Career News: 13 Japanese companies to attend JAPAN DAY 2021 @IIT Hyderabad  |  Higher Studies: IELTS Mock Tests: Benefits and Characteristics  |  Teacher Insights: New Features in Moodle 4.0  |  Policy Indications: India-US Launch Climate Action and Finance Mobilisation Dialogue  |  Science Innovations: Stanford University Develops Algorithm to Predict Molecular Structures  |  Technology Inceptions: Oxygen Concentrator, Generation System Developed by Indian Institute of Science  |  Teacher Insights: Early Intervention in Children Good to Prevent Dyslexia  |  Parent Interventions: Cognitive Stimulation Lowers Dementia Risk  |  Parent Interventions: Elderly Cope Better with Pandemic  |  Policy Indications: Use of Copyrighted Works in Online Education  |  Parent Interventions: Maternal Voice Reduces Pain in Preemies  |  Teacher Insights: Eye Sight of Children Affected by Online Learning  |  Expert Counsel: Afghanistan: Top Trouble Spot  |  Best Practices: 'Money Box' Project Gets National Recognition  |  Best Practices: Craft World School Support in Fighting Pandemic  |  
April 11, 2020 Saturday 05:40:46 PM IST

Corona Virus Contact Tracing Apps Create Privacy Issues for Policy Makers

Image by Engin Akyurt

Nations are trying to use the advanced IT, artificial intelligence and data science to keep track of the spread of the coronavirus. Various apps have been devised to upload and process information. However, it has also given rise to privacy concerns.
In the South Indian State of Kerala which has now won world-wide acclaim for its public health intervention policies that helped keep corona virus in check, a new allegation about collection of health information about people in quarantine. Opposition Congress Leader Ramesh Chennithala alleged that health data of people placed in quarantine and other health information related to Covid-19 patients were uploaded to the website of a US company without storing in state government servers. The data will be processed using artificial intelligence. This compromises privacy and security of important patient data, according to Ramesh Chennithala. 
Hassan Asghar and Dali Kaafar of Macquarie University's Cybersecurity Hub has pointed out that even if Covid Contract tracing apps are life savers in these pandemic times, it can also cause privacy issues. 
The scientists have analysed 'TraceTogether' a mobile app which has been put on open source by Singapore. Users may have concerns about the use of their data for mass surveillance. How the app works.
TraceTogether uses Bluetooth to exchange information between users. Signal strength approximates distance between users. The app shares time, and (temporary) user IDs, logging this, encrypted, on the device. When someone installs the app, a centralised authority, like the Department of Health, stores their mobile number, plus a newly-generated user ID, on its server.
The server uses its private key to generate temporary IDs, transmitting them to the corresponding user. These temporary IDs are exchanged between users near each other. A user diagnosed with COVID-19 is asked for consent to upload the app’s encrypted data logs to the server. With these, the registry can contact other users who were in contact with them.

Potential Threats
Privacy from other users is built in. The app generates temporary user IDs, refreshing them frequently. These IDs are generated by the server based on people’s phone numbers and their permanent ID so the central authority can determine the identities of users if needed. The temporary nature of the IDs means other users can’t track someone for long. But the server can.
Users’ data is safe from snoopers: data logs on the user’s phone are encrypted, so hackers can’t read the data. The server has the decryption key for the data logs, which are only sent to the server for determining close contacts between people. The app keeps data secure from other users and snoopers, but not from the central registry. The server can retrieve users’ data logs, decrypt and read them. It can also link the temporary IDs to real identities.
There are some privacy features. The server only asks for data logs from infected users or people who have been near one. Data logs only contain relative distance, not precise location.
Data on phones is deleted after 21 days. The server can know a user’s private data, but this is a feature of most apps.  If a user tests positive, they can consent to the server retrieving their data, to identify users who have been in contact with them. At this point, potentially uninfected users lose control over their privacy.
The app could be (mis)used for surveillance. The central registry could obtain and decrypt data logs from a large number of users, for mass surveillance. Although data logs on the device are deleted after 21 days, there is no guarantee data logs decrypted at the central server would be.
The app could be tweaked for more privacy, reconfiguring it so the app generates temporary user IDs. This way, only the user knows their identity. They would have to allow their device to share the list of their temporary IDs. The server would find temporary IDs that have been in contact with the infected user and broadcast them. Users getting a message containing their temporary ID can respond by identifying themselves. 
Future versions should be decentralised. The server could push temporary IDs of diagnosed users to the apps, allowing other users to determine if they have been in contact with them. 
Locally and randomly generated IDs can’t be linked to true identities. The server would not know the identities of the users within infection range of someone who tested positive.  This fundamental change in the design might not be possible to do quickly.


Courtesy: https://tinyurl.com/u8cd3za



Comments
 

RECOMMENDED NEWS

14-09-2021
India-US Launch Climate Action and Fin...
Policy Indications
India-US Launch Climate Action and Finance Mobilisation DialogueIndia and the United States of America (USA) today launched the “Climate Action and Finance Mobilization Dialogue (CAFMD)”. The CAFMD is one of the two tracks of the India-U.S. Climate and Clean Energy Agenda 2030 partnership launched at the Leaders' Summit on Climate in April 2021, by Prime Minister Shri Narendra Modi and US President Mr. Joseph Biden.The dialogue was formally launched by Union Minister of E...
11-09-2021
Use of Copyrighted Works in Online Edu...
Policy Indications
Is the use of copyrighted material for online teaching liable to attract the provisions of Copyright laws in the country? The landmark Delhi University Photocopying case gave an opportunity to Delhi High Court to consider the issue in detail.   Do the video recorded classes that use copyrighted material have the same protection as offline classes? Will college and school libraries uploading a digital copy of the textbooks available in the physical library have prote...
Policy Indications
26-08-2021
Covid-19 Pandemic: Layered Masks Bette...
Policy Indications
With the new academic year just started in the United States and some other nations planning to open schools in September, what type of face masks are needed? T...
16-08-2021
Parenthood Not Causing Relationship St...
Policy Indications
Increasing responsibilities of new parenting including diaper changes, endless domestic chores and lack of sleep need not lead to relationship stress, according to a study among 200 couples done by University of Toronto. It found that many of the couples retained high satisfaction and commitment into the first year of parenthood. Those who successfully navigated the transition to parenthood had a more realistic outlook didn't avoid emotional connection with their partner, fel...
13-08-2021
Compulsory Rural Service for Junior MB...
Policy Indications
In a recent judgment of the High Court of Karnataka, it was held that the compulsory service bonds calling upon the fresh doctors to undergo one year rural service appears to be reasonable. The Court dismissed the petition filed by a batch of fresh MBBS doctors questioning the notification issued by the Government of Karnataka mandating compulsory service by all candidates who have graduated from in 2021, who secured admissions through Government quota. The petitioners had co...
08-08-2021
Skill and Product Enhancements Vital f...
Policy Indications
Skill set enhancement, product enhancements and new ideas are the way forward for the textile sector. On National Handloom Day in India, stakeholders gathered via virtual platform in an event organized by Coimbatore-based Kumaraguru College of Technology (KCT) in collaboration with Textile Sector Skill Council (TSSC).Enhancing manpower skills and developing new products were suggested as necessities for the textile sector. Supporting skilled handloom and other technical assoc...