As an Australian who has privacy concerns their government's COVIDSafe app (see https://github.com/vteague/contactTracing), and hence not installing it, I'm really thankful that Apple and Google are pushing this model of contact tracing. We still don't know if digital contact tracing is effective in practice, but it's still important to try, but we can do this in a way that avoids giving governments with worrying authoritarian tendencies another tool.
Having Google/Apple develop a tracking technology is the same as the US government having it. If you don't believe, read again what Snowden revealed several years ago.
From what I recall, the US was/is spying on the major tech companies and would regularly demand data and place gag orders on those companies.
Neither actions are willful forms of data transfer. The first is actually an eternal game of cat and mouse. NSA finds a leak for some data, Google fixes it, new leak, etc. The second is targeted handover of data, and only affects a few individuals.
Equating these with the US government having full access to everyone's data is misleading. If you think otherwise, please provide more detail.
Exactly why they aren’t collecting GPS data and the system is built using anonymous Bluetooth keys, similar to the find my iPhone anonymous network. Can’t hand over what you don’t have.
How does this jive with Google, for instance, using Bluetooth scanning (enabled by default) for high location accuracy? This has been enabled for years and most people are simply aware of it being enabled (outside of HN).
Google has effectively been using Bluetooth scanning and contact tracing (of sorts) as part of their location tracking feature... Now they're turning around and saying they won't track location from Bluetooth scanning? Seems like a BS PR move.
What about non EU citizens? Do you think NSA won't try to get the realtime location of EU and nonEU politicians? They can claim is for national security, would GDPR stop that?
The discussion is beyond "if the data exists", it will be gathered and some people seem to prefer yelling at clouds instead of looking at the technical implementation.
Even nation state actors will have a harder time gathering data that only exists locally on a bunch of smartphones, separate from geolocation as proposed here, versus a centralised database lacking comprehensive oversight.
The rest is pretty irrelevant, we're talking about data collection using phones that already have an OS from both of these vendors. "But Snowden" is really no argument anybody in these discussions will listen to (and I'm not convinced they should if it's used in a way to imply that you shouldn't use the internet for anything). If you have a problem with data collection for contact tracing please be specific why and optimally provide what you feel would be a better alternative.
Google and Apple are the ones pushing for isolating where this data lives and how it can be used/abused here. They are doing this in an effort to curb far more dangerous data collection on the very same devices in architectures that infer location or send off all data that is gathered on central servers. Your comment boils down to "Gapple is evil because Snowden" and seems to be disconnected from the specific issue at hand. They are OS manufacturers, if they wanted to get malicious access to all kinds of tracing data they would have had to do exactly nothing.
Or maybe so that ordinary people will continue to to trust them and people like me will start trusting them.
They have a long way to go in my case but every journey starts with a single step, and this seems like the twelfth or so step from Googles side towards becoming trustworthy (but they still have a long way to go!)
I think one shouldn't underestimate the business value of actually being a trustworthy vendor/business partner/SaaS company and while there are a few contenders that niche isn't too crowded for now :-)
> Don't be naïve. This is not an NGO or an institution. They are doing this so that they and noone else owns the data.
Even if this "do your research" level talking point would be true, they don't own the data in this proposal, the end user device does. The device you trust and use anyway, the device that has your geolocation and access to far more data Gapple could abuse at all times. Which is better than what the COVIDsafe/NHSX/ROBERT put forward for the specific topic of digital contact tracing.
Google/Apple developed this particular contact tracing technology such that they don't have any of the data nor any of the control, so it is not the same as the US government having it.
> Having Google/Apple develop a tracking technology is the same as the US government having it.
This is why you want an API that never uses any data you don't want anyone else to have. That's what this API is.
The "trust" here isn't about whether they'll keep your data safe from third parties including state level actors. Your "trust" only needs to be that the API does what it says on the tin.
Which leads to this conclusion: either you A) trust this API to be what it says: something that doesn't ever deal with any sensitive data. Basically an exchange of random numbers.
Or B) you think that there is something nefarious here and the API might associate who you are or where you are, and store or distribute that data.
If it's A) then you should be fine. If you think B) then you shouldn't use a phone from Apple or Google. Because as far as you are aware, they share your location and personal information.
As far as integrity goes, I can't see a situation where you would both accept running an iOS or Android phone but at the same time avoid apps with this API out of privacy concerns!
I read Snowden's biography - Permanent Record. Your claims are untrue. The sibling comment has it right - the US govt could steal data from the tech giants but they gradually got better at plugging such leaks. For example, in response to the Snowden revelations, all data in transit between datacenters is now encrypted. On the other hand, the govt would also request the data of a few people, which was generally granted.
It's not correct that the US govt has root access to all systems and data.
