Corona Virus Contact Tracing Apps Create Privacy Issues for Policy Makers

Nations are trying to use the
advanced IT, artificial intelligence and data science to keep track of the
spread of the coronavirus. Various apps have been devised to upload and process
information. However, it has also given rise to privacy concerns.
In the South Indian State of Kerala
which has now won world-wide acclaim for its public health intervention
policies that helped keep corona virus in check, a new allegation about
collection of health information about people in quarantine. Opposition
Congress Leader Ramesh Chennithala alleged that health data of people placed in
quarantine and other health information related to Covid-19 patients were
uploaded to the website of a US company without storing in state government
servers. The data will be processed using artificial intelligence. This
compromises privacy and security of important patient data, according to Ramesh
Chennithala.
Hassan Asghar and Dali Kaafar of
Macquarie University's Cybersecurity Hub has pointed out that even if Covid
Contract tracing apps are life savers in these pandemic times, it can also
cause privacy issues.
The scientists have analysed
'TraceTogether' a mobile app which has been put on open source by Singapore.
Users may have concerns about the use of their data for mass surveillance. How
the app works.
TraceTogether uses Bluetooth to
exchange information between users. Signal strength approximates distance
between users. The app shares time, and (temporary) user IDs, logging this,
encrypted, on the device. When someone installs the app, a centralised
authority, like the Department of Health, stores their mobile number, plus a
newly-generated user ID, on its server.
The server uses its private key
to generate temporary IDs, transmitting them to the corresponding user. These
temporary IDs are exchanged between users near each other. A user diagnosed
with COVID-19 is asked for consent to upload the app’s encrypted data logs to
the server. With these, the registry can contact other users who were in
contact with them.
Potential Threats
Privacy from other users is built
in. The app generates temporary user IDs, refreshing them frequently. These IDs
are generated by the server based on people’s phone numbers and their permanent
ID so the central authority can determine the identities of users if needed.
The temporary nature of the IDs means other users can’t track someone for long.
But the server can.
Users’ data is safe from
snoopers: data logs on the user’s phone are encrypted, so hackers can’t read
the data. The server has the decryption key for the data logs, which are only
sent to the server for determining close contacts between people. The app keeps
data secure from other users and snoopers, but not from the central registry.
The server can retrieve users’ data logs, decrypt and read them. It can also
link the temporary IDs to real identities.
There are some privacy features.
The server only asks for data logs from infected users or people who have been
near one. Data logs only contain relative distance, not precise location.
Data on phones is deleted after
21 days. The server can know a user’s private data, but this is a feature of
most apps. If a user tests positive,
they can consent to the server retrieving their data, to identify users who
have been in contact with them. At this point, potentially uninfected users
lose control over their privacy.
The app could be (mis)used for
surveillance. The central registry could obtain and decrypt data logs from a
large number of users, for mass surveillance. Although data logs on the device
are deleted after 21 days, there is no guarantee data logs decrypted at the
central server would be.
The app could be tweaked for more
privacy, reconfiguring it so the app generates temporary user IDs. This way,
only the user knows their identity. They would have to allow their device to
share the list of their temporary IDs. The server would find temporary
IDs that have been in contact with the infected user and broadcast them. Users
getting a message containing their temporary ID can respond by identifying
themselves.
Future versions should be
decentralised. The server could push temporary IDs of diagnosed users to the
apps, allowing other users to determine if they have been in contact with them.
Locally and randomly generated
IDs can’t be linked to true identities. The server would not know the
identities of the users within infection range of someone who tested
positive. This fundamental change in the
design might not be possible to do quickly.
Courtesy: https://tinyurl.com/u8cd3za
RECOMMENDED NEWS