Apple and Google combine to help solve problems

Since COVID-19 can be transmitted through close proximity to affected individuals, public health organizations have identified contact tracing as a valuable tool to help contain its spread. A number of leading public health authorities, universities, and NGOs around the world have been doing important work to develop opt-in contact tracing technology. To further this cause, Apple and Google will be launching a comprehensive solution that includes application programming interfaces (APIs) and operating system-level technology to assist in enabling contact tracing. Given the urgent need, the plan is to implement this solution in two steps while maintaining strong protections around user privacy.

First, in May, both companies will release APIs that enable interoperability between Android and iOS devices using apps from public health authorities. These official apps will be available for users to download via their respective app stores.

Second, in the coming months, Apple and Google will work to enable a broader Bluetooth-based contact tracing platform by building this functionality into the underlying platforms. This is a more robust solution than an API and would allow more individuals to participate, if they choose to opt in, as well as enable interaction with a broader ecosystem of apps and government health authorities. Privacy, transparency, and consent are of utmost importance in this effort, and we look forward to building this functionality in consultation with interested stakeholders. We will openly publish information about our work for others to analyze.

Here is the full story.  I cannot help but wonder if this would have happened sooner if not for a) antitrust concerns, and b) fears of existential risk due to attacks on the privacy issue.  But I am pleased to see it is proceeding, and one hopes the risks on the legal side will not turn out to be too high.

Comments

That's one way to put it.

Another is that they're stopping other apps, like the NOVID app, which is ready to go today, from being in their app stores while they take several weeks to roll theirs out.

You're playing for the wrong team here, Tyler.

Note: NOVID was created by Carnegie Mellon mathematician Po-Shen Loh and a team of young geniuses. Help put pressure on the tech benemoths to allow their app in the store.

And when all is said and done, remember who is gathering all your data and who isn't.

Not even close.

The two companies wrote a public API standard, and they have been doing this for 40 years, way back to the 70s. It is common, standard practice, and it is blown up into nonsense by the virus hysteria.

Re: "I cannot help but wonder if this would have happened sooner if not for a) antitrust concerns,"

That is pure speculation.

Joint venture law applies, meaning the rule of reason. A good antitrust lawyer, like myself, can easily structure the collaboration so as not to create a problem.

This is the nature of standard setting, and collaborative development agreements. Happens all the time. There will probably be open API (for interoperability) and other disclosures so it does not become a proprietary standard. Apple and Google have very good antitrust counsel.

Also, If you had a concern, you would apply for a Business Review Letter (quickly granted).

So, if you happen to find all this information while stumbling around in the dark, and have the resources for the journey, you just might not drown in the moat, maybe.

You really contribute to the discussion, as is reflected in your understanding of this issue.

Bill, Interesting. You always have to examine the case and context. Do you happen to know about solving liability insurance issues when attempting to really fast-track products, whether they be drones, online doctors, drugs, etc.?

Even if you do not know what you are talking about, I do know what I am talking about in my area of expertise.

Yeah, Tyler's item (b) seems much more relevant. I wouldn't trust those companies with my data.

If it's opt in, then this is much less of an issue.

But I still have some concerns. Making changes at the operating system level? And does "opt in" mean they'll be burying it inside the fine print of every single app's user agreement? That's not true informed consent.

So as usual the devil is in the details.

P.S. I just thought of another concern. What if I opt in, but the people who I meet with do not? How will this contact tracing be useful without a very high rate of opting in? And what means, nefarious or otherwise, will Apple/Google/government health authorities use to get people to opt in?

I don't know how many people covid19 will kill but it definitely killed the little bit of privacy that was left. Not necessarily a bad thing in some aspects, but definitely something to note and remember. Next step, HealthID card, your trustworthy companion during any crisis!

Anyone with a cell phone gave up their last little bit of privacy after the FCC required that cell phones be useful for pinpointing the location of a 911 call.