That seems extraordinarily naive. The NSA would not give up access like that unless forced at gunpoint, and the US gov has clearly demonstrated it doesn't care (and actually quite likes) this sort of gross privacy invasion.
The only (in)tangible difference between 2005 and today is the presumed existence of national security letters and other warrants that compel these companies to provide access.
You must be ignorant of how these agencies work. All they want is plausible deniability. The spy agencies have all technology needed to access any phone. For example, it is widely known that Israel's agencies have the ability to enter any phone, iOS or Android, and get the information they want. They are now OPENLY using this technology to track corona virus cases:
Another consideration that seems to have been obscured by the debate on privacy and the narrow focus on the particular client implementation of the app is the significant problem of false positives and negatives.
A lot of voices have spoken out about this issue overseas (particularly in the US) while many local tech voices have skipped considering this at all.
We need to be driving test numbers up until only 3-5% are showing positive in order to be confident about low prevalence in an area. I don't see a problem with false positives encouraging asymptomatic people to get tested - it's as good of a sub-population as any.
The project lead of Singapore's TraceTogether initiative goes into detail about the problems with an automated system, and why a human-in-the-loop is ideally required to evaluate the type of contact and make a determination.
A determination around being a close contact results in 14-day isolation regardless of symptoms, presumably because you may initially test negative before moving into an infectious and asymptomatic or symptomatic phase.
I assume that the use model is as a way to help human contact tracing, not to replace. Admittedly, the benefit is less then, but maybe it's still worth it?
The assumptions of benefit appear to rely on a naive theory of instantaneous contact and isolation, when in practice the entire process is unavoidably manual, requiring human intelligence to ascertain environmental factors with which to make a determination about whether someone is a close contact.
When you consider that close contacts include anyone you've spent more than 2 hours with in a room, it becomes clear that most life situations are not handled by estimates of proximity using bluetooth: home, family & friend visits, workplaces.
There are two sides to trusting the covid-19 app. One is the technical side those people are commenting on. Technical deficiencies can be fixed, and more to the point will be fixed if you just keep shining some light on them as they are doing.
The other side is trusting the government to keep it's promises. During this covid-19 crisis I do trust them, but in the longer term their record of keeping promises has been less than stellar. Frankly, keeping this app or any app of theirs installed over a few years on the basis them promising not to missuse the data is downright foolish given their past history. Such promises tend to become null and void at the next election.
But right now we have no choice - it's either take them at their word, or don't install the app. Yes, we can do what the gang of four above have done and de-compile it, but that takes a huge amount of effort that has to be repeated every new release. That effort isn't going to continue. If it doesn't continue the light doesn't continue to shine on it's technical deficiencies, and so they won't be fixed.
But - that can change with a few simple and cheap changes to the way the government does things. All they have to do is release the source to a public repository before they release the binary and have a reproducible build. Do that lots of things become much easier. Checking what the commented source does as opposed decompiled output is much easier, checking just the differences in source between one version and the next is much, much easier than checking the entire thing, using reproducible build to allow you to check the source rather than decompiled output is very much easier. Do that, and the light on the technical deficiencies will stay on forever.
Implementing those inexpensive and straightforward things has anther wonderful emergent properties aside from the technical deficiencies being fixed: you suddenly don't have to trust the government, you can trust the code instead.
But no one seems to focus on changes to the overall process. Instead it's essentially nit picking on how the app does things today. It's an unfortunate focus.
From what I heard it works fine on Android, but on iOS it works ok... as long as you have the app running in the foreground, and your phone unlocked, while out and about.
The only way to fix that would be to use this new API on iOS.
I wasn't one who downvoted but parent post was asking for source on whether this app is going to utilize the new APIs, specifically. According to your subsequent link, near the bottom, currently it's unclear:
"The Government will work with Google and Apple to investigate whether the new functionality announced by Google and Apple partnership is beneficial for the app performance"
The COVID Safe app was already released (although not fully functional on the server side yet) but the Google and Apple APIs are not available yet, so doesn't that mean that it isn't using the Google and Apple APIs? At least currently, any way.
According to the Australian COVIDSafe app's privacy policy, when you register for the app, after you successfully enter a PIN sent by SMS, it transmits the following info to the Australian authorities: your mobile phone number, the name you enter, the age range you enter, the postcode you enter. The reasons for each are explained in the policy. This data is stored in the cloud. I don't see why the registration info (I'm just talking about the registration info, not the Blutooth-related data) can't simply be entered later, or stored locally on the device and not uploaded until, when and if, the user volunteers to share their registration info with health authorities, e.g. as a result of being notified that someone that was near them has tested positive for COVID-19. If this info wasn't transmitted as part of setting up the app, I expect the uptake of the Australian COVIDSafe app would be significantly higher.
I am also still waiting for Australia to publish the source code for their COVIDSafe app...
