How to track COVID-19 without invading privacy

coronavirus covid-19 test
Image credit: Depositphotos

This article is part of our ongoing coverage of the fight against coronavirus.

The past few months have taught us an important lesson: We’re bad at handling highly contagious diseases. The Earth’s growing population and the ease with which we can travel long distances have contributed to the fast spread of the novel coronavirus to more than 200 countries.

For the moment, the main question is, how do we stop the spread of the virus? For states, the choice is between health and economy. They must either shut down their economies and impose nationwide quarantines to prevent the spread of COVID-19, or continue business as usual and risk infecting millions of people with the virus. Most governments have chosen the former.

But even though our lives will never return to its former state, humanity will eventually overcome the coronavirus. The aftermath, however, the tragic deaths, the economic recession, and the shock of everything else we’re experiencing today will face our governments with a new question: How do we stop the next pandemic? The options will then shift to choosing between health and privacy.

We already have the tools that can help to fight the spread of diseases such as COVID-19. Mobile phones, internet of things (IoT) devices, wearables, security cameras powered by artificial intelligence algorithms, and other advanced technologies of the past decade can enable us to precisely track every person’s location, vital signs, and health status. They can help track collocations, find out who else might have been infected by a patient, warn citizens about infections in their proximity, prioritize testing and care, manage local quarantines, and more.

With the help of technology, governments will be able to control the spread of infectious diseases without the need to shut down their entire economies and sending everyone home. Already, several countries have passed laws that are loosening privacy rules to allow government agencies and tech companies to cooperate in the fight against COVID-19.

But the power of technology goes beyond that, and it can serve evil purposes as well. States such as China are already using state-of-the-art technology to openly establish a surveillance regime with the help of large tech companies. Western governments have so far been reluctant to follow suit (even though tech giants have not), and the voices of privacy advocates have been loud enough to hold digital Big Brother in check to some degree.

As the coronavirus pandemic unfolds, privacy advocates are raising the alarm and warning against solutions that breach citizens’ privacy. But with health taking a front-row seat, the digital surveillance regime is becoming justified and the privacy argument sounds less convincing.

To help address this problem, a group of computer scientists at Boston University have proposed a solution that can help track contagious diseases without the need for dystopian privacy-invading tools.

The default privacy-invading option

surveillance cameras

The default and easiest way to solve the problem of tracking infectious diseases is to use the traditional server-client structure that underlies most internet services and applications. An application installed on the user’s mobile app regularly records the person’s location and transmits the information to a data center that stores it.

The location data can be consolidated with other information such as body temperature, blood pressure, and other vital signs obtained from wearable medical devices. When a person contracts COVID-19 or another infectious disease, the server application queries its database for all users who might have come in contact with or been in the vicinity of the infected person. The server can then notify those people, instruct them to self-quarantine, and prioritize them for testing. This kind of contact tracing is vital to stopping the spread of viruses.

There are many other benefits to such a system, let’s call it the “health-tracker app.” For instance, its data can be fed to machine learning algorithms to develop predictive models of the spread of the virus based on movement patterns. It can also warn users to avoid areas frequented by infected persons. Some companies have already developed AI-powered solutions that have predicted the spread of COVID-19 with remarkable accuracy.

Many large tech companies are already doing location tracking—sometimes without you knowing about it—for commercial purposes. But you can opt-out, avoid installing their tracking applications, use privacy-friendly alternatives, and use virtual private networks (VPN) or other tools that can hide your location. Not giving your location might deprive you of some of the convenient features of those apps or require you to pay for their services. It’s a conscious choice you make between privacy and convenience.

But when installing the health-tracker app becomes law, you will be left to choose between preserving your privacy at the cost of breaking the law or abiding by the law at the cost of your privacy. Just as traffic police can stop you and ask to see your driver’s license, the health police might stop you and verify that your health-tracker app is active and is registering your location. Breaking the law can earn you a fine or maybe get you some jail time for compromising public health.

The privacy-friendly alternative

coronavirus (covid-19)
Image source: NIAID

In a paper titled, “Anonymous Collocation Discovery: Harnessing Privacy to Tame the Coronavirus,” a group of computer scientists at Boston University propose that we don’t need to invade people’s privacy to protect them against infectious diseases. The paper provides the blueprint for “an extremely simple scheme for providing fine-grained and timely alerts to users who have been in the close vicinity of an infected individual.”

“The purpose of this work is to demonstrate that it is possible to promptly and reliably notify individuals of past or present collocation with an infected person or surface—with only minimal compromise of individual privacy and without maintaining any database of infected individuals or their locations,” the researchers write.

The privacy-friendly health tracker is composed of a mobile application and a server. The mobile app generates a unique anonymous random token at regular intervals, say every minute. Instead of sending tokens to a server, however, the application stores it on-device and at the same time broadcasts it through the device’s Bluetooth Low Energy (BLE) component. Devices that are within range and have the privacy-friendly health tracker installed receive and store the tokens. These tokens comprise the device’s collocation database.

The tokens contain no device, location, or personally identifiable information, so storing them on other devices has very minimal privacy risks. The tokens are also very small in size, so the application should be able to register dozens of millions without causing storage constraints for the device.

When a person tests positive for COVID-19 or some other infectious disease, a medical authority confirms the infection, and the app sends all the tokens it has generated to the application server. Again, with no device, location, or personal information being embedded in the tokens, the server will not be holding any sensitive information. Furthermore, there’s no information to indicate whether two tokens come from the same user. “This unlinkability promise ensures that the service cannot form a location trace of a participant’s movement patterns, thereby obviating the concern that a location trace may be connected to a specific person,” the researchers write.

The application periodically polls the server for the list of infected tokens and compares them against its collocation database. In case of a match, the user will be warned of a possible collocation with an infected person. Due to the privacy-oriented nature of the application, they will not know of the time or the location or the person with whom they have come in contact. The user can then take the necessary measures, such as consulting with medical experts for the next steps.

The authors of the paper acknowledge that this is not a perfect solution. They write, “We emphasize that being in close proximity with an infected person or surface is not a definitive indicator of transmission of disease: two people may be in close proximity without transmitting the virus, or the virus may transfer through aerosols between two parties whose collocation is separated by time. As such, the proposed ideas are intended to complement (not substitute!) effective prevention techniques such as social/physical distancing.”

“When combined with sufficient testing capacity and existing best practices from healthcare professionals, we hope that this may significantly reduce the infection rate,” the researchers recommend.

What I especially like about the solution offered by the Boston University researchers is its simple and minimalist structure. I could imagine this application implemented on a wearable device, say a digital wristband with a few gigabytes of storage and a BLE component sold at a very low price. The device would not even need an internet connection, and the transmission of the data of infected patients could be performed by a separate application installed at hospitals and testing stations. This could even improve its security, preventing bad actors from flooding servers with bad data.

Last week, Apple and Google declared work on a COVID-19 tracker mobile application that is strikingly similar to the one proposed by the BU researchers. But I would still prefer to see this implemented on its own barebones device that has no extra components and minimizes the attack and abuse surface.

The effectiveness of these kinds of solutions depends on their mass adoption rate. While it remains to be seen how far the privacy-friendly health tracker will succeed, the work of Boston University’s researchers provides a glimmer of hope that we don’t need to live in a world where health will come at the cost of privacy.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.