The protocol design is very good. There is no privacy leakage unless you get a positive test, at which point a series of anonymous numbers will be published from your phone, one for each day you were possibly contagious. Other people effectively download all those numbers and can check whether they were exposed to someone contagious without revealing any information about themselves. No location data is tracked at all.
This is a service that is much more effective if provided by a low level of the operating system, so it's important that Apple and Google provide it.
It's not clear who will provide the app(s) that use this data. Those apps could leak quite a bit of data, but the contact tracing protocol is safe to opt into.
This is an extremely privacy-friendly contact tracing system so far, certainly the best we can hope for.

Could you please elaborate on why it’s more effective if it’s provided at the operating system level?

Technical reasons: the rolling identifier is broadcast by your phone at a very low level, which I am guessing is not available to a user application.
There is also a privacy interaction with the existing Bluetooth anonymity mechanism - the two identifiers need to be changed simultaneously in order to prevent the contact tracing public identifier from breaking the Bluetooth-level anonymity (and vice versa). I'm pretty sure that kind of integration with the Bluetooth stack would be impossible for a user app.
Security reasons: putting this into place at the operating system level prevents people other than Apple and Google from weakening the protocol.

The Apple and Google announcement is of a low-level operating system features necessary to implement privacy-preserving proximity tracing, the details of which have been published independently by researchers at EPFL/ETH (https://github.com/DP-3T/documents) and MIT (https://pact.mit.edu/wp-content/uploads/2020/04/The-PACT-protocol-specification-ver-0.1.pdf).

Apple and Google will not run the servers (this will be done by national governments and health authorities). The companies are providing an essential low-level functionality--without which it is difficult or impossible to implement robust, power-conscious apps--and committing to make the feature interoperable between their phones.

Big step forward for an app that is fundamental to ensuring that the epidemic does not take hold again when people leave their homes. For the bigger picture, take a look at https://ncase.me/contact-tracing/

"This will not end well", said Sarah Conner.

An analysis of benefits must certainly start with the premises that:
1. the data will not remain anonymous.
2. the data will be misused in ways unrelated to stated purpose.
3. the data will be stolen.
4. the government will use the data in expansive ways unrelated to the intent.
5. the data will be used against people criminally for noncompliance.
6. it will be effectively mandatory even if sold as optional.
7. it will be a massive windfall for the vendors.
8. people without current phones will be screwed.
9. other apps will piggyback the surveillance.
10. the vendors will track data they promised not to track.
11. the vendors will invent new ways to misuse the data and power.

The protocol and API are designed to prevent these things, or to make them much more expensive than existing alternatives.
In real life, if the police want your location data they just buy it from your cell phone provider. If your phone manufacturer wants your data they can just take it.
Apple and Google are in a place to do the right thing and if the design has flaws they are subtle ones, more likely to be fixed than exploited.

Well I hope you're right. There's a first time for everything I suppose. But my money is still on the scorpion.

sorry that came out wrong.

by first time, i meant first time big tech plays it straight

Google, at least, has certainly earned our trust that the data will never be used in any way other than what they are saying.

Simpler solution: just ask the person infected with C-19 who they interacted with, under penalty of a stiff fine if they forget who, or lie. Then contact these people and test them, repeat the question, etc.

The proposed solution reminds me of the apocryphal US space pen that works in zero-gravity, developed for millions of dollars, which the Russians solved with a simple golf lead pencil.

But it's more cool to have such an app on your phone, granted, and maybe that's what this is really all about (status).

Ok then, who came within 6 feet of you the last 3 times you were at the grocery store, and how can we contact these people? Remember, there is a stiff fine if you forgot.

Nobody. Since in Greece where I'm at, there's a rule saying no more than two people allowed into a grocery store. And a new rule, that a gloved employee will pick your fruit for you and bag it. Which is annoying since the sneaky employee the other day put in rotten, soft apples along with the good ones, and I paid for them (a form of inflation).

More seriously, why should infected people be allowed to shop? This would negate the need for a tracing app. Remember, asymptotic carriers of C-19 are not really responsible for infection say some experts (the answer would change if it was not so).

I am just laughing my ass off at all these genius ideas for tracing. Even Ray should know better that tracing at this point is a fucking joke. This is the Amber Alert all over again. One more text to delete without reading for everyone.

We are literally plagued with people who feel a need to appear to be doing something, anything.

