Switzerland 'first' country to roll out contact-tracing app using Apple-Google APIs to track coronavirus spread

Launch comes ahead of UK rolling out its controversial version


Switzerland says it is the first country to roll out a contact-tracing app for the COVID-19 coronavirus using technology and a set of APIs produced jointly by Apple and Google.

The launch – which is admittedly, for now, limited to a pilot group of essential workers in the country – comes well before the UK is due to widely release its own version of a similar app that has proven controversial regarding privacy and technological concerns.

The Swiss app, called simply SwissCovid, has been supplied to hospital workers, civil servants, and members of the Swiss army as a precursor to a large national roll-out next month. By using APIs developed by Apple and Google, as manufacturers of the most popular smartphone operating systems, the app is designed to protect people’s privacy by keeping all relevant information on their phone, and without burning the battery on Bluetooth signaling.

The automated contact-tracing system works by using a phone’s Bluetooth connectivity to save the IDs of other phones that have physically been nearby. If someone subsequently finds they have the coronavirus, they are able to release a list of IDs their phone has emitted in recent days to a cloud service that other phones will periodically check. If there is a match, other phone users are alerted that they may have been exposed.

That system has been hailed as a way to allow people to move around more freely while allowing anyone potentially infected by the COVID-19 virus to self-isolate if necessary, in theory limiting a new outbreak. The system means that no one is able to see or store the location of people or track individuals, something privacy advocates and the general public are concerned about.

However, many governments remain frustrated that the system designed by two US tech giants does not grant them access to data about the infections, and people's whereabouts and movements, that could prove to be extremely helpful in tackling the virus.

Imposition

Earlier this week, the digital affairs ministers of Germany, France, Italy, Spain and Portugal published a joint statement in which they complained that Apple and Google had failed to take into account their desires for more data and had “imposed technical standards” – a move that amounted to “a missed opportunity for an open collaboration between governments and the private sector.”

Aarogya Setu privacy

India said its coronavirus contact-tracing app is perfect... adds bug bounty and open-sources it anyway

READ MORE

The statement went on: “At a time like this, when the use of technology is crucial to combat this global crisis, as national governments, we expect technology companies to take into account the general well-being and needs of various countries in establishing digital standards. The use of digital technologies must be designed in such a way that we, as democratically elected governments, evaluate it and judge it acceptable to our citizens and in accordance with our European values.”

Regardless, many of those governments are set to introduce their versions of the Apple-Google APIs for the simple reason that other efforts to work around technical restrictions in iOS and Android, regarding Bluetooth and battery use, have proven problematic, and the general public is skeptical of what will happen with the data gathered through those centralized systems. Without a significant percentage of citizens downloading and using the app (at least 60 per cent, say experts), it is unlikely to be effective at limiting viral outbreaks.

Several countries have stood apart from the Apple-Google solution, however, not least the UK which has developed its own technology where all data will be sent to a central server and health professionals will be responsible for deciding when and how to contact people. The UK app, which has sparked ongoing concerns about privacy and its effectiveness, is being tested in the Isle of Wight, and is due to roll out later this year.

While we wait for that technology to be finalized, today Blighty will start a manual track-and-trace system of those who test positive for coronavirus.

UK goes it alone, virtually

The UK contact-tracing smartphone app, as it stands, relies on an unusual and rarely used features within Android and iOS to wake up other phones in its proximity and store people's unique IDs, and then, when someone comes down with COVID-19, they can choose to send the relevant data to the National Health Service, which analyses it before responses are sent out.

But there are questions over whether the system will actually work or whether a sufficient number of UK citizens will download it given the fact that the government has made it plain it intends to store the data indefinitely. There also remain serious concerns the app will be used to identify and track the locations of users, effectively acting as a mass surveillance tool.

The Australian government, which has produced a COVID-19 app similar to the UK’s approach, has not reached its target of 40 per cent of the population and is reportedly looking at switching to the Apple-Google approach in order to get more people using it.

Meanwhile, the Swiss have adopted a pragmatic attitude to the dispute. “All of us are trying to build a contact tracing system on top of software and hardware that was not designed for this purpose,” explained one of its developers, Professor for Systems and Network Security for ETH Zurich, Srdjan Čapkun.

He added: “Bluetooth was not developed for this kind of large-​scale distance measurement. Making sure that we can use it in this way requires a lot of engineering skill and collaboration, including collaboration with Apple and Google.”

He warned however that being first also meant that “we are the first to have to deal with the teething troubles of the program,” and asked those in the pilot group to send feedback before the June national roll-out. ®


Other stories you might like

  • Experts: AI should be recognized as inventors in patent law
    Plus: Police release deepfake of murdered teen in cold case, and more

    In-brief Governments around the world should pass intellectual property laws that grant rights to AI systems, two academics at the University of New South Wales in Australia argued.

    Alexandra George, and Toby Walsh, professors of law and AI, respectively, believe failing to recognize machines as inventors could have long-lasting impacts on economies and societies. 

    "If courts and governments decide that AI-made inventions cannot be patented, the implications could be huge," they wrote in a comment article published in Nature. "Funders and businesses would be less incentivized to pursue useful research using AI inventors when a return on their investment could be limited. Society could miss out on the development of worthwhile and life-saving inventions."

    Continue reading
  • Declassified and released: More secret files on US govt's emergency doomsday powers
    Nuke incoming? Quick break out the plans for rationing, censorship, property seizures, and more

    More papers describing the orders and messages the US President can issue in the event of apocalyptic crises, such as a devastating nuclear attack, have been declassified and released for all to see.

    These government files are part of a larger collection of records that discuss the nature, reach, and use of secret Presidential Emergency Action Documents: these are executive orders, announcements, and statements to Congress that are all ready to sign and send out as soon as a doomsday scenario occurs. PEADs are supposed to give America's commander-in-chief immediate extraordinary powers to overcome extraordinary events.

    PEADs have never been declassified or revealed before. They remain hush-hush, and their exact details are not publicly known.

    Continue reading
  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading

Biting the hand that feeds IT © 1998–2022