What is the difference between Apple/Google's decentralized and centralized contact tracing?

The decentralized (Apple/Google) approach makes alerts on the user's phone based on proximity data. Centralized systems upload data to a server, where a health authority makes the alert decision, potentially allowing for more data but raising privacy concerns.

How do contact tracing apps maintain user privacy?

Apps use temporary exposure keys and rolling proximity identifiers that change frequently. This means a phone doesn't broadcast a personal identifier, and even if one's RPI is detected, it's difficult to link directly to an individual without additional data.

What are the computational challenges of contact tracing apps?

While computationally intensive, it's manageable. Phones primarily need to generate potential identifiers and compare them with downloaded keys. More complex analysis like signal strength or duration is only done on a 'hit,' and data storage is limited.

Why is user adoption crucial for contact tracing app effectiveness?

Effectiveness depends on a high percentage of the population using the apps. If too few people participate, infectious individuals who don't use the app can spread the virus unchecked, negating the system's benefits.

Can contact tracing apps be abused?

Yes, systems can be abused if not properly secured and verified. For instance, someone could intentionally broadcast false infection data, or use drones or other methods to trigger false alerts, potentially causing chaos or distrust.

What are the privacy implications of government-run contact tracing?

Government-run systems may collect more data like GPS locations and personal details, offering a broader picture of spread but significantly impacting individual privacy. This can lead to reduced user adoption if people distrust the government's handling of their data.

Contact Tracing Technology - Computerphile

Computerphile

Education4 min read26 min video

Apr 30, 2020|105,565 views|3,365|432

computers computerphile computer science Computer Science University of Nottingham Dr Steve Bagley Dr Mike Pound Contact Tracing Exposure Notification Virus Spread

Save to Pod

Key Moments

TL;DR

Contact tracing tech uses Bluetooth for proximity detection, balancing privacy with public health.

Key Insights

Contact tracing technology aims to identify individuals exposed to infectious diseases using smartphone proximity data.

The core mechanism involves phones regularly broadcasting unique identifiers via Bluetooth Low Energy (BLE) and recording nearby devices.

Privacy is a major concern, with Apple and Google's approach focusing on decentralized, anonymous data exchange using temporary exposure keys.

A decentralized system alerts users on their own devices, while centralized systems send data to a central server for analysis.

Effectiveness depends heavily on high user adoption rates (potentially around 80%) and user compliance with self-isolation.

Potential for misuse exists, such as broadcasting fake infection signals or overwhelming systems, necessitating robust security and verification.

THE NEED FOR CONTACT TRACING

In the context of global health crises, particularly pandemics, the demand for effective contact tracing technology surges. The fundamental goal is to identify individuals who may have been exposed to an infectious disease. This allows for timely notification, encouraging self-isolation and thus preventing further spread of the virus. Traditional methods of contact tracing are manual and time-consuming, necessitating technological solutions like those being developed by major tech companies.

TECHNOLOGY AT ITS CORE: BLUETOOTH LOW ENERGY

The underlying technology proposed for contact tracing relies heavily on Bluetooth Low Energy (BLE). Smartphones, equipped with BLE capabilities, can regularly broadcast temporary, unique identifiers. Other nearby phones detect these broadcasts, recording which devices were in proximity and for how long. This proximity data, rather than precise location, forms the basis for identifying potential exposures, leveraging existing smartphone hardware.

NAVIGATING PRIVACY CONCERNS

A significant challenge in developing these technologies is maintaining user privacy. The Apple and Google model employs a decentralized approach, generating 'temporary exposure keys' daily. These keys are then used to create 'rolling proximity identifiers' (RPIDs) that are broadcast. When a user is diagnosed, their temporary keys are uploaded, and other phones can then check if any of their recorded RPIDs match those derived from infected individuals' keys, thus alerting them without revealing identities directly.

DECENTRALIZED VS. CENTRALIZED SYSTEMS

The discussion differentiates between decentralized and centralized contact tracing systems. In a decentralized model, like Apple and Google's, decisions about alerting users are made directly on their devices, considering factors like signal strength and duration of contact. Centralized systems, however, send more detailed data to a central server, allowing for broader analysis and potentially different decision-making processes, but raising greater privacy concerns.

COMPUTATIONAL OVERHEAD AND DATA MANAGEMENT

While the encryption and key generation process might seem computationally intensive, it is deemed manageable for modern smartphones. The system is designed to only perform extensive checks once a potential cryptographic match is found. Furthermore, data storage is limited; phones store RPIDs for a set period, and only a limited number of temporary exposure keys are released by infected individuals (e.g., for the contagious period). This makes the process feasible, with small data packets and efficient processing.

THE CRITICAL FACTOR: USER ADOPTION

The effectiveness of any contact tracing system is critically dependent on achieving a high rate of user adoption, potentially as high as 80%. If a significant portion of the population does not participate, the system's ability to trace infections diminishes rapidly. Even with high adoption, user compliance with self-isolation recommendations remains paramount. Low adoption or refusal to use these systems can lead to a less effective public health response, despite the technological sophistication.

RISKS OF MISUSE AND MALICIOUS ATTACKS

The technology is not without its potential for abuse. Malicious actors could theoretically broadcast fake infectious signals or manipulate proximity data to cause widespread panic or disruption. For instance, a device could be placed in a public area to falsely flag many people as exposed. Robust verification mechanisms, potentially involving verified medical diagnoses, are therefore essential to prevent such misuse and maintain the integrity of the system.

THE BALANCE BETWEEN PRIVACY AND UTILITY

A fundamental debate revolves around the trade-off between privacy and the utility of the contact tracing data. While highly private, decentralized systems may offer less granular insight for epidemiological modeling. Conversely, more centralized systems that collect additional data like GPS locations could provide a broader picture but face significant privacy objections and potential GDPR implications. The choice of system impacts user trust and uptake.

IMPLEMENTATION AND PUBLIC TRUST

The success of these apps also hinges on public trust in the entities implementing them. Utilising established tech companies like Apple and Google can lend credibility due to their existing privacy frameworks. For government-led initiatives, building trust, especially in countries with low confidence in their governments, is crucial. A system that is perceived as too intrusive or exploitative may see low adoption, undermining its effectiveness.

BATTERY CONSUMPTION AND USABILITY

For widespread adoption, the contact tracing functionality must be unobtrusive. Apps that excessively drain battery life through continuous GPS polling or frequent Bluetooth scanning are likely to be uninstalled quickly. The Apple and Google approach, by integrating into the operating system, aims for low power consumption. Any system that significantly impacts daily phone usage will struggle to achieve the necessary participation levels.

Mentioned in This Episode

●Products

●Software & Apps

●Companies

●Organizations

●Concepts

Common Questions

Smartphones use Bluetooth Low Energy to broadcast unique identifiers. When phones are in close proximity for a sufficient duration, they record these encounters. If one person later tests positive, their phone can alert others they've been near.