Academics: We hate to ask, but could governments kindly refrain from building giant data-slurping, contact-tracing coronavirus monsters?

Decentralise over Bluetooth, say 300 scholars

77 Got Tips?

Hundreds of academics have warned governments around the world not to commission coronavirus contact-tracing apps that collect and store personal data on entire countries' populations.

Published today, the open letter has been signed by professors from 26 countries and urges governments to think about the dangers of building pools of data revealing precisely who you meet, when and where.

Referring to other countries' experiments with contact-tracing apps as a way of halting the spread of the infection, the academics said: "Though the effectiveness of contact tracing apps is controversial, we need to ensure that those implemented preserve the privacy of their users, thus safeguarding against many other issues."

The Register explained in broad terms how the apps work a few days ago. The problem is that there are two competing approaches for contact-tracing apps: a centralised one, where data from the population is concentrated at one hub for analysis; and a decentralised one, where apps tell the user if they have been in contact with someone who has COVID-19.

The academics fear that a centralised approach would either create an irresistible temptation for "mission creep", fuelling the worst authoritarian instincts of governments collecting population-scale social graph data – or simply create a hugely valuable store of that data ripe for criminals, spies and similar undesirables to hack into.

In the letter, the academics warned that the centralised approach could "catastrophically hamper trust in and acceptance of such an application by society at large." If people didn't trust a government-backed app for fear that data harvested from it could be abused for other purposes, they simply wouldn't use it or would find ways of spoofing the data.

On the flip side, trusting the population to input its own medical diagnoses into a decentralised app is a risky approach. Aside from those not wishing to declare their status, for whatever reason, what about those with mild symptoms who might think they've had a bad cold instead of the coronavirus?

"Research has demonstrated that solutions based on sharing geolocation (i.e., GPS) to discover contacts lack sufficient accuracy and also carry privacy risks because the GPS data is sent to a centralized location," said the letter. "For this reason, Bluetooth-based solutions for automated contact tracing are strongly preferred when available."

Google and Apple, two companies not known for their devotion to privacy, have jointly released a set of specs for a Bluetooth-based contact-tracing app. Singapore released, and later open-sourced, a Bluetooth-based app, having explicitly discounted GPS on practical grounds.

The letter, full details of which El Reg can't publish because our version has people's email addresses baked into it for media use, highlighted four consortia whose decentralised approaches it endorsed: the Western world's TCN Coalition; the Swiss-led DP-3T collective, which includes the co-founder of VMware as one of its advisors; and two American academic initiatives, PACT (MIT) and PACT (UW). Despite the similar names, the US organisations are not formally linked.

Trouble at t'monitoring mill

Meanwhile, a contact-tracing app creation collective originally billed as pan-European has started to wobble as it appears to back away from one decentralised approach.

The PEPP-PT project, a German-led initiative that started off backing both centralised and decentralised models for contract-tracing apps, seems to have fallen out big time with the project building its decentralised model, DP-3T.

Cryptography prof Kenny Paterson of DP-3T told The Register the first he knew about PEPP-PT's apparent change of tack was when its organisers stopped talking to him last week, adding that other institutions had seen this and began socially distancing themselves from PEPP-PT as a result: "There was a leaking away of support over the weekend from the international community at the same time as we were getting [today's] letter ready."

Other academics expressed surprise and discomfort last week to El Reg about PEPP-PT's new direction. ®

Sign up to our NewsletterGet IT in your inbox daily


Keep Reading

Billions of Bluetooth gadgets bothered by ‘BLURtooth’ miscreant-in-the-middle bug

BORKlife! Flaw allows overwriting of keys by the habitual voyeur

Bluetooth SIG strives to make wearables work as COVID-19 contact-trackers

Don’t rush out to buy hardware, this is months from deployment

Take your pick: 'Hack-proof' blockchain-powered padlock defeated by Bluetooth replay attack or 1kg lump hammer

You can do it the easy way or the easier way

Android owners – you'll want to get these latest security patches, especially for this nasty Bluetooth hijack flaw

'Pwned with a broadcast' bug among 25 to be patched by Google

VMware gets into apps with Bluetooth-pinging COVID-safe-office tools

And expands its Horizons VDI into new clouds

Impersonating users of 'protest' app Bridgefy was as simple as sniffing Bluetooth handshakes for identifiers

University of London researchers poked around in 'secure' messaging platform, but didn't like what they found

Apple's MagicPairing for Bluetooth fails to enchant after mischief-making bugs found hiding in the stack

Known and yet still unfixed flaws lurk in proprietary device-linking tech

India to build contact-tracing app for feature phones that still use 2G, don't have Bluetooth and can't run apps

There's hundreds of millions in India alone

Singapore to open-source national Coronavirus encounter-tracing app and the Bluetooth research behind it

Team explains privacy preservation plan and how smartphones' wireless prowess is wildly variable

A dirty dozen of Bluetooth bugs threaten to reboot, freeze, or hack your trendy gizmos from close range

Over the air? More like over the aarrrggghhh

Tech Resources

Navigating the New Era of Cloud Computing

Hear from Steve Sibley, VP of Offering Management for IBM Power Systems about how IBM Power Systems can enable hybrid cloud environments that support “build once, deploy anywhere” options.

Simplifying Hybrid Cloud Flash Storage

According to industry analysts, a critical element for secure hybrid multicloud environments is the storage infrastructure.

Accelerate Your Journey to the Cloud

Increasingly, enterprises are looking to the cloud to run their core mission-critical systems and the cloud is often the primary platform for launching new applications.

Komprise: Unstructured Data Management

Komprise is a compelling data management platform that boasts an analytics-focused approach.