The idea I gather is that bluetooth locally holds device ids (Mac
addresses?) of devices that come within range and so if an owner
of a device comes into range of another device it will have a
record of that. So what the NHS app developers are asking for is
access to this bluetooth historic proximity data.
That seems to miss some important points about the information
epidemiological experts have informed us about corvid 19 so far.
It persists on surfaces. It can be picked up off a surface and
redeposited on another surface. It is not clear if covid-19 is
mainly being transmitted due to face to face transmission, or via
infected droplets being left on surfaces. Those infections do not
reliably fall within the range of bluetooth.
So the timescale when an infected person might have provided the
virus to other people may well not coincide tightly with the
location track of people using bluetooth. The bulk of infections
may well fall outside the range of bluetooth. I think this needs
to be investigated.
As Rob and others have mentioned. Given we have pretty good
location data anyway and given that bluetooth could lead to more
false positives whilst completely missing many perhaps most
transmissions. I think these app developers and health services
really need to explain very clearly what it is they are trying to
achieve.
I agree with my namesake Christian H. The privacy and business /
societal implications of getting this wrong are really serious.
Christian de Larrinaga
On Thu, Apr 16, 2020 at 10:12 AM John Wroclawski <jtw@xxxxxxxxxxxxx> wrote:
> On Apr 16, 2020, at 10:56 AM, Vittorio Bertola <vittorio.bertola=40open-xchange.com@xxxxxxxxxxxxxx> wrote:
>
>> Il 16/04/2020 09:18 Rob Sayre <sayrer@xxxxxxxxx> ha scritto:o
>> It's not clear that any of these tracker proposals actually harm privacy. Certainly the government in most places can get this data from phone companies and correlate it themselves.
> No, because covid19-oriented contact tracing requires much more precision than what can be provided by any location data that the operators can trace through their cellular networks; location data are unsuitable to determine a one-time contact with accuracy […] (the other reason is that this approach allows you to trace contacts even if the cellular and/or GPS connectivity is unavailable,
Yes, exactly. The other interesting thing about the BTLE protocols being proposed is that they’re being designed to report that you came into close proximity to a person of interest, but not (depending on details) where, exactly when, etc. This, plus requiring you to explicitly release your tracking information, is the sense in which they’re “privacy preserving” - implementing minimum semantics needed for this specific purpose and no more.
Of course, one could always cross-correlate with other information (eg, cell-tower-trianguation-level location tracking) to peel some of this back. But if you’re worried about that, the next observation is that the BTLE protocols work even if your LTE radio is turned off - they remember things for later. So you can, at least conceptually, carry your phone with the wide area radio off when you want to, and still learn retrospectively that you were in proximity to a contact.
Here are some angles being tried:
BTLE would be more accurate, but it does seem like other data sources are good enough to get within 10m. Even with BTLE, there are cases like the phone running out of batteries or just not carrying one...
thanks,Rob