It has been a bit disconcerting to see this happening.

Bluetooth LE (BTLE) allows for beacons to be emitted. These are very short messages that would normally say "Come in here for coffee! Coupon code 3GZ gets you 10% off"

Apple and Google are adding APIs to standardize how you emit beacons and how to retrieve beacons you've seen.

Imagine if you emit for a few minutes the beacon A12, A12, A12. Everyone around you sees A12 and stores it. And as you get on a train, you see everyone else's beacons. And you store those. Every so often, you will change your beacon. This means nobody will know it's you specifically.

If you get sick, then you just need to upload all the beacons you've seen. Presumably someone at Google or Apple will then map those beacons into actual users, and those users will be told "Yesterday you were the D3 train at 5:04 PM and someone in your car has come down with the virus."

it's a very good system they are building. My guess is that everyone decides to either opt-in or not. If you opt-in, you can indications if you were exposed. Similarly, you can warn others if you were exposed.

This system could be huge for tracing across oceans.

You could also build a risk score. For exmaple, if you spent 12 hours next to someone on a long-haul flight, your risk score is 100. If you passed someone in a train station for 3 seconds, 4 days ago, your risk score is 1.

If you want to ride the train, you need a risk score below 10.

It's a very powerful framework they are building. I'd rather they build it that the gov, that's for sure.

"If you get sick, then you just need to upload all the beacons you've seen."
That would be a privacy problem, what they are doing is better.
If you are diagnosed you upload all the beacons you've *used*, and anybody can see if they've been in the vicinity of that beacon. You won't get an alert unless you install an app that checks the beacons you've seen against the widely shared list of beacons with a diagnosis.

Thank you. This could also alert you to super spreaders or persons who were asymptomatic whom one could predict was a likely spreader.

@Phinton -- Almost, but you don't uplod the beacons you've seen. When you are diagnosed positive with a test, you voluntarily upload the anonymous keys that you have broadcast for the past N days (A/G propose 14, but that is a medical/epidemiological decision). The server (provided by your country or health authority) will send these keys (mixed with all other infected keys) to all copies of the app. On your phone, the app will compare these against all of your contacts over the period. Your contacts never leave your phone. If you were potentially infected, the app will notify you of this and advise you to contact local health authorities. Totally voluntary on both sides and no connection between phones and people. More details at https://gitlab.com/cga-app and https://pact.mit.edu/wp-content/uploads/2020/04/The-PACT-protocol-specification-ver-0.1.pdf

N and James, thanks you are correct.

But it seems a bit odd to have just the sick upload. First, with an affliction rate of 1 in 10K in early stages, it just takes one jackass out of 100 to falsely certify themselves as sick as a prank and send countless people into a panic. Is there a key you are given when diagnosed to ensure false reporting is prevented?

Second, the counter to this is that there's a lot of benefit to opting-in and being notified when those around you have become sick BUT continuing to operate as non-sick even if you are sick (eg for work to ensure you can keep earning).

For example, we know people that KNOW they are sick have gotten on airplanes because they've decided getting home is more important than ensuring they don't sicken anyone.

I understand the privacy concerns, but once it becomes serious, it needs to become a bit more draconian.

Contact tracing works. Public health departments at the city, county, and state level routinely deal with STDs (including AIDS) this way. You know who you had sex with, or shared needles with, whereas you don't know who you coughed upon. That said, a carrier should have some details about whom he congregated with, unless it's a case of walking through an airport or train station or opera house,

And again, the South Koreans are way ahead in this technological discussion about ensuring the only action that will slow/stop the virus - quarantining/isolating is done. -
"South Korea has announced plans to strap tracking wristbands on people who ignore quarantine orders, with officials warning that stricter controls were required to enforce self-isolation rules.

Some of the 57,000 people who are under orders to stay home have apparently slipped out by leaving behind their smartphones, which are currently used to monitor movement.

A South Korean health official, Yoon Tae-ho, acknowledged privacy concerns but said the wristbands were necessary because the number of people under self-quarantine has soared over recent weeks. Since April 1, the country has required new arrivals from abroad to isolate for 14-day.

