Published 30th June 2020
The leading privacy and security-first approach to new ‘track and trace’ technology, De-centralised Privacy-Preserving Proximity Tracing (DP-3T), is used to alert the individual to the spread of COVID-19 through people they have come into contact with. But why isn’t this being used by all countries? Let’s look at what it is and how it works.
Bluetooth or the Low Energy (LE) variant. This technology is what you use to connect your phone to your car or headphones and is a local proximity radio that allows devices to talk to each other and transmit data between each other. You may remember this piece of tech fondly for sharing songs or such on the bus to school in the 90’s or 00’s, albeit slow. Very slow. Well this tech has come a long, long way since then and is now proving to have its uses in aiding society in tracking contact between us humans, by the devices in their pockets.
This is where Bluetooth’s short range and device-to-device communication comes in useful, as it will be around the same radius as the virus’ contact radius and will enable devices to quickly ping each other to let them log that their owners have come into contact with each other.
With the release of iOS 13.5 (and equivalent on Android), there are new API’s available for apps to use that are developed with both your privacy and security in mind, with a toggle switch presented in the devices settings that turn these contact tracking API’s on and off very easily to keep you in the drivers seat.
These API’s were designed following guidance from the open source community (DP-3T) and global experts in these fields, as well as the outcrying voice from the tech sector as a whole. They are calling this implementation Privacy-Preserving Contact Tracing. This in an effort to ensure all ‘Track and Trace’ apps are keeping this very detailed level of very personal tracking private, secure and on the devices that people own.
This is a decentralised approach, keeping you in control of your own data in an encrypted format that only your device knows, leaving it much harder to access by third parties and nearly impossible by an attacker. This is much better than using a centralised system, which are often prone to; being a single point of failure, non-transparent in the way they are run and generally being easier to compromise (in both the sense of access to the data itself by unauthorised persons and how the data is used, as you are no longer in control of your data).
Whilst you the feature turned on, and have downloaded an app that can use them to provide the ‘Track and Trace’ functionality, your device constantly generates random cryptographically secure codes that it chirps out to nearby devices over Bluetooth. (Similar to how Apple’s redeveloped ‘Find My’ feature works in iOS 13 between other random Apple devices your device comes into proximity with).
Everyone’s phone then keeps a log of encrypted codes that it has come into proximity of. When someone logs that they have had the virus, your device is notified, and their code decrypted which contains information, such as how close you were to that person and this can be used to calculate the risk level to you and people you have come into contact with.
This approach keeps it safely decentralised and your information private. The device is the only thing storing any information and is doing so securely.
Using this technology means the spread of the virus can be safely, securely and privately tracked. Giving everyone the power to ensure this pandemic is brought to a swift and safe close. Technology has a decisive role to play in this scenario, and in the technology industry, there are voices we must listen to. We have the power in our hands to make real impact without sacrificing the privacy and security of our data.
With great power comes great responsibility, and given the implications, it is extremely important that both privacy and security play a defining role. Both in how this technology is developed and implemented, to deliver a safer global community; virtually and physically.
Governments such as Germany were developing their own centralised solutions in line with the UK’s NHSX (the health service’s digital innovation unit). But, after pressure from global industry experts and reviewing their options against advisory implementations, they decided it is best to go with a decentralised approach to best protect the privacy and security of their citizens.
Governments such as the UK and Australia are going with their own centralised solutions, which have been strongly contested by the same advisory groups, due to all of the privacy and security concerns raised above.
These concerns being rapidly realised as leaks have already demonstrated flaws in the UK’s systems that are being developed, especially in regard to leakage of users data, the incredibly long timeline that your data will be stored out of your control (up to 20 years) and the accuracy of what is being collected – all problems that have already been solved by the better system level API’s provided by Apple and Google with a de-centralised on-device and device-to-device storage being used.
It begs the question as to why we are making it harder for ourselves and going with the worst solution available.
Update on 18/06/20 at 7pm:
In a major U-Turn announcement, the UK government have just confirmed that they are now pursuing the Apple-Google joint venture approach. This is a greatly welcomed and applauded change that will see the UK’s citizens privacy and security kept at the forefront whilst also enabling the best technology for the track-and-trace to be used.
After seeing news of the UK’s implementation being delayed and full of holes, it is a shame to read that their reasoning was due to Apple’s restrictions around bluetooth utilisation for track and trace and this being phrased as the primary problem. This is not a problem on Apple’s behalf, and there is no surprise that Apple provided no ‘fix’ to assist.
These restrictions on bluetooth technology are there exactly to stop tracking and other privacy and security exploits to their users. They provided a joint solution to this problem with Google and proposed that as the official and purpose designed solution backed by the best and brightest among us, in which other governments have utilised and adopted as best approach without issue.
White papers are available to view for all of the above information at the following sources:
At Kamma we care about cutting through the noise and giving you the latest news and updates on property licensing. Each month, we give you a full rundown of the latest scheme announcements and property licensing news in the Kamma Property Licensing Update. This month we will be looking ahead at some of the challenges […]Read article
Why agents need to prepare now. The UK residential property sector contributes to 22% of all UK emissions. With COP26 just a few weeks away, there is a huge amount in the legislative pipeline designed to tackle this problem. Earlier this year the government passed the first reading of the Minimum Energy Efficiency of Buildings […]Read article
NRLA turn to technological solution to the challenge of increasing landlord legislation, variable local laws, and rising enforcement Partnership means all member landlords will be able to access live licensing updates New arrangements will ensure NRLA members benefit from an enhanced advice line service powered by real time property data October 04, 2021 – The […]Read article
Licensing enforcement has been on the agenda for many councils around the UK this year, with no signs of slowing down. With Michael Gove replacing Robert Jenrick as Housing Minister this month it remains to be seen whether this trend will continue. Looking back at the last month, we have not only seen landlords and […]Read article
Book a demo or get in touch
If you'd like to see the power of the Kamma platform in action, you can book a demo with us by simply clicking on the Book a Demo link at the top of the page.
Otherwise, you can get in touch with us using the form below and we will get back to you as soon as we can.
Sorry, but something went wrong. Please let us know and we'll do our best to fix it.
Thanks for sending us your message. You'll be hearing from us shortly.