalists, one would think “that there exists a group or category of people that is stupid and evil, while most of us are good.” And “as long as the government is headed by good people and they are given sufficient power, they can make sure that things are gonna be good for everyone.” Especially considering climate change and the current pandemic. This seems to be part of the world view of the major media and of the U.S. Democratic Party in particular? (Not that I like Trump, either…)
I don’t see how a political system that does not account for the fact that anyone and everyone is capable of mistakes is supposed to be sustainable. (As Christians, we call this the fallen nature of humanity, and it is quite a useful thinking tool to have!) Isn’t this overreach precisely what they criticise about fascist centralization of power, while the exact same thing is happening with a different face?
I see similarities to the issue of the Senate and the Electoral College – so many are up in arms about it and how it’s per-state representation is undemocratic, while missing the point that it was designed to allow a continent-wide federation to work. Without it, what prevents the dense population centers of California, NY and DC from oppressing the sparsely populated states, such as, say, Montana or Wyoming?
I hope you enjoy your Scotch, or whatever you feel like! I’ll hopefully finish my Master’s this month and should have more disposable income afterwards.
If you also have thoughts on the things discussed here, please feel free to contact me.
Toss a Coin to Your Podcaster
I am a freelance journalist and writer, volunteering my free time because I love digging into stories and because I love podcasting. If you want to help keep The Private Citizen on the air, consider becoming one of my Patreon supporters.
You can also support the show by sending money to via PayPal, if you prefer.
This is entirely optional. This show operates under the value-for-value model, meaning I want you to give back only what you feel this show is worth to you. If that comes down to nothing, that’s OK with me, pard. But if you help out, it’s more likely that I’ll be able to keep doing this indefinitely.
Thanks and Credits
I like to credit everyone who’s helped with any aspect of this production and thus became a part of the show.
Aside from the people who have provided feedback and research and are credited as such above, I’m thankful to Raúl Cabezalí, who composed and recorded the show’s theme, a song called Acoustic Routes. I am also thankful to Bytemark, who are providing the hosting for this episode’s audio file.
But above all, I’d like to thank the following people, who have supported this episode through Patreon or PayPal and thus keep this show on the air: Niall Donegan, Michael Mullan-Jensen, Jonathan M. Hethey, Georges Walther, Dave, Eric gPodder Test, Butterbeans, Kai Siers, Mark Holland, Steve Hoos, Shelby Cruver, Fadi Mansour, Vlad, Matt Jelliman, Joe Poser, Jackie Plage, 1i11g, ikn, Dave Umrysh, Dirk Dede, David Potter, Vytautas Sadauskas, RikyM, drivezero, Mika, Jonathan Edwards, Barry Williams, Silviu Vulcan, S.J., Daniel B. and Bennett Piater.