- From: David Booth <david@dbooth.org>
- Date: Thu, 2 Apr 2020 15:06:01 -0400
- To: public-credentials@w3.org
On 4/2/20 11:39 AM, Juan Caballero wrote:> I found this very clear and didactic questionnaire intended for people > designing or evaluating contact tracers. I thought it might be useful > to disseminate: > https://cpg.doc.ic.ac.uk/blog/evaluating-contact-tracing-apps-here-are-8-privacy-questions-we-think-you-should-ask/ That document raises excellent questions, but I think the range of protocols (designs) for consideration should be broadened even more. All three of the toy protocols that they discuss involved a central authority -- presumably a public health agency -- that would receive information about infected or exposed individuals. I think it would be good to also consider: - A completely voluntary protocol, in which a central authority would never be notified of the user's risk status. Instead, the user would be notified, in the hope that he/she would voluntarily take appropriate testing and isolation measures. - When two users are in bluetooth proximity, their apps do a key exchange, in enable communication later if needed. If high risk or infection is later determined, the app commiunicates with others that were in proximity within the past N days. Keys older than N days are automatically deleted by the app. - A mixed protocol, in which a central authority would only be notified if the user appeared to be at high risk -- to stop super spreaders or silent spreaders. - When an app is notified of another user who is at high-risk (or positive), the app starts a timer. If no digitally signed "all clear" for that contact is issued within H hours, the app decrypts that user's contact info and notifies a central authority for followup action. An "all clear" can be issued if the user tests negative or is immune or is confirmed isolated. - A red/yellow/green approach, in which each user's risk is rated by the app, and a user must show a green (low) risk status as condition for entry to public transport or other areas that involve close proximity -- WITHOUT informing a central authority. The user could lower or reset his/her risk status by demonstrating a digitally signed negative test result or certificate of immunity. China has used the red/yellow/green approach, but with central control and an opaque algorithm: https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html The above ideas may be completely half baked! I am only posting them to hopefully spark other, better ideas, since I am not a privacy/security expert. Thanks, David Booth > > > This group needs scribes and multipliers more than opinions, but I'll > limit myself to one: +100 to Adrian's invitation to prioritize > collaboration and model consensus. I don't think our efforts will be of > much use to any public health authorities unless they are cohesive > end-to-end. > > I looking forward to discussing these topics with many of you across > various community calls and fora in the coming weeks. Thank you and be safe, > __juan > > On Thu, Apr 2, 2020 at 4:02 AM Paola Di Maio <paola.dimaio@gmail.com > <mailto:paola.dimaio@gmail.com>> wrote: > > Thank you Moses > > this is exactly what happened to me a week ago or so, as I told in > my response to David Booth who started this thread. > It must have been this technology, but it is deployed > elsewhere as well, below the radar. They may have satellite reach > across borders > it is not limited to one country. > It does not have any approval from the legit government > who does not know this is taking place. Thsi is extra > constitutional and unlegislated > where I am. > (I have been tackled and harassed with this tech before covid by > anonymous secret states > and I now do not take my cell with me when I go out unless I have to.) > Thanks for sharing, so we know this is happening, and the good news > is that I am not crazy. > PDM > > On Thu, Apr 2, 2020 at 6:12 AM Moses Ma > <moses.ma@futurelabconsulting.com > <mailto:moses.ma@futurelabconsulting.com>> wrote: > > Hey all, > > Israel is now tracking instrusively via cellphones: > https://www.npr.org/2020/03/19/818327945/israel-begins-tracking-and-texting-those-possibly-exposed-to-the-coronavirus > > /"Big Brother is here," wrote Omer, a young father, on Facebook, > minutes after he received a text message that he'd been close to > a virus carrier the previous week./ > > This is the message they send: > > "Hello. According to an epidemiological investigation, you > were near someone sick with the coronavirus. You must > immediately isolate at home [14 days] to protect your > relatives and the public. ... This information will be used > only for this purpose and will be erased when no longer > needed. Sincerely, public health services." > > Ehud, can you get us more info to sense the ground truth over there? > > I'll be able to say more about our approach, that will leverage > VCs and maybe DIDs, soon... but we're getting traction with one > state and one country's MOH. Things moving quickly! > > Moses > > > > > On 3/27/20 9:55 PM, Ehud Shapiro אהוד שפירא wrote: >> I mentioned the fact that it is open source not as a testimony >> for its being good, but as a practical advice for people in >> countries that do not have it, so that they can easily adopt >> it and adapt it to their own country's needs. >> Separately, I have sent an opinion by Adi Shamir (the S in >> RSA, a Turing-award winner and a leading authority on security >> and privacy). >> Be safe, >> Udi >> > > -- > > *Moses Ma | Managing Partner* > > moses.ma@futurelabconsulting.com > <mailto:moses.ma@futurelabconsulting.com> | moses@ngenven.com > <mailto:moses@ngenven.com> > > v+1.415.568.1068 | skype mosesma | /linktr.ee/moses.tao/ > <http://linktr.ee/moses.tao> > > FutureLab provides strategy, ideation and technology for > breakthrough innovation and third generation blockchains. > > Learn more at /www.futurelabconsulting.com/ > <http://futurelabconsulting.com>. For calendar invites, please > cc: mosesma@gmail.com <mailto:mosesma@gmail.com> > > > Or whet your appetite by reading /Agile Innovation/ > <http://www.amazon.com/Agile-Innovation-Revolutionary-Accelerate-Engagement/dp/B00SSRSZ9A> > | /Quantum Design Sprint/ > <https://www.amazon.com/Quantum-Design-Sprint-Application-Disruptive/dp/1799143864> > | my blog at /psychologytoday.com/ > <http://www.psychologytoday.com/blog/the-tao-innovation>. > > NOTICE TO RECIPIENT: THIS E-MAIL IS MEANT FOR ONLY THE INTENDED > RECIPIENT OF THE TRANSMISSION. IF YOU RECEIVED THIS E-MAIL IN > ERROR, ANY REVIEW, USE, DISSEMINATION, DISTRIBUTION, OR COPYING > OF THIS E-MAIL IS STRICTLY PROHIBITED. PLEASE NOTIFY THE SENDER > IMMEDIATELY OF THE ERROR BY RETURN E-MAIL AND PLEASE DELETE THIS > MESSAGE FROM YOUR SYSTEM. THIS EMAIL SHOULD NOT BE CONSIDERED > BINDING; HARD COPY DOCUMENTS ARE REQUIRED TO CREATE LEGALLY > BINDING COMMITMENTS. FOR CALENDAR INVITES, PLEASE CC: > MOSESMA@GMAIL.COM <mailto:MOSESMA@GMAIL.COM> > > > > -- > ----------------- > Juan Caballero > Communications, Research, Press > Berlin-based: +49 1573 5994525 > Signal/whatsapp: +1 415-3101351
Received on Thursday, 2 April 2020 19:06:17 UTC