W3C home > Mailing lists > Public > public-credentials@w3.org > April 2020

Re: Privacy-protecting contact tracer for COVID-19? [was Re: A Moment of Silence #Foremembrance Today at 19:06 CET, 2:06 pm EDT, 11:06 am PDT, and Saturday at 2:06am in Hong Kong & Taipei]

From: David Booth <david@dbooth.org>
Date: Thu, 2 Apr 2020 15:06:01 -0400
To: public-credentials@w3.org
Message-ID: <1919f05b-e7a3-a144-1296-d340af9592e5@dbooth.org>
On 4/2/20 11:39 AM, Juan Caballero wrote:> I found this very clear and 
didactic questionnaire intended for people
> designing or evaluating contact tracers.  I thought it might be useful 
> to disseminate:
> https://cpg.doc.ic.ac.uk/blog/evaluating-contact-tracing-apps-here-are-8-privacy-questions-we-think-you-should-ask/ 

That document raises excellent questions, but I think the range of 
protocols (designs) for consideration should be broadened even more. 
All three of the toy protocols that they discuss involved a central 
authority -- presumably a public health agency -- that would receive 
information about infected or exposed individuals.  I think it would be 
good to also consider:

  - A completely voluntary protocol, in which a central authority would 
never be notified of the user's risk status.  Instead, the user would be 
notified, in the hope that he/she would voluntarily take appropriate 
testing and isolation measures.

  - When two users are in bluetooth proximity, their apps do a key 
exchange, in enable communication later if needed.  If high risk or 
infection is later determined, the app commiunicates with others that 
were in proximity within the past N days.  Keys older than N days are 
automatically deleted by the app.

  - A mixed protocol, in which a central authority would only be 
notified if the user appeared to be at high risk -- to stop super 
spreaders or silent spreaders.

  - When an app is notified of another user who is at high-risk (or 
positive), the app starts a timer.  If no digitally signed "all clear" 
for that contact is issued within H hours, the app decrypts that user's 
contact info and notifies a central authority for followup action.  An 
"all clear" can be issued if the user tests negative or is immune or is 
confirmed isolated.

  - A red/yellow/green approach, in which each user's risk is rated by 
the app, and a user must show a green (low) risk status as condition for 
entry to public transport or other areas that involve close proximity -- 
WITHOUT informing a central authority.  The user could lower or reset 
his/her risk status by demonstrating a digitally signed negative test 
result or certificate of immunity.  China has used the red/yellow/green 
approach, but with central control and an opaque algorithm:
https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html

The above ideas may be completely half baked!  I am only posting them to 
hopefully spark other, better ideas, since I am not a privacy/security 
expert.

