British Contact Tracing App Needs More Work Former Spy Chief

A former spy chief is one of those calling for the British contact tracing app to be subject to additional privacy safeguards…

The Guardian reports on comments by a former director of Government Communications Headquarters (GCHQ), the UK equivalent of the US National Security Agency (NSA).

The government says that it “has not ruled out” the idea.

‘My own feeling is that this should be time limited. So, at the end of the pandemic we need to pause this experiment and have a proper public debate, and parliamentary debate, about the use of these apps in the future,’ he said.

Britain says that the inclusion of some location information will help the NHS track regional coronavirus outbreaks, but it has made contradictory claims about the nature of this. A government blog post claims that no location data is collected, while versions of the apps seen by security researchers and journalists require either a full or partial postcode to be entered.

Whitehall sources conceded to the Guardian that they were “two steps behind in public engagement” because the app — which tracks everyone a user has met and warns them to self-isolate when the user reports COVID-19 symptoms — has had to be developed at high speed.

It plans to complete the appointment of an ethics board to improve oversight and publish the software source code in the next month, and has not ruled out “a sunset clause,” agreeing to delete all data collected once the country returns to normal.

The first half of a postcode typically identifies an area measuring a few square miles, while the full postcode will normally identify a specific street or building.

Concerns have been raised by security researchers that cross-referencing data in a central database could be used in a similar way to full location tracking to de-anonymize the data. For example, if two individuals are in close proximity between 9 a.m. and 5 p.m., that would flag them as coworkers, and adding in postcode data for their home address could leave only two possible matches. The use of rolling Bluetooth codes should protect against this, but the UK’s insistence on the use of a centralized database and its own app code creates doubts that could have been avoided by the use of the Apple/Google API.

Testing of the UK app begins on May 7 on the Isle of Wight, a small island off the southern coast of England. Epidemiologists say that a contact tracing app needs between 60% and 80% of the population to install and run it for it to play a meaningful role, so one crucial element of the test will be adoption level.

A major weakness of the British contact tracing app is that, while it can be woken to receive Bluetooth codes when running in the background, it only sends codes when the app is running in the foreground.

GCHQ photo: Adrian Pingstone