Lee Beom-seok, an official from the ministry of the interior and safety, said the government could not force people to wear the wristbands, but that citizens would be asked to sign consent forms. Those who agree to do so could be considered for lighter punishment. People can face up to a year in prison or fined as much as $8,200 for breaking quarantine orders in the country. "

The law to allow this undoubtedly also exists in the U.S. - quarantine orders/laws have played a major public health role since the 18th century.

Are there not HIPAA concerns?

As I understand it much of HIPAA is concerned with storing personally identifying information securely.
In this case no PII is stored, all the identifiers that are logged are generated with crypto (no name, location, SSN, telephone serial number, etc).

> As I understand it much of HIPAA is concerned with storing personally identifying information securely.

But the system as proposed is so anonymized that you cannot detect and reject bad actors.

That ship sailed a long time ago. You can be sure that Google has access to massive amounts of private healthcare information - both directly from databases, and inferred from browsing, purchasing, and location data. To say nothing of the information they are collecting from millions of wearable medical devices. Apple has this data as well.

My friend is a noted internet privacy expert, currently consulting on policy for a developed world government. I spoke to him Tuesday.

This would have happened sooner were it not for fear of being attacked for violating privacy.

That it will take them longer than this (possibly earlier) alternative.

In early April, the German government announced that it was working on a voluntary smartphone app using Bluetooth to trace possible chains of Covid-19 contagion. Here's what one of the developers behind the software has to say about it.

The project has led to some lively discussions in a country where personal privacy is fiercely guarded thanks to the scars of two 20th-century dictatorships.

Chris Boos, the founder of Frankfurt-based artificial intelligence company Arago and a member of the German government's Digital Council, has been helping to develop a software platform for the app.

When will the Covid-19 contact tracing app be available in Germany?

"We will see it launched at the end of April, that seems realistic to me. Everyone wants it as soon as possible, but it has to be tested and certified for security first."

What are some of the key characteristics of the platform?

"Firstly, the system has to be based on the right variable (contact between mobile phone users) to avoid comparing apples with oranges. Secondly, privacy must be protected. No location data is used, nor any data that would identify the phone, such as the SIM card number. And finally, the system has to work internationally, so I can travel freely to countries that use the same platform."

What about privacy concerns?

"From the beginning, we were clear that we did not want to recreate the situation in some Asian countries where people are completely exposed. I don't see a problem as long as we offer a secure alternative that respects data protection laws."https://www.thelocal.de/20200410/interview-how-germany-is-gearing-up-for-virus-tracing-app

c The cell phone companies could have been doing this 8 weeks ago, but then the American cat would be truly out of the existing deepstate bag.

Or possibly the new b, as the current b is simply incorrect. APIs that enable interoperability are never cause a for antitrust concerns. The fact that Apple and Google are taking so long illustrates another South Korean advantage responding to a virus - the ability to create a functional system early on, not as sadly late as something coming in a half month or more. And clearly, the South Koreans were under far fewer illusions about how their cell phones were being tracked.

It is quite possible that adapting/adopting the API (one assumes that the actual APIs are really just one interface for the developer, in the same sense as Java) may require more than trivial effort - luckily at least google has extensive open source experience that might be helpful.

Turning your country into a surveillance state is not necessarily an advantage. Otherwise China would have stopped the coronavirus in its tracks but they failed.

" the South Koreans were under far fewer illusions about how their cell phones were being tracked."

No. South Koreans are willing to make a trade that many in the West don't want to make. There is nothing wrong with different democracies making different choices. You left out that the South Koreans also examined credit card statements, video surveillance, and conducted interviews with family, friends, and neighbors. Again this may make sense in an Asian context but would appear very Stasi-like for Westerners.

Happy Windows phowner

I normally turn off both the Bluetooth and WiFi radios on my phone to reduce power consumption. Will this option will be going away with the new tracking apps?

Just imagine how much faster the COVID-19 response would be if the US government created a law abolishing companies of any responsibility whatsoever under any existing laws if these laws are required to speed up the fight against the virus. HIIPA, privacy laws, antitrust laws, medical ethics laws... absolute garbage that should fly out the window until the pandemic is resolved.

Comments for this post are closed