Thanks,
David Booth

> 
> 
> This group needs scribes and multipliers more than opinions, but I'll 
> limit myself to one: +100 to Adrian's invitation to prioritize 
> collaboration and model consensus. I don't think our efforts will be of 
> much use to any public health authorities unless they are cohesive 
> end-to-end.
> 
> I looking forward to discussing these topics with many of you across 
> various community calls and fora in the coming weeks. Thank you and be safe,
> __juan
> 
> On Thu, Apr 2, 2020 at 4:02 AM Paola Di Maio <paola.dimaio@gmail.com 
> <mailto:paola.dimaio@gmail.com>> wrote:
> 
>     Thank you Moses
> 
>     this is exactly what happened to me a week ago or so, as I told in
>     my response to David Booth who started this thread.
>     It must have been this technology, but it is deployed
>     elsewhere as well, below the radar. They may have satellite reach
>     across borders
>     it is not limited to one country.
>       It does not have any approval from the legit government
>     who does not know this is taking place.  Thsi is extra
>     constitutional  and unlegislated
>     where I am.
>     (I have been tackled and harassed with this tech before covid by
>     anonymous secret states
>     and I now do not take my cell with me when I go out unless I have to.)
>     Thanks for sharing, so we know this is happening, and the good news
>     is that I am not crazy.
>     PDM
> 
>     On Thu, Apr 2, 2020 at 6:12 AM Moses Ma
>     <moses.ma@futurelabconsulting.com
>     <mailto:moses.ma@futurelabconsulting.com>> wrote:
> 
>         Hey all,
> 
>         Israel is now tracking instrusively via cellphones:
>         https://www.npr.org/2020/03/19/818327945/israel-begins-tracking-and-texting-those-possibly-exposed-to-the-coronavirus
> 
>         /"Big Brother is here," wrote Omer, a young father, on Facebook,
>         minutes after he received a text message that he'd been close to
>         a virus carrier the previous week./
> 
>         This is the message they send:
> 
>             "Hello. According to an epidemiological investigation, you
>             were near someone sick with the coronavirus. You must
>             immediately isolate at home [14 days] to protect your
>             relatives and the public. ... This information will be used
>             only for this purpose and will be erased when no longer
>             needed. Sincerely, public health services."
> 
>         Ehud, can you get us more info to sense the ground truth over there?
> 
>         I'll be able to say more about our approach, that will leverage
>         VCs and maybe DIDs, soon... but we're getting traction with one
>         state and one country's MOH. Things moving quickly!
> 
>         Moses
> 
> 
> 
> 
>         On 3/27/20 9:55 PM, Ehud Shapiro אהוד שפירא wrote:
>>         I mentioned the fact that it is open source not as a testimony
>>         for its being good, but as a practical advice for people in
>>         countries that do not have it, so that they can easily adopt
>>         it and adapt it to their own country's needs.
>>         Separately, I have sent an opinion by  Adi Shamir (the S in
>>         RSA, a Turing-award winner and a leading authority on security
>>         and privacy).
>>         Be safe,
>>         Udi
>>
> 
>         -- 
> 
>         *Moses Ma | Managing Partner*
> 
>         moses.ma@futurelabconsulting.com
>         <mailto:moses.ma@futurelabconsulting.com> | moses@ngenven.com
>         <mailto:moses@ngenven.com>
> 
>         v+1.415.568.1068 | skype mosesma | /linktr.ee/moses.tao/
>         <http://linktr.ee/moses.tao>
> 
>         FutureLab provides strategy, ideation and technology for
>         breakthrough innovation and third generation blockchains.
> 
>         Learn more at /www.futurelabconsulting.com/
>         <http://futurelabconsulting.com>. For calendar invites, please
>         cc: mosesma@gmail.com <mailto:mosesma@gmail.com>
> 
> 
>         Or whet your appetite by reading /Agile Innovation/
>         <http://www.amazon.com/Agile-Innovation-Revolutionary-Accelerate-Engagement/dp/B00SSRSZ9A>
>         | /Quantum Design Sprint/
>         <https://www.amazon.com/Quantum-Design-Sprint-Application-Disruptive/dp/1799143864>
>         | my blog at /psychologytoday.com/
>         <http://www.psychologytoday.com/blog/the-tao-innovation>.
> 
>         NOTICE TO RECIPIENT: THIS E-MAIL IS MEANT FOR ONLY THE INTENDED
>         RECIPIENT OF THE TRANSMISSION. IF YOU RECEIVED THIS E-MAIL IN
>         ERROR, ANY REVIEW, USE, DISSEMINATION, DISTRIBUTION, OR COPYING
>         OF THIS E-MAIL IS STRICTLY PROHIBITED. PLEASE NOTIFY THE SENDER
>         IMMEDIATELY OF THE ERROR BY RETURN E-MAIL AND PLEASE DELETE THIS
>         MESSAGE FROM YOUR SYSTEM. THIS EMAIL SHOULD NOT BE CONSIDERED
>         BINDING; HARD COPY DOCUMENTS ARE REQUIRED TO CREATE LEGALLY
>         BINDING COMMITMENTS. FOR CALENDAR INVITES, PLEASE CC:
>         MOSESMA@GMAIL.COM <mailto:MOSESMA@GMAIL.COM>
> 
> 
> 
> -- 
> -----------------
> Juan Caballero
> Communications, Research, Press
> Berlin-based: +49 1573 5994525
> Signal/whatsapp: +1 415-3101351
Received on Thursday, 2 April 2020 19:06:17 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:24:58 UTC