I would like to offer up a solution using BLE that was open sourced last week. The code is available on a GPLv3 license. The project is called OpenTrace [0] and it implements a protocol called Blue Trace - bluetrace.io [1] has the whitepaper [2] describing it. The protocol is designed to be able to federate authorised health authorities. The protocol does not define what data is captured from the user. That is entirely up to the authorised health authority to decide/implement. The operational reference implementation of the upstream OpenTrace is called TraceTogether [3]. TraceTogether was rolled out here in Singapore on 20 March 2020. TraceTogether was built by GovTech [4] - the Singapore Government Technology Agency. One of the GovTech engineers who helped build it, Joel Kek, speaks about it here [5]. I am helping with the OpenTrace project and one of the ideas the community is considering is to see if it makes sense to have BlueTrace be drafted as a RFC. Disclosure: I assisted GovTech in open sourcing TraceTogerher as a member of the open source community. In a nutshell, TraceTogether works by asking for the mobile phone # of the user at initial run. That is the only detail - granted, a possible personally identifiable information - that is captured. The phone number is what the app sends to the health authority. Once the phone number is sent, a SMS containing an OTP is sent and the user enters that in to complete the registration. The user is then sent an encrypted ID which is the identifier the phone will use. This encrypted ID is signed by the private key of the health authority. When similarly registered phones come within the 10m bluetooth range, they exchange the encrypted ID, their signal strengths and a timestamp. Should one of the users become infected and goes to the hospital, with the permission of that user, the user will unlock the phone and the health authority (in our case the Singapore Ministry of Health) will extract the contact log. With that log, the MOH will decrypt the IDs in the logs and check against their system for a matching mobile phone number. From that moment on, the rest of the contact tracing effort is human-led. The contact tracing will determine things like how long ago was a contact established, how close-by was the contact, how long was the encounter etc. Contact data stored in the phone that is 21 days or older is automatically deleted. The user can also opt out of the app at anytime. Comments/criticisms welcome especially is we should even consider drafting a proposal for a RFC. Also welcome are any and all interested devs to make the project even more robust and privacy enforcing/respecting. Harish [0] https://github.com/opentrace-community [1] https://bluetrace.io/ [2] https://bluetrace.io/static/bluetrace_whitepaper-938063656596c104632def383eb33b3c.pdf [3] https://www.tracetogether.gov.sg/ [4] https://tech.gov.sg/ [5] https://www.youtube.com/watch?v=638Hwg0pkX0
