Several thousand Swiss citizens – mostly members of academia, the Swiss Army, and hospital staff – just began what may be the most important trial of a mobile app in human history.
On Monday, May 25, SwissCovid became the first official application supported by Apple and Google’s APIs for tracing contacts at risk of transmission of COVID-19 to be deployed in an extensive pilot project. Like other mobile contact tracing apps that have been released around the world so far, the purpose is to signal a user that they have been in close contact with at least one other person that has tested positive for COVID-19. People being notified by the app can then take precautions to limit their transmission of the virus.
But there is one crucial distinction between SwissCovid and all other contact tracing apps released to date – it uses a decentralized architecture known as Decentralized Privacy-Preserving Proximity Tracing (DP3T), ensuring the privacy of users while performing its function.
“We reached out to Apple and Google early and initiated discussions regarding a joint API and are, even now, heavily involved in shaping the discussions around the API based on our experiments and measurements,” said Mathias Payer, a professor at the EPFL School of Computer and Communication Studies. “DP3T focuses on a single aspect: decentralized privacy-preserving proximity tracing. Any additional functionality, if desired by a country, could be offered through other apps or measurements. DP3T is a privacy-preserving approach towards a single goal and we avoid feature creep by design.”
This process diagram highlights the key differences of a centralized approach vs. a decentralized approach to contract tracing with mobile apps. (Info-Tech).
So far, contact tracing apps released in different jurisdictions have been mostly ineffective. But their centralized design has been a significant factor. The centralized approach sees all contacts made between users logged on a central server, where newly infected cases can be cross-referenced. That opens the door to a new government surveillance mechanism that holds potential to know details about an individual’s movements and who they associate with. Also, it doesn’t work well for iPhone users. Because Apple limits permissions to use Bluetooth functions, apps that aren’t using its released APIs won’t be able to do contact tracing in the background.
The next phase of contact tracing mobile apps, also referred to as exposure notification apps, have potential to achieve a goal that most developers would never think possible. The app could save lives by limiting COVID-19’s spread and help re-open economies that have been throttled by strict lockdown measures. Researchers at Oxford University estimate that the epidemic could be stopped if 60 per cent of the population adopts such an app, but even if we fall short of that, every two users of the app could prevent one additional infection.
Bridging the trust deficit
Achieving an adoption level of 60 per cent would be a stunning achievement. Consider that even the Facebook mobile app, which is the most popular mobile app that must be downloaded to a smartphone in the U.S., has an adoption of 68.6 per cent after years of availability. But using a decentralized approach should help encourage people to adopt it since it doesn’t ask that users put their trust in any monolithic institution.
In our Tech Trend 2020 report at Info-Tech Research Group, we examined the idea of distributed trust. The modern era was defined by a trust system that is no longer working. Large institutions, namely governments and banks, acted as trusted third parties that could facilitate transactions between strangers. But in 2020, trust in those institutions is diminished. Whether that effect is happening for a good reason or not can be debated, but the effects can’t be. Requiring people to put too much trust in a third-party can now cause friction in transactional systems. In the report released earlier this year, we examined blockchain as the first example of a commercial-grade solution for distributed trust. Now a peer-to-peer system that facilitates contact tracing stands to become another example.
“No stone has been left unturned in protecting privacy,” said Ann Cavoukian, executive director of the Global Privacy & Security by Design Centre at Ryerson University. Cavoukian is also in discussion with Apple in regard to its contact tracing framework. “There is no way to identify the user.”
Cavoukian takes issue with discussion about trading off privacy rights for improved methods to prevent the spread of COVID-19. That’s a zero-sum mindset that assumes there is a trade-off between privacy and public health, she says. “It’s nonsense, it’s so yesterday. We can have both privacy and public health. We can do this.”
At least one survey indicates that the design of a contact tracing mobile app will make a difference in how many people adopt it. A Henry J. Kaiser Foundation survey finds that 50 per cent of Americans are willing to download an app that is decentralized, only alerting them directly if they’ve come into contact with COVID-19. Slightly less, 45 per cent, would be willing to do so if that app provided the same information to public health officials.
Based on other survey data, it appears Americans would also be most likely to trust an app:
- That is issued by their local jurisdiction health authority (rather than a tech company).
- Does not use location data as a factor.
- Enables a return to more normal activities.
- Has high security.
Why the centralized versions haven’t been a success
Australia was early to launch a COVID-19 contact tracing app in the western world, and at first, it looked like its centralized design would be well adopted. On April 28, just 24 hours after its launch, 2 million Australians had downloaded the app, COVIDSafe. By May 6, it passed 5 million downloads and registrations – halfway to its goal of 40 per cent of its population. But the progress has stalled there and by May 23, was hovering around 6 million registered users.
Built by the Digital Transformation Agency with a centralized design, the iPhone version wasn’t effective. It wouldn’t log “Bluetooth handshakes” with other devices unless the device was running on the screen, making it impractical for most users. A recent update was intended to address this issue, but fully resolving it would require redesigning the app to be compatible with the Apple and Google APIs. Only one case has been reported of a user being identified through the data generated by the mobile apps, reports The Guardian.
A centralized design also hindered success for Singapore’s TraceTogether app, which was one of the first of such apps to grab headlines about contact tracing. The app saw about 1.4 million users as of May 18, about one-quarter of the population, according to the South China Morning Post, far short of the goal of 75 per cent. A survey reveals the main motivation for those that were aware of the app but didn’t download it is they did not want the government to trace their movements.
In Canada, Alberta released AB Trace Together, another centralized scheme. The province has seen 11 per cent of residents adopt the app after news headlines about its release focused on the fact it did not work well with iPhones and the fact it was under review by the Alberta Office of the Information and Privacy Commissioner.
Another centralized app is being trialled on the UK’s Isle of Wight, but the government has already committed to produce another decentralized app that will focus on augmenting manual contact tracing efforts. The series of poor performances has groups like the Electronic Frontier Foundation calling for governments to only approve decentralized versions of the app going forward.
That being said, the decentralized apps also have their own weaknesses.
What could go wrong?…